npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

cdk-sso-credential-provider-plugin

v0.0.7

Published

Obtain credentials for each AWS account targeted by your stacks using named SSO profiles.

Downloads

13

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

apancuttapancutt

Keywords

Readme

cdk-sso-credential-provider-plugin

Obtain credentials for each AWS account targeted by your stacks using named SSO profiles.

Allows your CDK app to deploy stacks to any account/region with a named SSO profile.

Installation

yarn add cdk-sso-credential-provider-plugin

Add the plugin to your cdk.json file:

{
  "plugin": [
    "cdk-sso-credential-provider-plugin"
  ]
}

Configure the apps and accounts used in your CDK project in your package.json file:

{
  "ssoCredentialProvider": {
    "acme": {
      "dev": "123",
      "prod": "456"
    }
  }
}

Replace acme with your application name (usually the same name as the .ts file in the ./bin folder), and update the account names and IDs with those of your own.

Profile Name Inference

The profile name is derived by the application name and account name provided in the configuration.

In the example shown above, the CDK will authenticate using the SSO profile name acme-dev for account 123 and acme-prod for account 456.

If you prefer to explicitly provide a profile name then use the following structure instead:

{
  "ssoCredentialProvider": {
    "acme": {
      "dev": {
        "accountId": "11111111",
        "profileName": "my-custom-profile-name"
      },
      "prod": {
        "accountId": "22222222",
        "profileName": "my-other-custom-profile-name"
      }
    }
  }
}

Usage

  1. Ensure that you are logged in to each of the SSO organizations targeted by your CDK project:

    aws sso login --profile YOUR_PROFILE_NAME

  2. Run your cdk commands as normal. You do not need to use the --profile option since the plugin will retrieve credentials when required using the inferred profile names.

Share Configuration With Stacks (Optional)

To keep things DRY, you may want to re-use the configuration used by this plugin in your stack definitions, e.g.

import { App, Stack } from 'aws-cdk-lib';
import pkg from '../package.json';

const app = new App();

// Create a stack in the acme dev account
const stack = new Stack(app, 'AcmeDevStack', {
  env: {
    account: pkg.ssoCredentialProvider.acme.dev,
  },
});

// Add resources to your stack

How it Works

When the CDK encounters an account ID that it does not have credentials for it will ask the plugin to provide them.

Internally, this plugin uses @aws-sdk/credential-provider-sso to obtain credentials from your locally-configured SSO accounts using the profile name derived from the configuration provided in your package.json.

Rationale

While the CDK finally supports SSO credentials when using the --profile option, it does support deploying stacks to multiple accounts using named profiles within a single app.

The cdk-multi-profile-plugin now supports CDK 2 so might be a better solution for you since it works with more than just SSO. A slight benefit to this plugin, however, is how the configuration is structured since it allows you to reference the account configuration by name rather than explicit account ID (e.g. you can do { env: { account: pkg.ssoCredentialProvider.acme.dev } } instead of { env: { account: '11111111' } }.