AWS CDK v2 ハンズオンとAWS CDK Pre Conference

AWS CDK "Pre" Conference Japan




Github Repository



Infrastructure as Code




AWS Cloud Development Kit (AWS CDK) v2 の一般提供開始

AWS Construct Hub

AWS が Construct Hub の一般提供を発表

  • AWS CDK未対応リソース
    • Kinesis Firehorse
  • AWS 外リソース
    • New Relic
    • Datadog

現在、実験的にGitHub Repositoryをどのくらい Fork されるか計測されているとのことで、

  • Cloud9を利用
    • 標準でNode.jsがインストールされている環境
    • 実行するリージョンは稼働する環境であればどこでも
      • 日本内がよければ東京(ap-notrheast-1)/大阪(ap-northeast-3)
      • グローバルで価格を可能な限り抑えたい場合はオレゴン(us-west-2)
  1. 単純にCDK実行環境の整備
    1. cdk bootstrap
    2. cdk deploy
  2. Lambda関数のhot swap(可能な限り高速で入れ替える、一般的には電源を入れたまま部品交換などのケース)
    1. cdk deploy --hotswap

cdk deployのオプション(v2.8.0)

cdk deploy [STACKS..]

Deploys the stack(s) named STACKS into your AWS account

  -a, --app                  REQUIRED: command-line for executing your app or a
                             cloud assembly directory (e.g. "node
                             bin/my-app.js")                            [文字列]
  -c, --context              Add contextual string parameter (KEY=VALUE)  [配列]
  -p, --plugin               Name or path of a node package that extend the CDK
                             features. Can be specified multiple times    [配列]
      --trace                Print trace for stack warnings               [真偽]
      --strict               Do not construct stacks with warnings        [真偽]
      --lookups              Perform context lookups (synthesis fails if this is
                             disabled and context lookups need to be performed)
                                                       [真偽] [デフォルト: true]
      --ignore-errors        Ignores synthesis errors, which will likely produce
                             an invalid output        [真偽] [デフォルト: false]
  -j, --json                 Use JSON output instead of YAML when templates are
                             printed to STDOUT        [真偽] [デフォルト: false]
  -v, --verbose              Show debug logs (specify multiple times to increase
                             verbosity)           [カウント] [デフォルト: false]
      --debug                Enable emission of additional debugging
                             information, such as creation stack traces of
                             tokens                   [真偽] [デフォルト: false]
      --profile              Use the indicated AWS profile as the default
                             environment                                [文字列]
      --proxy                Use the indicated proxy. Will read from HTTPS_PROXY
                             environment variable if not specified      [文字列]
      --ca-bundle-path       Path to CA certificate to use when validating HTTPS
                             requests. Will read from AWS_CA_BUNDLE environment
                             variable if not specified                  [文字列]
  -i, --ec2creds             Force trying to fetch EC2 instance credentials.
                             Default: guess EC2 instance status           [真偽]
      --version-reporting    Include the "AWS::CDK::Metadata" resource in
                             synthesized templates (enabled by default)   [真偽]
      --path-metadata        Include "aws:cdk:path" CloudFormation metadata for
                             each resource (enabled by default)
                                                       [真偽] [デフォルト: true]
      --asset-metadata       Include "aws:asset:*" CloudFormation metadata for
                             resources that uses assets (enabled by default)
                                                       [真偽] [デフォルト: true]
  -r, --role-arn             ARN of Role to use when invoking CloudFormation
      --toolkit-stack-name   The name of the CDK toolkit stack          [文字列]
      --staging              Copy assets to the output directory (use
                             --no-staging to disable, needed for local debugging
                             the source files with SAM CLI)
                                                       [真偽] [デフォルト: true]
  -o, --output               Emits the synthesized cloud assembly into a
                             directory (default: cdk.out)               [文字列]
      --no-color             Removes colors and other style from console output
                                                      [真偽] [デフォルト: false]
      --version              バージョンを表示                             [真偽]
      --all                  Deploy all available stacks
                                                      [真偽] [デフォルト: false]
  -E, --build-exclude        Do not rebuild asset with the given ID. Can be
                             specified multiple times    [配列] [デフォルト: []]
  -e, --exclusively          Only deploy requested stacks, don't include
                             dependencies                                 [真偽]
      --require-approval     What security-sensitive changes need manual
                [文字列] [選択してください: "never", "any-change", "broadening"]
      --ci                   Force CI detection       [真偽] [デフォルト: false]
      --notification-arns    ARNs of SNS topics that CloudFormation will notify
                             with stack related events                    [配列]
  -t, --tags                 Tags to add to the stack (KEY=VALUE), overrides
                             tags from Cloud Assembly (deprecated)        [配列]
      --execute              Whether to execute ChangeSet (--no-execute will NOT
                             execute the ChangeSet)    [真偽] [デフォルト: true]
      --change-set-name      Name of the CloudFormation change set to create
  -f, --force                Always deploy stack even if templates are identical
                                                      [真偽] [デフォルト: false]
      --parameters           Additional parameters passed to CloudFormation at
                             deploy time (STACK:KEY=VALUE)
                                                         [配列] [デフォルト: {}]
  -O, --outputs-file         Path to file where stack outputs will be written as
                             JSON                                       [文字列]
      --previous-parameters  Use previous values for existing parameters (you
                             must specify all parameters on every deployment if
                             this is disabled)         [真偽] [デフォルト: true]
      --progress             Display mode for stack activity events
                                    [文字列] [選択してください: "bar", "events"]
      --rollback             Rollback stack to stable state on failure. Defaults
                             to 'true', iterate more rapidly with --no-rollback
                             or -R. Note: do **not** disable this flag for
                             deployments with resource replacements, as that
                             will always fail                             [真偽]
      --hotswap              Attempts to perform a 'hotswap' deployment, which
                             skips CloudFormation and updates the resources
                             directly, and falls back to a full deployment if
                             that is not possible. Do not use this in production
                             environments                                 [真偽]
      --watch                Continuously observe the project files, and deploy
                             the given stack(s) automatically when changes are
                             detected. Implies --hotswap by default       [真偽]
      --logs                 Show CloudWatch log events from all resources in
                             the selected Stacks in the terminal. 'true' by
                             default, use --no-logs to turn off. Only in effect
                             if specified alongside the '--watch' option
                                                       [真偽] [デフォルト: true]
  -h, --help                 ヘルプを表示                                 [真偽]

AWS CDKの過去に取り扱った経験

CloudFormation Templateの生成

AWS OrganizationsのCloudFormation StackSetsで利用する標準のIAMアカウントを作成したかった


* VSCodeに Cfn-lintを入れていましたが...
* 構文エラーを回避したあとに、定義が必要な項目が不足していたりするなどでエラーとなっていた


AWS CDKののL2ライブラリにまかせて、必要最低限の項目のみ定義することでテストと動作確認はcdk deployで成果物を確認し、
最終的には cdk synthからCloudFormationの定義を出力して対応


Amazon EC2でリリースされた機能を試したかった
→ AmazonEC2のトラブルシューティング練習




AWS CDKを使って、EC2を必要な台数分作成する
→ (CDK v1) https://github.com/midnight480/aws-cdk-sample
→ (CDK v2) https://github.com/midnight480/aws-cdk-sample-v2