Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Getting Started: AWS CDK

Getting Started: AWS CDK

In this session, we will take a look at how to use AWS CDK to build out an Amazon VPC and CI/CD pipeline using Amazon CodeBuild/CodePipeline/CodeDeploy. We will work through the chicken and egg problem of how to create you infrastructure that you need for automating your infrastructure creation. The session will cover concepts like stacks, nested stacks and how to build reusable components for your infrastructure.

8db231d3fe08b46242f6e0e45c95eee1?s=128

Darko Mesaros

July 31, 2020
Tweet

Transcript

  1. Getting started with AWS: Cloud Development Kit Darko Meszaros Developer

    Advocate - AWS @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve youtu.be/ruptwelve
  2. © 2020, Amazon Web Services, Inc. or its Affiliates. Where

    do we start?
  3. © 2020, Amazon Web Services, Inc. or its Affiliates. A

    DevOps engineer!
  4. © 2020, Amazon Web Services, Inc. or its Affiliates. Sophia

  5. © 2020, Amazon Web Services, Inc. or its Affiliates. Developer

    Sandbox Dev Pre-Prod Workloads Security Security AWS Organizations Shared Services Network Log Archive Prod Team Shared Services Network Path Sandbox Data Center Orgs: Account management Log Archive: Security logs Security: Security tools, AWS Config rules Shared services: Directory, limit monitoring Network: AWS Direct Connect Dev Sandbox: Experiments, Learning Dev: Development Pre-Prod: Staging Prod: Production Team SS: Team Shared Services, Data Lake Infrastructure Sophia
  6. © 2020, Amazon Web Services, Inc. or its Affiliates.

  7. © 2020, Amazon Web Services, Inc. or its Affiliates. There

    is just one thing.
  8. © 2020, Amazon Web Services, Inc. or its Affiliates.

  9. © 2020, Amazon Web Services, Inc. or its Affiliates.

  10. © 2020, Amazon Web Services, Inc. or its Affiliates. Sophia

  11. © 2020, Amazon Web Services, Inc. or its Affiliates. $(whoami)

    Darko Mesaroš / Darko Meszaros / Дарко Месарош ! → " → # → $ → % Berlin ! @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve
  12. © 2020, Amazon Web Services, Inc. or its Affiliates. What

    is Infrastructure as Code?
  13. © 2020, Amazon Web Services, Inc. or its Affiliates.

  14. © 2020, Amazon Web Services, Inc. or its Affiliates.

  15. © 2020, Amazon Web Services, Inc. or its Affiliates. Infrastructure

    as code ✓ Make infrastructure changes repeatable and predictable ✓ Release infrastructure changes using the same tools as code changes ✓ Replicate production in a staging environment to enable continuous testing
  16. © 2020, Amazon Web Services, Inc. or its Affiliates. Cloud

    Development Kit
  17. © 2020, Amazon Web Services, Inc. or its Affiliates. Shorten

    the learning curve with AWS Cloud Development Kit (CDK) Late 2020 Brings cloud infrastructure to developers in ways the can understand • Build cloud infrastructure with the languages they already know • Use their existing tools and workflows • Helpful abstractions that remove the need to learn the details • Vibrant and fast-growing community of developers
  18. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Cloud Development Kit (AWS CDK) A multi-language development framework for modeling infrastructure as reusable components
  19. © 2020, Amazon Web Services, Inc. or its Affiliates. From

    constructs to the cloud
  20. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CDK main components
  21. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CDK Constructs
  22. © 2020, Amazon Web Services, Inc. or its Affiliates. lib/smart-product-solution-stack.ts

    is where your CDK application’s main stack is defined bin/smart-product-solution.ts: is the entrypoint of the CDK application. It will load the stack defined in lib/smart-product-solution-stack.ts CDK Application - Project Structure lib/smart-product-<feature>.ts is where your solution features are defined as CDK constructs cdk-manifest.json is where we enable or disable feature constructs Amazon Confidential © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  23. © 2020, Amazon Web Services, Inc. or its Affiliates. How

    do we do testing with CDK? • Snapshot tests • Fine-grained assertions • Validation tests npm install --save-dev jest @types/jest @aws-cdk/assert
  24. © 2020, Amazon Web Services, Inc. or its Affiliates. I

    wish these slides had more code.
  25. © 2020, Amazon Web Services, Inc. or its Affiliates.

  26. © 2020, Amazon Web Services, Inc. or its Affiliates. Best

    practices (1/3) • Layer your application to reduce blast radius when updating resources • Use multiple, isolated environments for testing, production, development, staging, etc. • Smaller files are easier to write, test, and troubleshoot Instances, Auto Scaling groups API endpoints, functions Alarms, dashboards VPCs, NAT gateways, VPNs, subnets IAM users, groups, roles, policies Front-end resources Backend services Stateful resources Base network Identity & security Monitoring resources Databases and clusters, queues
  27. © 2020, Amazon Web Services, Inc. or its Affiliates. Best

    practices (2/3) • Parameters and Mappings • Secrets Manager and SSM Parameter store • Do not hardcode sensitive information Resources: MyRDSDB: Type: "AWS::RDS::DBInstance" Properties: DBInstanceClass: db.t2.medium AllocatedStorage: ’20’ Engine: mariadb EngineVersion: ’10.2’ MasterUsername: appadmin MasterUserPassword: ‘{{resolve:ssm-secure:ssbRDSmEcntl:1}}'
  28. © 2020, Amazon Web Services, Inc. or its Affiliates. Best

    practices (3/3) • It’s okay to repeat yourself • Do not engineer a whole new construct/library just so you prevent yourself from typing twice. • Do not overengineer things – this will help you out in the long run
  29. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.
  30. © 2020, Amazon Web Services, Inc. or its Affiliates. awesome-cdk

    • Open CDK Guide opinionated set of tips and best practices • kevinslin/open-cdk • punchcard type-safe AWS infrastructure • punchcard/punchcard • aws-cdk-pure purely functional CDK • fogfish/aws-cdk-pure • cdk-clj a clojure wrapper for the CDK • StediInc/cdk-clj • cdk-components a collection of higher-level cdk constructs • cloudcomponents/cdk-components • CDK GitHub Action • ScottBrenner/aws-cdk-action eladb/awesome-cdk
  31. © 2020, Amazon Web Services, Inc. or its Affiliates. Next

    steps Get started • cdkworkshop.com • aws.amazon.com/cdk • aws.amazon.com/vscode Engage • gitter.im/awslabs/aws-cdk • github.com/aws/aws-cdk • github.com/aws/jsii #cdkdemos
  32. Thank you! © 2020, Amazon Web Services, Inc. or its

    affiliates. All rights reserved. Darko Meszaros Developer Advocate - AWS @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve youtu.be/ruptwelve