Keeping up with AWS supported Lambda functions

by Siert Zijl on 26 May 2021

“ACTION REQUIRED”


If your day-to-day operations involve any AWS services or functions, chances are that you have come across a strongly worded email with these two words in the title in the past. AWS recently announced the ending support for Node.js 10 in Lambda on July 30th this year. Earlier a similar announcement was shared regarding the ending support for Python 2.7 on July 15th this year. This impacts all Lambda functions running in your AWS environments. Depending on your use case, this may impact your business; so be prepared to upgrade all your functions and follow up the instructions provided by AWS in their ‘action required’ email.

Risks of “ACTION IGNORED”

Every now and then, AWS reminds users to upgrade AWS Lambda functions built on runtimes that are reaching its end-of-life (EOL). They remind you by email describing what is happening, what it means, what you need to do, what to do if you need additional help, et cetera. For popular runtimes AWS may be over friendly, providing continued support to give you more time upgrading your Lambda functions.

EOL does not impact function execution and your functions will continue to run. However, they will be running on an unsupported runtime which is no longer maintained or patched by the AWS Lambda team. We regularly see that customers ‘choose’ to ‘safely ignore’ these kinds of reminders, or just don’t give it the right attention. This increases your exposure to several other risks, including the following:

1. Security vulnerabilities

Developers of your favorite runtime are constantly working to fix security flaws of all severity levels (low, moderate and high). This stops once a function becomes EOL and severely increases your vulnerability to outside threats.

2. Software incompatibility

Newer runtimes better support current best-practices and newer design patterns. If you don’t upgrade, you miss out on features and improvements that enable you to write better and more performant applications.

3. Compliance issues

This risk applies most to customers in highly regulated industries such as healthcare, finance or e-commerce. However, it also applies to those who deal with sensitive data such as personal identifiable information. Exposing these types of data to unnecessary risk can result in severe consequences, ranging from extended legal battles to hefty fines.

4. Poor performance and reliability

Usually, newer versions are significantly faster than older ones. Where Lambda is especially a popular choice for apps that must deliver low latency and high performance, upgrading to a newer runtime version is a relatively painless way to improve performance of your applications. Lambda functions may become unpredictable and start failing; imagine a scenario where your functions trust store is outdated and cannot apply encryption in transit of data anymore.

5. Higher operating costs

Performance benefits of newer runtimes can directly translate to reduced operational cost. Aside from missing the day-to-day savings, running an unmaintained version or runtime also significantly increases the likelihood of unexpected costs associated with an outage or critical issue. Not sure how your environment is holding up? A complete overview for Lambda end-of-support dates is available here.

Let us make Lambda easy for you

Still running Python 2.7, Ruby 2.5, Node.js 10.x or older runtimes in your AWS environment? If you need any insights into bringing your AWS environment up to the latest configurations, just know that Oblivion has been in the AWS cloud since 2006. Our engineers will gladly take a moment to help you out. Feel free to reach out to us through the form below or mail your question directly to me ([email protected]).

 

As a technical consultant and a Team Captain at Oblivion, my passion lays with technology and people and I strive to make the lives of developers a bit easier and more effective. For that I swear by public cloud solutions, open standards and open source software.

Explore related posts