Getting Started: AWS CDK

Transcript

1. Getting started with AWS: Cloud Development Kit Darko Meszaros Developer

   Advocate - AWS @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve youtu.be/ruptwelve

2. © 2020, Amazon Web Services, Inc. or its Affiliates. Where

   do we start?

3. © 2020, Amazon Web Services, Inc. or its Affiliates. A

   DevOps engineer!

4. © 2020, Amazon Web Services, Inc. or its Affiliates. Sophia

5. © 2020, Amazon Web Services, Inc. or its Affiliates. Developer

   Sandbox Dev Pre-Prod Workloads Security Security AWS Organizations Shared Services Network Log Archive Prod Team Shared Services Network Path Sandbox Data Center Orgs: Account management Log Archive: Security logs Security: Security tools, AWS Config rules Shared services: Directory, limit monitoring Network: AWS Direct Connect Dev Sandbox: Experiments, Learning Dev: Development Pre-Prod: Staging Prod: Production Team SS: Team Shared Services, Data Lake Infrastructure Sophia

6. © 2020, Amazon Web Services, Inc. or its Affiliates.

7. © 2020, Amazon Web Services, Inc. or its Affiliates. There

   is just one thing.

8. © 2020, Amazon Web Services, Inc. or its Affiliates.

9. © 2020, Amazon Web Services, Inc. or its Affiliates.

10. © 2020, Amazon Web Services, Inc. or its Affiliates. Sophia

11. © 2020, Amazon Web Services, Inc. or its Affiliates. $(whoami)

    Darko Mesaroš / Darko Meszaros / Дарко Месарош ! → " → # → $ → % Berlin ! @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve

12. © 2020, Amazon Web Services, Inc. or its Affiliates. What

    is Infrastructure as Code?

13. © 2020, Amazon Web Services, Inc. or its Affiliates.

14. © 2020, Amazon Web Services, Inc. or its Affiliates.

15. © 2020, Amazon Web Services, Inc. or its Affiliates. Infrastructure

    as code ✓ Make infrastructure changes repeatable and predictable ✓ Release infrastructure changes using the same tools as code changes ✓ Replicate production in a staging environment to enable continuous testing

16. © 2020, Amazon Web Services, Inc. or its Affiliates. Cloud

    Development Kit

17. © 2020, Amazon Web Services, Inc. or its Affiliates. Shorten

    the learning curve with AWS Cloud Development Kit (CDK) Late 2020 Brings cloud infrastructure to developers in ways the can understand • Build cloud infrastructure with the languages they already know • Use their existing tools and workflows • Helpful abstractions that remove the need to learn the details • Vibrant and fast-growing community of developers

18. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Cloud Development Kit (AWS CDK) A multi-language development framework for modeling infrastructure as reusable components

19. © 2020, Amazon Web Services, Inc. or its Affiliates. From

    constructs to the cloud

20. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CDK main components

21. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CDK Constructs

22. © 2020, Amazon Web Services, Inc. or its Affiliates. lib/smart-product-solution-stack.ts

    is where your CDK application’s main stack is defined bin/smart-product-solution.ts: is the entrypoint of the CDK application. It will load the stack defined in lib/smart-product-solution-stack.ts CDK Application - Project Structure lib/smart-product-<feature>.ts is where your solution features are defined as CDK constructs cdk-manifest.json is where we enable or disable feature constructs Amazon Confidential © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

23. © 2020, Amazon Web Services, Inc. or its Affiliates. How

    do we do testing with CDK? • Snapshot tests • Fine-grained assertions • Validation tests npm install --save-dev jest @types/jest @aws-cdk/assert

24. © 2020, Amazon Web Services, Inc. or its Affiliates. I

    wish these slides had more code.

25. © 2020, Amazon Web Services, Inc. or its Affiliates.

26. © 2020, Amazon Web Services, Inc. or its Affiliates. Best

    practices (1/3) • Layer your application to reduce blast radius when updating resources • Use multiple, isolated environments for testing, production, development, staging, etc. • Smaller files are easier to write, test, and troubleshoot Instances, Auto Scaling groups API endpoints, functions Alarms, dashboards VPCs, NAT gateways, VPNs, subnets IAM users, groups, roles, policies Front-end resources Backend services Stateful resources Base network Identity & security Monitoring resources Databases and clusters, queues

27. © 2020, Amazon Web Services, Inc. or its Affiliates. Best

    practices (2/3) • Parameters and Mappings • Secrets Manager and SSM Parameter store • Do not hardcode sensitive information Resources: MyRDSDB: Type: "AWS::RDS::DBInstance" Properties: DBInstanceClass: db.t2.medium AllocatedStorage: ’20’ Engine: mariadb EngineVersion: ’10.2’ MasterUsername: appadmin MasterUserPassword: ‘{{resolve:ssm-secure:ssbRDSmEcntl:1}}'

28. © 2020, Amazon Web Services, Inc. or its Affiliates. Best

    practices (3/3) • It’s okay to repeat yourself • Do not engineer a whole new construct/library just so you prevent yourself from typing twice. • Do not overengineer things – this will help you out in the long run

29. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.

30. © 2020, Amazon Web Services, Inc. or its Affiliates. awesome-cdk

    • Open CDK Guide opinionated set of tips and best practices • kevinslin/open-cdk • punchcard type-safe AWS infrastructure • punchcard/punchcard • aws-cdk-pure purely functional CDK • fogfish/aws-cdk-pure • cdk-clj a clojure wrapper for the CDK • StediInc/cdk-clj • cdk-components a collection of higher-level cdk constructs • cloudcomponents/cdk-components • CDK GitHub Action • ScottBrenner/aws-cdk-action eladb/awesome-cdk

31. © 2020, Amazon Web Services, Inc. or its Affiliates. Next

    steps Get started • cdkworkshop.com • aws.amazon.com/cdk • aws.amazon.com/vscode Engage • gitter.im/awslabs/aws-cdk • github.com/aws/aws-cdk • github.com/aws/jsii #cdkdemos

32. Thank you! © 2020, Amazon Web Services, Inc. or its

    affiliates. All rights reserved. Darko Meszaros Developer Advocate - AWS @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve youtu.be/ruptwelve