How is it possible to get a list of AWS functions deployed by my IAM. The problem here is that our organization has over 4000 lambda functions so I don't need list of lambda functions in our account, rather ones I've created.
4
-
1You can try exporting ALL the cloudtrail events you have and analyze them locally. Other than that you have no options since Lambda (and basically all services for that matter) do not store the info who created them because why should they!?luk2302– luk23022021-06-25 13:33:19 +00:00Commented Jun 25, 2021 at 13:33
-
Doesn't sound like a viable option we have 12-15 teams (at different times) working on our product for several years already, how could I figure out which lambdas are obsolete and can be safely removed. Also I think answering your question "why should they?" with my (original) question will not be considered as question to question answer as I was first with mine :) In any case thank you.Lu4– Lu42021-06-25 14:01:38 +00:00Commented Jun 25, 2021 at 14:01
-
1Yeah, you are out of options. 12-15 teams should not work within the same AWS account to begin with, that is risky as hell. And as to "how could I figure out which lambdas are obsolete" - you absolutely cannot. You can check the cloudwatch metrics to see which ones have not been invoked in the last year but maybe there is a lambda deployed for a corner case that is used only every 1.5 years... Resource should have naming schemas associating them with specific teams or be tagged or ... but if you did not have those in place already you simply have no alternatives right now.luk2302– luk23022021-06-25 14:04:43 +00:00Commented Jun 25, 2021 at 14:04
-
In the absence of good account management and tagging hygiene, CloudTrail events may be your best hope. Going forward, here's some help for organizing AWS accounts and tagging best practices that your organization should begin to implement.jarmod– jarmod2021-06-25 14:58:46 +00:00Commented Jun 25, 2021 at 14:58
Add a comment
|