Since AWS is keeping languages updated, I noticed they also have some older versions. Will they remove versions that have security vulnerabilities, or is it on us to know and not use those versions?
Hi, each time AWS add a new version of a language to Lambda they give the duration of the security updates support. For example, Python 3.9 added in August will be supported until October 2025. On the other hand, Python 2.7 reaches the end of support in July. First, they have stopped applying security patches to Python 2.7 and also the AWS support for questions. Since September, AWS have removed the possibility to create or update existing 2.7 lambdas, so they can still be used but if you want to modify them you have to reimplement them in Pyhton >= 3. Sources :
Announcements of Python 3.9 : https://aws.amazon.com/about-aws/whats-new/2021/08/aws-lambda-adds-support-python-3-9/
End of support Pyhton 2.7 : https://aws.amazon.com/blogs/compute/announcing-end-of-support-for-python-2-7-in-aws-lambda/
List of supported languages : https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html