turbot/aws_compliance

Query: lambda_function_use_latest_runtime

Usage

powerpipe query aws_compliance.query.lambda_function_use_latest_runtime

Steampipe Tables

SQL

select
arn as resource,
case
when package_type <> 'Zip' then 'skip'
when runtime like any ($1) then 'ok'
when runtime like any ($2) then 'alarm'
else 'info'
end as status,
case
when package_type <> 'Zip' then title || ' package type is ' || package_type || '.'
when runtime like any ($1) then title || ' uses latest runtime - ' || runtime || '.'
when runtime like any ($2) then title || ' uses ' || runtime || ' which is not the latest version.'
else title || ' uses runtime ' || runtime || ' which is yet to be released.'
end as reason
, region, account_id
from
aws_lambda_function;

Params

ArgsNameDefaultDescriptionVariable
$1lambda_latest_runtimes
["nodejs20.x","nodejs18.x","nodejs16.x","python3.12","python3.11","python3.10","python3.9","ruby3.3","ruby3.2","java21","java17","java11","java8.al2","dotnet8","dotnet6"]
A list of latest lambda runtimes.
$2lambda_deprecated_runtimes
["java8","go1.x","provided","ruby2.7","nodejs14.x","python3.7","python3.8","dotnetcore3.1","nodejs12.x","python3.6","dotnet5.0","dotnetcore2.1","nodejs10.x","ruby2.5","python2.7","nodejs8.10","nodejs4.3","nodejs4.3-edge","nodejs6.10","dotnetcore1.0","dotnetcore2.0","nodejs"]
A list of deprecated lambda runtimes.

Controls

The query is being used by the following controls: