UNPKG

cdk-assume-role-plugin

Version:

Adds assume role and mfa support to cdk apps

github.com/hupe1980/cdk-multi-profile-plugin

hupe1980/cdk-multi-profile-plugin

66 lines (48 loc) 1.68 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# cdk-assume-role-plugin [![Build Status](https://github.com/hupe1980/cdk-multi-profile-plugin/workflows/Build/badge.svg)](https://github.com/hupe1980/cdk-multi-profile-plugin/workflows/Build/badge.svg) > Adds assume role and mfa support to cdk apps :warning: This is experimental and subject to breaking changes. ## Installation ```bash npm install cdk-assume-role-plugin ``` ## How to use There are two ways to tell cdk to use the plugin. The first way is to include an explicit --plugin option whenever you use a cdk command. ```bash npx cdk deploy --plugin "cdk-assume-role-plugin" *Stack ``` The second way is to add the following entry to the cdk.json file ```javascript // cdk.json { "app": "npx ts-node bin/YOURAPP.ts", "plugin": ["cdk-assume-role-plugin"] } ``` Finally, add the account / profile mapping in the package.json ```javascript // package.json { ... "devDependencies": { "aws-cdk": "^1.15.0", "cdk-assume-role-plugin": "^0.0.1", ... }, ... "cdkAssumeRolePlugin": { "userProfile": "idp", "roles": { "YOUR_ACCOUNT_ID": "YOUR_ROLE_NAME", "YOUR_ACCOUNT_ID": "YOUR_ROLE_NAME" } } } ``` ## Environment Variables The plugin supports the following environment variables: - `AWS_SHARED_CREDENTIALS_FILE` – Specifies the location of the file that the AWS CLI uses to store access keys. The default path is `~/.aws/credentials`). - `IGNORE_CDK_ASSUME_ROLE_PLUGIN=true` - Turn off the plugin. Defaults to `false`. - `CDK_ASSUME_ROLE_PLUGIN_CONFIG` - Specifies the localtion of the global plugin config. Defaults to `~/.cdkassumeroleplugin.json` ## License [MIT](LICENSE)