feat(python): Decoupled IAM Role and Lambda example

[DenysGonzaga]

Describe the feature

A CDK/python example how to create a Lambda + Docker with a decoupled IAM Role.

Use Case

On these days, I had a problem when I needed to implement CDK/Python, lambda (dockerfunction) and CDK-nag. Using AWS/Security/DSR with default Nag configuration, it require a lambda with a custom IAM role (not that created by cdk) otherwise I'll get an error.

Proposed Solution

I already developed a simple example how to create a IAM role / attach it to a lambda. As I would not able to find any code (using Python) I thought that could be a great example to add.

Other Information

No response

Acknowledgements

• [X] I may be able to implement this feature request
• [ ] This feature might incur a breaking change

Language

Python

[ericzbeard]

Sounds like a good idea, dealing with cdk-nag warnings is a common requirement. Would be good to have examples of handling the security issues, and also suppressing ones that are false positives or not applicable. Nag suppressions can be tricky.

[DenysGonzaga]

Great, I'll prepare a fork/pr for that

[github-actions[bot]]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.