Open SuperThunder opened 3 years ago
Thanks for your feedback. if you didn't modified the provided CDK app (SDLC-organization), it is ok to not require approval since the permissions set is following least privileges principles.
For future updates you can always add CDK snapshot testing and enforce code review which will contains any changes of Cloud Formation and therefore permissions changes.
Makes sense, thank you for the reply and thank you for the excellent guide.
Hello,
At the 'Deploy the pipeline' stage the process fails because of wanting to ask for approval but not having a terminal.
I was able to get around it by following this step to disable approval, but I'm not sure if that keeps to best practice or not.