AWS DevOps Blog

CDK Corner – March 2021

Social – Community Engagement

The CDK team has started live streaming on the AWS Twitch Channel! The CDK Construction Zone is a semi regular series with members of the CDK Team diving into, and demonstrating how to build a CDK Construct. The series is dedicated to building CDK Triggers, with the code from this series stored inside the awslabs/cdk-triggers repository. Want to know when the next time CDK Team is live? Check the AWS Twitch Broadcast calendar to see when the next episode of CDK Construction Zone will air.

CDK Day is a celebration of all things CDK (Not only AWS CDK), coming up on April 30th, 2021. Curious about what folks talk about at CDK Day? The full-day recordings from last year are on YouTube.

Updates to the CDK

As always, the CDK Community and Team was diligently coding in the CDK Laboratory bringing new and interesting updates.

Level-ups to existing CDK Constructs:

Lambda Module adds support for Code.fromDockerBuild() When building with aws-lambda, a common workflow can include transferring code in from an external asset, such as a Container. For example, you might have an AWS Lambda Function that has some code that creates an in-memory array of JSON objects generated from a database. But this array is built during the deploy step of a pipeline to be injected into the code base, with a container asset housing the array. Previously, this functionality wasn’t supported by CDK, but PR#12258 brings with it the ability the use a Container asset stored in /asset of the project, which is then zipped up and uploaded to an S3 Bucket, before deployment of the Stack.

CDK now supports scope-level permissions boundaries From the CDK Team in PR#12777. This perhaps understated feature is a win for CDK users who need to increase the security posture in their AWS account. Users can now explicitly set scope-level boundaries for their CDK Application. This helps issues such as a CDK Stack inheriting an IAM Role from another source with a larger permissions boundary than the CDK Stack expects to have for itself.

aws-stepfunctions-tasks now supports eks:call, allowing customers who use Kubernetes the ability to interact with the k8s native API in stepfunctions-tasks, with CDK Contributor NovakGu getting this functionality over the finish line started from previous work, finished in PR#12779

The CDK CLI received a Pull Request from CDK Contributor swar8080, extending cdk deploy with new parameters while using --no-execute. This allows you to set a unique change-set-name on a deployment, a nice improvement if your environment requires or prefers to use non-random names.

CDK contributor christophgysin submitted PR#12829, a change that implements IGrantable in aws-stepfunctions. This allows a StepFunctions object to be passed from the library, to another construct granting permission to it, rather than using the Role property. Subtle changes like this result in a tidier CDK code base for your projects.

Notable New Level 2 Construct:

It’s always great to see a new AWS L2 Construct make its way into the AWS Construct Library. It’s even more exciting to see a new L2 Construct come from the community. CDK Contributor mitchlloyd authored PR#12464, adding the aws-kinesisanalytics-flink construct library. giving initial support for Flink in Kinesis Projects. Read more about the new library in its API Docs.

New Level 1 Constructs from CloudFormation

Two updates of the cfnspec were released in February: Versions 27, and 28. These updates bring in many numerous updates to L1 Constructs in AWS CDK, among other changes. The changelog contains a dive deep into the details.

Other Notable Fixes:

February introduced the fix of a bug identified as Deadly-Embrace, involving dependency resolution betweens Stacks from CloudFormation Exports. PR#13052 discusses this fix in greater detail.

If you have ever split aws-apigatewayv2‘s HttpApi and Route across stacks, you may have found yourself caught in a circular dependency. Thanks to several community contributors in PR#13010, this bug is resolved. Thanks everyone!

The detailed submission in PR#12920 discusses removal policies for stateful L2 resources, rectifying violations from cfn-lint. This is an insightful bugfix as it implements opinionated behavior, and showcases the CDK Team as they collaborate on thoughtful decisions when delivering a release to the community.

cfn-diff has been silently rounding all version strings down to zero, if the version string is in a zero range. What started as an issue reported for aws-imagebuilder, turned into an overall CDK fix in PR#13022, reported by CDK Contributor nigel-heaney

Coming in hot with a Pull Request, CDK Contributor jogold submitted PR#12336, that fixed a bug preventing links in docs from being clickable from Intellisense. What a great quality-of-life fix!

CloudFormation has supported region-agnostic EC2 Instance Deployment for some time, the common use case being the ability to map an Amazon Linux 2 AMI to multiple AWS Regions. PR#12546 from CDK Contributor wchaws gives aws-ec2 access to region-agnostic AMIs via GenericMachineImage.

Learning: Check out these Videos

AWS Community Builder Blake Green held a 3-part streaming series on the recently launched AWS CDK Primer on aws.training. Side note: If you’re interested in becoming an AWS Developer Community Builder like Blake, take a look at the Program Portal for more information.

AWS Hero Matthew Bonig recently spoke at the AWS Boston Digital Meetup Group with a deep dive on CDK.

AWS Amplify Senior Developer Advocate Nader Dabit has a great video on building an authenticated GraphQL API with AWS CDK

Are you a Developer who is looking to learn how to use CDK in the world of .NET Development? Check out this great video from AWS Solutions Architect Taz Hussein on setting up a CDK Project with .NET!

Community Acknowledgements

A couple of changes submitted by the community that I enjoyed come from two contributors:

Changes that make it easier for Developers to onboard in a new project are always appreciated. mmuller88 spent time putting PR#12404 together, fixing a code example in the CDK Documentation for aws-lambda-nodejs.

CDK Contributor robertd built their first L2 Construct in this PR#12743, adding useful L2 Constructs to aws-cloudfront: The ability use PublicKeys and KeyGroups at the L2 Construct level. Thanks Robert!

First time Contributors

And finally, congratulations and rounds of applause for these folks who had their first Pull Request merged to the CDK Repository in the month of February!

Thanks for reading this update of the CDK Corner! See you next time!