AWS CDK stands for AWS Cloud Development Kit. It allows us to create and provision AWS infrastructure deployments using programming languages. Currently it supports TypeScript, Java, .Net and Python.
It's been a while and I finally got some time to play with AWS CDK.
Go to IAM, create a user called cdk-user with AWS Management Console access
Grant AdministratorAccess to cdk-user
Go to AWS Cloud 9 and create a new environment
Note: AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser.
Leave Step 2 as default,
Grab a coffee while waiting for AWS Cloud 9 initialization
Install aws-cdk
Let's init a sample app provided by AWS
cdk init sample-app --language pythonOops..Got the first error
`cdk init` cannot be run in a non-empty directory!By default, AWS Cloud9 workspace comes with a README.md. Let's remove it
rm README.mdIf you are not using AWS Cloud9, you may need to activate the virtualenv providing a self-contained, isolated environment to run our Python code without polluting your system Python.
source .env/bin/activateInstall the required python module from a file called requirements.txt
pip install -r requirements.txtThe project structure should look like this
This sample app will create the following resources
- SQS Queue
- SQS QueuePolicy
- SNS Topic
- SNS Subscription
- S3 Bucket x 4
- IAM User
The entry point is app.py. It creates two stacks, namely hello-cdk-1 and hello-cdk-2 in us-east-2 and us-west-2 respectively.
#!/usr/bin/env python3
from aws_cdk import core
from hello.hello_stack import MyStack
app = core.App()
MyStack(app, "hello-cdk-1", env={'region': 'us-east-2'})
MyStack(app, "hello-cdk-2", env={'region': 'us-west-2'})
app.synth()Import the required packages.
Note: For more, you can check the latest API doc here
from aws_cdk import (
aws_iam as iam,
aws_sqs as sqs,
aws_sns as sns,
aws_sns_subscriptions as subs,
core
)Create a SQS Queue
queue = sqs.Queue(
self, "MyFirstQueue",
visibility_timeout=core.Duration.seconds(300),
)Create a SNS Topic
topic = sns.Topic(
self, "MyFirstTopic",
display_name="My First Topic"
)Subscribe the queue to receive any messages published to the topic
topic.add_subscription(subs.SqsSubscription(queue))HelloConstruct is a custom construct that we defined in our app and it creates four buckets in this stack.
hello = HelloConstruct(self, "MyHelloConstruct", num_buckets=4)hello/hello_stack.py
from aws_cdk import (
aws_iam as iam,
aws_s3 as s3,
core,
)
class HelloConstruct(core.Construct):
@property
def buckets(self):
return tuple(self._buckets)
def __init__(self, scope: core.Construct, id: str, num_buckets: int) -> None:
super().__init__(scope, id)
self._buckets = []
for i in range(0, num_buckets):
self._buckets.append(s3.Bucket(self, f"Bucket-{i}"))
def grant_read(self, principal: iam.IPrincipal):
for b in self.buckets:
b.grant_read(principal, "*")Create a user and grant the read permission for the user
user = iam.User(self, "MyUser")
hello.grant_read(user)When we run the CDK app, an AWS CloudFormation template for each stack will be generated. It is called synthesize in CDK parlance. To synthesize the app, use cdk synth with the application name.
cdk synth hello-cdk-1A cfn template will be generated
Resources:
MyFirstQueueFF09316A:
Type: AWS::SQS::Queue
Properties:
VisibilityTimeout: 300
Metadata:
aws:cdk:path: hello-cdk-1/MyFirstQueue/Resource
MyFirstQueuePolicy596EEC78:
Type: AWS::SQS::QueuePolicy
Properties:
PolicyDocument:
Statement:
- Action: sqs:SendMessage
Condition:
ArnEquals:
aws:SourceArn:
Ref: MyFirstTopic0ED1F8A4
Effect: Allow
Principal:
Service: sns.amazonaws.com
Resource:
Fn::GetAtt:
- MyFirstQueueFF09316A
- Arn
Version: "2012-10-17"
Queues:
- Ref: MyFirstQueueFF09316A
Metadata:
aws:cdk:path: hello-cdk-1/MyFirstQueue/Policy/Resource
MyFirstQueuehellocdk1MyFirstTopicB252874C505090E8:
Type: AWS::SNS::Subscription
Properties:
Protocol: sqs
TopicArn:
Ref: MyFirstTopic0ED1F8A4
Endpoint:
Fn::GetAtt:
- MyFirstQueueFF09316A
- Arn
Metadata:
aws:cdk:path: hello-cdk-1/MyFirstQueue/hellocdk1MyFirstTopicB252874C/Resource
MyFirstTopic0ED1F8A4:
Type: AWS::SNS::Topic
Properties:
DisplayName: My First Topic
Metadata:
aws:cdk:path: hello-cdk-1/MyFirstTopic/Resource
MyHelloConstructBucket0DAEC57E1:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Metadata:
aws:cdk:path: hello-cdk-1/MyHelloConstruct/Bucket-0/Resource
MyHelloConstructBucket18D9883BE:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Metadata:
aws:cdk:path: hello-cdk-1/MyHelloConstruct/Bucket-1/Resource
MyHelloConstructBucket2C1DA3656:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Metadata:
aws:cdk:path: hello-cdk-1/MyHelloConstruct/Bucket-2/Resource
MyHelloConstructBucket398A5DE67:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Metadata:
aws:cdk:path: hello-cdk-1/MyHelloConstruct/Bucket-3/Resource
MyUserDC45028B:
Type: AWS::IAM::User
Metadata:
aws:cdk:path: hello-cdk-1/MyUser/Resource
MyUserDefaultPolicy7B897426:
Type: AWS::IAM::Policy
Properties:
PolicyDocument:
Statement:
- Action:
- s3:GetObject*
- s3:GetBucket*
- s3:List*
Effect: Allow
Resource:
- Fn::GetAtt:
- MyHelloConstructBucket0DAEC57E1
- Arn
- Fn::Join:
- ""
- - Fn::GetAtt:
- MyHelloConstructBucket0DAEC57E1
- Arn
- /*
- Action:
- s3:GetObject*
- s3:GetBucket*
- s3:List*
Effect: Allow
Resource:
- Fn::GetAtt:
- MyHelloConstructBucket18D9883BE
- Arn
- Fn::Join:
- ""
- - Fn::GetAtt:
- MyHelloConstructBucket18D9883BE
- Arn
- /*
- Action:
- s3:GetObject*
- s3:GetBucket*
- s3:List*
Effect: Allow
Resource:
- Fn::GetAtt:
- MyHelloConstructBucket2C1DA3656
- Arn
- Fn::Join:
- ""
- - Fn::GetAtt:
- MyHelloConstructBucket2C1DA3656
- Arn
- /*
- Action:
- s3:GetObject*
- s3:GetBucket*
- s3:List*
Effect: Allow
Resource:
- Fn::GetAtt:
- MyHelloConstructBucket398A5DE67
- Arn
- Fn::Join:
- ""
- - Fn::GetAtt:
- MyHelloConstructBucket398A5DE67
- Arn
- /*
Version: "2012-10-17"
PolicyName: MyUserDefaultPolicy7B897426
Users:
- Ref: MyUserDC45028B
Metadata:
aws:cdk:path: hello-cdk-1/MyUser/DefaultPolicy/Resource
CDKMetadata:
Type: AWS::CDK::Metadata
Properties:
Modules: aws-cdk=1.16.3,@aws-cdk/assets=1.16.3,@aws-cdk/aws-cloudwatch=1.16.3,@aws-cdk/aws-ec2=1.16.3,@aws-cdk/aws-events=1.16.3,@aws-cdk/aws-iam=1.16.3,@aws-cdk/aws-kms=1.16.3,@aws-cdk/aws-lambda=1.16.3,@aws-cdk/aws-logs=1.16.3,@aws-cdk/aws-s3=1.16.3,@aws-cdk/aws-s3-assets=1.16.3,@aws-cdk/aws-sns=1.16.3,@aws-cdk/aws-sns-subscriptions=1.16.3,@aws-cdk/aws-sqs=1.16.3,@aws-cdk/aws-ssm=1.16.3,@aws-cdk/core=1.16.3,@aws-cdk/cx-api=1.16.3,@aws-cdk/region-info=1.16.3,jsii-runtime=Python/3.6.8Before the first deployment, we need to bootstrap the stack.
cdk bootstrapIt will look like this
Bootstrapping environment aws://999999999999/us-east-2...
Bootstrapping environment aws://999999999999/us-west-2...
CDKToolkit: creating CloudFormation changeset...
CDKToolkit: creating CloudFormation changeset...
0/2 | 3:37:20 AM | CREATE_IN_PROGRESS | AWS::S3::Bucket | StagingBucket
0/2 | 3:37:21 AM | CREATE_IN_PROGRESS | AWS::S3::Bucket | StagingBucket Resource creation Initiated
0/2 | 3:37:20 AM | CREATE_IN_PROGRESS | AWS::S3::Bucket | StagingBucket
0/2 | 3:37:20 AM | CREATE_IN_PROGRESS | AWS::S3::Bucket | StagingBucket Resource creation Initiated
1/2 | 3:37:42 AM | CREATE_COMPLETE | AWS::S3::Bucket | StagingBucket
2/2 | 3:37:44 AM | CREATE_COMPLETE | AWS::CloudFormation::Stack | CDKToolkit
Environment aws://999999999999/us-west-2 bootstrapped.
1/2 | 3:37:42 AM | CREATE_COMPLETE | AWS::S3::Bucket | StagingBucket
2/2 | 3:37:43 AM | CREATE_COMPLETE | AWS::CloudFormation::Stack | CDKToolkit
Environment aws://999999999999/us-east-2 bootstrapped.Then we can use cdk deploy to deploy our CDK app
It shows some warnings here. Enter y to continue. The output shows the resources have been created.
Let's go to CloudFormation Console. We are able to see the stack we just created
Under the region, the following resources have been provisioned.
1 SQS queue
1 SNS Topic
1 Subscribion
1 User
4 Buckets
Let's try something different. Remove all the code from the simple app.
from aws_cdk import (
core,
)
class MyStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# TODOBy running cdk diff, we can see the differences between the current app and the deployed one.
Run cdk deploy again to delete resources
Add the following to requirements.txt
aws-cdk.aws-events
aws-cdk.aws-events-targets
aws-cdk.aws-lambda
aws-cdk.coreInstall the required packages from requirements.txt
pip install -r requirements.txtCreate a folder called lambda and create a file called handler.py inside this folder
def handler(event, context):
return {
'statusCode': 200,
'headers': {
'Content-Type': 'text/plain'
},
'body': 'Hello World'
}Back to hello_stack.py, let's made a cron job on AWS Lambda with Scheduled Events
First, import the required packages.
Note:
lambdais a built-in identifier in Python. Normally we uselambda_instead.
from aws_cdk import (
aws_events as events,
aws_lambda as lambda_,
aws_events_targets as targets,
core,
)Read handler.py we just created
with open("./lambda/handler.py", encoding="utf-8") as fp:
code_body = fp.read()Define a lambda function
cronFn = lambda_.Function(
self, "cronFn",
code = lambda_.InlineCode(code_body),
handler = "index.handler",
runtime = lambda_.Runtime.PYTHON_3_7,
)Define an event rule. It will run the job every 6 PM.
rule = events.Rule(
self, "cronRule",
schedule = events.Schedule.cron(
minute = '0',
hour = '18',
month = '*',
week_day = 'MON-FRI',
year = '*'
),
)Finally, add the target to the lambda function
rule.add_target(targets.LambdaFunction(cronFn))Here's the complete code
from aws_cdk import (
aws_events as events,
aws_lambda as lambda_,
aws_events_targets as targets,
core,
)
class MyStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
with open("./lambda/handler.py", encoding="utf-8") as fp:
code_body = fp.read()
cronFn = lambda_.Function(
self, "cronFn",
code = lambda_.InlineCode(code_body),
handler = "index.handler",
runtime = lambda_.Runtime.PYTHON_3_7,
)
rule = events.Rule(
self, "cronRule",
schedule = events.Schedule.cron(
minute = '0',
hour = '18',
month = '*',
week_day = 'MON-FRI',
year = '*'
),
)
rule.add_target(targets.LambdaFunction(cronFn))Let's run cdk diff again
After deploying, let's check on the console
Run a simple test
Go to CloudWatch, we can see the event we just created
To clean up the code, we can simply delete the stack by running cdk destroy.
No comments:
Post a Comment