turbot/aws_compliance

Query: lambda_function_use_latest_runtime

Usage

powerpipe query aws_compliance.query.lambda_function_use_latest_runtime

Steampipe Tables

SQL

select
arn as resource,
case
when package_type <> 'Zip' then 'skip'
when runtime in (
'nodejs18.x',
'nodejs16.x',
'nodejs14.x',
'python3.10',
'python3.9',
'python3.8',
'python3.7',
'ruby3.2',
'ruby2.7',
'java17',
'java11',
'java8',
'java8.al2',
'go1.x',
'dotnet7',
'dotnet6'
) then 'ok'
else 'alarm'
end as status,
case
when package_type <> 'Zip' then title || ' package type is ' || package_type || '.'
when runtime in (
'nodejs18.x',
'nodejs16.x',
'nodejs14.x',
'python3.10',
'python3.9',
'python3.8',
'python3.7',
'ruby3.2',
'ruby2.7',
'java17',
'java11',
'java8',
'java8.al2',
'go1.x',
'dotnet7',
'dotnet6'
) then title || ' uses latest runtime - ' || runtime || '.'
else title || ' uses ' || runtime || ' which is not the latest version.'
end as reason,
region,
account_id
from
aws_lambda_function;

Controls

The query is being used by the following controls: