Some AWS customers don’t use the CLI, and will not grant an external contractor CLI access. Trying to get access is a waste of time and resources. Do not fear, there is a solution!
Summary
- Create a client-specific staging bucket
- Share the bucket with the client account via the Bucket Policy
- Synth the stack to the staging bucket
- Share template URL with client
- The client can install using the URL in CloudFormation web console with their user credentials
App Staging Bucket Policy
1 | { |
Usage
Install CDK Assets
npm i -D cdk-assets
Customize the stack synthesizer to use your custom staging bucket
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19const app = new cdk.App();
new MyApp(app, 'template', {
someParam: 'someValue',
synthesizer: new DefaultStackSynthesizer({
fileAssetsBucketName: 'app-staging-bucket',
// Use a custom role which has access to the asset bucket
fileAssetPublishingRoleArn: 'my-client-staging-role',
// Consider using a build date or version
bucketPrefix: '2.4.1',
// The client account does not need to be bootstrapped
generateBootstrapVersionRule: false,
}),
});
app.synth();Run
cdk synth
to generate your assets.Modify
cdk.out/template.assets.json
to make the template file name more predictable- find the entry with
sourcePath
=template.template.json
- modify its
objectKey
to something like2.4.1/template.json
- (you should probably write some code to automate this)
- find the entry with
Run
cdk-assets -v -p ./cdk.out/template.assets.json publish
Share your template URL with the client. It will look something like:
https://app-staging-bucket.s3.amazonaws.com/2.4.1/template.json
Client can install the app using the CloudFormation web console.
Simpler Template Output
Not sure what the side effects of these are, but this produces a simpler template with less CDK metadata.
cdk synth --path-metadata false --version-reporting false
cdk.json
1 | { |
Conclusion
This has been very helpful for creating installers that are accessible to non-developers and usable in beginner AWS environments. I hope it saved you some head-scratching!