AWS CDK (Cloud Development Kit) Intro

29 June 2021 - 2 mins read time

What is CDK?

AWS CDK is a way to build infrastructure in AWS using high level programming languages such as python or nodejs. In contrast to the current standard deploy mechanisms which use yaml or json definition files, this allows much greater flexability alongside faster iteration of infrastructure abstractions which greatly reduces the number of configurations developers have to manage.

Why use CDK (through an example)?

One simple example of this is setting IAM permissions for a service running in AWS Lambda.

In this first block we create a dynamodb table.

  table = dynamodb.Table(self, "table", 
      partition_key=dynamodb.Attribute(name="id",type=dynamodb.AttributeType.STRING)
  )

In this second block, we create a lambda function, defining the runtime, the code locaion, and an environment variable with the table name.

  function = aws_lambda.Function(self, "function",
      code=aws_lambda.Code.from_asset(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'lambda-handler')),
      runtime=aws_lambda.Runtime.PYTHON_3_8,
      handler="index.main",
      environment={
          "TABLE": table.table_name
      }
  )

So far, this is more readable than writing the same infrastructure in a traditional definition file such as AWS SAM/Cloudformation.

However, because CDK has higher level constructs that understand concepts such as IAM permissions & relationships between resources, giving permission for the Lambda function to read/write to the dynamodb table is a simple grant statement. This will set the IAM role (if not already defined) & associate the appropriate last privilage policy statement to provide read / write access.

  table.grant_read_write_data(function)

This is the power of CDK. Because it allows AWS engineers to quickly build & iterate on high level constructs, the task of building cohesive infrastructure in AWS is greatly simplified.

Resources

The AWS CDK is continually updating, their github is always a good resource for their latest https://github.com/aws/aws-cdk.

The CDK API reference is also an excelent resource CDK Reference.

Finally, as part of my resume challenge I created an example Python CDK deployment (including Github Actions CD deploy). See this repo at nathanamorin/resume-challenge