Running Python on AWS Lambda, Revisited

It’s been almost a year since I got Python 3.10 and 3.11 running on AWS Lambda before official runtimes for those versions existed. Amazon has since caught up with the Python release cycle, and now has runtimes for those versions, while a 3.12 runtime release is imminent.

The main Dockerfile is now based on the new Amazon Linux 2023 Provided image for Lambda (also see https://aws.amazon.com/blogs/compute/introducing-the-amazon-linux-2023-runtime-for-aws-lambda/). This means a modern version of OpenSSL is available without having to build it from source. However, the minimal image it’s based on made verifying the Python source download more difficult, because it does not include the full version of GPG, and it’s not easy to install, either. I suppose the md5sum could be checked, and that would be better than nothing.

In November, the official Docker best practices documentation changed from discouraging most uses of ADD to encouraging it “when you need to download a remote artifact”, so I switched the debian example from using curl to ADD.