AWS Lambda can encounter failure states when attemping execution of code. When invocations of the function fail the reason will be provided by the AWS Lambda Service for remediation
AWS Lambda is a vendor-managed compute runtime where much of the computational framework is pre-configured and provided as part of the platform’s service. The user is only responsible for providing the code and configuration to the service for each configured function.
Since AWS manages the runtime environment, there is a level of monitoring and oversight to ensure that both the configuration and codebase operate correctly. During execution, Lambda functions may enter an incompatible or non-runnable state, indicating errors that occur outside of the user-provided code. These errors are detected at the runtime level rather than within the user’s code and are reported by the AWS managed Lambda environment.
Functions in this state cannot execute, triggering alerts to notify the user for remediation. This requires action from the user to correct either the configuration or the code to ensure that the function can return to operation.
The remediation of these issues depends on the specific error encountered. Common problems include mismatches between the provided binary or container and the computational architecture, such as Go binaries or containers not aligning with the CPU architecture configured in the Lambda runtime. In such cases, remediation may involve re-uploading a compatible binary or container, potentially requiring recompilation of the codebase to produce a binary that matches the target architecture. Alternatively, adjusting the runtime architecture to match the original binary may resolve the issue.
Other errors can be related to networking changes or failure such as running out of Elastic Network Interfaces for VPC connected Lambda functions.
The errors reported from failed executions will guide the appropriate remediation steps. To mitigate these issues proactively, solutions should be integrated into your deployment and management workflows as well as at an architecture level to ensure that some issues cannot arise. For example, a properly designed network should never risk runnning out of IP addresses or Elastic Network Interfaces.
Serverless deployments, particularly for AWS Lambda, offer multiple deployment strategies that can vary depending on your operational and development processes. Engaging architectural guidance can help identify the most suitable deployment process, as well as inform the design of a continuous integration and continuous delivery (CI/CD) pipeline that aligns with your environment and business needs.
SkySiege Cloud Security Assessments scan for this issue and provide same-day reports..
Available for individual projects or organisations.
