Getting started with AWS: Cloud Development Kit Darko Meszaros Developer Advocate - AWS @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve youtu.be/ruptwelve

© 2020, Amazon Web Services, Inc. or its Affiliates. Where do we start?

© 2020, Amazon Web Services, Inc. or its Affiliates. A DevOps engineer!

© 2020, Amazon Web Services, Inc. or its Affiliates. Sophia

© 2020, Amazon Web Services, Inc. or its Affiliates. Developer Sandbox Dev Pre-Prod Workloads Security Security AWS Organizations Shared Services Network Log Archive Prod Team Shared Services Network Path Sandbox Data Center Orgs: Account management Log Archive: Security logs Security: Security tools, AWS Config rules Shared services: Directory, limit monitoring Network: AWS Direct Connect Dev Sandbox: Experiments, Learning Dev: Development Pre-Prod: Staging Prod: Production Team SS: Team Shared Services, Data Lake Infrastructure Sophia

© 2020, Amazon Web Services, Inc. or its Affiliates.

© 2020, Amazon Web Services, Inc. or its Affiliates. There is just one thing.

© 2020, Amazon Web Services, Inc. or its Affiliates.

© 2020, Amazon Web Services, Inc. or its Affiliates.

© 2020, Amazon Web Services, Inc. or its Affiliates. Sophia

© 2020, Amazon Web Services, Inc. or its Affiliates. $(whoami) Darko Mesaroš / Darko Meszaros / Дарко Месарош ! → " → # → $ → % Berlin ! @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve

© 2020, Amazon Web Services, Inc. or its Affiliates. What is Infrastructure as Code?

© 2020, Amazon Web Services, Inc. or its Affiliates.

© 2020, Amazon Web Services, Inc. or its Affiliates.

© 2020, Amazon Web Services, Inc. or its Affiliates. Infrastructure as code ✓ Make infrastructure changes repeatable and predictable ✓ Release infrastructure changes using the same tools as code changes ✓ Replicate production in a staging environment to enable continuous testing

© 2020, Amazon Web Services, Inc. or its Affiliates. Cloud Development Kit

© 2020, Amazon Web Services, Inc. or its Affiliates. Shorten the learning curve with AWS Cloud Development Kit (CDK) Late 2020 Brings cloud infrastructure to developers in ways the can understand • Build cloud infrastructure with the languages they already know • Use their existing tools and workflows • Helpful abstractions that remove the need to learn the details • Vibrant and fast-growing community of developers

© 2020, Amazon Web Services, Inc. or its Affiliates. AWS Cloud Development Kit (AWS CDK) A multi-language development framework for modeling infrastructure as reusable components

© 2020, Amazon Web Services, Inc. or its Affiliates. From constructs to the cloud

© 2020, Amazon Web Services, Inc. or its Affiliates. AWS CDK main components

© 2020, Amazon Web Services, Inc. or its Affiliates. AWS CDK Constructs

© 2020, Amazon Web Services, Inc. or its Affiliates. lib/smart-product-solution-stack.ts is where your CDK application’s main stack is defined bin/smart-product-solution.ts: is the entrypoint of the CDK application. It will load the stack defined in lib/smart-product-solution-stack.ts CDK Application - Project Structure lib/smart-product-.ts is where your solution features are defined as CDK constructs cdk-manifest.json is where we enable or disable feature constructs Amazon Confidential © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

© 2020, Amazon Web Services, Inc. or its Affiliates. How do we do testing with CDK? • Snapshot tests • Fine-grained assertions • Validation tests npm install --save-dev jest @types/jest @aws-cdk/assert

© 2020, Amazon Web Services, Inc. or its Affiliates. I wish these slides had more code.

© 2020, Amazon Web Services, Inc. or its Affiliates.

© 2020, Amazon Web Services, Inc. or its Affiliates. Best practices (1/3) • Layer your application to reduce blast radius when updating resources • Use multiple, isolated environments for testing, production, development, staging, etc. • Smaller files are easier to write, test, and troubleshoot Instances, Auto Scaling groups API endpoints, functions Alarms, dashboards VPCs, NAT gateways, VPNs, subnets IAM users, groups, roles, policies Front-end resources Backend services Stateful resources Base network Identity & security Monitoring resources Databases and clusters, queues

© 2020, Amazon Web Services, Inc. or its Affiliates. Best practices (2/3) • Parameters and Mappings • Secrets Manager and SSM Parameter store • Do not hardcode sensitive information Resources: MyRDSDB: Type: "AWS::RDS::DBInstance" Properties: DBInstanceClass: db.t2.medium AllocatedStorage: ’20’ Engine: mariadb EngineVersion: ’10.2’ MasterUsername: appadmin MasterUserPassword: ‘{{resolve:ssm-secure:ssbRDSmEcntl:1}}'

© 2020, Amazon Web Services, Inc. or its Affiliates. Best practices (3/3) • It’s okay to repeat yourself • Do not engineer a whole new construct/library just so you prevent yourself from typing twice. • Do not overengineer things – this will help you out in the long run

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

© 2020, Amazon Web Services, Inc. or its Affiliates. awesome-cdk • Open CDK Guide opinionated set of tips and best practices • kevinslin/open-cdk • punchcard type-safe AWS infrastructure • punchcard/punchcard • aws-cdk-pure purely functional CDK • fogfish/aws-cdk-pure • cdk-clj a clojure wrapper for the CDK • StediInc/cdk-clj • cdk-components a collection of higher-level cdk constructs • cloudcomponents/cdk-components • CDK GitHub Action • ScottBrenner/aws-cdk-action eladb/awesome-cdk

© 2020, Amazon Web Services, Inc. or its Affiliates. Next steps Get started • cdkworkshop.com • aws.amazon.com/cdk • aws.amazon.com/vscode Engage • gitter.im/awslabs/aws-cdk • github.com/aws/aws-cdk • github.com/aws/jsii #cdkdemos

Thank you! © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved. Darko Meszaros Developer Advocate - AWS @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve youtu.be/ruptwelve