Trust but verify AWS Lambda controls with Grafana

Lambda is the workhorse of many AWS security capabilities that must function trustfully!

One of many examples, AWS Secrets Manager, uses a Lambda function to auto-rotate credentials as part of the security control implementation.

Does anyone notice if a lambda fails in an organization without observability configured?

Amazon CloudWatch Alarms and Logs with Subscription Filters allow for proactive preparation for the AWS environment’s observability.

Things happen, requiring the creation of a Jupyter Notebook to gain this triage visibility quickly.

https://github.com/jblukach/botoplus

Amazon Managed Grafana is the fastest route as long as no more than 100 alert rules are required, a non-adjustable quota.

Grafana Cloud has a soft limit of 2,000 alert rules on paid plans if necessary for larger environments.

https://grafana.com