AWS-CDK 1.150.0 now supports AWS-SSO!

AWS SSO now supported in AWS-CDK v1.150.0

• Overview
  • What is AWS-CDK?
  • AWS SSO
  • AWS-CDK v1.150.0
    • Features
    • Bug Fixes
• Impact
  • Why does it matter?
  • After effect
• Implementation
  • How do I use this new feature?

Overview

As of 03/26/2022 - aws-cdk v1.150 now supports AWS Single Sign On! Let’s walk through the impact, what it fixes and why it’s important.

What is AWS-CDK?

AWS-CDK is an open-source framework that enables you to deploy AWS resources developed in a preferred development language. Check out this AWS documentation out for additional information if you’re new to AWS-CDK.

AWS SSO

AWS SSO (Single Sign On) allows for an organization to integrate with a supported identity provider. Additional information is provided here.

AWS-CDK v1.150.0

What it include?

Features

• cloudformation spec v62.0.0 (#19553) (0352dee)
• appsync: support custom domain mappings (#19368) (8c7a4ac), closes #18040
• autoscaling: support warm pools (#19214) (737e611)
• cfnspec: cloudformation spec v61.0.0 (#19457) (16d7552)
• cli: support SSO (#19454) (eba6052)
• cloudwatch: Additional Properties for Cloudwatch AlarmStatusWidget (#19387) (3c9ea5f), closes #19386
• ec2: add support for x2iezn instances (#19517) (8f6e20e)
• synthetics: add support for puppeteer 3.4 runtime (#19429) (024b890), closes #19382

Bug Fixes

• apigateway: StepFunctionsIntegration does not create required role and responses (#19486) (d59bee9)
• bootstrap: rebootstrap breaks container Functions (#19446) (49ea263), closes #18473
• cli: templates don’t include .gitignore (#19482) (5ce0983)
• core: Aspects from symlinked modules are not applied (#19491) (eaeaed7), closes #18921 #18778 #19390 #18914
• ecr: setting imageScanningConfiguration to false does nothing on existing repository (#18078) (78bc870), closes #18077
• events: cannot have more than one cross-account Rule (#19441) (a257846), closes #12479 #12538
• iam: IAM Policies are too large to deploy (#19114) (3a4fe33), closes #18774 #16350 #18457 #18564 #19276
• lambda: support Lambda’s new Invoke with Qualifier authorization strategy (#19318) (d06b27f), closes #19273
• secretsmanager: secret rotation uses old application versions (#19490) (0c983ad), closes #19487

Impact

Why does it matter?

AWS-CDK v1.* has struggled a bit with integrating with AWS-SSO. In the past, we’ve had to work around the issue - including using scripting to match the profile within ~\.aws\credentials to the aws-cdk profile and aws-cdk stack that we we plan to align with.

After effect

We can now use (once you upgrade as necessary to v1.150.0 aws-cdk and re-bootstrap your account & region as necessary) the following:

--profile example option to specify your AWS SSO configured profile

Implementation

How do I use this new feature?

The below steps will help the process after you’ve configured an AWS SSO profile; learn more here.

1. Authenticate using aws-sso via:

   aws sso login –profile example

2. Utilize the AWS SSO profile by passing the profile name, for example:

   cdk ls –profile example