Initializing Your CDK Environment
AWS CDK Toolkit
CDK Toolkit(CDK cli), is a command-line interface used to initialize and interact with your CDK apps. After installing it, you use some commands starting with ‘cdk’ for actions like initializing a CDK app, synthesizing CloudFormation templates from your CDK code, and deploying stacks using those templates.
It uses the same credentials you configure AWS CLI with. So first, we need install AWS CLI and configure it with our IAM permissions.
Next, although CDK supports more languages like Python, C#, Java, and Go, its backend runs on Node.js and requires a Node.js version greater than 10.13, regardless of the programming language used for the code.
Also as it is a command-line tool, you also need a terminal to execute the CDK commands.
Installations
Visual Studio Code: This is not must but IDE like visual studio code could be very handy to organize your code. You can download VS code from here.
AWS CLI: Next, AWS CLI is the primary command-line tool of AWS, and you can use it for actions not supported by CDK Toolkit, too. Besides, both command-line tools use the same credentials. So, it will be easier to configure AWS CLI. You can download AWS CLI from here.
Configurations
Next, after the installation, we will configure AWS CLI, which requires your AWS user’s programmatic access keys. Go to the IAM Console and create IAM user. My user has the ‘AdministratorAccess’ policy, meaning it has full access to my AWS account(not recommened in production setup).For starters , I recommend using a development account with AWS free-tier support.
Your CDK commands will assume these permissions while executing. So, please be sure that your user has administrator permissions like mine.
Let’s switch to the ‘Security credentials’ tab and scroll down to the ‘Access keys’ section. As side info, you use access keys to provideprogrammatic access to command-line tools and SDKs.
So, let’s create a new one by clicking the ‘Create access key’ button. As you see, the IAM Console provides options for usage scenarios. We will configure AWS CLI.So, let’s choose the ‘Command Line Interface’ option.
Now! Your IAM access keys provide long-term credentials, and they are not refreshed unless you replace them yourself. So, AWS provides some alternatives with short-term credentials as a security best practice.
CloudShell allows you to run commands from a temporary environment on AWS using your browser.It doesn’t fit our use case, as we will execute commands locally from our computers. The new IAM Identity Center would be a more secure alternative as it uses single sign-on, and I recommend checking it out later. But let’s stay on the topic, and for the simplicity of our examples, let’s acknowledge that we understand these by clicking the checkbox below. And then click ‘Next’ to continue.
On the next page, let’s click ‘Create access key’ to finish. OK then, our access key was created successfully. We will need the access key ID and its secret key while configuring AWS CLI. But this page is only displayed once. So, please download it as a ‘.csv’ file to a secure place to access them later. Otherwise, you will need to recreate your access keys
Now, let’s open the terminal and configure AWS CLI.If you use Visual Studio Code like me, you can open a terminal easily by using the ‘Terminal’ menu from the top and clicking the ‘New Terminal’ window action.
Now, let’s open the terminal and configure AWS CLI. If you use Visual Studio Code like me, you can open a terminal easily by using the ‘Terminal’ menu from the top and clicking the ‘New Terminal’ window action.
First, let’s ensure that AWS CLI is installed by typing the ‘aws — version’ command and pressing Enter. If your command is not recognized, please reinstall AWS CLI by following the installation steps in the installer.
Next, let’s use the ‘aws configure’ command to configure our credentials. It asks for the AWS Access Key ID. You can get it from the CSV file you downloaded. Let’s press Enter. Now, it asks for the secret access key.Similarly, you can get it from your CSV file.Let’s press Enter again. You can enter your choice of aws region like ‘ap-south-1’ and press Enter.
And let’s leave the default output format as it is by pressing Enter again. OK, we configured AWS CLI.
You can try running some commands like ‘aws s3 ls’ to list s3 buckets to test if configuration was successful.
CDK toolkit:
Now, we can install the CDK toolkit. But you need a Node.js version greater than 10.13 on your computer. AWS recommends using an LTS version for CDK Toolkit.You can download the Node.js long-term support version here.
To check whether Node.js was installed correctly. Let’s type the ‘node’ command with the ‘ — version’ option and press Enter
CDK Toolkit is a Node package. We will install it globally, but when you use an official Node.js installer it requires administrator privileges to install global Node packages. Therefore, on Mac and Linux,
we need to use ‘sudo’. Please skip this if you are on Windows. Sudo is not recognized on Windows, and you won’t need it.
Then, we will use the Node package manager, ‘npm’, with its ‘install’ command and the ‘-g’ option with a hyphen for global installation. Then, provide the package name of CDK Toolkit, ‘aws-cdk’.
Run the following command to verify correct installation and print the version number of the AWS CDK.
We can now use the cdk commands. For example, we can type the ‘cdk help’ command, which briefly lists all available cdk commands.
CDK bootstrap
But will installing the CDK Toolkit be sufficient to create and deploy stacks with CDK? Well, no. There is one more step you need to complete beforehand. You need to bootstrap at least one CDK environment.
So, what is a CDK environment? When you deploy a CDK stack, you must specify a CDK environment as the target, which consists of an AWS account and a region. So, a CDK environment is the AWS account and region pair where you deploy your stacks with CDK. But each CDK environment should be made ready by a process called ‘bootstrapping’ beforehand.
Bootstrapping is the preparation of the AWS region you use by creating the resources needed by CDK deployments, such as S3 buckets and IAM roles. These resources may be changed by the AWS CDK Team in the future,
which is why you use the CDK Toolkit to bootstrap your CDK environment.
Then, how do you do this? Well, you execute the ‘cdk bootstrap’ command, which creates a CloudFormation stack to create all necessary resources required by the CDK Toolkit for you. It gets the account number from your access key, and the region is either your default region or provided with the ‘ — region’ option as in AWS CLI commands.
The following examples illustrate bootstrapping of one and two environments, respectively. (Both use the same AWS account.) As shown in the second example, the aws:// prefix is optional when specifying an environment.
Now lastly, let’s go to AWS CloudFormation Console to see the stack created. You will get to see a stack named ‘CDKToolkit’
To see the details of this stack. Let’s switch to the ‘Resources’ tab to view the AWS resources it created. As you see, it created various AWS resources,such as parameters, buckets, and IAM policies,to prepare our CDK environment for deployments.
Please don’t delete this stack.Otherwise, you will need to bootstrap your CDK environment again to be able to deploy your CDK apps.
