By using AWS re:Post, you agree to the Terms of Use

AWS LEX -Encryption/decryption user's input


Hi Team I am getting user input from Lex bot a credit card number which i dnt want to expose in logs or in lambda, i need to encrypt the input in transit itself. How to encrypt aws lex user input in transit itself and send to lambda function. Could you please suggest me with any samples, or this approach is possible in lex v2.

Thanks RC

2 Answers
Accepted Answer

Amazon Lex provides Slot Obfuscation where Amazon Lex enables you to obfuscate, or hide, the contents of slots so that the content is not visible. To protect sensitive data captured as slot values, you can enable slot obfuscation to mask those values in conversation logs. See Slot Obfuscation.

Also, for encryption, Lex encrypts the data at rest as well as in transit.

answered a month ago

Hi , Thanks for your answer, I tried it with Slot Obfuscation approach , it was working with sensitive data from slot values as masked in conversional logs, Is there any way to mask the cloudwatch logs same like conversation logs when lambda is invoked from same Intent (bot).

answered a month ago
  • The feature to redact sensitive information from CloudWatch logs does not exist today. There is a feature request internally within AWS for the same. You can write the same logs with redacted information to another log stream or log group and delete the original one. However, that can cost for CW logs collect, data transfer, and data store (and lambda or other services used to run the code if that's one of the aws services) Amazon CloudWatch pricing. This is a third-party article but I see a sample solution from here Please use it at your discretion.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions