{"id":18263836,"url":"https://github.com/eidorb/aws","last_synced_at":"2025-08-28T17:30:10.058Z","repository":{"id":146631753,"uuid":"338980553","full_name":"eidorb/aws","owner":"eidorb","description":"AWS accounts as code.","archived":false,"fork":false,"pushed_at":"2024-11-21T12:16:17.000Z","size":56,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-11-21T13:24:39.288Z","etag":null,"topics":["aws-cdk"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eidorb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-02-15T05:53:52.000Z","updated_at":"2024-11-21T12:16:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"216fcdbb-3d3e-40e7-ae1b-ea76691633e3","html_url":"https://github.com/eidorb/aws","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidorb%2Faws","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidorb%2Faws/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidorb%2Faws/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eidorb%2Faws/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eidorb","download_url":"https://codeload.github.com/eidorb/aws/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230845676,"owners_count":18289042,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws-cdk"],"created_at":"2024-11-05T11:12:52.956Z","updated_at":"2024-12-22T15:12:45.589Z","avatar_url":"https://github.com/eidorb.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aws\n\nAWS accounts as code.\n\n\n# Getting started\n\nSet up a local development environment.\n\nAssuming [`micromamba`](https://mamba.readthedocs.io/en/latest/installation.html#micromamba) is installed, create a Mamba environment named `aws` defined in `environment.yml`:\n\n    micromamba create --file environment.yml --yes\n\nThis creates a Mamba environment with the programs required to build and deploy the project.\n\nNext, install Node.js package dependencies (defined in `package-lock.json`):\n\n    micromamba run --name aws npm ci\n\nAssuming [Poetry](https://python-poetry.org/docs/master/#installing-with-the-official-installer) is installed, install Python package dependencies (defined in `poetry.lock`):\n\n    micromamba run --name aws poetry install\n\nActivate the `aws` environment to run programs without having to prefix them with `micromamba run --name aws ...`:\n\n    micromamba activate aws\n    which python\n\n\n# Bootstrapping\n\n## Bootstrap AWS CDK\n\nBefore using CDK to deploy to an AWS account and region, we must first [bootstrap it](https://docs.aws.amazon.com/cdk/v2/guide/bootstrapping.html). This provisions resources used by AWS CDK during deployment.\n\nInitially, we have an AWS account with only a root user. Therefore, the first CDK bootstrap must done using root credentials. Assuming credentials are managed with an [AWS Vault](https://github.com/99designs/aws-vault) profile named `root`, and a default account and region have been configured, run the following:\n\n    micromamba activate aws\n    aws-vault exec root -- npx cdk bootstrap\n\n\n## Bootstrap automatic deployment\n\nThis project's CDK stack defines a GitHub OIDC identity provider. The role assumed by this identity provider must be created before it can be referenced in this project's CI/CD pipeline. Deploy the CDK stack manually:\n\n    aws-vault exec root -- npx cdk deploy\n\nThis created a an IAM role assumed by the GitHub OIDC identity provider. Find its ARN:\n\n    aws-vault exec root -- aws iam list-roles\n\nConfigure the role's ARN in the `aws-actions/configure-aws-credentials` task in the workflow.\n\n\n# SSO\n\nThe CDK stack assigns administrator access to a group in SSO. AWS SSO (and AWS Organizations too) must be enabled from the console. The AWS SSO built-in identity source can be used to manage users and groups.\n\n## How-to guides\n\n### How to upgrade Node.js\n\nPin the `nodejs` dependency in [environment.yml](environment.yml) to the active LTS version listed on [this page](https://nodejs.org/en/about/previous-releases).\n\n\n### How to upgrade AWS CDK Toolkit\n\nActivate the `aws` Mamba environment and install the latest version of AWS CDK Toolkit with the following commands:\n\n```bash\nmicromamba activate aws\nnpm install aws-cdk\n```\n\n\n### How to upgrade AWS Construct Library\n\nActivate the `aws` Mamba environment and update the version of AWS Construct Library (`aws-cdk-lib`) with the following commands:\n\n```bash\nmicromamba activate aws\npoetry update aws-cdk-lib\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feidorb%2Faws","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feidorb%2Faws","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feidorb%2Faws/lists"}