Ensure that you always use the latest version of the execution environment configured for your Amazon Lambda functions in order to adhere to AWS cloud best practices and receive the newest software features, get the latest security patches and bug fixes, and benefit from better performance and reliability. A Lambda runtime (execution) environment is a container build based on the configuration settings that you provide when you create your Lambda function. Amazon Lambda serverless architecture supports several runtime environments such as Node.js, Edge Node.js, Java, Python and .NET Core (C#) that you can use to run your functions.
This rule can help you with the following compliance standards:
- PCI
- APRA
- MAS
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
When you execute your Lambda functions using the latest version of the implemented runtime environment, you should benefit from new features and enhancements, better security, performance and reliability.
Audit
To determine if there are any Lambda functions that are using old execution environment available within your AWS account, perform the following actions:
Remediation / Resolution
To upgrade the runtime environment version for your existing Amazon Lambda functions, perform the following actions:
References
- AWS Documentation
- AWS Lambda FAQs
- Getting started with Lambda
- AWS::Lambda::Function
- Lambda runtimes
- AWS Command Line Interface (CLI) Documentation
- lambda
- list-functions
- get-function-configuration
- update-function-configuration
- CloudFormation Documentation
- AWS Lambda resource type reference
- Terraform Documentation
- AWS Provider