I have an AWS Lambda function (written in C#) that uses ODP.NET driver to connect to an Oracle server. It works fine, but my understanding is that communication is not encrypted by default. The Oracle server has NNE enabled, so I just need to force encryption on the client side, and I can't find any information on how to do that for a client running in AWS lambda. The ODP.NET driver's manual doesn't have any info either, other than a mention that the driver supports NNE.
Turns out you need to set OracleConfiguration.SqlNetEncryptionClient = "required"; which sets the underlying SQLNET.ENCRYPTION_CLIENT.