Contain Compromised Serverless Function
Disable the compromised serverless function's triggers, revoke its execution-role permissions, and preserve code/config before any rollback. Serverless workloads cannot host agents; evidence comes from cloud-native logs and from the preserved function package.
Actions
- 1
Preserve the current deployed package: `aws lambda get-function --function-name <name>` and download via the returned time-limited URL; save environment variables separately.
- 2
Disable all event-source mappings (`aws lambda list-event-source-mappings` then `delete-event-source-mapping`) to stop inbound invocations.
- 3
Remove the function's execution-role attachment or replace with a minimum-privilege role that only allows log writes during investigation.
- 4
For GCP: `gcloud functions deploy <name> --no-allow-unauthenticated` and remove IAM bindings that granted invocation.
- 5
Rotate any secrets that were accessible to the function (in Secrets Manager, Parameter Store, KMS keys, environment variables).
- 6
Export CloudWatch Logs / Cloud Logging for the function covering the incident window before the logs age out.
Queries
aws lambda list-event-source-mappings --function-name <name> | jq .EventSourceMappings[].UUID
aws iam get-role-policy --role-name <exec-role> --policy-name <policy>
gcloud functions describe <name> --format=json | jq .eventTrigger,.iamPolicy
Notes
Deleting the function destroys evidence; disable triggers and export first, delete last.
Execution-role permissions were the blast radius of the compromise -- review every API call the role made during the window in CloudTrail.
Environment variables often contain secrets that must be rotated even if the function itself is removed.