Use AWS CDK with Attini

Find the code examples here, and read our founder’s medium article about this subject.

The AWS CDK is a popular way of configuring your Cloud resources using common programming languages. The AWS CDK is an abstraction on top of AWS CloudFormation, meaning that the “result” of a CDK deployment is one or more AWS CloudFormation stacks.

AWS CDK projects can be synthesized and deployed using Attini which offers a lot of advantages, for example:

  1. Standard packaging to help teams to collaborate.

  2. Standard versioning, backups, and rollbacks (attini deploy rollback/history).

  3. Dependency support and visualization.

  4. Increased deployment speed using the Attini runner.

  5. A standard way to monitor deployments.

  6. A standard way to design a least privilege access model.

  7. Use the AWS State machine process logic like choice, parallel or wait.

  8. Artifact life cycle.

  9. Integrate the deployment with any other technologies like:

  • Other IaC tools like plain CloudFormation, Terraform or Pulumi using the Attini runner or a Lambda function.

  • Configuration tools like Ansible, Chef or Puppet using the Attini runner or a Lambda function.

  • Cross account/region deployments.

  • Find CloudFormation stacks that are no longer maintained using Attini CLI command attini ops rogue-stacks.

  • Configuration support when managing multiple environments.

  • Other AWS APIs that are useful during deployments for example AWS SSM Run Command or RDS/EC2 snapshots using Attini runner or a Lambda function.

  • Automatically run load tests, integration tests, or penetration tests during or after a deployment.

Deployment alternatives

Usually, it’s considered good practice for software to be environment unaware (environment-agnostic) during the build/compile/synthesization/package phase.

However, the CDK best practices recommends users to synthesize CDK projects inside application environments (environment aware). This is because some CDK features require information about the environment before the synthesization can start (for example the AWS account and region when configuring environments), or it requires read access to the environment during synthesization (example, CDK Runtime Context).

The AWS CDK can therfore be used within the Attini Framework in 3 different ways:

Option 1: Synthesize with Attini package

Synthesize (cdk synth) in the package phase. This is the recommended option if your CDK project is environment-agnostic.

Option 2: Synthesize and deploy with Attini runner

Run a container (Attini runner) inside your application environment that runs cdk deploy.

Option 3: Synthesize with Attini runner

Run a container (Attini runner) inside your application environment that runs cdk synth. Then upload the Cloud​Formation templates to s3 and deploy using AttiniCfn type.


Example application

We will use the CDK to generate a CloudFormation template with an SQS Queue.

Then we have a legacy SNS Topic that we integrate with our new SQS Queue. We will use the Deployment plan payload to carry configuration from the SQS Stack, to the SNS Stack to show how we can integrate different technologies using Attini.


AttiniAndCDK-SystemArch


Option 1: Synthesize with Attini package

Find a code example here: Synthesize with attini package

If your CDK project is environment-agnostic, you can synthesize your CloudFormation templates in the attini package phase.

If you also use the image option in the attini-config you can easily run the synth comnand inside a container image that is shared between your team members or used by your build server. This harmonizes your organization’s workflow and helps with software dependencies and versioning.

In this example, we show how to synthesize the CDK app with the Attini package to get a CloudFormation template.

Then we use AttiniCfn type to deploy the CdkExampleSQS and the LegacySNS.


AttiniAndCDK-Option-1

Find a code example here: Synthesize with attini package

Option 2: Synthesize and deploy with Attini runner

Find a code example here: Synthesize and deploy with Attini runner

Using the Attini runner (via Attini deployment plan), you can run cdk deploy from a container inside your IT environment. This enables all CDK features and makes it easy to integrate your CDK deployment with other technologies.

To use the CloudFormation Outputs in later deployment plan steps, you can easily inject the CDK output into the Attini deployment plan payload using this command:

cdk deploy --outputs-file ${ATTINI_OUTPUT} --require-approval never

Find more information about the Attini runner and its environment variables here.

This makes it easy to integrate the cdk deploy command with a AttiniCfn deployment later on.


AttiniAndCDK-Option-2

Option 3: Synthesize with Attini runner

Find a code example here: Synthesize with Attini runner


AttiniAndCDK-Option-3

If you want to use any features from the AttiniCfn type like:

  1. Configuration support when managing multiple environments.

  2. Cross account/region deployments.

  3. Find CloudFormation stacks that are no longer maintained using Attini CLI command attini ops rogue-stacks.

  4. Use other configuration options like termination protection or fallback.

Then you have to:

  1. Synthesize (cdk synth) your templates with the Attini runner.

  2. Upload the templates the S3 (attini-artifact-store-{region}-{account}).

  3. Deploy the stacks using AttiniCfn.


AttiniAndCDK-Option3Details