aws cdk to use non-default profile

Question

I don't want to use my default aws profile and account for cdk development

So I created a new account and a new profile cdkprof using aws configure --profile cdkprof .

I have verified in ~/.aws/credentials and ~/.aws/config files that the new profile created correctly. running export AWS_PROFILE=cdkprof && aws configure list && aws sts get-caller-identity returns me my profile details correctly.

I have also exported

CDK_DEFAULT_REGION,
CDK_DEFAULT_ACCOUNT,
AWS_DEFAULT_REGION,
AWS_PROFILE,
AWS_SECRET_ACCESS_KEY and
AWS_ACCESS_KEY_ID

and these are available as environment variables in bash.

However when I try to run :

$ npx cdk bootstrap --profile cdkprof

I get the error

Unable to resolve AWS account to use. It must be either configured when you define your CDK or through the environment

How do I use my new profile and account with the cdk commands?

Thanks.

I think the aws cli only looks for the /.aws/credentials. You might need to put this into the path where you are running npx. Have not used npx but I do a lot of aws with php and command line. — Robert Saylor, Feb 13 '21 at 13:24
was worth a try. but no luck, adding ~/.aws to path did not work, nor did installing aws-cdk globally and not calling via npx. — bearrider, Feb 13 '21 at 14:11

score 19 · Accepted Answer · answered Feb 15 '21 at 19:36

19

By default, CDK commands will use the default AWS CLI profile. However, you can specify a named profile for a project by adding it to the file which handles CDK commands. For a TypeScript project, this is done in cdk.json at the project root:

{
  "app": "npx ts-node --prefer-ts-exts bin/project.ts",
  "profile": "cdkprof",
  "context": {
    ...
  }
}

Then, your named profile will be used when you run commands such as cdk bootstrap.

answered Feb 15 '21 at 19:36

Alex

236
2
2

6

still don't know why cli isn't picking up my profile, I would prefer not to hardcode profile as I want to share this code. But for now, this approach works enough to get me started. thanks. – bearrider Feb 16 '21 at 09:13

score 0 · Answer 2 · answered Oct 13 '22 at 13:02

0

the profile name in credentials and config file should be the same, for example:

-credentials
[cdk]
aws_access_key_id = xxxxxxx
aws_secret_access_key = xxxxxxx
-config
[cdk]
region = "us-east-1"

answered Oct 13 '22 at 13:02

Hsinling

1

score -3 · Answer 3 · answered Jan 31 '22 at 22:06

-3

This worked for me: cdk bootstrap aws://[ACCOUNT-NUMBER]/[REGION] --profile [YOUR PROFILE]

answered Jan 31 '22 at 22:06

Suhyun Pak

7
2

What version cdk are you using? – Lucasz Sep 26 '22 at 02:53

aws cdk to use non-default profile

3 Answers3