Skip to content

Fix CRLY.01180: Set Concurrent Execution Limit for Lambda Functions #48

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix CRLY.01180: Set Concurrent Execution Limit for Lambda Functions #48

wants to merge 1 commit into from

Conversation

curly-review[bot]
Copy link

@curly-review curly-review bot commented May 1, 2025

Issue Details

ID: CRLY.01180
Severity: MEDIUM
File: tailor.yaml

Remediation Summary

Description

The security finding indicates that the AWS Lambda function talrClaFunction is missing a function-level concurrent execution limit. This limit is crucial for controlling the number of simultaneous executions of the Lambda function, which can help prevent resource exhaustion and ensure predictable performance.

Steps

  1. Update the CloudFormation Template:
    Add the ReservedConcurrentExecutions property under the Properties section of the talrClaFunction resource.

  2. Set a Suitable Limit:
    Choose a concurrent execution limit based on your application's requirements. For example, if you want to limit the function to 100 concurrent executions, set ReservedConcurrentExecutions to 100.

Here is the updated YAML snippet:

talrClaFunction:
  Type: AWS::Serverless::Function
  Properties:
    FunctionName: !Join [ "-", [ "talr-cla", !Ref stage ] ]
    Description: Invokes CLA call to create account
    Runtime: python2.7
    CodeUri: ./sam/functions/talr-cla
    Handler: handler.handler
    MemorySize: 128
    Timeout: 60
    Role:
      Fn::GetAtt:
        - iamCoreFunctionsRolesStack
        - Outputs.iamRoleArnLambdaTalrCla
    Events:
      talrClaRequest:
        Type: SNS
        Properties:
          Topic:
            Fn::GetAtt:
              - snsTopicsStack
              - Outputs.snsArnTalrClaRequest
    Environment:
      Variables:
        TAILOR_TABLENAME_CBINFO:
          Fn::GetAtt:
            - dynamodbTablesStack
            - Outputs.dynamodbTableNameTalrCbInfo
        TAILOR_TABLENAME_TASKSTATUS:
          Fn::GetAtt:
            - dynamodbTablesStack
            - Outputs.dynamodbTableNameTalrTaskStatus
        TAILOR_TABLENAME_CLASTATUS:
          Fn::GetAtt:
            - dynamodbTablesStack
            - Outputs.dynamodbTableNameTalrClaStatus
    ReservedConcurrentExecutions: 100  # Add this line

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants