Aqua Workload Protection provides security for your AWS Lambda, Microsoft Azure, and Google Cloud serverless functions.


  • Scanning your functions in cloud accounts for vulnerabilities (open source libraries or OS dependencies) and sensitive data (such as access and secret keys). AWS and Azure (but not Google) functions are also checked for excessive permissions (e.g., AWS IAM roles).
  • Evaluating the risk of your functions, based on the scanning findings, according to Function Assurance Policies, which you create and configure
  • Compliance checking to determining whether your functions are compliant with your policies
  • Failing the pipeline of your CI/CD development tools
  • Preventing the execution of risky functions


For complete documentation, we recommend that you start by reading Function Assurance Overview on the Aqua Platform Documentation Portal.