AWS CDK - Infrastructure as Code

Transcript

1. AWS CDK Infrastructure as Code

2. Alexander Zeitler CTO + Cloud Solution Architect Vote2Work | @lxztlr

   AWS CDK 2

3. Cloud Deployments • Reliable • Repeatable (Reproducible) • Testable •

   Secure 3 AWS CDK

4. Level 0: Manual Infrastructure Setup 4 AWS CDK

5. Level 0: Manual Infrastructure Setup 5 AWS CDK Error prone

   Not reproducable Time consuming Easy to get started Learn new Services

6. Level 1: Imperative Infrastructure as Code 6 AWS CDK deploy.*

   AWS SDK AWS CLI

7. Level 1: Imperative Infrastructure as Code 7 AWS CDK Error

   Handling (Retry) Infrastructure Updates Readiness Checks Rollback Concurrency

8. Level 1: Imperative Infrastructure as Code 8 AWS CDK Boilerplate

   Coding Time consuming More mature than Manual • Faster • Reproducable (from Scratch)

9. Level 2: Declarative Infrastructure as Code 9 AWS CDK infrastructure.*

   AWS CloudFormation AWS SDK

10. Level 2: Declarative Infrastructure as Code 10 AWS CDK infrastructure.*

11. Level 2: Declarative Infrastructure as Code 11 AWS CDK AWS

    CloudFormation Template HashiCorp Configuration Language Desired State Configuration AWS CloudFormation

12. Level 2: Declarative Infrastructure as Code 12 AWS CDK Syntax

    Lack of Abstractions Chatty Automation Reproducable Handles create vs. update

13. CloudFormation DOM 13 AWS CDK AWS CloudFormation CloudFormation Template Example:

    GoFormation

14. CloudFormation DOM 14 AWS CDK Lack of Abstractions Real Code

    Desired State

15. Maturity Levels of IaC 15 AWS CDK Manual Imperative Declarative

    DOMs 2 1 0 “2+”

16. Level 3: AWS Cloud Development Kit (CDK) 16 AWS CDK

    stack.ts AWS CFN AWS SDK AWS CDK

17. AWS CDK Constructs • Low-Level constructs based on AWS CloudFormation

    • IAM Policy, IAM User, IAM Group, IAM Permission… • S3 Bucket • Route53 HostedZone • AWS Lambda • CloudWatch 17 AWS CDK

18. AWS CDK Stacks 18 AWS CDK Stack(s) Construct Construct AWS

    CloudFormation CloudFormation Template

19. 19 AWS CDK AWS CDK – Supported Platforms

20. AWS CDK - Abstraction 20 AWS CDK

21. AWS CDK 21 AWS CDK Write Code in familiar language

    Create dependent resources with a single line of code Still declarative (CFN), handles create vs. update

22. AWS CDK - Commands 22 AWS CDK • cdk init

    • cdk bootstrap • cdk synth • cdk deploy • cdk destroy

23. Hands on 23 AWS CDK

24. Team/Company Topologies • Infrastructure • Dev • Ops • Billing

    24 AWS CDK

25. CDK Components / Patterns • Opinionated Compositions of CDK Constructs

    • Permissions to deploy a PWA on S3 with route53 CNAME • Add/Remove CNAME in HostedZone • route53:ChangeResourceRecordSets • route53:ListHostedZonesByName • route53:GetHostedZone • route53:GetChange • Create S3 Bucket / Deploy to S3 Bucket 25 AWS CDK

26. 26 AWS CDK IAM Base (Administrators etc.) AWS root Account

    CDK Application / Service CDK Construct Security CI/CD CDK Pattern CDK Construct AWS CDK – Patterns

27. CDK Components / Patterns • Separation of Concerns • Reusable

    across teams / services / applications • “Best practices as Code” (Patterns) • Least privilege • Tested 27 AWS CDK

28. Thanks! 28 AWS CDK

29. Resources Links • CDK Workshop: https://cdkworkshop.com/ • PDMLab CDK Constructs:

    https://www.npmjs.com/package/@pdmlab/cdk-constructs • CDK Patterns: https://cdkpatterns.com/ • Building Cross-platform CDK Constructs: https://www.matthewbonig.com/2020/01/11/creating-constructs/ • CDK constructs on npm: #cdk • CDK Catalog on Twitter: @awscdkio 29 AWS CDK