This repository is intended to demonstrate the basic process of developing Infrastructure as Code (short for IaC) on the AWS platform by using CDK (Construct Development Kit). AWS CDK can be written in many programming languages, including:
PythonHowever in this example we’ll be mainly using Python for that matter.
Before going to the fun stuff of writing code, we’ll need to make sure we have the necessary dependencies on our local machine, in order for us to fully integrate CDK into our infrastructure.
| Package | Version | Link |
|---|---|---|
| AWS profile | - | link |
| Node js | >=14.0.0 | link |
| Python | >=3.7.0 | link |
| AWS CLI | v2 | link |
In order for us to deploy any resources to our AWS profile, our local machine needs to authenticate and authorize to AWS. There are 2 approaches to tackle that:
AWS SSO Prerequisite: your account needs to have IAM Identity Center enabled
Creating a new user for programmatic access
Prerequisite: you need to have iam:CreateUser permission in your account, if you simply only have root (admin) account, then you have more than enough access to satisfy this requirement
Open a terminal and type:
aws configure sso
Follow the command prompts - at the very end the CLI would ask you to authorize the AWS connection by opening a window browser, please verify this part also.
Once you have installed the dependencies, listed above, open a terminal window and type the following command:
Open the AWS management console and in the search bar type iam on the search bar like in here
Next go to the users options, create a new user. Enter a username. Type a user friendly name.
Click create. Now you should see the newly created user. Click on the user, scroll on the Security credentials and at the bottom you’ll see Create access key. Next you’ll have a window for Access keys best practices & alternatives. Click on the Third-party service and that you confirm the action by clicking on the checkbox.
Add a description value, for example access-keys-for-cdk, and copy the access keys and secret access key to either manually (at ~/.aws/credentials) or by running aws configure.
Next you need to install the aws-cdk globally on your system by using npm package:
npm install -g aws-cdk
Verify the installation by running:
cdk --version
If the output looks something like 2.X.X (build d111111), then the installation was successful.
Next you’d need to verify if you have an active session with your AWS profile by running:
aws sts get-caller-identity
If you have a valid connection, it should output something like: account id | IAM identity | account id
Next we need now to setup a local project (you can also connect the project to a remote VCS of your choice). Start by creating an empty directory:
mkdir cdk-python
Note: the name of the root directory (in this case cdk-python) would actually inherit the same name as the Cloudformation template when you get at the deploy stage
Now initialize a CDK app by running:
cdk init app --language python
In the cdk init command it fortunately created for us a virtual environment for us to use it. Let’s activate it and install the needed dependencies, listed in the requirements.txt file!:
source .venv/bin/activate
pip install --upgrade pip && pip install pip-tools
pip-compile --output-file=requirements.txt requirements.in
python -m pip install -r requirements.txt
To verify that the CDK is able to recognize the default created stack, run:
cdk ls
If you see an output of the name of your directory like in my example being: AwsPythonCdkCodeExampleStack, then you can proceed to the next step!
Now let’s add another stack, that essentially creates us a simple S3 bucket. create a new directory stacks and let’s name it S3.Sample.py
mkdir stacks
touch S3Sample.py
You can paste the following sample code into the .py file:
import aws_cdk as cdk
import aws_cdk.aws_s3 as s3
class S3Sample(cdk.Stack):
def __init__(self, scope: cdk.App, construct_id: str, **kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
bucket = s3.Bucket(self, "MyFirstBucket", versioned=False)
You can add this stack to that app.py file for the cdk to fetch the stack and deploy it to your AWS environment.
Put this following code snippet at the app.py file, right after the AwsPythonCdkCodeExampleStack stack definition:
S3Sample(app, "S3Sample")
app.synth()
alright now let’s synthesize our AWS Cloudformation template by running:
Note: Ensure that in the terminal you are located on the root of the project, since the CDK Toolkit (e.g CLI) will try to fetch all of the configuration files in that directory structure order.
cdk synth
If you see a message like:
Supply a stack id (AwsPythonCdkCodeExampleStack, S3Sample) to display its template.
Then you have successfully converted your python cdk code into Cloudformation template. You can find it under cdk.out directory
Hold on! Before deploying we need to bootstrap our app. The bootstrapping process involves by deploying a CDKToolkit template into your AWS account, which would at the end manage and provision your stacks on the cloud.
Replace the ACCOUNT-NUMBER and REGION with your value
cdk bootstrap aws://ACCOUNT-NUMBER/REGION
Finally deploy the templates into your AWS env:
cdk deploy S3Sample
If everything is deployed successfully, then in the terminal you should see
Stack ARN:
arn:aws:cloudformation:REGION:ACCOUNT-NUMBER:...
Congrats, you now know how to use CDK !
Now we can easily destroy our newly created CloudFormation stack simply by running:
cdk destroy S3Sample
If you want to learn more about creating good readme files then refer the following guidelines. You can also seek inspiration from the below readme files: