You can now use network sources (an IAM resource type) to restrict access to functions and applications to only requests from specific IP addresses. A network source enables you to specify the allowed IP addresses. Having defined a network source, you can then include it in policy statement conditions to only allow access from IP addresses specified in the network source.

For more information, see Controlling Access to Invoke Functions.