re add cdk-sso-sync since not fixed by 1.74 (waiting for aws/aws-cdk#…

…5455 to be closed)
aws-samples · Nov 25, 2020 · bea963f · bea963f
1 parent 8884fbf
commit bea963f
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 2 deletions.
diff --git a/source/1-SDLC-organization/README.md b/source/1-SDLC-organization/README.md
@@ -570,6 +570,26 @@ aws sso login --profile dev
 
 **Now you can interact with your different AWS Accounts using AWS CLI**
 
+#### CDK and SSO
+
+CDK and AWS SSO are not yet friends (see github issue [5455](https://github.com/aws/aws-cdk/issues/5455)). So since in the future we will have to deploy infrastructure as code apps into multiple environment, we  will need to make it work.
+
+There is several workaround and here is one using a quick utility written in nodejs called "cdk-sso-sync":
+
+```
+npm install -g cdk-sso-sync
+```
+
+Then simply run
+```
+aws sso login --profile dev
+cdk-sso-sync dev
+```
+
+This will simply extract the credentials you got from the `aws sso login` command and sync them with the CDK credentials source (`~/.aws/credentials`).
+
+**Now you can deploy CDK apps in your different AWS Accounts using CDK CLI**
+
 
 ### Leverage AWS IDE Toolkits
 
@@ -597,4 +617,4 @@ At the time of writting, we support the following IDEs:
 
 Start coding and deploy your first website by jumping to the [landing page app example](../2-landing-page/README.md).
 
-</details>
+</details>
diff --git a/source/3-landing-page-cicd/README.md b/source/3-landing-page-cicd/README.md
@@ -127,6 +127,12 @@ Right now, the *Developer* user that you are using has no access to the CICD acc
 
     ![A shell interface with the aws configure sso --profile cicd command running](../../doc/landing-page-with-cicd-add-to-devopsengineers-group-17.png)
 
+1. Execute `npm install -g cdk-sso-sync`
+
+    > Right now the cdk cli is not SSO friendly so we use a small command line tool to synchronize SSO credential with standard aws cli credential so that cdk can use a SSO profile
+
+1. Execute `cdk-sso-sync cicd`
+
 </details>
 
 ### Step 2 - Customize the input parameters
@@ -274,4 +280,4 @@ cdk destroy --profile cicd
 * If you get an error 400 message as a detailed error message when CodeBuild fails, please check you have properly modify your cdk.json file
 * If you get an error message stating *Cannot have more thant 1 builds in queue for the account* as a detailed error message when CodeBuild fails, please retry the step in CodePipeline. You get this error because your AWS account is new. After a few retry, the limit will automatically increase.
 
-</details>
+</details>