Limiting EFS access on AWS Lambda for a user

Question

Background

I have an AWS Lambda (of Image type) configured through a Dockerfile. The Lambda function should execute an arbitrary python code (the code is sent from a user, and therefore can be malicious and should be restricted).

There is important information stored in the EFS (mounted on /mnt/efs) which should be accessible from the Lambda, but not from the user's code. The EFS access point is configured as:

  AccessPointResource:
    Type: 'AWS::EFS::AccessPoint'
    Properties:
      FileSystemId: !Ref FileSystemResource
      PosixUser:
        Uid: '1000'
        Gid: '1000'
      RootDirectory:
        CreationInfo:
          OwnerGid: '1000'
          OwnerUid: '1000'
          Permissions: '0777'
        Path: '/mnt/efs'

Initial idea that did not work

• Restrict AccessPointResource to allow reads for only a specific group
• Include the main lambda user in the group
• Create a Linux user that is not in the group
• When running the submitted code, run under the newly created user's credentials

The reasons why it didn't work:

• When creating a user in the Dockerfile, the user disappears when deploying the image
  • Tried creating the user with both RUN /usr/sbin/useradd -ms /bin/bash coderunner and in the entrypoint.sh
  • Tried creating the user inside the lambda (in the python code) - Permission denied (the main user of the lambda does not have permissions to access /usr/sbin/useradd)
• When specifying the user for Popen following the guide, all the commands fail with permission denied - for any user even (with the current one).

Additional information

• AWS lambda seems to reset all the users and their permissions when the docker image is deployed to match the Lambda restrictions
• It creates ~150 other users to manage the access within the Lambda image
• When printing os.getuid(), getpass.getuser(), os.getgroups() we get 993 sbx_user1051 []
• When printing cat /etc/passwd we get ~150 users and none of them is the user that we created (coderunner)

The main question

Is there a way of permitting the main AWS Lambda code to access the EFS on /mnt/efs but restricting the access for a code launched through a python subprocess?