diff --git a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile
index ac34823b6c3c6..8825095b9f15c 100644
--- a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile
+++ b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile
@@ -7,10 +7,35 @@ ARG PIP_INDEX_URL
 ARG PIP_EXTRA_INDEX_URL
 ARG HTTPS_PROXY
 
+# Create a new location for the pip cache
+# Ensure all users can write to pip cache
+RUN mkdir /tmp/pip-cache && \
+    chmod -R 777 /tmp/pip-cache
+
+# set the cache location
+ENV PIP_CACHE_DIR=/tmp/pip-cache
+
+# create a new virtualenv for python to use
+# so that it isn't using root
+RUN python -m venv /usr/app/venv
+ENV PATH="/usr/app/venv/bin:$PATH"
+
 # Upgrade pip (required by cryptography v3.4 and above, which is a dependency of poetry)
 RUN pip install --upgrade pip
 
+
 # pipenv 2022.4.8 is the last version with Python 3.6 support
 RUN pip install pipenv==2022.4.8 poetry
 
+# Create a new location for the poetry cache
+# Ensure all users can write to poetry cache
+RUN mkdir /tmp/poetry-cache && \
+    chmod -R 777 /tmp/poetry-cache
+
+# set the poetry cache
+ENV POETRY_CACHE_DIR=/tmp/poetry-cache
+
+# create non root user and change allow execute command for non root user
+RUN /sbin/useradd -u 1000 user && chmod 711 /
+
 CMD [ "python" ]
diff --git a/packages/@aws-cdk/aws-lambda-python/package.json b/packages/@aws-cdk/aws-lambda-python/package.json
index e2692689c15cb..bedfd090075b4 100644
--- a/packages/@aws-cdk/aws-lambda-python/package.json
+++ b/packages/@aws-cdk/aws-lambda-python/package.json
@@ -75,6 +75,7 @@
     "@aws-cdk/assertions": "0.0.0",
     "@aws-cdk/cdk-build-tools": "0.0.0",
     "@aws-cdk/integ-runner": "0.0.0",
+    "@aws-cdk/integ-tests": "0.0.0",
     "@aws-cdk/pkglint": "0.0.0",
     "@types/jest": "^27.5.2"
   },
diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.ts b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.ts
index 4d029fca0321b..31af5421fccc8 100644
--- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.ts
+++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.ts
@@ -1,9 +1,7 @@
-// disabling update workflow because we don't want to include the assets in the snapshot
-// python bundling changes the asset hash pretty frequently
-/// !cdk-integ pragma:disable-update-workflow
 import * as path from 'path';
 import { Runtime } from '@aws-cdk/aws-lambda';
 import { App, CfnOutput, Stack, StackProps } from '@aws-cdk/core';
+import { IntegTest } from '@aws-cdk/integ-tests';
 import { Construct } from 'constructs';
 import * as lambda from '../lib';
 
@@ -35,5 +33,13 @@ class TestStack extends Stack {
 }
 
 const app = new App();
-new TestStack(app, 'cdk-integ-lambda-python');
+const testCase = new TestStack(app, 'cdk-integ-lambda-python');
+
+new IntegTest(app, 'poetry', {
+  testCases: [testCase],
+  // disabling update workflow because we don't want to include the assets in the snapshot
+  // python bundling changes the asset hash pretty frequently
+  stackUpdateWorkflow: false,
+});
+
 app.synth();