Building infrastructure as code with typescript and aws cdk
2 likes702 views
The AWS CDK is a software development framework to define cloud infrastructure as code and provision it through CloudFormation. The CDK integrates fully with AWS services and offers a higher-level object-oriented abstraction to define AWS resources imperatively. The CDK improves your end-to-end development experience because you get to use the power of modern programming languages to define your AWS infrastructure in a predictable and efficient manner. You can build test and deploy a true Infrastructure as a Code architecture using Typescript. make Reusable code and enjoy the code completion feature of IDEs to create your cloud Infrastructure.
![Permessi e ACL
import iam = require('@aws-cdk/aws-iam');
const role = new iam.Role(this, 'Role', {
assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'),});
const policy = new iam.PolicyStatement({
effect: iam.Effect.DENY,
resources: [bucket.bucketArn, otherRole.roleArn],
actions: ['ec2:SomeAction', 's3:AnotherAction'],
conditions: {StringEquals: {
'ec2:AuthorizedService': 'codebuild.amazonaws.com',
}}});
role.addToPolicy(policy);](https://image.slidesharecdn.com/buildinginfrastructureascodewithtypescriptandawscdk-191025125745/85/Building-infrastructure-as-code-with-typescript-and-aws-cdk-43-320.jpg)
![[Alam aeki] Guida illustrata alla modellazione di un dominio con Event Sourci...](https://cdn.slidesharecdn.com/ss_thumbnails/alamaeki-140615030507-phpapp01-thumbnail.jpg?width=560&fit=bounds)
More Related Content
What's hot (20)
Similar to Building infrastructure as code with typescript and aws cdk (20)
Building infrastructure as code with typescript and aws cdk
- 1. Building Infrastructure as Code with Typescript and AWS CDK by Andrea Valentini & Cristian Valeri
- 2. Agenda DevOps Infrastructure as Code AWS CDK Costrutti App & Stack Env, Assets & ACL
- 3. about me
- 6. Perch竪 DevOps atto 2
- 7. DevOps: Un po Dev un po Ops? De鍖nizione Wikipedia: In informatica DevOps (dalla contrazione inglese di development, "sviluppo", e operations, qui simile a "messa in produzione" o "deployment") 竪 un metodo di sviluppo del software che punta alla comunicazione, collaborazione e integrazione tra sviluppatori e addetti alle operations della information technology (IT). DevOps vuole rispondere all'interdipendenza tra sviluppo software e IT operations, puntando ad aiutare un'organizzazione a sviluppare in modo pi湛 rapido ed ef鍖ciente prodotti e servizi software.
- 8. DevOps is not a new technology or a product, it's an approach or culture of software development that seeks stability and performance at the same time that it speeds software deliveries to the business - Andi Mann - CA Technologies -
- 9. DevOps signi鍖ca: Essere organizzati, responsabili, coinvolti e collaborativi. Avere servizi IT sempre pi湛 automatizzati = risorse pi湛 libere da lavori ripetitivi (ma necessari) Impiegare meglio il tempo e concentrarsi sulla progettazione del software e delle infrastrutture
- 10. DevOps or not DevOps? Chi si occupa di mantenere il software deve essere considerato un 鍖rst class citizen Considerare sempre un Developer On Call che af鍖ancher chi mantiene lapplicazione se necessario. Attivare processi di Continous Integration e Continous Delivery. Minore intervento umano signi鍖ca minore rischio di errore. Ridurre le barriere di comunicazione tra team di sviluppo e sistemisti Automatizzare quanto piu possibile il bug 鍖xing sui sistemi Monitorare in maniera ef鍖ciente tutte le componenti aziendali per ridurre gli errori
- 13. DevOps = Cambiamento Comunicazione Condivisione Obiettivi Collaborazione Rispetto e Fiducia Mettersi insieme 竪 un inizio, rimanere insieme 竪 un progresso, lavorare insieme un successo. - Henry Ford
- 14. Thank You
- 15. about me
- 17. Infrastructure as Code is the process of managing and provisioning computer data centers through machine- readable de鍖nition 鍖les, rather than physical hardware con鍖guration or interactive con鍖guration tools.
- 18. Infrastructure as Code 1. Ottimizzazione dei costi: elimina la componente manuale del deployment, riducendo il numero di persone necessarie al completamento dei task . 2. Maggiore velocit di deploy permette di effettuare velocemente il deployment di macchine identiche ad altre gi de鍖nite in precedenza. 3. Riduzione dei rischi separare la de鍖nizione delle best practices e delle caratterisitiche 鍖siche dalla fase di deployment riduce i rischi derivanti da errate con鍖gurazioni sia per eventuali malfunzionamenti che per problemi di sicurezza. 4. Controllo di consistenza permette di controllare e nel caso forzare la compliance della con鍖gurazione di una macchina con uno standard ben de鍖nito.
- 24. AWS CDK (Cloud Development Kit)
- 25. AWS CDK: Requirements $ pip3 install awscli --upgrade --user $ npm install -g typescript@latest $ npm install -g aws-cdk $ cdk init sample-app --language typescript
- 27. Composizione
- 28. Usare i Costrutti import s3 = require('@aws-cdk/aws-s3'); // ... new s3.Bucket(this, 'MyFirstBucket', { versioned: true, encryption: s3.BucketEncryption.KMS, websiteIndexDocument: 'index.html' }); // ...
- 29. Usare i Costrutti const rawData = new s3.Bucket(this, 'raw-data'); const dataScience = new iam.Group(this, 'data-science'); rawData.grantRead(dataScience);
- 30. Usare i Costrutti const jobsQueue = new sqs.Queue(this, 'jobs'); const createJobLambda = new lambda.Function(this, 'create-job', { runtime: lambda.Runtime.NODEJS_8_10, handler: 'index.handler', code: lambda.Code.fromAsset('./create-job-lambda-code'), environment: { QUEUE_URL: jobsQueue.queueUrl } });
- 31. Creare Costrutti export interface NBProps { prefix?: string; } export class NotifyingBucket extends Construct { constructor(scope: Construct, id: string, props: NBProps = {}) { super(scope, id); const bucket = new s3.Bucket(this, 'bucket'); this.topic = new sns.Topic(this, 'topic'); bucket.addObjectCreatedNotification(topic, { prefix: props.prefix }); } }
- 32. Creare Costrutti const queue = new sqs.Queue(this, 'NewImagesQueue'); const images = new NotifyingBucket(this, 'Images'); images.topic.addSubscription(new sns_sub.QueueSubscription(queue));
- 33. App & Stack
- 34. App & Stack - Stack class MyFirstStack extends Stack { constructor(scope: Construct, id: string, props: StackProps){ super(scope, id, props); new s3.Bucket(this, 'MyFirstBucket'); } }
- 35. App & Stack - Stack class ControlPlane extends Stack {} class Dataplane extends Stack {} class Monitoring extends Stack {} class MyService extends cdk.Construct { constructor(scope: Construct, id: string, props?: EnvProps) { super(scope, id); new ControlPlane(this, "cp", {}); new Dataplane(this, "data", {}); new Monitoring(this, "mon", {}); } }
- 36. App & Stack - Stack const app = new cdk.App(); new MyService(app, "beta"); new MyService(app, "prod", { prod: true }); app.synth(); $ cdk ls betacpDA8372D3 betadataE23DB2BA betamon632BD457 prodcp187264CE proddataF7378CE5 prodmon631A1083
- 37. App & Stack - Stack const prod = { account: '123456789012', region: 'us-east-1' }; const stack1 = new StackThatProvidesABucket(app, 'Stack1' , { env: prod }); // stack2 will take a property { bucket: IBucket } const stack2 = new StackThatExpectsABucket(app, 'Stack2', { bucket: stack1.bucket, env: prod });
- 38. App & Stack - Importing External Resources Bucket.fromName(this, 'Bucket', 'my-bucket-name'); Bucket.fromArn(this, 'Bucket', 'arn:aws:s3:::my-bucket-name'); // Construct a resource by giving more than one attribute Resource.fromAttributes(this, 'MyResource', { resourceName: 'booh', vpc: vpc });
- 39. App & Stack - App class MyApp extends App { constructor() { new MyFirstStack(this, 'hello-cdk'); } } new MyApp().synth();
- 40. App & Stack - App LifeCycle
- 41. Assets import { Asset } from '@aws-cdk/aws-s3-assets'; // Archived and uploaded to Amazon S3 as a .zip file const directoryAsset = new Asset(this, "SampleZippedDirAsset", { path: path.join(__dirname, "sample-asset-directory") }); // Uploaded to Amazon S3 as-is const fileAsset = new Asset(this, 'SampleFileAsset', { path: path.join(__dirname, 'file-asset.txt') });
- 42. Assets import {Stack, Construct, StackProps } = require('@aws-cdk/core'); import lambda = require('@aws-cdk/aws-lambda'); export class HelloAssetStack extends Stack { constructor(scope: Construct, id: string, props?:StackProps) { super(scope, id, props); new lambda.Function(this, 'myLambdaFunction', { code: lambda.Code.asset(path.join(__dirname, 'handler')), runtime: lambda.Runtime.NODE, handler: 'index.handler' }); } }
- 43. Permessi e ACL import iam = require('@aws-cdk/aws-iam'); const role = new iam.Role(this, 'Role', { assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'),}); const policy = new iam.PolicyStatement({ effect: iam.Effect.DENY, resources: [bucket.bucketArn, otherRole.roleArn], actions: ['ec2:SomeAction', 's3:AnotherAction'], conditions: {StringEquals: { 'ec2:AuthorizedService': 'codebuild.amazonaws.com', }}}); role.addToPolicy(policy);
- 44. ENV const envEU = { account: '2383838383', region: 'eu-west-1' }; const envUSA = { account: '8373873873', region: 'us-west-1' }; new MyFirstStack(this, 'first-stack-us', { env: envUSA, encryption: false }); new MyFirstStack(this, 'first-stack-eu', { env: envEU, encryption: true });
- 45. ENV new MyStack(this, 'dev', { env: { account: process.env.CDK_DEFAULT_ACCOUNT region: process.env.CDK_DEFAULT_REGION }});
- 46. Info & Resources Construct Library API Reference: https://docs.aws.amazon.com/cdk/api/latest/docs/a ws-construct-library.html CDK Examples: https://github.com/aws-samples/aws-cdk-examples
- 48. Thank You