Mutual TLS for AWS Lambda Function URL


Is there a way to enable mutual TLS for AWS Lambda function URLs? I would like to do the following

  • enforce client side TLS cert/key
  • enforce that the client cert is generated from a particular CA (i.e. root CA)
  • (optionally) enforce a check on the CN string of the cert (to allow on certain clients to come in)

1st and 2nd is already supported in AWS ApiGateway.

asked 2 years ago893 views
1 Answer

Lambda function URLs are intended to be very lightweight way if invoking Lambda functions. They have limited capabilities, mutual TLS is not one of them.

If you need mutual TLS you should use API Gateway instead.

profile pictureAWS
answered 2 years ago
  • Hello, is there a custom way to implement with a Function URL using python./fast-api as the backend?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions