[Feature Request] Support deployment from SageMaker Code Editor

[icoxfog417]

Describe the solution you'd like

As we know, Cloud9 is now deprecated and SageMaker Studio Code Editor is one of the alternative as platform to edit and deploy bedrock claude chat. However, I cannot execute cdk deploy because of the following error.

`Error response from daemon: {"message":"Forbidden. Reason: [ImageBuild] 'sagemaker' is the only user allowed network input"}`

I am not sure this error is cause by SageMaker environment (cannot fix ) or not, but it will be nice if we can avoid this error by modifying the code.

Why the solution needed

Can execute cdk deploy from SageMaker Code Editor environment.

Additional context

• I installed docker to SageMaker by following this article.

Implementation feasibility

Are you willing to discuss the solution with us, decide on the approach, and assist with the implementation?

• Yes
• No

[statefb]

Memo: need to verify using SageMaker Studio Code Editor.
https://github.com/aws-samples/sagemaker-studio-code-editor-template

[littlemex]

The error occurs due to the missing --network sagemaker flag. For more details, please refer to this link: https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-local.html
The aws-lambda-nodejs BundlingOptions does not have a network option, and there's no network configuration in the esbuildCommand of createBundlingCommand. Currently, setting bundling.network in NodejsFunction is likely to have no effect.
https://github.com/aws/aws-cdk/blob/b8289e247eb8a8e4aace79ba51fd4e3d43abc722/packages/aws-cdk-lib/aws-lambda-nodejs/lib/bundling.ts#L233
https://github.com/aws/aws-cdk/blob/v2.151.0/packages/aws-cdk-lib/aws-lambda-nodejs/lib/types.ts

# error
docker build -t cdk-d6287b24c8e8f5d6cc2f81c1ab2eb07d6d58ceecfb7e526b9ee09257e8908fe5 --platform "linux/amd64" --build-arg "IMAGE=public.ecr.aws/sam/build-nodejs18.x" --build-arg "ESBUILD_VERSION=0.21" "/home/sagemaker-user/bedrock-claude-chat/cdk/node_modules/aws-cdk-lib/aws-lambda-nodejs/lib"

# no error
docker build -t cdk-d6287b24c8e8f5d6cc2f81c1ab2eb07d6d58ceecfb7e526b9ee09257e8908fe5 --platform "linux/amd64" --build-arg "IMAGE=public.ecr.aws/sam/build-nodejs18.x" --build-arg "ESBUILD_VERSION=0.21" "/home/sagemaker-user/bedrock-claude-chat/cdk/node_modules/aws-cdk-lib/aws-lambda-nodejs/lib" **--network sagemaker**

[statefb]

Refactoring guideline to support sagemaker studio

• NodeJsFunction

  • Install esbuild to avoid Docker builds.

• DockerImageFunction

  • Create from DockerImageAsset.
  • Specify 'sagemaker' as the NetworkMode for DockerImageAsset.
    • Make it configurable on cdk.json?

• PythonFunction

  • Use regular Lambda Function or DockerImageFunction instead of aws-lambda-python-alpha module
    • Lambda Function
      • Utilize the local bundling option
      • Manage dependencies in requirements.txt and resolve with pip install
      • Note: local bundling on PythonFunction issue is still open.
    • DockerImageFunction
      • Explore using the same Dockerfile with different CMD for entry points
      • Note that all PythonFunction (add_user_to_groups, chec_email_domain, s3_exporter) are only depends on boto3 and lambda-powertools.