# CDK bootstrap ### CDK bootstrap * `cdk bootstrap --show-template > tempalte.yaml` * Inside the generated `template.yaml` add `PermissionBoundary` for all the roles which CDK bootstrap creates, since every role has to have that PermissionBoundary (there should be 5 roles in total) ```yaml Description: This stack includes resources needed to deploy AWS CDK apps into this environment Parameters: PermissionsBoundary: Description: Permissions boundary which sould be applied to every role Default: arn:aws:iam::080839188756:policy/WS-01MI-pol_PlatformUserBoundary Type: String FilePublishingRole: Type: AWS::IAM::Role Properties: PermissionsBoundary: !Ref PermissionsBoundary ``` * `cdk bootstrap 080839188756/eu-west-1 --profile WS-01MI-role_DEVOPS --template template.yaml --public-access-block-configuration false --cloudformation-execution-policies "arn:aws:iam::080839188756:policy/DevOps"` BP Link before bootstrapping: - https://accelerate.bpglobal.com/dac/Create/Technologies/Platforms/AWS/Patterns-AWS/Federated/IAM-deployment https://qj84ikywu9mewytewg4f.eu-west-1.aoss.amazonaws.com/