Working simultaneously with multiple accounts usually requires switching between many credentials or IAM roles. This poses a real risk of accidentally deploying infrastructure to the wrong account.
You can mitigate this risk with the
accountIdsproperty, which lets you define a list of allowed accounts to deploy a stack. It accepts a single account id or a list of account ids.
A single allowed account:
A list of allowed accounts:
accountIdsproperty can be defined in stack and stack group configuration files. If specified in a stack group, the stack group's children and stacks inherit the value. Stack groups and stacks can override the value they have inherited from their parent.
accountIdsproperty must satisfy these requirements:
- Must be a string or a list of strings
- Account ids must be valid AWS account ids