GlobalConfig / cdkOptionsConfig

AWS CDK options configuration. This lets you customize the operation of the CDK within LZA, specifically:

centralizeBuckets: Enabling this option modifies the CDK bootstrap process to utilize a single S3 bucket per region located in the management account for CDK assets generated by LZA. Otherwise, CDK will create a new S3 bucket in every account and every region supported by LZA. useManagementAccessRole: Enabling this option modifies CDK operations to use the IAM role specified in the managementAccountAccessRole option in global-config.yaml rather than the default roles created by CDK. Default CDK roles will still be created, but will remain unused. Any stacks previously deployed by LZA will retain their associated execution role. For more information on these roles, please see here.

Example

cdkOptions:
centralizeBuckets: true
useManagementAccessRole: true

Hierarchy

  • cdkOptionsConfig

Implements

Constructors

Properties

centralizeBuckets: true = true

Indicates whether CDK stacks in workload accounts will utilize S3 buckets in the management account rather than within the account.

When the accelerator deploys resources using the AWS CDK, assets are first built and stored in S3. By default, the S3 bucket is located within the deployment target account.

customDeploymentRole: undefined = undefined

Creates a deployment role in all accounts in the home region with the name specified in the parameter. This role is used by the LZA for all CDK deployment tasks.

forceBootstrap: undefined = undefined

Forces the Accelerator to deploy the bootstrapping stack and circumvent the ssm parameter check. This option is needed when adding or removing a custom deployment role

skipStaticValidation: undefined = undefined

Determines if the LZA pipeline will skip the static config validation step during the pipeline's Build phase. This can be helpful in cases where the config-validator incorrectly throws errors for a valid configuration.

useManagementAccessRole: true = true

Indicates whether CDK operations use the IAM role specified in the managementAccountAccessRole option in global-config.yaml rather than the default roles created by CDK.

The roles created and leveraged by CDK by default can be found here.

Generated using TypeDoc