I currently have a CDK project and accounts with the following structure: Main Account has multiple sub accounts: dev, provision account, etc.
CDK application references these accounts directly. Within the calls themselves they are targeting specific resources within the accounts.
I followed the Localstack tutorials and ran cdklocal bootstrap aws://000000000000/us-east-1. The environment gets initialized but when I run cdklocal deploy. I am receiving a 400 response when the cdk tries to create s3 bucket in the specific sub accounts. I am also receiving an error from an SSM Get-Parameter: Deployment failed: Error: SSM parameter /cdk-bootstrap/foo/version not found. Has the environment been bootstrapped? Please run 'cdk bootstrap' (see https://docs.aws.amazon.com/cdk/latest/guide/bootstrapping.html).
I have multiple questions:
Is the current way our cdk app is architected with the sub-account structure preventing us from using Localstack?
Why am I receiving the SSM error when I have already bootstrapped the project with cdklocal?
Hi @wcrawford,
Thanks for reaching out.
As you have not attached any code I took the liberty to create a simple sample in Python myself to investigate your issue. To address your questions:
No it’s not. You can use CDK with multi-account setups. The following way:
Create trust between accounts, ie in my case I had 000000000000 as main account and 000000000001 and 000000000002 as sub accounts. To create a trust relationship I used the CDK cli at bootstrap the following way (ofc this is not the only solution to do it, but perhaps this is the simplest)
Regarding the SSM error. Can you please verify that you are adding the parameter and not looking it up (Get-Parameter)? In my case this looked like this: