slalom/qai-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

optional param to provide CF execution policy

Browse Source
This commit is contained in:
slalom
2026-05-15 10:39:24 -04:00
parent 1bc5052d22
commit 2618b30d40
3 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -84,6 +84,7 @@ qai-cli init --force Overwrite an existing config file
``` ```
qai-cli infra setup Deploy the CDK stack qai-cli infra setup Deploy the CDK stack
qai-cli infra setup --no-bootstrap Deploy without running CDK bootstrap qai-cli infra setup --no-bootstrap Deploy without running CDK bootstrap
qai-cli infra setup --cloudformation-execution-policy <arn> Set CDK bootstrap execution policy ARN
qai-cli infra status Show CDK stack/resource status qai-cli infra status Show CDK stack/resource status
qai-cli infra destroy Destroy stack, retaining S3 data qai-cli infra destroy Destroy stack, retaining S3 data
qai-cli infra destroy --yes Destroy stack without confirmation qai-cli infra destroy --yes Destroy stack without confirmation

6
src/commands/infra.py
View File

@@ -22,6 +22,11 @@ def setup(
"--bootstrap/--no-bootstrap", "--bootstrap/--no-bootstrap",
help="Run CDK bootstrap before deploying the application stack", help="Run CDK bootstrap before deploying the application stack",
), ),
cloudformation_execution_policy: str | None = typer.Option(
None,
"--cloudformation-execution-policy",
help="IAM policy ARN for the CDK bootstrap CloudFormation execution role",
),
) -> None: ) -> None:
"""Create infrastructure with AWS CDK.""" """Create infrastructure with AWS CDK."""
cfg = load_cfg(config) cfg = load_cfg(config)
@@ -46,6 +51,7 @@ def setup(
profile=cfg.aws.profile, profile=cfg.aws.profile,
account_id=account_id, account_id=account_id,
region=cfg.aws.region, region=cfg.aws.region,
cloudformation_execution_policy=cloudformation_execution_policy,
) )
with CONSOLE.status("Running cdk deploy..."): with CONSOLE.status("Running cdk deploy..."):
state = provisioning.deploy( state = provisioning.deploy(

13
src/infra/provisioning.py
View File

@@ -8,8 +8,17 @@ from src.infra.state import state_path, write_infra_state
STACK_NAME = "QaiCliStack" STACK_NAME = "QaiCliStack"
def bootstrap(*, profile: str, account_id: str, region: str) -> None: def bootstrap(
_run(["cdk", "bootstrap", f"aws://{account_id}/{region}", "--profile", profile]) *,
profile: str,
account_id: str,
region: str,
cloudformation_execution_policy: str | None = None,
) -> None:
cmd = ["cdk", "bootstrap", f"aws://{account_id}/{region}", "--profile", profile]
if cloudformation_execution_policy:
cmd.extend(["--cloudformation-execution-policies", cloudformation_execution_policy])
_run(cmd)
def deploy( def deploy(