AWS-CDK 1.150.0 now supports AWS-SSO!

Troy Dieter
Aws
March 27, 2022

Table Of Contents

AWS SSO now supported in AWS-CDK v1.150.0

Overview
Impact
- Why does it matter?
- After effect
Implementation
- How do I use this new feature?

Overview

As of 03/26/2022 - aws-cdk v1.150 now supports AWS Single Sign On! Let’s walk through the impact, what it fixes and why it’s important.

What is AWS-CDK?

AWS-CDK is an open-source framework that enables you to deploy AWS resources developed in a preferred development language. Check out this AWS documentation out for additional information if you’re new to AWS-CDK.

AWS SSO

AWS SSO (Single Sign On) allows for an organization to integrate with a supported identity provider. Additional information is provided here.

AWS-CDK v1.150.0

What it include?

Features

cloudformation spec v62.0.0 (#19553) (0352dee)
appsync: support custom domain mappings (#19368) (8c7a4ac), closes #18040
autoscaling: support warm pools (#19214) (737e611)
cfnspec: cloudformation spec v61.0.0 (#19457) (16d7552)
cli: support SSO (#19454) (eba6052)
cloudwatch: Additional Properties for Cloudwatch AlarmStatusWidget (#19387) (3c9ea5f), closes #19386
ec2: add support for x2iezn instances (#19517) (8f6e20e)
synthetics: add support for puppeteer 3.4 runtime (#19429) (024b890), closes #19382

Bug Fixes

apigateway: StepFunctionsIntegration does not create required role and responses (#19486) (d59bee9)
bootstrap: rebootstrap breaks container Functions (#19446) (49ea263), closes #18473
cli: templates don’t include .gitignore (#19482) (5ce0983)
core: Aspects from symlinked modules are not applied (#19491) (eaeaed7), closes #18921 #18778 #19390 #18914
ecr: setting imageScanningConfiguration to false does nothing on existing repository (#18078) (78bc870), closes #18077
events: cannot have more than one cross-account Rule (#19441) (a257846), closes #12479 #12538
iam: IAM Policies are too large to deploy (#19114) (3a4fe33), closes #18774 #16350 #18457 #18564 #19276
lambda: support Lambda’s new Invoke with Qualifier authorization strategy (#19318) (d06b27f), closes #19273
secretsmanager: secret rotation uses old application versions (#19490) (0c983ad), closes #19487

Impact

Why does it matter?

AWS-CDK v1.* has struggled a bit with integrating with AWS-SSO. In the past, we’ve had to work around the issue - including using scripting to match the profile within ~\.aws\credentials to the aws-cdk profile and aws-cdk stack that we we plan to align with.

After effect

We can now use (once you upgrade as necessary to v1.150.0 aws-cdk and re-bootstrap your account & region as necessary) the following:

--profile example option to specify your AWS SSO configured profile

Implementation

How do I use this new feature?

The below steps will help the process after you’ve configured an AWS SSO profile; learn more here.

Authenticate using aws-sso via:
aws sso login –profile example
Utilize the AWS SSO profile by passing the profile name, for example:
cdk ls –profile example

Tags :

Expand your search using AWS native services to identify, comprehend and securely store documents.

The document debacle Companies continue to fight the battle of the age-old problem: paper documents. Adapting to document modernization to expand the ability to search, catalog and protect HIPAA\PII data is paramount. In this article, we will cover how you can integrate a server-less pipeline within AWS to tackle the document debacle!

Utilize random_shuffle to improve AWS availability zone spread when deploying with Terraform

random_shuffle In my repository, event-driven-msk (shown here) - an Amazon VPC is deployed, along with subnets for private & public. A part of that requires a region selection (defined in your provider.tf file), along with availability zone selection.

Become an AWS Guru using this nifty AWS CLI cheat-sheet!

Install AWS Cli aws https://aws.amazon.com/cli/ Table of Contents EC2 List Instance ID, Type and Name List Instances with Public IP Address and Name List of VPCs and CIDR IP Block List of Subnets for a VPC List of Security Groups Print Security Groups for an Instance Edit Security Groups of an Instance Print Security Group Rules as FromAddress and ToPort Add Rule to Security Group Delete Rule from Security Group Edit Rules of Security Group Delete Security Group S3 List Buckets List Files in a Bucket Create Bucket Delete Bucket Download S3 Object to Local Upload Local File as S3 Object Delete S3 Object Download Bucket to Local Upload Local Directory to Bucket Share S3 Object without Public Access API Gateway List of API Gateway IDs and Names List of API Gateway Keys List API Gateway Domain Names List of Resources for API Gateway Find Lambda for API Gateway Resource ELB List of ELB Hostnames List of ELB ARNs List of ELB Target Group ARNs Find Instances for a Target Group RDS List of DB Clusters List of DB Instances Take DB Instance Snapshot Take DB Cluster Snapshot ElastiCache List of ElastiCache Machine Type and Name List of ElastiCache Replication Groups List of ElastiCache Snapshots Create ElastiCache Snapshot Delete ElastiCache Snapshot Scale Up/Down ElastiCache Replica Lambda List of Lambda Functions, Runtime and Memory List of Lambda Layers List of Source Event for Lambda Download Lambda Code Cloudwatch List of CloudWatch Alarms and Status Create Alarm for EC2 High CPUUtilization Create Alarm for EC2 High StatusCheckFailed_Instance Route53 List Domains List Records for a Domain (Zone) SNS List of SNS Topics List of SNS Topic and related Subscriptions Publish to SNS Topic DynamoDB List of DynamoDB Tables Get All Items from a Table Get Item Count from a Table Get Item using Key Get Specific Fields from an Item Delete Item using Key SQS List Queues Create Queue Count Messages in Queue Send Message Receive Message Delete Message Purge Queue Delete Queue CloudFront List of CloudFront Distributions and Origins Create Cache Invalidation Check Cache Invalidation Status Amplify List of Amplify Apps and Source Repository Cognito List of User Pool IDs and Names List of Phone and Email of All Users IAM User List of UserId and UserName Get Single User Add User Delete User List Access Keys for User Delete Access Key for User Activate/Deactivate Access Key for User Generate New Access Key for User IAM Group List Groups Add/Delete Groups List of Policies and ARNs List of User/Group/Roles for a Policy List Policies for a Group Add Policy to a Group Add User to a Group Remove User from a Group List Users in a Group List Groups for a User Attach/Detach Policy to a Group Pro Tip! If you have multiple AWS Accounts, you can use bash alias like the following. So you no longer need to pass --profile to aws tool.