Getting started with the AWS CDK - AWS Cloud Development Kit (AWS CDK) v2

This is the AWS CDK v2 Developer Guide. CDK v1 entered maintenance on June 1, 2022 and will now receive only critical bug fixes and security patches. New features will be developed for CDK v2 exclusively.

Getting started with the AWS CDK

This topic introduces you to important AWS CDK concepts and describes how to install and configure the AWS CDK. When you're done, you'll be ready to create your first AWS CDK app.

Your background

The AWS Cloud Development Kit (AWS CDK) lets you define your cloud infrastructure as code in one of its supported programming languages. It is intended for moderately to highly experienced AWS users.

Ideally, you already have experience with popular AWS services, particularly AWS Identity and Access Management (IAM). You might already have AWS credentials on your workstation for use with an AWS SDK or the AWS CLI and experience working with AWS resources programmatically.

Familiarity with AWS CloudFormation is also useful, as the output of an AWS CDK program is an AWS CloudFormation template.

Finally, you should be proficient in the programming language you intend to use with the AWS CDK.

Key concepts

The AWS CDK is designed around a handful of important concepts. We will introduce a few of these here briefly. Follow the links to learn more, or see the Concepts topics in this guide's Table of Contents.

An AWS CDK app is an application written in TypeScript, JavaScript, Python, Java, C# or Go that uses the AWS CDK to define AWS infrastructure. An app defines one or more stacks. Stacks (equivalent to AWS CloudFormation stacks) contain constructs, each of which defines one or more concrete AWS resources, such as Amazon S3 buckets, Lambda functions, Amazon DynamoDB tables, and so on.

Constructs (as well as stacks and apps) are represented as classes (types) in your programming language of choice. You instantiate constructs within a stack to declare them to AWS, and connect them to each other using well-defined interfaces.

The AWS CDK includes the CDK Toolkit (also called the CLI), a command-line tool for working with your AWS CDK apps and stacks. Among other functions, the Toolkit provides the ability to convert one or more AWS CDK stacks to AWS CloudFormation templates and related assets (a process called synthesis) and to deploy your stacks to an AWS account.

The AWS CDK includes a library of AWS constructs called the AWS Construct Library, organized into various modules. The library contains constructs for each AWS service. The main CDK package is called aws-cdk-lib, and it contains the majority of the AWS Construct Library, along with base classes like Stack and App used in most CDK applications.

The actual package name of the main CDK package varies by language.

TypeScript
Install npm install aws-cdk-lib
Import import 'aws-cdk-lib' as cdk;
JavaScript
Install npm install aws-cdk-lib
Import const cdk = require('aws-cdk-lib');
Python
Install python -m pip install aws-cdk-lib
Import import aws_cdk as cdk
Java
Add to pom.xml Group software.amazon.awscdk; artifact aws-cdk-lib
Import import software.amazon.awscdk.App; (for example)
C#
Install dotnet add package Amazon.CDK.Lib
Import using Amazon.CDK;

Constructs come in three fundamental flavors:

  • AWS CloudFormation-only or L1 (short for "layer 1"). These constructs correspond directly to resource types defined by AWS CloudFormation. In fact, these constructs are automatically generated from the AWS CloudFormation specification, so when a new AWS service is launched, the AWS CDK supports it a short time after AWS CloudFormation does.

    AWS CloudFormation resources always have names that begin with Cfn. For example, for the Amazon S3 service, CfnBucket is the L1 construct for an Amazon S3 bucket.

    All L1 resources are in aws-cdk-lib.

  • Curated or L2. These constructs are carefully developed by the AWS CDK team to address specific use cases and simplify infrastructure development. For the most part, they encapsulate L1 resources, providing sensible defaults and best-practice security policies. For example, Bucket is the L2 construct for an Amazon S3 bucket.

    Libraries may also define supporting resources needed by the primary L2 resource. Some services have more than one L2 namespace in the Construct Library for organizational purposes.

    aws-cdk-lib contains L2 constructs that are designated stable, i.e., ready for production use. If a service's L2 support is still under development, its constructs are designated experimental and provided in a separate module.

  • Patterns or L3. Patterns declare multiple resources to create entire AWS architectures for particular use cases. All the plumbing is already hooked up, and configuration is boiled down to a few important parameters.

    As with L2 constructs, L3 constructs that are ready for production use (stable) are included in aws-cdk-lib, while those still under development are in separate modules.

Finally, the constructs package contains the Construct base class. It's in its own package because it is used not only by the AWS CDK but also by other construct-based tools, including CDK for Terraform and CDK for Kubernetes.

Numerous third parties have also published constructs compatible with the AWS CDK. Visit Construct Hub to explore the AWS CDK construct ecosystem.

Supported programming languages

The AWS CDK has first-class support for TypeScript, JavaScript, Python, Java, C#, and Go. Other JVM and .NET CLR languages may also be used, at least in theory, but we are unable to offer support for them at this time.

To facilitate supporting so many languages, the AWS CDK is developed in one language (TypeScript) and language bindings are generated for the other languages through the use of a tool called JSII.

We have taken pains to make AWS CDK app development in each language follow that language's usual conventions, so writing AWS CDK apps feels natural, not like writing TypeScript in Python (for example). Take a look:

TypeScript
const bucket = new s3.Bucket(this, 'MyBucket', { bucketName: 'my-bucket', versioned: true, websiteRedirect: {hostName: 'aws.amazon.com'}});
JavaScript
const bucket = new s3.Bucket(this, 'MyBucket', { bucketName: 'my-bucket', versioned: true, websiteRedirect: {hostName: 'aws.amazon.com'}});
Python
bucket = s3.Bucket(self, "MyBucket", bucket_name="my-bucket", versioned=True, website_redirect=s3.RedirectTarget(host_name="aws.amazon.com"))
Java
Bucket bucket = Bucket.Builder.create(self, "MyBucket") .bucketName("my-bucket") .versioned(true) .websiteRedirect(new RedirectTarget.Builder() .hostName("aws.amazon.com").build()) .build();
C#
var bucket = new Bucket(this, "MyBucket", new BucketProps { BucketName = "my-bucket", Versioned = true, WebsiteRedirect = new RedirectTarget { HostName = "aws.amazon.com" }});
Note

These code snippets are intended for illustration only. They are incomplete and won't run as they are.

The AWS Construct Library is distributed using each language's standard package management tools, including NPM, PyPi, Maven, and NuGet. There's even a version of the AWS CDK API Reference for each language.

To help you use the AWS CDK in your favorite language, this Guide includes topics that explain how to use the AWS CDK in all supported languages.

TypeScript was the first language supported by the AWS CDK, and much AWS CDK example code is written in TypeScript. This Guide includes a topic specifically to show how to adapt TypeScript AWS CDK code for use with the other supported languages. See Translating TypeScript AWS CDK code to other languages.

Prerequisites

Here's what you need to install to use the AWS CDK.

All AWS CDK developers, even those working in Python, Java, or C#, need Node.js 10.13.0 or later. All supported languages use the same back end, which runs on Node.js. We recommend a version in active long-term support, which, at this writing, is the latest 16.x release. Your organization may have a different recommendation.

Important

Node.js versions 13.0.0 through 13.6.0 are not compatible with the AWS CDK due to compatibility issues with its dependencies.

You must configure your workstation with your credentials and an AWS region, if you have not already done so. If you have the AWS CLI installed, the easiest way to satisfy this requirement is issue the following command:

aws configure

Provide your AWS access key ID, secret access key, and default region when prompted.

You may also manually create or edit the ~/.aws/config and ~/.aws/credentials (macOS/Linux) or %USERPROFILE%\.aws\config and %USERPROFILE%\.aws\credentials (Windows) files to contain credentials and a default region, in the following format.

  • In ~/.aws/config or %USERPROFILE%\.aws\config

    [default] region=us-west-2
  • In ~/.aws/credentials or %USERPROFILE%\.aws\credentials

    [default] aws_access_key_id=AKIAI44QH8DHBEXAMPLE aws_secret_access_key=je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY
Note

Although the AWS CDK uses credentials from the same configuration files as other AWS tools and SDKs, including the AWS Command Line Interface, it may behave slightly differently from these tools. In particular, if you use a named profile from the credentials file, the config must have a profile of the same name specifying the region. The AWS CDK does not fall back to reading the region from the [default] section in config. Also, do not use a profile named "default" (e.g. [profile default]). See Setting credentials for complete details on setting up credentials for the AWS SDK for JavaScript, which the AWS CDK uses under the hood.

AWS CDK does not natively support AWS IAM Identity Center (successor to AWS Single Sign-On). To use IAM Identity Center with the CDK, use a tool such as yawsso.

Alternatively, you can set the environment variables AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_DEFAULT_REGION to appropriate values.

Important

We strongly recommend against using your AWS root account for day-to-day tasks. Instead, create a user in IAM and use its credentials with the CDK. Best practices are to change this account's access key regularly and to use a least-privileges role (specifying --role-arn) when deploying.

Other prerequisites depend on the language in which you develop AWS CDK applications and are as follows.

TypeScript
  • TypeScript 2.7 or later (npm -g install typescript)

JavaScript

No additional requirements

Python
  • Python 3.6 or later including pip and virtualenv

Java
  • Java Development Kit (JDK) 8 (a.k.a. 1.8) or later

  • Apache Maven 3.5 or later

Java IDE recommended (we use Eclipse in some examples in this Developer Guide). IDE must be able to import Maven projects. Check to make sure your project is set to use Java 1.8. Set the JAVA_HOME environment variable to the path where you have installed the JDK.

C#

.NET Core 3.1 or later.

Visual Studio 2019 (any edition) or Visual Studio Code recommended.

Install the AWS CDK

Install the AWS CDK Toolkit globally using the following Node Package Manager command.

npm install -g aws-cdk

Run the following command to verify correct installation and print the version number of the AWS CDK.

cdk --version
Note

CDK Toolkit; v2 works with your existing CDK v1 projects. However, it can't initialize new CDK; v1 projects. See New prerequisites if you need to be able to do that.

Bootstrapping

Deploying stacks with the AWS CDK requires dedicated Amazon S3 buckets and other containers to be available to AWS CloudFormation during deployment. Creating these is called bootstrapping. To bootstrap, issue:

cdk bootstrap aws://ACCOUNT-NUMBER/REGION
Tip

If you don't have your AWS account number handy, you can get it from the AWS Management Console. Or, if you have the AWS CLI installed, the following command displays your default account information, including the account number.

aws sts get-caller-identity

If you have created named profiles in your local AWS configuration, you can use the --profile option to display the account information for a specific profile's account, such as the prod profile as shown here.

aws sts get-caller-identity --profile prod

To display the default region, use aws configure get.

aws configure get region aws configure get region --profile prod

AWS CDK tools

The AWS CDK Toolkit, also known as the Command Line Interface (CLI), is the main tool you use to interact with your AWS CDK app. It executes your code and produces and deploys the AWS CloudFormation templates it generates. It also has deployment, diff, deletion, and troubleshooting capabilities. For more information, see cdk --help or AWS CDK Toolkit (cdk command).

The AWS Toolkit for Visual Studio Code is an open-source plug-in for Visual Studio Code that makes it easier to create, debug, and deploy applications on AWS. The toolkit provides an integrated experience for developing AWS CDK applications, including the AWS CDK Explorer feature to list your AWS CDK projects and browse the various components of the CDK application. Install the plug-in and learn more about using the AWS CDK Explorer.

Next steps

Where do you go now that you've dipped your toes in the AWS CDK?

The AWS CDK is an open-source project. Want to contribute?