More Info:

You should always use the latest version of the execution environment for your Amazon Lambda functions in order to adhere to AWS best practices and receive the newest software features, get the latest security patches and bug fixes, and benefit from better performance and reliability.

Risk Level

Low

Address

Security, Reliability

Compliance Standards

CBP

Triage and Remediation

Remediation

Using Console

To remediate this misconfiguration in AWS, you can follow the below steps:
  1. Open the AWS Management Console and navigate to the AWS Lambda service.
  2. Select the Lambda function that you want to update.
  3. Click on the “Configuration” tab.
  4. Under the “General configuration” section, you will see the “Runtime” option. Click on the “Edit” button next to it.
  5. Select the latest version of the runtime from the drop-down list.
  6. Click on the “Save” button to apply the changes.
After following these steps, your Lambda function will be updated with the latest runtime version. It is recommended to regularly check for updates and keep your Lambda functions up-to-date to ensure optimal performance and security.

To remediate the misconfiguration “Lambda Functions Should Have Latest Runtime Version” for AWS using AWS CLI, follow these steps:
  1. Open the AWS CLI on your local machine.
  2. Run the following command to list all the Lambda functions in your AWS account: 
aws lambda list-functions
  1. Identify the Lambda function that is not using the latest runtime version.
  2. Run the following command to update the runtime version of the Lambda function: 
aws lambda update-function-configuration --function-name <function-name> --runtime <runtime-version>
Replace <function-name> with the name of your Lambda function and <runtime-version> with the latest runtime version available for your function’s programming language.
  1. Once the command is executed successfully, the runtime version of the Lambda function will be updated to the latest version.
  2. Verify the updated runtime version by running the following command: 
aws lambda get-function-configuration --function-name <function-name> | grep Runtime
Replace <function-name> with the name of your Lambda function.
  1. Repeat the above steps for all the Lambda functions that are not using the latest runtime version.
By following these steps, you can remediate the misconfiguration “Lambda Functions Should Have Latest Runtime Version” for AWS using AWS CLI.
Sure, I can help you with that. Here are the step-by-step instructions to remediate the misconfiguration “Lambda Functions Should Have Latest Runtime Version” in AWS using Python:
  1. Open the AWS Management Console and go to the AWS Lambda service.
  2. Select the Lambda function for which you want to update the runtime version.
  3. Click on the “Configuration” tab.
  4. Scroll down to the “Runtime settings” section and check the current runtime version of the function.
  5. If the runtime version is not the latest one, then we need to update it.
  6. Create a new Python script and import the Boto3 library to interact with AWS services.
  7. Use the following code to update the runtime version of the Lambda function: 
import boto3

client = boto3.client('lambda')

response = client.update_function_configuration(
    FunctionName='your-function-name',
    Runtime='python3.8'
)

print(response)
Note: Replace ‘your-function-name’ with the actual name of your Lambda function and ‘python3.8’ with the latest runtime version you want to update to.
  1. Save the Python script and run it.
  2. Verify that the runtime version of the Lambda function has been updated to the latest one by checking the “Runtime settings” section in the AWS Lambda Management Console.
That’s it! You have successfully remediated the misconfiguration “Lambda Functions Should Have Latest Runtime Version” in AWS using Python.

Additional Reading: