In case of authorization headers needing to be sent to HTTP(s) endpoint - they should be stored in secret store, rather than passed unencrypted as payload to lambda function. Suggestion is that if any value in payload is in following forms
aws:smps("path")aws:sm("store.key")
They should be replaced with actual secret value from AWS System Manager Parameter Store (first form), or AWS Secrets Manager (2nd form).
In case of authorization headers needing to be sent to HTTP(s) endpoint - they should be stored in secret store, rather than passed unencrypted as payload to lambda function. Suggestion is that if any value in payload is in following forms
aws:smps("path")aws:sm("store.key")They should be replaced with actual secret value from AWS System Manager Parameter Store (first form), or AWS Secrets Manager (2nd form).