checkov icon indicating copy to clipboard operation
checkov copied to clipboard
verified publisher icon bridgecrewio

Lambda runtime nodejs18.x has expired, but the code for the check does not reflect this yet

Open RoryKiefer opened this issue 5 months ago • 1 comments

Describe the issue CKV_AWS_363 is not up to date and lacks already-deprecated lambda content

Examples

# Lambda function
resource "aws_lambda_function" "example" {

  runtime = "nodejs18.x" # <-- this was deprecated on 09/01/2025 but checkov doesn't report it as such
  # aws documentation: https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-deprecated

  filename         = data.archive_file.example.output_path
  function_name    = "example_lambda_function"
  role             = aws_iam_role.example.arn
  handler          = "index.handler"
  source_code_hash = data.archive_file.example.output_base64sha256

  environment {
    variables = {
      ENVIRONMENT = "production"
      LOG_LEVEL   = "info"
    }
  }

  tags = {
    Environment = "production"
    Application = "example"
  }
}

Version (please complete the following information):

  • Checkov Version: any

Additional context The solution is here and all thats needed is an un-comment and linter-auto-fix to implement. Note: This PR also addresses issue # 7283.

RoryKiefer avatar Sep 12 '25 16:09 RoryKiefer

Right, can you update the PR with the needed versions? I see some versions are due.

maxamel avatar Sep 21 '25 12:09 maxamel