AWS Lambda Adopts Python 3.10
Written by Nikos Vaggalis   
Thursday, 25 May 2023

AWS Lambda functions can now use all the new and useful language features of Python 3.10 as well as take advantage of the performance improvements this version introduces, in both managed runtimes and container images.

Fundamentally a base container image for Lambda by AWS contains all the required components to run the functions. These base images contain the Amazon Linux Base operating system, the runtime for a given language, the necessary dependencies and the Lambda Runtime Interface Client (RIC) which implements the Lambda Runtime API.

As such there's a new image with support for Python 3.10, available on the Amazon ECR Public Gallery / lambda. As of this May that image is available as: 

public.ecr.aws/lambda/python:3.10.2023.05.19.02

As we saw in another runtime adoption, Java's Corretto 17 build, it's beneficial to choose a dedicated runtime by Amazon because they 

include patches from Amazon that have proven useful in running its own services. These patches include security fixes, performance enhancements, garbage collection scheduling, preventing out-of-memory situations, as well as improved monitoring, reporting, and thread management.

Here the case is not about the Python runtime (as always we mean the "traditional" implementation of Python which is not fragmented into different runtimes like Java's OpenJDK), but about the AWS certified container images.These are regularly updated with security patches and other updates and come optimized by changing the components or dependencies included in them.

Of course, using such as base image is optional as you can always make your own custom made container image.In that case, as we discovered in Wolfi Linux (Un)Distribution Secures The Software Supply Chain, it's best to go for a minimal image that is already hardened by coming with signing and sensible defaults.For instance the defaults that Wolfi enforces on container images are:

  • build-time SBOM as standard for all packages
  • packages are designed to be granular and independent to support minimal images
  • uses the proven and reliable APK package format
  • enables fully declarative and reproducible build systems
  • supports glibc and musl

python310-2

These defaults address the following issues arising from running containers:

  • Container images tend to lag behind upstream updates, resulting in users running images with known vulnerabilities
  • The common distros used in container images also lag behind upstream versions, resulting in users installing packages manually or outside of package managers
  • Container images typically contain more software than they need to, resulting in an unnecessarily increased attack surface
  • Many container images have no provenance information making it difficult to verify where they came from or if someone has tampered with them
  • They are typically not designed to meet compliance requirements or standards like SLSA

By tackling them, Wolfi gives developers the secure-by-default base they need to build software.

Other than that Python devs can now use Python's 3.10 enhancements when building their lambda functions:

  • Structural Pattern Matching
  • Parenthesized context managers
  • Better error messages
  • New Type Union Operator
  • Parameter Specification Variables
  • User-Defined Type Guards
  • Stricter Zipping
  • Automatic Text Encoding
  • Asynchronous Iteration

And last but not least let's not forget the performance enhancements of the version, like the faster PEP 590 vectorcall calling convention which allows for quicker and more efficient Python function calls, particularly those that take multiple arguments.

AWS has also published a preview Lambda container base image for Python 3.11 so that customers can use this image to get an early look at Python 3.11 support in Lambda. This image is subject to change and should not be used for production workloads.

 newawslogo

More Information

Python 3.10 runtime now available in AWS Lambda

Related Articles

AWS Lambda Adopts Java 17

Wolfi Linux (Un)Distribution Secures The Software Supply Chain

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


100 Episodes of 5mins of Postgres
08/03/2024

The popular PostgreSQL explainer series is celebrating its 100th release and beyond. Let's take a look at what it makes it so special.



Edgeless Systems Announces Continuum AI
14/03/2024

Edgeless Systems has announced the launch of Continuum, a  security solution that provides cloud-based "Confidential AI" services and enables sharing of sensitive data with chatbots such as ChatG [ ... ]


More News

raspberry pi books

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Thursday, 25 May 2023 )