diff --git a/packages/@aws-cdk/aws-lambda-nodejs/parcel/Dockerfile b/packages/@aws-cdk/aws-lambda-nodejs/parcel/Dockerfile
index 40081228fd554..fe715c72fa8f2 100644
--- a/packages/@aws-cdk/aws-lambda-nodejs/parcel/Dockerfile
+++ b/packages/@aws-cdk/aws-lambda-nodejs/parcel/Dockerfile
@@ -4,7 +4,7 @@ ARG IMAGE=amazon/aws-sam-cli-build-image-nodejs12.x
 FROM $IMAGE
 
 # Install yarn
-RUN npm install --global yarn
+RUN npm install --global yarn@1.22.5
 
 # Install parcel 2 (fix the version since it's still in beta)
 # install at "/" so that node_modules will be in the path for /asset-input
@@ -19,4 +19,7 @@ RUN mkdir /tmp/npm-cache && \
 # Disable npm update notifications
 RUN npm config --global set update-notifier false
 
+# create non root user and change allow execute command for non root user
+RUN /sbin/useradd -u 1000 user && chmod 711 /
+
 CMD [ "parcel" ]
diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts
index dfb8d07b0fb4a..7e0ed9db2fb86 100644
--- a/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts
+++ b/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts
@@ -8,7 +8,7 @@ beforeAll(() => {
 test('parcel is available', async () => {
   const proc = spawnSync('docker', [
     'run', 'parcel',
-    'sh', '-c',
+    'bash', '-c',
     '$(node -p "require.resolve(\'parcel\')") --version',
   ]);
   expect(proc.status).toEqual(0);
@@ -20,7 +20,7 @@ test('parcel is installed without a package-lock.json file', async () => {
   // See https://github.com/aws/aws-cdk/pull/10039#issuecomment-682738396
   const proc = spawnSync('docker', [
     'run', 'parcel',
-    'sh', '-c',
+    'bash', '-c',
     'test ! -f /package-lock.json',
   ]);
   expect(proc.status).toEqual(0);
@@ -30,7 +30,7 @@ test('can npm install with non root user', async () => {
   const proc = spawnSync('docker', [
     'run', '-u', '1000:1000',
     'parcel',
-    'sh', '-c', [
+    'bash', '-c', [
       'mkdir /tmp/test',
       'cd /tmp/test',
       'npm i constructs',
@@ -43,7 +43,7 @@ test('can yarn install with non root user', async () => {
   const proc = spawnSync('docker', [
     'run', '-u', '500:500',
     'parcel',
-    'sh', '-c', [
+    'bash', '-c', [
       'mkdir /tmp/test',
       'cd /tmp/test',
       'yarn add constructs',