bug: AwsSolutions-L1 issue with Python runtime 3.12

[gyalai-aws]

What is the problem?

Using Lambda with runtime 3.12 results AwsSolutions-L1 issue.

Reproduction Steps

Create a stack with:

const pythonCode = `

Replace this with your actual Python code

def handler(event, context):
message = "Hello from an inlined Python Lambda!"
return {"message": message}
`;

const myLambda = new lambda.Function(this, 'IotCertificateCustomResource', {
runtime: lambda.Runtime.PYTHON_3_12,
role: iotCertCustomResourceRole,
code: lambda.Code.fromInline(path.resolve(__dirname, './lambda/iot_certificate')),
handler: 'main.handler'
});

What did you expect to happen?

The AwsSolutions-L1 finding should not happen as the python 3.12 is the latest.

What actually happened?

AwsSolutions-L1 error wsa reported

cdk-nag version

2.28.109

Language

Typescript

Other information

These are the runtimes considered during execution:
[
{ value: 'python2.7', family: 'python', version: '2.7' },
{ value: 'python3.6', family: 'python', version: '3.6' },
{ value: 'python3.7', family: 'python', version: '3.7' },
{ value: 'python3.8', family: 'python', version: '3.8' },
{ value: 'python3.9', family: 'python', version: '3.9' },
{ value: 'python3.10', family: 'python', version: '3.10' },
{ value: 'python3.11', family: 'python', version: '3.11' }
]

The python3.12 is missing from the list and the code https://github.com/cdklabs/cdk-nag/blob/main/src/rules/lambda/LambdaLatestVersion.ts pickes the 3.11 as latest.

[dontirun]

I can't reproduce this locally. These runtimes are sourced directly from the CDK, and 3.12 is included.

A few questions

• What CDK version are you using?
• How are you using cdk-nag?

It doesn't make sense to me that you're able to specify PYTHON_3_12 as a runtime in your application, yet its not listed on the available runtimes within the cdk.