🐡

AWS CDKで 複数環境にdeployする

2023/01/16に公開

AWS CDKをつかって複数環境にdeployするときは bootstrap時にtrust情報を提供する

cdk bootstrap \
    --cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \
    aws://[account_id]/ap-northeast-1 --trust [base_account_id] --profile [name]
.aws/credentials
[bastion]
aws_access_key_id = xxxxxxxxxxxxxxxxxxx
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

[aws_1]
aws_access_key_id = xxxxxxxxxxxxxxxxxxx
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

[aws_2]
aws_access_key_id = xxxxxxxxxxxxxxxxxxx
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
.aws/config
[profile bastion]
region = ap-northeast-1

[profile aws_1]
region = ap-northeast-1

[profile aws_2]
region = ap-northeast-1

これでCDKのPropsにEnvとして渡せば、一つのCDKから複数環境に適用することができる

&CdkProjectStackProps{
	awscdk.StackProps{
		Env: &awscdk.Environment{
			Account: jsii.String(accountID),
			Region:  jsii.String("ap-northeast-1"),
		},
	},
}

できたー!SwitchRoleのRole設定とかするときに便利

Discussion