Managing your Infrastructure as Code provides great benefits and is often a stepping stone for a successful application of DevOps practices. In this way, instead of relying on manually performed steps, both administrators and developers can automate provisioning of compute, storage, network, and application services required by their applications using configuration files.
For example, defining your Infrastructure as Code makes it possible to:
- Keep infrastructure and application code in the same repository
- Make infrastructure changes repeatable and predictable across different environments, AWS accounts, and AWS regions
- Replicate production in a staging environment to enable continuous testing
- Replicate production in a performance test environment that you use just for the time required to run a stress test
- Release infrastructure changes using the same tools as code changes, so that deployments include infrastructure updates
- Apply software development best practices to infrastructure management, such as code reviews, or deploying small changes frequently
Configuration files used to manage your infrastructure are traditionally implemented as YAML or JSON text files, but in this way you’re missing most of the advantages of modern programming languages. Specifically with YAML, it can be very difficult to detect a file truncated while transferring to another system, or a missing line when copying and pasting from one template to another.
Wouldn’t it be better if you could use the expressive power of your favorite programming language to define your cloud infrastructure? For this reason, we introduced last year in developer preview the AWS Cloud Development Kit (CDK), an extensible open-source software development framework to model and provision your cloud infrastructure using familiar programming languages.
I am super excited to share that the AWS CDK for TypeScript and Python is generally available today!
With the AWS CDK you can design, compose, and share your own custom components that incorporate your unique requirements. For example, you can create a component setting up your own standard VPC, with its associated routing and security configurations. Or a standard CI/CD pipeline for your microservices using tools like AWS CodeBuild and CodePipeline.
Personally I really like that by using the AWS CDK, you can build your application, including the infrastructure, in your IDE, using the same programming language and with the support of autocompletion and parameter suggestion that modern IDEs have built in, without having to do a mental switch between one tool, or technology, and another. The AWS CDK makes it really fun to quickly code up your AWS infrastructure, configure it, and tie it together with your application code!
How the AWS CDK works
Everything in the AWS CDK is a construct. You can think of constructs as cloud components that can represent architectures of any complexity: a single resource, such as an S3 bucket or an SNS topic, a static website, or even a complex, multi-stack application that spans multiple AWS accounts and regions. To foster reusability, constructs can include other constructs. You compose constructs together into stacks, that you can deploy into an AWS environment, and apps, a collection of one of more stacks.
How to use the AWS CDK
We continuously add new features based on the feedback of our customers. That means that when creating an AWS resource, you often have to specify many options and dependencies. For example, if you create a VPC you have to think about how many Availability Zones (AZs) to use and how to configure subnets to give private and public access to the resources that will be deployed in the VPC.
To make it easy to define the state of AWS resources, the AWS Construct Library exposes the full richness of many AWS services with sensible defaults that you can customize as needed. In the case above, the VPC construct creates by default public and private subnets for all the AZs in the VPC, using 3 AZs if not specified.
For creating and managing CDK apps, you can use the AWS CDK Command Line Interface (CLI), a command-line tool that requires Node.js and can be installed quickly with:
npm install -g aws-cdk
After that, you can use the CDK CLI with different commands:
cdk initto initialize in the current directory a new CDK project in one of the supported programming languages
cdk synthto print the CloudFormation template for this app
cdk deployto deploy the app in your AWS Account
cdk diffto compare what is in the project files with what has been deployed
cdk to see more of the available commands and options.
You can easily include the CDK CLI in your deployment automation workflow, for example using Jenkins or AWS CodeBuild.
Let’s use the AWS CDK to build two sample projects, using different programming languages.
An example in TypeScript
For the first project I am using TypeScript to define the infrastructure:
cdk init app --language=typescript
Here’s a simplified view of what I want to build, not entering into the details of the public/private subnets in the VPC. There is an online frontend, writing messages in a queue, and an asynchronous backend, consuming messages from the queue:
Inside the stack, the following TypeScript code defines the resources I need, and their relations:
- First I define the VPC and an Amazon ECS cluster in that VPC. By using the defaults provided by the AWS Construct Library, I don’t need to specify any parameter here.
- Then I use an ECS pattern that in a few lines of code sets up an Amazon SQS queue and an ECS service running on AWS Fargate to consume the messages in that queue.
- The ECS pattern library provides higher-level ECS constructs which follow common architectural patterns, such as load balanced services, queue processing, and scheduled tasks.
- A Lambda function has the name of the queue, created by the ECS pattern, passed as an environment variable and is granted permissions to send messages to the queue.
- The code of the Lambda function and the Docker image are passed as assets. Assets allow you to bundle files or directories from your project and use them with Lambda or ECS.
- Finally, an Amazon API Gateway endpoint provides an HTTPS REST interface to the function.
I find this code very readable and easier to maintain than the corresponding JSON or YAML. By the way,
cdk synth in this case outputs more than 800 lines of plain CloudFormation YAML.
An example in Python
For the second project I am using Python:
cdk init app --language=python
I want to build a Lambda function that is executed every 10 minutes:
When you initialize a CDK project in Python, a
virtualenv is set up for you. You can activate the
virtualenv and install your project requirements with:
pip install -r requirements.txt
Note that Python autocompletion may not work with some editors, like Visual Studio Code, if you don’t start the editor from an active
Inside the stack, here’s the Python code defining the Lambda function and the CloudWatch Event rule to invoke the function periodically as target:
Again, this is easy to understand even if you don’t know the details of AWS CDK. For example, durations include the time unit and you don’t have to wonder if they are expressed in seconds, milliseconds, or days. The output of
cdk synth in this case is more than 90 lines of plain CloudFormation YAML.
There is no charge for using the AWS CDK, you pay for the AWS resources that are deployed by the tool.
To quickly get hands-on with the CDK, start with this awesome step-by-step online tutorial!
More examples of CDK projects, using different programming languages, are available in this repository:
You can find more information on writing your own constructs here.
The AWS CDK is open source and we welcome your contribution to make it an even better tool:
Check out our source code on GitHub, start building your infrastructure today using TypeScript or Python, or try different languages in developer preview, such as C# and Java, and give us your feedback!