certificate-manager: CertificateRequestorFunction uses EOL Node.js 8.10 runtime

[jakerullman]

Issue

The CertificateRequestorFunction Lambda function used for creating ACM DnsValidatedCertificates uses the deprecated Node.js 8.10 runtime.

The CDK will not be able to create the function with this runtime after January 6, 2020.

Context

The Node.js 8.10 Lambda runtime is EOL.

Lambda operational notifications are being sent with the following message:

The Node community has decided to end support for Node.js 8.x on December 31, 2019 [1]. From this date forward, Node.js 8.x will stop receiving bug fixes, security updates, and/or performance improvements. To ensure that your new and existing functions run on a supported and secure runtime, language runtimes that have reached their EOL are deprecated in AWS [2].

For Node.js 8.x, there will be 2 stages to the runtime deprecation process:

1. Disable Function Create – Beginning January 6, 2020, customers will no longer be able to create functions using Node.js 8.10

2. Disable Function Update – Beginning February 3, 2020, customers will no longer be able to update functions using Node.js 8.10

After this period, both function creation and updates will be disabled permanently. However, existing Node 8.x functions will still be available to process invocation events.

[1] https://github.com/nodejs/Release
[2] https://docs.aws.amazon.com/lambda/latest/dg/runtime-support-policy.html

Code

aws-cdk/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts

Line 64 in b51723c

runtime: lambda.Runtime.NODEJS_8_10,

aws-cdk/packages/@aws-cdk/aws-certificatemanager/lambda-packages/dns_validated_certificate_handler/.node-version

Line 1 in b51723c

8.10.0