CDK Components

Transcript

1. CDK Components Alexander Zeitler

2. Alexander Zeitler CEO / Cloud Solution Architect at PDMLab https://pdmlab.com

   [email protected] @lxztlr CDK Components 2

3. Cloud Deployments • Reliable • Repeatable • Testable • Secure

   3 CDK Components

4. AWS CDK Constructs • Low-Level constructs based on AWS CloudFormation

   • IAM Policy, IAM User, IAM Group, IAM Permission… • S3 Bucket • Route53 HostedZone • AWS Lambda • CloudWatch 4 CDK Components

5. Team/Company Topologies • Infra • Dev • Ops • Billing

   5 CDK Components

6. CDK Components • Opinionated Compositions of CDK Constructs • Permissions

   to deploy a PWA on S3 with route53 CNAME • Add/Remove CNAME in HostedZone • route53:ChangeResourceRecordSets • route53:ListHostedZonesByName • route53:GetHostedZone • route53:GetChange • Create S3 Bucket / Deploy to S3 Bucket 6 CDK Components

7. 7 CDK Components IAM Base (Administrators etc.) AWS root Account

   Application / Service CDK Component Security CI/CD CDK Component CDK Component

8. CDK Components • Separation of Concerns • Reusable across teams

   / services / applications • “Best practices as Code” (Patterns) • Least privilege • Tested 8 CDK Components

9. Thanks! 9 CDK Components

10. Resources Links • PDMLab CDK Constructs: https://www.npmjs.com/package/@pdmlab/cdk-constructs 10 CDK Components