Ensure AWS Lambda functions with tracing are enabled

Error: AWS Lambda functions with tracing not enabled

Bridgecrew Policy ID: BC_AWS_SERVERLESS_4
Checkov Check ID: CKV_AWS_50
Severity: LOW

AWS Lambda functions with tracing not enabled

Description

X-Ray tracing in lambda functions allows you to visualize and troubleshoot errors and performance bottlenecks, and investigate requests that resulted in an error.

Fix - Runtime

AWS Console

To change the policy using the AWS Console, follow these steps:

  1. Log in to the AWS Management Console at https://console.aws.amazon.com/.
  2. Open the Amazon Lambda console.
  3. Open the function to modify.
  4. Click the Configuration tab.
  5. Open the Monitoring and operations tools on the left side.
  6. Click Edit.
  7. Enable Active tracing for AWS X-ray.
  8. Click Save.

CLI Command

To enable X-Ray tracing for a function, use the following command:

aws lambda update-function-configuration --function-name MY_FUNCTION \
--tracing-config Mode=Active

Fix - Buildtime

Terraform

Add the following block to a Terraform Lambda resource to add X-Ray tracing:

tracing_config {
  mode = "Active"
}

CloudFormation

For CloudFormation, use the following block under Properties:

"TracingConfig": {
  "Mode": "Active"
}