How to restart pod in aws eks when cloudwatch alert triggered

Question

I need to restart pod in aws eks when my cloudwatch alert triggered

Trying to do it using aws lambda in different ways:

1. python, i have code that works local on my pc but in lambda it's not working (got error (403)\nReason: Forbidden\nHTTP response headers: .... pods is forbidden: User \"system:anonymous\" cannot list resource) for authorize i use kubernetes config file

#!/usr/bin/python3.9

import sys
import subprocess

subprocess.call('pip3 install kubernetes -t /tmp/ --no-cache-dir'.split(), stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
sys.path.insert(1, '/tmp/')

import kubernetes.client
from kubernetes import client, config

def lambda_handler(event, context):
    config.load_kube_config("./config")

    v1 = client.CoreV1Api()
    print("Listing pods with their IPs:")
    ret = v1.list_pod_for_all_namespaces(watch=False)
    for i in ret.items:
        print("%s\t%s\t%s" %
              (i.status.pod_ip, i.metadata.namespace, i.metadata.name))

2. lambda-layer-kubectl, i import layer to my lambda function, copy the example but it's not working because missing aws_cdk was trying to install it using subprocess.call but it didn't help and i didn't find normal example how to use it, when i can type kubectl command etc

can some one point the way how to solve my problem ?