- Update cdk.json and create an alias for your account, eg 'dev'
- Fill out the required fields, such as:
"accounts": {
"dev": {
"account_id": "",
"resource_prefix": "dev",
"vpc": {
"vpc_id_ssm": "/application/vpc",
"subnets": ["subnet-a", "subnet-b", "subnet-c"]
},
"ecr": {
"repository_name": "aar-ecr"
},
"secrets": {
"variables": ["SECRET_KEY"]
},
"route53": {
"hosted_zone_id": "XYZ",
"hosted_zone_name": "example.com",
"domain": "aar.example.com"
}
}
}
- domain: The FQDN of the domain that will be used in ALB rules and added to your Hosted Zone
- vpc_id_ssm: Store the VPC you will use in an SSM parameter
- Run a synth using the following format:
cdk synth -c account_name='dev'
- A Cross account role with
sts:AssumeRole, organizations:ListAccountspermission for the source where this app runs. - Cross account roles that are trusted with ReadOnly permissions for all the accounts in the org.