Ensure Lambda functions comply with using the latest runtimes.
Rule | Lambda functions should use latest runtimes |
Framework | AWS Foundational Security Best Practices |
Severity | ✔ Medium |
Rule Description
The rule requires all Lambda functions in AWS to use the latest runtimes available to comply with the AWS Foundational Security Best Practices.
Lambda functions are serverless compute services offered by AWS that allow you to run your code without provisioning or managing servers. By using the latest runtimes, you ensure that your Lambda functions benefit from the latest security enhancements, bug fixes, and performance improvements.
Troubleshooting Steps
If your Lambda functions are not using the latest runtimes, you might encounter compatibility issues, security vulnerabilities, or miss out on potential optimizations. To troubleshoot this, follow these steps:
If any issues arise during the troubleshooting process, consider the following:
Required Code
Updating the runtime of a Lambda function requires modifying the function's configuration, which can be done using the AWS Command Line Interface (CLI) or AWS SDKs. Generate the necessary code based on the programming language you are using:
Python
aws lambda update-function-configuration \ --function-name <lambda-function-name> \ --runtime python3.8
Replace
<lambda-function-name>
with the actual name of your Lambda function.Node.js
aws lambda update-function-configuration \ --function-name <lambda-function-name> \ --runtime nodejs14.x
Replace
<lambda-function-name>
with the actual name of your Lambda function.Java
aws lambda update-function-configuration \ --function-name <lambda-function-name> \ --runtime java11
Replace
<lambda-function-name>
with the actual name of your Lambda function..NET Core
aws lambda update-function-configuration \ --function-name <lambda-function-name> \ --runtime dotnetcore3.1
Replace
<lambda-function-name>
with the actual name of your Lambda function.Go
aws lambda update-function-configuration \ --function-name <lambda-function-name> \ --runtime go1.x
Replace
<lambda-function-name>
with the actual name of your Lambda function.Step-by-Step Guide for Remediation
Follow these steps to remediate the rule and ensure that your Lambda functions use the latest runtimes:
aws lambda get-function-configuration --function-name <lambda-function-name>
.By following these steps, you can ensure that your Lambda functions are using the latest runtimes and benefiting from the latest security enhancements, bug fixes, and performance improvements recommended by the AWS Foundational Security Best Practices.