Compliance validation for Amazon Lambda
Third-party auditors assess the security and compliance of Amazon Lambda as part of multiple Amazon compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others.
For a list of Amazon services in scope of specific compliance programs, see Amazon services in scope by compliance program
You can download third-party audit reports using Amazon Artifact. For more information, see Downloading reports in Amazon artifact.
Your compliance responsibility when using Lambda is determined by the sensitivity of your data, your company's compliance objectives, and applicable laws and regulations. You can implement governance controls to ensure that your company's Lambda functions meet your compliance requirements. For more information, see Create a governance strategy for Lambda functions and layers.