app.py example of how my stacks are defined (with some information changed as you can imagine)

Stack1(app, "Stack1",env=cdk.Environment(account='123456789', region='eu-west-1'))

In my azure pipeline I'm trying to do a cdk deploy

- task: AWSShellScript@1
  inputs:
    awsCredentials: 'Service_connection_name'
    regionName: 'eu-west-1'
    scriptType: 'inline'
    inlineScript: |
    sudo bash -c "cdk deploy '*' -v --ci --require-approval-never"
  displayName: "Deploying CDK stacks"

but getting errors. I have the service connection to AWS configured, but the first error was

[Stack_Name] failed: Error: Need to perform AWS calls for account [Account_number], but no credentials have been configured

Stack_Name and Account_Number have been redacted

After this error, I decided to add a step to my pipeline and manually create the files .aws/config and .aws/credentials

- script: |
    echo "Preparing for CDK"
    echo "Creating directory"
    sudo bash -c "mkdir -p ~/.aws"
    echo "Writing to files"
    sudo bash -c "echo -e '[default]\nregion = $AWS_REGION\noutput = json' > ~/.aws/config"
    sudo bash -c "echo -e '[default]\naws_access_key_id = $AWS_ACCESS_KEY_ID\naws_secret_access_key = $AWS_SECRET_ACCESS_KEY' > ~/.aws/credentials"
  displayName: "Setting up files for CDK"

After this I believed the credentials would be fixed but it still failed. The verbose option revealed the following error amongst the output:

Setting "CDK_DEFAULT_REGION" environment variable to

So instead of setting the region to "eu-west-1" it is being set to nothing

I imagine I'm missing something, so please, educate me and help me get this working

CodePudding user response：

This happens because you're launching separate instances of a shell with sudo bash, and they don't share the credential environment variables that the AWSShellScript task is populating.

To fix the credentials issue, replace the inline script with just cdk deploy '*' -v --ci --require-approval never