@mavogel/cdk-vscode-server 0.0.62 → 0.0.64

package/integ-tests/integ.stop-on-idle.ts.snapshot/IntegTestStackStopOnIdle.template.json

@@ -125,7 +125,7 @@
       "Arn"
      ]
     },
-    "Runtime": "nodejs20.x",
+    "Runtime": "nodejs22.x",
     "Timeout": 10
    },
    "DependsOn": [
@@ -1223,7 +1223,7 @@
       "Ebs": {
        "DeleteOnTermination": true,
        "Encrypted": true,
-       "VolumeSize": 8,
+       "VolumeSize": 20,
        "VolumeType": "gp3"
       }
      }
@@ -1232,9 +1232,9 @@
      "Ref": "IntegVSCodeServerserverinstanceInstanceProfile6130979E"
     },
     "ImageId": {
-     "Ref": "SsmParameterValueawsservicecanonicalubuntuserverjammystablecurrentarm64hvmebsgp2amiidC96584B6F00A464EAD1953AFF4B05118Parameter"
+     "Ref": "SsmParameterValueawsservicecanonicalubuntuservernoblestablecurrentarm64hvmebsgp3amiidC96584B6F00A464EAD1953AFF4B05118Parameter"
     },
-    "InstanceType": "t4g.large",
+    "InstanceType": "m7g.xlarge",
     "LaunchTemplate": {
      "LaunchTemplateName": "IntegTestStackStopOnIdleIntegVSCodeServerserverinstanceLaunchTemplateD9ABA365",
      "Version": {
@@ -1538,20 +1538,29 @@
       },
       "NodeVersion": {
        "type": "String",
-       "default": "20",
+       "default": "22",
        "allowedValues": [
+        "24",
         "22",
         "20",
         "18"
        ]
       },
-      "DotNetVersion": {
+      "RepoUrl": {
        "type": "String",
-       "default": "8.0",
-       "allowedValues": [
-        "8.0",
-        "7.0"
-       ]
+       "default": ""
+      },
+      "AssetZipS3Path": {
+       "type": "String",
+       "default": ""
+      },
+      "BranchZipS3Path": {
+       "type": "String",
+       "default": ""
+      },
+      "FolderZipS3Path": {
+       "type": "String",
+       "default": ""
       }
      },
      "mainSteps": [
@@ -1583,6 +1592,7 @@
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
+         "dpkg --configure -a",
          "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q apt-utils",
          "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q needrestart unattended-upgrades",
          "sed -i 's/#$nrconf{kernelhints} = -1;/$nrconf{kernelhints} = 0;/' /etc/needrestart/needrestart.conf",
@@ -1599,7 +1609,8 @@
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
-         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q curl gnupg whois argon2 openssl locales locales-all unzip apt-transport-https ca-certificates software-properties-common nginx"
+         "dpkg --configure -a",
+         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q curl gnupg whois argon2 unzip nginx openssl locales locales-all apt-transport-https ca-certificates software-properties-common"
         ]
        }
       },
@@ -1609,12 +1620,11 @@
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
-         "echo 'Adding user: ${VSCodeUser}'",
-         "adduser --disabled-password --gecos '' participant",
-         "echo \"participant:{{ VSCodePassword }}\" | chpasswd",
-         "usermod -aG sudo participant",
+         "dpkg --configure -a",
+         "if [[ \"participant\" == \"ubuntu\" ]]\nthen\n  echo 'Using existing user: participant'\nelse\n  echo 'Adding user: participant'\n  adduser --disabled-password --gecos '' participant\n  echo \"participant:{{ VSCodePassword }}\" | chpasswd\n  usermod -aG sudo participant\nfi",
          "tee /etc/sudoers.d/91-vscode-user <<EOF\nparticipant ALL=(ALL) NOPASSWD:ALL\nEOF",
          "mkdir -p /home/participant && chown -R participant:participant /home/participant",
+         "mkdir -p /home/participant/.local/bin && chown -R participant:participant /home/participant",
          "echo \"User added. Checking configuration\"",
          "getent passwd participant"
         ]
@@ -1622,34 +1632,58 @@
       },
       {
        "action": "aws:runShellScript",
-       "name": "InstallNodeApt",
+       "name": "UpdateProfile",
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
-         "curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /usr/share/keyrings/nodesource.gpg",
-         "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ NodeVersion }}.x nodistro main\" > /etc/apt/sources.list.d/nodesource.list",
-         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q nodejs",
-         "npm install -g npm@latest",
-         "echo \"Node and npm installed. Checking configuration\"",
-         "node -v",
-         "npm -v"
+         "echo LANG=en_US.utf-8 >> /etc/environment",
+         "echo LC_ALL=en_US.UTF-8 >> /etc/environment",
+         "echo 'PATH=$PATH:/home/participant/.local/bin' >> /home/participant/.bashrc",
+         "echo 'export PATH' >> /home/participant/.bashrc",
+         {
+          "Fn::Join": [
+           "",
+           [
+            "echo 'export AWS_REGION=",
+            {
+             "Ref": "AWS::Region"
+            },
+            "' >> /home/participant/.bashrc"
+           ]
+          ]
+         },
+         {
+          "Fn::Join": [
+           "",
+           [
+            "echo 'export AWS_ACCOUNTID=",
+            {
+             "Ref": "AWS::AccountId"
+            },
+            "' >> /home/participant/.bashrc"
+           ]
+          ]
+         },
+         "echo 'export NEXT_TELEMETRY_DISABLED=1' >> /home/participant/.bashrc",
+         "echo \"export PS1='\\[\\033[01;32m\\]\\u:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '\" >> /home/participant/.bashrc",
+         "chown -R participant:participant /home/participant"
         ]
        }
       },
       {
        "action": "aws:runShellScript",
-       "name": "InstallDockerApt",
+       "name": "InstallAWSCLI",
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
-         "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg",
-         "echo \"deb [signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release --codename --short) stable\" > /etc/apt/sources.list.d/docker.list",
-         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q docker-ce docker-ce-cli containerd.io",
-         "systemctl restart code-server@participant.service",
-         "systemctl start docker.service",
-         "echo \"Docker installed. Checking configuration\"",
-         "docker --version",
-         "systemctl status docker.service"
+         "mkdir -p /tmp",
+         "curl -fsSL https://awscli.amazonaws.com/awscli-exe-linux-$(uname -m).zip -o /tmp/aws-cli.zip",
+         "chown -R participant:participant /tmp/aws-cli.zip",
+         "unzip -q -d /tmp /tmp/aws-cli.zip",
+         "sudo /tmp/aws/install",
+         "rm -rf /tmp/aws",
+         "echo \"AWS CLI installed. Checking configuration\"",
+         "aws --version"
         ]
        }
       },
@@ -1659,10 +1693,11 @@
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
+         "dpkg --configure -a",
          "add-apt-repository ppa:git-core/ppa",
          "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q git",
          "sudo -u participant git config --global user.email \"participant@example.com\"",
-         "sudo -u participant git config --global user.name \"Workshop participant\"",
+         "sudo -u participant git config --global user.name \"Workshop Participant\"",
          "sudo -u participant git config --global init.defaultBranch \"main\"",
          "echo \"Git installed. Checking configuration\"",
          "git --version"
@@ -1671,33 +1706,41 @@
       },
       {
        "action": "aws:runShellScript",
-       "name": "InstallPythonApt",
+       "name": "CloneRepo",
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
-         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q python3-pip python3-venv python3-boto3 python3-pytest",
-         "echo 'alias pytest=pytest-3' >> /home/participant/.bashrc",
-         "systemctl restart code-server@participant.service",
-         "systemctl start multipathd.service packagekit.service",
-         "systemctl restart unattended-upgrades.service",
-         "echo \"Python and Pip installed. Checking configuration\"",
-         "python3 --version",
-         "pip3 --version"
+         "if [[ -z \"{{ RepoUrl }}\" ]]\nthen\n  echo \"No Repo\"\nelse\n  mkdir -p /Workshop && chown -R participant:participant /Workshop\n  sudo -u participant git clone {{ RepoUrl }} /Workshop\n  echo \"Repo {{ RepoUrl }} cloned. Checking configuration\"\n  ls -la /Workshop\n  sudo -u participant git -C /Workshop remote -v\nfi"
         ]
        }
       },
       {
        "action": "aws:runShellScript",
-       "name": "InstallAWSCLI",
+       "name": "DownloadAssets",
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
-         "curl -fsSL https://awscli.amazonaws.com/awscli-exe-linux-$(uname -m).zip -o /tmp/aws-cli.zip",
-         "unzip -q -d /tmp /tmp/aws-cli.zip",
-         "sudo /tmp/aws/install",
-         "rm -rf /tmp/aws",
-         "echo \"AWS CLI installed. Checking configuration\"",
-         "aws --version"
+         "if [[ -z \"{{ AssetZipS3Path }}\" ]]\nthen\n  echo \"No assets\"\nelse\n  mkdir -p /Workshop && chown -R participant:participant /Workshop\n  mkdir -p /tmp\n  aws s3 cp s3://{{ AssetZipS3Path }} /tmp/asset.zip\n  chown -R participant:participant /tmp/asset.zip\n  unzip -o /tmp/asset.zip -d /Workshop\n  chown -R participant:participant /Workshop\n  if  [[ -d /Workshop/.git ]]\n  then\n    sudo -u participant git -C /Workshop add .\n    sudo -u participant git -C /Workshop commit -m 'chore: workshop commit'\n  else\n    sudo -u participant git -C /Workshop init\n    sudo -u participant git -C /Workshop add .\n    sudo -u participant git -C /Workshop commit -m 'chore: initial commit'\n  fi\n  echo \"Assets downloaded. Checking configuration: /Workshop\"\n  ls -la /Workshop\n  sudo -u participant git -C /Workshop branch\nfi"
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "DownloadFolders",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "if [[ -z \"{{ FolderZipS3Path }}\" ]]\nthen\n  echo \"No folders\"\nelse\n  rm -rf /tmp/folder\n  mkdir -p /tmp/folder && chown -R participant:participant /tmp/folder\n  aws s3 cp s3://{{ FolderZipS3Path }} /tmp/asset-folder.zip\n  chown -R participant:participant /tmp/asset-folder.zip\n  unzip -o /tmp/asset-folder.zip -d /tmp/folder\n  chown -R participant:participant /tmp/folder\n  mkdir -p /Workshop && chown -R participant:participant /Workshop\n  cd \"/Workshop\" && cd ..\n  if [[ $(pwd) ==  \"/\" ]]\n  then\n    targetRootFolder=\"\"\n  else\n    targetRootFolder=$(pwd)\n    chown -R participant:participant .\n  fi\n  find \"/tmp/folder\" -maxdepth 1 -mindepth 1 -type d | while read sourceFolder; do\n    folder=\"$(basename $sourceFolder)\"\n    echo \"Processing folder: $folder\"\n    targetFolder=$targetRootFolder/$folder\n    if [[ $targetRootFolder == \"\" ]]\n    then\n      mv $sourceFolder /\n    else\n      mv $sourceFolder $targetRootFolder\n    fi\n    chown -R participant:participant $targetFolder\n    sudo -u participant git -C $targetFolder init\n    sudo -u participant git -C $targetFolder add .\n    sudo -u participant git -C $targetFolder commit -m \"chore: initial commit\"\n    echo \"Folder downloaded. Checking configuration: $targetFolder\"\n    ls -la $targetFolder\n  done\n  rm -rf /tmp/folder\nfi"
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "DownloadBranches",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "if [[ -z \"{{ BranchZipS3Path }}\" ]]\nthen\n  echo \"No branches\"\nelse\n  rm -rf /tmp/branch\n  rm -rf /tmp/git\n  mkdir -p /tmp/branch && chown -R participant:participant /tmp/branch\n  mkdir -p /tmp/git && chown -R participant:participant /tmp/git\n  aws s3 cp s3://{{ BranchZipS3Path }} /tmp/asset-branch.zip\n  chown -R participant:participant /tmp/asset-branch.zip\n  unzip -o /tmp/asset-branch.zip -d /tmp/branch\n  chown -R participant:participant /tmp/branch\n  mkdir -p /Workshop && chown -R participant:participant /Workshop\n  sudo -u participant git -C /Workshop init\n  mv /Workshop/.git /tmp/git\n  rm -rf /Workshop\n  mkdir -p /Workshop && chown -R participant:participant /Workshop\n  mv /tmp/git/.git /Workshop\n  find /tmp/branch -maxdepth 1 -mindepth 1 -type d | while read sourceFolder; do\n    branch=\"$(basename $sourceFolder)\"\n    echo \"Processing branch: $branch\"\n    sudo -u participant git -C /Workshop checkout -b $branch 2>&1\n    cp -a $sourceFolder/. /Workshop\n    sudo -u participant git -C /Workshop add .\n    sudo -u participant git -C /Workshop commit -m \"chore: initial commit $branch\"\n    mv /Workshop/.git /tmp/git\n    rm -rf /Workshop\n    mkdir /Workshop && chown -R participant:participant /Workshop\n    mv /tmp/git/.git /Workshop\n  done\n  sudo -u participant git -C /Workshop checkout main 2>&1\n  sudo -u participant git -C /Workshop restore .\n  rm -rf /tmp/branch\n  rm -rf /tmp/git\n  echo \"Branches downloaded. Checking configuration: /Workshop\"\n  sudo -u participant git -C /Workshop branch\n  ls -la /Workshop\nfi"
         ]
        }
       },
@@ -1708,23 +1751,22 @@
         "runCommand": [
          "#!/bin/bash",
          "export HOME=/home/participant",
-         "curl -fsSL https://code-server.dev/install.sh | bash -s -- 2>&1",
+         "curl -fsSL https://code-server.dev/install.sh | sh -s -- --version 4.100.3",
          "systemctl enable --now code-server@participant 2>&1",
-         "tee /etc/nginx/conf.d/code-server.conf <<EOF\nserver {\n    listen 80;\n    listen [::]:80;\n    # server_name distribution.distributionDomainName;\n    server_name *.cloudfront.net;\n    location / {\n      proxy_pass http://localhost:8080/;\n      proxy_set_header Host \\$host;\n      proxy_set_header Upgrade \\$http_upgrade;\n      proxy_set_header Connection upgrade;\n      proxy_set_header Accept-Encoding gzip;\n    }\n    location /app {\n      proxy_pass http://localhost:8081/app;\n      proxy_set_header Host \\$host;\n      proxy_set_header Upgrade \\$http_upgrade;\n      proxy_set_header Connection upgrade;\n      proxy_set_header Accept-Encoding gzip;\n    }\n}\nEOF",
+         "tee /etc/nginx/conf.d/code-server.conf <<EOF\nserver {\n    listen 80;\n    listen [::]:80;\n    # server_name \\$\\{CloudFrontDistribution.DomainName\\};\n    server_name *.cloudfront.net;\n    location / {\n      proxy_pass http://localhost:8080/;\n      proxy_set_header Host \\$host;\n      proxy_set_header Upgrade \\$http_upgrade;\n      proxy_set_header Connection upgrade;\n      proxy_set_header Accept-Encoding gzip;\n    }\n    location /app {\n      proxy_pass http://localhost:8081/app;\n      proxy_set_header Host \\$host;\n      proxy_set_header Upgrade \\$http_upgrade;\n      proxy_set_header Connection upgrade;\n      proxy_set_header Accept-Encoding gzip;\n    }\n}\nEOF",
          "mkdir -p /home/participant/.config/code-server",
          "tee /home/participant/.config/code-server/config.yaml <<EOF\ncert: false\nauth: password\nhashed-password: \"$(echo -n {{ VSCodePassword }} | argon2 $(openssl rand -base64 12) -e)\"\nEOF",
          "mkdir -p /home/participant/.local/share/code-server/User/",
          "touch /home/participant/.hushlogin",
          "mkdir -p /Workshop && chown -R participant:participant /Workshop",
-         "tee /home/participant/.local/share/code-server/User/settings.json <<EOF\n{\n  \"extensions.autoUpdate\": false,\n  \"extensions.autoCheckUpdates\": false,\n  \"telemetry.telemetryLevel\": \"off\",\n  \"security.workspace.trust.startupPrompt\": \"never\",\n  \"security.workspace.trust.enabled\": false,\n  \"security.workspace.trust.banner\": \"never\",\n  \"security.workspace.trust.emptyWindow\": false,\n  \"python.testing.pytestEnabled\": true,\n  \"auto-run-command.rules\": [\n    {\n      \"command\": \"workbench.action.terminal.new\"\n    }\n  ]\n}\nEOF",
+         "tee /home/participant/.local/share/code-server/User/settings.json <<EOF\n{\n  \"extensions.autoUpdate\": false,\n  \"extensions.autoCheckUpdates\": false,\n  \"telemetry.telemetryLevel\": \"off\",\n  \"security.workspace.trust.startupPrompt\": \"never\",\n  \"security.workspace.trust.enabled\": false,\n  \"security.workspace.trust.banner\": \"never\",\n  \"security.workspace.trust.emptyWindow\": false,\n  \"auto-run-command.rules\": [\n    {\n      \"command\": \"workbench.action.terminal.new\"\n    }\n  ]\n}\nEOF",
          "chown -R participant:participant /home/participant",
          "systemctl restart code-server@participant",
          "systemctl restart nginx",
          "sudo -u participant --login code-server --install-extension AmazonWebServices.aws-toolkit-vscode --force",
          "sudo -u participant --login code-server --install-extension AmazonWebServices.amazon-q-vscode --force",
-         "sudo -u participant --login code-server --install-extension synedra.auto-run-command --force",
-         "sudo -u participant --login code-server --install-extension vscjava.vscode-java-pack --force",
          "sudo -u participant --login code-server --install-extension ms-vscode.live-server --force",
+         "sudo -u participant --login code-server --install-extension synedra.auto-run-command --force",
          "chown -R participant:participant /home/participant",
          "echo \"Nginx installed. Checking configuration\"",
          "nginx -t 2>&1",
@@ -1737,41 +1779,17 @@
       },
       {
        "action": "aws:runShellScript",
-       "name": "UpdateProfile",
+       "name": "InstallNodeApt",
        "inputs": {
         "runCommand": [
          "#!/bin/bash",
-         "echo LANG=en_US.utf-8 >> /etc/environment",
-         "echo LC_ALL=en_US.UTF-8 >> /etc/environment",
-         "echo 'PATH=$PATH:/home/participant/.local/bin' >> /home/participant/.bashrc",
-         "echo 'export PATH' >> /home/participant/.bashrc",
-         {
-          "Fn::Join": [
-           "",
-           [
-            "echo 'export AWS_REGION=",
-            {
-             "Ref": "AWS::Region"
-            },
-            "' >> /home/participant/.bashrc"
-           ]
-          ]
-         },
-         {
-          "Fn::Join": [
-           "",
-           [
-            "echo 'export AWS_ACCOUNTID=",
-            {
-             "Ref": "AWS::AccountId"
-            },
-            "' >> /home/participant/.bashrc"
-           ]
-          ]
-         },
-         "echo 'export NEXT_TELEMETRY_DISABLED=1' >> /home/participant/.bashrc",
-         "echo \"export PS1='\\[\\033[01;32m\\]\\u:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '\" >> /home/participant/.bashrc",
-         "chown -R participant:participant /home/participant"
+         "curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /usr/share/keyrings/nodesource.gpg",
+         "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ NodeVersion }}.x nodistro main\" > /etc/apt/sources.list.d/nodesource.list",
+         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q nodejs",
+         "npm install -g npm@latest",
+         "echo \"Node and npm installed. Checking configuration\"",
+         "node -v",
+         "npm -v"
         ]
        }
       },
@@ -1786,6 +1804,133 @@
          "cdk --version"
         ]
        }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "InstallQCLI",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "curl --proto '=https' --tlsv1.2 -sSf \"https://desktop-release.q.us-east-1.amazonaws.com/latest/q-$(uname -m)-linux.zip\" -o /tmp/q.zip",
+         "chown -R participant:participant /tmp/q.zip",
+         "unzip -q -d /tmp /tmp/q.zip",
+         "chown -R participant:participant /tmp/q",
+         "chmod +x /tmp/q/install.sh",
+         "sudo -u participant /tmp/q/install.sh --no-confirm",
+         "rm -rf /tmp/q",
+         "q --version",
+         "echo \"Amazon Q CLI installed\""
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "Installuv",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "sudo -u participant --login curl -fsSL https://astral.sh/uv/install.sh -o /tmp/uv_install.sh",
+         "sudo -u participant --login bash /tmp/uv_install.sh",
+         "if uv generate-shell-completion bash &>/dev/null; then\n  echo 'eval \"$(uv generate-shell-completion bash)\"' >> /home/participant/.bashrc\nfi",
+         "if uvx generate-shell-completion bash &>/dev/null; then\n  echo 'eval \"$(uvx generate-shell-completion bash)\"' >> /home/participant/.bashrc\nfi",
+         "echo \"uv installed. Checking configuration\"",
+         "sudo -u participant --login uv --version"
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "InstallPythonApt",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "dpkg --configure -a",
+         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q python3-pip python3-venv python3-boto3 python3-pytest",
+         "echo 'alias pytest=pytest-3' >> /home/participant/.bashrc",
+         "systemctl start multipathd.service packagekit.service",
+         "systemctl restart unattended-upgrades.service",
+         "systemctl restart networkd-dispatcher.service",
+         "sudo -u participant --login code-server --install-extension ms-python.python --force",
+         "if [ -f /home/participant/.local/share/code-server/User/settings.json ]; then\n  sed -i \"2i\\\\  \\\"python.testing.pytestEnabled\\\": true,\" /home/participant/.local/share/code-server/User/settings.json\nelse\n  echo '{\n    \"python.testing.pytestEnabled\": true\n  }' > /home/participant/.local/share/code-server/User/settings.json\nfi",
+         "echo \"Python and Pip installed. Checking configuration\"",
+         "python3 --version",
+         "pip3 --version"
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "InstallJavaApt",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "dpkg --configure -a",
+         "curl -fsSL https://apt.corretto.aws/corretto.key | gpg --dearmor -o /usr/share/keyrings/corretto-keyring.gpg",
+         "echo \"deb [signed-by=/usr/share/keyrings/corretto-keyring.gpg] https://apt.corretto.aws stable main\" > /etc/apt/sources.list.d/corretto.list",
+         "DEBIAN_FRONTEND=noninteractive apt-get update",
+         "DEBIAN_FRONTEND=noninteractive apt-get install -y -q java-21-amazon-corretto-jdk java-17-amazon-corretto-jdk java-1.8.0-amazon-corretto-jdk maven",
+         "echo 'export JAVA_8_HOME=$(update-alternatives --list java | grep \"java-1.8.0-amazon-corretto\" | head -1)' >> /home/participant/.bashrc",
+         "echo 'export JAVA_8_PATH=$(update-alternatives --list java | grep \"java-1.8.0-amazon-corretto\" | head -1)' >> /home/participant/.bashrc",
+         "echo 'export JAVA_17_PATH=$(update-alternatives --list java | grep \"java-17-amazon-corretto\" | head -1)' >> /home/participant/.bashrc",
+         "echo 'export JAVA_17_HOME=$(update-alternatives --list java | grep \"java-17-amazon-corretto\" | head -1)' >> /home/participant/.bashrc",
+         "echo 'export JAVA_21_PATH=$(update-alternatives --list java | grep \"java-21-amazon-corretto\" | head -1)' >> /home/participant/.bashrc",
+         "echo 'export JAVA_21_HOME=$(update-alternatives --list java | grep \"java-21-amazon-corretto\" | head -1)' >> /home/participant/.bashrc",
+         "echo 'export JAVA_HOME=$(update-alternatives --list java | grep \"java-21-amazon-corretto\" | head -1)' >> /home/participant/.bashrc",
+         "echo 'export PATH=$PATH:$JAVA_HOME/bin:/usr/share/maven/bin' >> /home/participant/.bashrc",
+         "sudo -u participant --login code-server --install-extension vscjava.vscode-java-pack --force",
+         "echo \"Java and Maven installed. Checking configuration\"",
+         "java -version 2>&1",
+         "mvn --version",
+         "update-alternatives --list java"
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "InstallDotnetApt",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "dpkg --configure -a",
+         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q dotnet-sdk-8.0",
+         "dotnet tool install -g Microsoft.Web.LibraryManager.Cli",
+         "echo 'PATH=$PATH:/home/participant/.dotnet/tools' >> /home/participant/.bashrc",
+         "chown -R participant:participant /home/participant",
+         "echo \"Dotnet installed. Checking configuration\"",
+         "dotnet --list-sdks"
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "InstallDockerApt",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg",
+         "echo \"deb [signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release --codename --short) stable\" > /etc/apt/sources.list.d/docker.list",
+         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q docker-ce docker-ce-cli containerd.io",
+         "usermod -aG docker participant",
+         "systemctl restart code-server@participant.service",
+         "systemctl start docker.service",
+         "echo \"Docker installed. Checking configuration\"",
+         "docker --version",
+         "systemctl status docker.service"
+        ]
+       }
+      },
+      {
+       "action": "aws:runShellScript",
+       "name": "InstallGolangApt",
+       "inputs": {
+        "runCommand": [
+         "#!/bin/bash",
+         "apt-get -q update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q golang",
+         "echo 'PATH=$PATH:/home/participant/go/bin' >> /home/participant/.bashrc",
+         "echo \"Golang installed. Checking configuration\"",
+         "go version"
+        ]
+       }
       }
      ]
     },
@@ -1847,6 +1992,13 @@
       {
        "reason": "For this lambda the latest runtime is not needed",
        "id": "AwsSolutions-L1"
+      },
+      {
+       "reason": "ssm:GetCommandInvocation and ssm:ListCommandInvocations do not support resource-level permissions and require wildcard resources",
+       "id": "AwsSolutions-IAM5",
+       "applies_to": [
+        "Resource::*"
+       ]
       }
      ]
     }
@@ -1858,11 +2010,7 @@
     "PolicyDocument": {
      "Statement": [
       {
-       "Action": [
-        "ssm:GetCommandInvocation",
-        "ssm:ListCommandInvocations",
-        "ssm:SendCommand"
-       ],
+       "Action": "ssm:SendCommand",
        "Effect": "Allow",
        "Resource": [
         {
@@ -1929,6 +2077,14 @@
          ]
         }
        ]
+      },
+      {
+       "Action": [
+        "ssm:GetCommandInvocation",
+        "ssm:ListCommandInvocations"
+       ],
+       "Effect": "Allow",
+       "Resource": "*"
       }
      ],
      "Version": "2012-10-17"
@@ -1939,6 +2095,19 @@
       "Ref": "IntegVSCodeServerInstallerOnEventHandlerServiceRole59651FEF"
      }
     ]
+   },
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "ssm:GetCommandInvocation and ssm:ListCommandInvocations do not support resource-level permissions and require wildcard resources",
+       "id": "AwsSolutions-IAM5",
+       "applies_to": [
+        "Resource::*"
+       ]
+      }
+     ]
+    }
    }
   },
   "IntegVSCodeServerInstallerOnEventHandler6FF91542": {
@@ -1948,7 +2117,7 @@
      "S3Bucket": {
       "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
      },
-     "S3Key": "33da23274e25bd9f43638c5d83dad26e3931cbe78d462ffd9a9f565e948b4f5f.zip"
+     "S3Key": "2f99f38311da357eaaea1284d67c759759324dec4a1cd11621d9c59eea9e81df.zip"
     },
     "Description": "src/installer/installer.lambda.ts",
     "Handler": "index.handler",
@@ -1959,8 +2128,8 @@
       "Arn"
      ]
     },
-    "Runtime": "nodejs20.x",
-    "Timeout": 300
+    "Runtime": "nodejs22.x",
+    "Timeout": 900
    },
    "DependsOn": [
     "IntegVSCodeServerInstallerOnEventHandlerServiceRoleDefaultPolicy1CAD86C2",
@@ -1976,6 +2145,13 @@
       {
        "reason": "For this lambda the latest runtime is not needed",
        "id": "AwsSolutions-L1"
+      },
+      {
+       "reason": "ssm:GetCommandInvocation and ssm:ListCommandInvocations do not support resource-level permissions and require wildcard resources",
+       "id": "AwsSolutions-IAM5",
+       "applies_to": [
+        "Resource::*"
+       ]
       }
      ]
     }
@@ -2170,7 +2346,7 @@
       "Arn"
      ]
     },
-    "ServiceTimeout": 305,
+    "ServiceTimeout": 905,
     "InstanceId": {
      "Ref": "IntegVSCodeServerserverinstance0A3D62D7"
     },
@@ -2361,7 +2537,7 @@
    "Type": "AWS::Events::Rule",
    "Properties": {
     "ScheduleExpression": "rate(1 minute)",
-    "State": "ENABLED",
+    "State": "DISABLED",
     "Targets": [
      {
       "Arn": {
@@ -2394,11 +2570,10 @@
     }
    }
   },
-  "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0": {
+  "IntegVSCodeServerIdleMonitorEnablerFunctionServiceRole71DD1E5D": {
    "Type": "AWS::IAM::Role",
    "Properties": {
     "AssumeRolePolicyDocument": {
-     "Version": "2012-10-17",
      "Statement": [
       {
        "Action": "sts:AssumeRole",
@@ -2407,18 +2582,404 @@
         "Service": "lambda.amazonaws.com"
        }
       }
-     ]
+     ],
+     "Version": "2012-10-17"
     },
     "ManagedPolicyArns": [
      {
-      "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
-     }
-    ],
-    "Policies": [
-     {
-      "PolicyName": "Inline",
-      "PolicyDocument": {
-       "Version": "2012-10-17",
+      "Fn::Join": [
+       "",
+       [
+        "arn:",
+        {
+         "Ref": "AWS::Partition"
+        },
+        ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+       ]
+      ]
+     }
+    ]
+   },
+   "DependsOn": [
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "Managed policies acceptable for custom resource Lambda functions",
+       "id": "AwsSolutions-IAM4"
+      },
+      {
+       "reason": "Latest runtime not required for this function",
+       "id": "AwsSolutions-L1"
+      }
+     ]
+    }
+   }
+  },
+  "IntegVSCodeServerIdleMonitorEnablerFunctionServiceRoleDefaultPolicyCDD8B46F": {
+   "Type": "AWS::IAM::Policy",
+   "Properties": {
+    "PolicyDocument": {
+     "Statement": [
+      {
+       "Action": [
+        "events:DescribeRule",
+        "events:DisableRule",
+        "events:EnableRule"
+       ],
+       "Effect": "Allow",
+       "Resource": {
+        "Fn::Join": [
+         "",
+         [
+          "arn:aws:events:",
+          {
+           "Ref": "AWS::Region"
+          },
+          ":",
+          {
+           "Ref": "AWS::AccountId"
+          },
+          ":rule/",
+          {
+           "Ref": "IntegVSCodeServerIdleMonitorScheduleRuleCF2E60F5"
+          }
+         ]
+        ]
+       }
+      }
+     ],
+     "Version": "2012-10-17"
+    },
+    "PolicyName": "IntegVSCodeServerIdleMonitorEnablerFunctionServiceRoleDefaultPolicyCDD8B46F",
+    "Roles": [
+     {
+      "Ref": "IntegVSCodeServerIdleMonitorEnablerFunctionServiceRole71DD1E5D"
+     }
+    ]
+   },
+   "DependsOn": [
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "Managed policies acceptable for custom resource Lambda functions",
+       "id": "AwsSolutions-IAM4"
+      },
+      {
+       "reason": "Latest runtime not required for this function",
+       "id": "AwsSolutions-L1"
+      }
+     ]
+    }
+   }
+  },
+  "IntegVSCodeServerIdleMonitorEnablerFunction32DA729B": {
+   "Type": "AWS::Lambda::Function",
+   "Properties": {
+    "Code": {
+     "S3Bucket": {
+      "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+     },
+     "S3Key": "22c8a6c357b704e370bef317ae1b52c59f684aa7640422a3d1dfe813d1f77853.zip"
+    },
+    "Description": "src/idle-monitor-enabler/idle-monitor-enabler.lambda.ts",
+    "Handler": "index.handler",
+    "MemorySize": 128,
+    "Role": {
+     "Fn::GetAtt": [
+      "IntegVSCodeServerIdleMonitorEnablerFunctionServiceRole71DD1E5D",
+      "Arn"
+     ]
+    },
+    "Runtime": "nodejs22.x",
+    "Timeout": 30
+   },
+   "DependsOn": [
+    "IntegVSCodeServerIdleMonitorEnablerFunctionServiceRoleDefaultPolicyCDD8B46F",
+    "IntegVSCodeServerIdleMonitorEnablerFunctionServiceRole71DD1E5D",
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "Managed policies acceptable for custom resource Lambda functions",
+       "id": "AwsSolutions-IAM4"
+      },
+      {
+       "reason": "Latest runtime not required for this function",
+       "id": "AwsSolutions-L1"
+      }
+     ]
+    }
+   }
+  },
+  "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventServiceRole941AC96C": {
+   "Type": "AWS::IAM::Role",
+   "Properties": {
+    "AssumeRolePolicyDocument": {
+     "Statement": [
+      {
+       "Action": "sts:AssumeRole",
+       "Effect": "Allow",
+       "Principal": {
+        "Service": "lambda.amazonaws.com"
+       }
+      }
+     ],
+     "Version": "2012-10-17"
+    },
+    "ManagedPolicyArns": [
+     {
+      "Fn::Join": [
+       "",
+       [
+        "arn:",
+        {
+         "Ref": "AWS::Partition"
+        },
+        ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+       ]
+      ]
+     }
+    ]
+   },
+   "DependsOn": [
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "Provider framework uses managed policies",
+       "id": "AwsSolutions-IAM4"
+      },
+      {
+       "reason": "Provider framework runtime managed by CDK",
+       "id": "AwsSolutions-L1"
+      }
+     ]
+    }
+   }
+  },
+  "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventServiceRoleDefaultPolicy995CAD91": {
+   "Type": "AWS::IAM::Policy",
+   "Properties": {
+    "PolicyDocument": {
+     "Statement": [
+      {
+       "Action": "lambda:InvokeFunction",
+       "Effect": "Allow",
+       "Resource": [
+        {
+         "Fn::GetAtt": [
+          "IntegVSCodeServerIdleMonitorEnablerFunction32DA729B",
+          "Arn"
+         ]
+        },
+        {
+         "Fn::Join": [
+          "",
+          [
+           {
+            "Fn::GetAtt": [
+             "IntegVSCodeServerIdleMonitorEnablerFunction32DA729B",
+             "Arn"
+            ]
+           },
+           ":*"
+          ]
+         ]
+        }
+       ]
+      },
+      {
+       "Action": "lambda:GetFunction",
+       "Effect": "Allow",
+       "Resource": {
+        "Fn::GetAtt": [
+         "IntegVSCodeServerIdleMonitorEnablerFunction32DA729B",
+         "Arn"
+        ]
+       }
+      }
+     ],
+     "Version": "2012-10-17"
+    },
+    "PolicyName": "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventServiceRoleDefaultPolicy995CAD91",
+    "Roles": [
+     {
+      "Ref": "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventServiceRole941AC96C"
+     }
+    ]
+   },
+   "DependsOn": [
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "Provider framework uses managed policies",
+       "id": "AwsSolutions-IAM4"
+      },
+      {
+       "reason": "Provider framework runtime managed by CDK",
+       "id": "AwsSolutions-L1"
+      }
+     ]
+    }
+   }
+  },
+  "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEvent3B68F506": {
+   "Type": "AWS::Lambda::Function",
+   "Properties": {
+    "Code": {
+     "S3Bucket": {
+      "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+     },
+     "S3Key": "bdc104ed9cab1b5b6421713c8155f0b753380595356f710400609664d3635eca.zip"
+    },
+    "Description": "AWS CDK resource provider framework - onEvent (IntegTestStackStopOnIdle/IntegVSCodeServer/IdleMonitorEnabler/Provider)",
+    "Environment": {
+     "Variables": {
+      "USER_ON_EVENT_FUNCTION_ARN": {
+       "Fn::GetAtt": [
+        "IntegVSCodeServerIdleMonitorEnablerFunction32DA729B",
+        "Arn"
+       ]
+      }
+     }
+    },
+    "Handler": "framework.onEvent",
+    "Role": {
+     "Fn::GetAtt": [
+      "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventServiceRole941AC96C",
+      "Arn"
+     ]
+    },
+    "Runtime": {
+     "Fn::FindInMap": [
+      "LatestNodeRuntimeMap",
+      {
+       "Ref": "AWS::Region"
+      },
+      "value"
+     ]
+    },
+    "Timeout": 900
+   },
+   "DependsOn": [
+    "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventServiceRoleDefaultPolicy995CAD91",
+    "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventServiceRole941AC96C",
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "Provider framework uses managed policies",
+       "id": "AwsSolutions-IAM4"
+      },
+      {
+       "reason": "Provider framework runtime managed by CDK",
+       "id": "AwsSolutions-L1"
+      }
+     ]
+    }
+   }
+  },
+  "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEventLogRetentionE879C0C0": {
+   "Type": "Custom::LogRetention",
+   "Properties": {
+    "ServiceToken": {
+     "Fn::GetAtt": [
+      "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A",
+      "Arn"
+     ]
+    },
+    "LogGroupName": {
+     "Fn::Join": [
+      "",
+      [
+       "/aws/lambda/",
+       {
+        "Ref": "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEvent3B68F506"
+       }
+      ]
+     ]
+    },
+    "RetentionInDays": 1
+   },
+   "DependsOn": [
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "Metadata": {
+    "cdk_nag": {
+     "rules_to_suppress": [
+      {
+       "reason": "Provider framework uses managed policies",
+       "id": "AwsSolutions-IAM4"
+      },
+      {
+       "reason": "Provider framework runtime managed by CDK",
+       "id": "AwsSolutions-L1"
+      }
+     ]
+    }
+   }
+  },
+  "IntegVSCodeServerIdleMonitorEnablerF25B6C6F": {
+   "Type": "AWS::CloudFormation::CustomResource",
+   "Properties": {
+    "ServiceToken": {
+     "Fn::GetAtt": [
+      "IntegVSCodeServerIdleMonitorEnablerProviderframeworkonEvent3B68F506",
+      "Arn"
+     ]
+    },
+    "RuleName": {
+     "Ref": "IntegVSCodeServerIdleMonitorScheduleRuleCF2E60F5"
+    }
+   },
+   "DependsOn": [
+    "IntegVSCodeServerIdleMonitorScheduleRuleAllowEventRuleIntegTestStackStopOnIdleIntegVSCodeServerIdleMonitorFunction8C52CC5D407CFD6D",
+    "IntegVSCodeServerIdleMonitorScheduleRuleCF2E60F5",
+    "IntegVSCodeServerSSMInstallerCustomResource9F9AFE68"
+   ],
+   "UpdateReplacePolicy": "Delete",
+   "DeletionPolicy": "Delete"
+  },
+  "CustomVpcRestrictDefaultSGCustomResourceProviderRole26592FE0": {
+   "Type": "AWS::IAM::Role",
+   "Properties": {
+    "AssumeRolePolicyDocument": {
+     "Version": "2012-10-17",
+     "Statement": [
+      {
+       "Action": "sts:AssumeRole",
+       "Effect": "Allow",
+       "Principal": {
+        "Service": "lambda.amazonaws.com"
+       }
+      }
+     ]
+    },
+    "ManagedPolicyArns": [
+     {
+      "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+     }
+    ],
+    "Policies": [
+     {
+      "PolicyName": "Inline",
+      "PolicyDocument": {
+       "Version": "2012-10-17",
        "Statement": [
         {
          "Effect": "Allow",
@@ -2532,6 +3093,93 @@
     "IntegVSCodeServercfprefixlistIdGetPrefixListIdRole1302B3E1"
    ]
   },
+  "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB": {
+   "Type": "AWS::IAM::Role",
+   "Properties": {
+    "AssumeRolePolicyDocument": {
+     "Statement": [
+      {
+       "Action": "sts:AssumeRole",
+       "Effect": "Allow",
+       "Principal": {
+        "Service": "lambda.amazonaws.com"
+       }
+      }
+     ],
+     "Version": "2012-10-17"
+    },
+    "ManagedPolicyArns": [
+     {
+      "Fn::Join": [
+       "",
+       [
+        "arn:",
+        {
+         "Ref": "AWS::Partition"
+        },
+        ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+       ]
+      ]
+     }
+    ]
+   }
+  },
+  "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB": {
+   "Type": "AWS::IAM::Policy",
+   "Properties": {
+    "PolicyDocument": {
+     "Statement": [
+      {
+       "Action": [
+        "logs:DeleteRetentionPolicy",
+        "logs:PutRetentionPolicy"
+       ],
+       "Effect": "Allow",
+       "Resource": "*"
+      }
+     ],
+     "Version": "2012-10-17"
+    },
+    "PolicyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
+    "Roles": [
+     {
+      "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB"
+     }
+    ]
+   }
+  },
+  "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A": {
+   "Type": "AWS::Lambda::Function",
+   "Properties": {
+    "Handler": "index.handler",
+    "Runtime": {
+     "Fn::FindInMap": [
+      "LatestNodeRuntimeMap",
+      {
+       "Ref": "AWS::Region"
+      },
+      "value"
+     ]
+    },
+    "Timeout": 900,
+    "Code": {
+     "S3Bucket": {
+      "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
+     },
+     "S3Key": "2819175352ad1ce0dae768e83fc328fb70fb5f10b4a8ff0ccbcb791f02b0716d.zip"
+    },
+    "Role": {
+     "Fn::GetAtt": [
+      "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB",
+      "Arn"
+     ]
+    }
+   },
+   "DependsOn": [
+    "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
+    "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB"
+   ]
+  },
   "idletesthandlerServiceRoleBB9B4624": {
    "Type": "AWS::IAM::Role",
    "Properties": {
@@ -2664,93 +3312,6 @@
     "RetentionInDays": 1
    }
   },
-  "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB": {
-   "Type": "AWS::IAM::Role",
-   "Properties": {
-    "AssumeRolePolicyDocument": {
-     "Statement": [
-      {
-       "Action": "sts:AssumeRole",
-       "Effect": "Allow",
-       "Principal": {
-        "Service": "lambda.amazonaws.com"
-       }
-      }
-     ],
-     "Version": "2012-10-17"
-    },
-    "ManagedPolicyArns": [
-     {
-      "Fn::Join": [
-       "",
-       [
-        "arn:",
-        {
-         "Ref": "AWS::Partition"
-        },
-        ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
-       ]
-      ]
-     }
-    ]
-   }
-  },
-  "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB": {
-   "Type": "AWS::IAM::Policy",
-   "Properties": {
-    "PolicyDocument": {
-     "Statement": [
-      {
-       "Action": [
-        "logs:DeleteRetentionPolicy",
-        "logs:PutRetentionPolicy"
-       ],
-       "Effect": "Allow",
-       "Resource": "*"
-      }
-     ],
-     "Version": "2012-10-17"
-    },
-    "PolicyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
-    "Roles": [
-     {
-      "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB"
-     }
-    ]
-   }
-  },
-  "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A": {
-   "Type": "AWS::Lambda::Function",
-   "Properties": {
-    "Handler": "index.handler",
-    "Runtime": {
-     "Fn::FindInMap": [
-      "LatestNodeRuntimeMap",
-      {
-       "Ref": "AWS::Region"
-      },
-      "value"
-     ]
-    },
-    "Timeout": 900,
-    "Code": {
-     "S3Bucket": {
-      "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
-     },
-     "S3Key": "2819175352ad1ce0dae768e83fc328fb70fb5f10b4a8ff0ccbcb791f02b0716d.zip"
-    },
-    "Role": {
-     "Fn::GetAtt": [
-      "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB",
-      "Arn"
-     ]
-    }
-   },
-   "DependsOn": [
-    "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
-    "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB"
-   ]
-  },
   "loginhandlerServiceRole330B0B32": {
    "Type": "AWS::IAM::Role",
    "Properties": {
@@ -3037,9 +3598,9 @@
   }
  },
  "Parameters": {
-  "SsmParameterValueawsservicecanonicalubuntuserverjammystablecurrentarm64hvmebsgp2amiidC96584B6F00A464EAD1953AFF4B05118Parameter": {
+  "SsmParameterValueawsservicecanonicalubuntuservernoblestablecurrentarm64hvmebsgp3amiidC96584B6F00A464EAD1953AFF4B05118Parameter": {
    "Type": "AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>",
-   "Default": "/aws/service/canonical/ubuntu/server/jammy/stable/current/arm64/hvm/ebs-gp2/ami-id"
+   "Default": "/aws/service/canonical/ubuntu/server/noble/stable/current/arm64/hvm/ebs-gp3/ami-id"
   },
   "BootstrapVersion": {
    "Type": "AWS::SSM::Parameter::Value<String>",