From 090393e1ed834d87f73c16543506d5d0839c038e Mon Sep 17 00:00:00 2001
From: chefren <chefren@@users.noreply.github.com>
Date: Wed, 4 Aug 2021 10:51:52 +1000
Subject: [PATCH 1/2] Explain correct use of lists in policies parameter

---
 doc_source/bootstrapping.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc_source/bootstrapping.md b/doc_source/bootstrapping.md
index 337f000f..7391588c 100644
--- a/doc_source/bootstrapping.md
+++ b/doc_source/bootstrapping.md
@@ -172,7 +172,7 @@ The following command\-line options, when used with CDK Toolkit's cdk bootstrap,
 + \-\-termination\-protection prevents the bootstrap stack from being deleted \(see [Protecting a stack from being deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html) in the AWS CloudFormation User Guide\)
 
 The following additional switches are available only with the modern bootstrapping template\.
-+ \-\-cloudformation\-execution\-policies specifies the ARNs of managed policies that should be attached to the deployment role assumed by AWS CloudFormation during deployment of your stacks\. At least one policy is required; otherwise, AWS CloudFormation will attempt to deploy without permissions and deployments will fail\.
++ \-\-cloudformation\-execution\-policies specifies the ARNs of managed policies that should be attached to the deployment role assumed by AWS CloudFormation during deployment of your stacks\. At least one policy is required; otherwise, AWS CloudFormation will attempt to deploy without permissions and deployments will fail\. Note that this is passed as a CFN CommaDelimitedList Parameter, so the value must represent a single comma separated list string, eg: `--cloudformation-execution-policies "arn:aws:iam::aws:policy/AWSLambda_FullAccess,arn:aws:iam::aws:policy/AWSCodeDeployFullAccess"`.\. 
 + \-\-trust lists the AWS accounts that may deploy into the environment being bootstrapped\. Use this flag when bootstrapping an environment that a CDK Pipeline in another environment will deploy into\. The account doing the bootstrapping is always trusted\.
 + \-\-trust\-for\-lookup lists the AWS accounts that may look up context information from the environment being bootstrapped\. Use this flag to give accounts permission to synthesize stacks that will be deployed into the environment, without actually giving them permission to deploy those stacks directly\. Accounts specified under \-\-trust are always trusted for context lookup\.
 + \-\-qualifier a string that is added to the names of all resources in the bootstrap stack\. A qualifier lets you avoid name clashes when you provision two bootstrap stacks in the same environment\. The default is `hnb659fds` \(this value has no significance\)\. Changing the qualifier will require changes to your AWS CDK app \(see [Stack synthesizers](#bootstrapping-synthesizers)\)\. 

From 000f1a4fd23dfe39d24b3b80647c325af51ca214 Mon Sep 17 00:00:00 2001
From: chefren <chefren@@users.noreply.github.com>
Date: Wed, 4 Aug 2021 12:42:49 +1000
Subject: [PATCH 2/2] Remove extra dot

---
 doc_source/bootstrapping.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc_source/bootstrapping.md b/doc_source/bootstrapping.md
index 7391588c..5cbcde04 100644
--- a/doc_source/bootstrapping.md
+++ b/doc_source/bootstrapping.md
@@ -172,7 +172,7 @@ The following command\-line options, when used with CDK Toolkit's cdk bootstrap,
 + \-\-termination\-protection prevents the bootstrap stack from being deleted \(see [Protecting a stack from being deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html) in the AWS CloudFormation User Guide\)
 
 The following additional switches are available only with the modern bootstrapping template\.
-+ \-\-cloudformation\-execution\-policies specifies the ARNs of managed policies that should be attached to the deployment role assumed by AWS CloudFormation during deployment of your stacks\. At least one policy is required; otherwise, AWS CloudFormation will attempt to deploy without permissions and deployments will fail\. Note that this is passed as a CFN CommaDelimitedList Parameter, so the value must represent a single comma separated list string, eg: `--cloudformation-execution-policies "arn:aws:iam::aws:policy/AWSLambda_FullAccess,arn:aws:iam::aws:policy/AWSCodeDeployFullAccess"`.\. 
++ \-\-cloudformation\-execution\-policies specifies the ARNs of managed policies that should be attached to the deployment role assumed by AWS CloudFormation during deployment of your stacks\. At least one policy is required; otherwise, AWS CloudFormation will attempt to deploy without permissions and deployments will fail\. Note that this is passed as a CFN CommaDelimitedList Parameter, so the value must represent a single comma separated list string, eg: `--cloudformation-execution-policies "arn:aws:iam::aws:policy/AWSLambda_FullAccess,arn:aws:iam::aws:policy/AWSCodeDeployFullAccess"`\. 
 + \-\-trust lists the AWS accounts that may deploy into the environment being bootstrapped\. Use this flag when bootstrapping an environment that a CDK Pipeline in another environment will deploy into\. The account doing the bootstrapping is always trusted\.
 + \-\-trust\-for\-lookup lists the AWS accounts that may look up context information from the environment being bootstrapped\. Use this flag to give accounts permission to synthesize stacks that will be deployed into the environment, without actually giving them permission to deploy those stacks directly\. Accounts specified under \-\-trust are always trusted for context lookup\.
 + \-\-qualifier a string that is added to the names of all resources in the bootstrap stack\. A qualifier lets you avoid name clashes when you provision two bootstrap stacks in the same environment\. The default is `hnb659fds` \(this value has no significance\)\. Changing the qualifier will require changes to your AWS CDK app \(see [Stack synthesizers](#bootstrapping-synthesizers)\)\.