I’m developing a Lambda function on AWS that runs untrusted code, like a sandbox, however, I have some keys and sensitive information (also, I want to avoid code leak too) which I want to be sure that users can’t access, I’ve been trying to find a way to cut the untrusted Python code access to the filesystem (or isolate it somehow). Is there any configuration or recommended practice to restrict filesystem access within an AWS Lambda in this case?