From 4285f1e60924f65e32ea98443af64c8c1bc58991 Mon Sep 17 00:00:00 2001
From: GZ <yuanhaoz@amazon.com>
Date: Fri, 17 Jan 2025 13:42:47 -0800
Subject: [PATCH] chore: ensure docker file runs as non root user (#32995)

### Issue # (if applicable)


### Reason for this change

Same as this PR https://github.com/aws/aws-cdk/pull/32976
---
 .../src/docker/DockerImageFunctionConstruct/Dockerfile          | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/sam_cdk_integ_app/src/docker/DockerImageFunctionConstruct/Dockerfile b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/sam_cdk_integ_app/src/docker/DockerImageFunctionConstruct/Dockerfile
index c065c951ab86e..52bc1cd005002 100644
--- a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/sam_cdk_integ_app/src/docker/DockerImageFunctionConstruct/Dockerfile
+++ b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/sam_cdk_integ_app/src/docker/DockerImageFunctionConstruct/Dockerfile
@@ -5,5 +5,7 @@ COPY app.js  package.json ./
 
 RUN npm install
 
+USER nobody
+
 # Set the CMD to your handler (could also be done as a parameter override outside of the Dockerfile)
 CMD [ "app.lambdaHandler" ]
\ No newline at end of file