AWS rolePermissionsBoundary: how to get account ID

robeden · October 15, 2020, 8:58pm

I’m trying to use rolePermissionsBoundary, but I’m not sure how to use it without hardcoding the account ID (because there’s a different boundary in dev/test/prod accounts).

I know you can get the account in CloudFormation pieces with #{AWS::AccountId}, but that doesn’t seem to work in the non-CF portions such as rolePermissionsBoundary. Is there a way to reference the account ID there?

I tried (with and without quotes):

rolePermissionsBoundary: "arn:aws:iam::#{AWS::AccountId}:policy/dev_boundary"

robeden · October 15, 2020, 9:47pm

Got it working with the serverless-pseudo-parameters plugin. That’s not supposed to be required anymore, but using it made it work properly.

Topic		Replies	Views
Passing accountId Serverless Framework aws , lambda , variables , iam	4	1704	July 1, 2021
Getting handle "accountId" in serverless config Serverless Framework aws	16	39247	December 16, 2020
CLI get aws account id Serverless Framework aws , variables	1	2931	October 22, 2018
Wildcarding accountId in serverless.yaml Serverless Framework cloudformation , variables , iam	0	894	January 17, 2019
Getting the account id in an s3 variable Serverless Framework	0	372	September 12, 2020

AWS rolePermissionsBoundary: how to get account ID

Related topics