AWS Config Rule: AWS Lambda Function Supported Runtime
LAMBDA_FUNCTION_SETTINGS_CHECK
Eduardo Van Cauteren
Last Update 4 ay önce
Description: Checks if the AWS Lambda function settings for runtime match the expected values. The rule ignores functions with the 'Image' package type. The rule is NON_COMPLIANT if the Lambda function settings do not match the expected values.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Spain), China (Ningxia), Europe (Zurich) Region
Lambda supports multiple languages through the use of runtimes. For a function defined as a container image, you choose a runtime and the Linux distribution when you create the container image. To change the runtime, you create a new container image. When you use a .zip file archive for the deployment package, you choose a runtime when you create the function. To change the runtime, you can update your function's configuration.
A runtime can support a single version of a language, multiple versions of a language, or multiple languages. Runtimes specific to a language or framework version are deprecated when the version reaches end of life.
If you would like to know more about Lambda runtimes, please check out the documentation from Amazon, linked here.
How to Resolve Manually
This rule is intended to verify whether your Lambda functions are using a currently supported runtime. The rule checks that your running code is using one of this versions:
Name / Version | Identifier |
---|---|
Node.js 20 | nodejs20.x |
Node.js 18 | nodejs18.x |
Node.js 16 | nodejs16.x |
Python 3.12 | python3.12 |
Python 3.11 | python3.11 |
Python 3.10 | python3.10 |
Python 3.9 | python3.9 |
Python 3.8 | python3.8 |
Java 21 | java21 |
Java 17 | java17 |
Java 11 | java11 |
Java 8 (al2) | java8.al2 |
.NET 7 (container only) | dotnet7 |
.NET 6 | dotnet6 |
Ruby 3.2 | ruby3.2 |
Custom Runtime | provided.al2023 |
Custom Runtime | provided.al2 |
If you found the resource listed as non-compliant you can resolve this manually by ensuring there isn't any running Lambda function using an outdated / deprecated runtime.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here