Every now and then, AWS reminds users to upgrade AWS Lambda functions built on runtimes that are reaching its end-of-life (EOL). They remind you by email describing what is happening, what it means, what you need to do, what to do if you need additional help, et cetera. For popular runtimes AWS may be over friendly, providing continued support to give you more time upgrading your Lambda functions.
EOL does not impact function execution and your functions will continue to run. However, they will be running on an unsupported runtime which is no longer maintained or patched by the AWS Lambda team. We regularly see that customers ‘choose’ to ‘safely ignore’ these kinds of reminders, or just don’t give it the right attention. This increases your exposure to several other risks, including the following:
Developers of your favorite runtime are constantly working to fix security flaws of all severity levels (low, moderate and high). This stops once a function becomes EOL and severely increases your vulnerability to outside threats.
Newer runtimes better support current best-practices and newer design patterns. If you don’t upgrade, you miss out on features and improvements that enable you to write better and more performant applications.
This risk applies most to customers in highly regulated industries such as healthcare, finance or e-commerce. However, it also applies to those who deal with sensitive data such as personal identifiable information. Exposing these types of data to unnecessary risk can result in severe consequences, ranging from extended legal battles to hefty fines.
Usually, newer versions are significantly faster than older ones. Where Lambda is especially a popular choice for apps that must deliver low latency and high performance, upgrading to a newer runtime version is a relatively painless way to improve performance of your applications. Lambda functions may become unpredictable and start failing; imagine a scenario where your functions trust store is outdated and cannot apply encryption in transit of data anymore.
Performance benefits of newer runtimes can directly translate to reduced operational cost. Aside from missing the day-to-day savings, running an unmaintained version or runtime also significantly increases the likelihood of unexpected costs associated with an outage or critical issue. Not sure how your environment is holding up? A complete overview for Lambda end-of-support dates is available here.
Still running Python 2.7, Ruby 2.5, Node.js 10.x or older runtimes in your AWS environment? If you need any insights into bringing your AWS environment up to the latest configurations, just know that Oblivion has been in the AWS cloud since 2006. Our engineers will gladly take a moment to help you out. Feel free to reach out to us through the form below or mail your question directly to me ([email protected]).