Platform Stack
Overview
The Platform infrastructure is defined in cloudformation templates in the ./infrastructure/platform folder. This stack creates all the key infrastructure needed to run the platform in a given AWS account.
The stack is created / maintained via GitHub workflows and currently defined 4 environments (dev, uat, sandbox & prod), each environment is deployed to an independent AWS account.
To Setup a New Account / Environment
The first step is to bootstrap the AWS SAM pipeline, this command creates a stack in the specified account called aws-sam-cli-managed-sandbox-pipeline-resources which contains a set of resources needed to deploy to AWS via the SAM in our CI/CD system
Pre-requisites
To bootstrap an account first install the AWS SAM CLI if you haven't already
https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/install-sam-cli.html
Ensure you have followed the IAM set up steps in the documentation so you have all the account level credentials set up on your local PC
If you are creating a new environment you would need to set up the sub account in AWS and the credentials for the account in your local AWS credentials.
Bootstrapping SAM
Run the boostrapper, the only option you need is the user account that we authenticate with in the GitHub workflows, this user lives in the dev account and needs to have permission to assume the pipeline execution roles in the other environment accounts
sam pipeline bootstrap --pipeline-user arn:aws:iam::527132486578:user/aws-sam-cli-managed-dev-pipeline-reso-PipelineUser-A5QERUI2LBWP
When prompted for a stage this should be the name of the environment we're deploying to dev, uat, sandbox or prod
All other options should be self explanatory
CDK Bootstrap
We should also bootstrap the AWS CDK, see the Cognito Setup documentation for details here