Traditionally, infrastructure provisioning was done manually by system administrators. This brought many challenges, such as slow adaptation to changes, stale inventory, limited visibility of infrastructure, risk of human errors, etc.
What is Infrastructure as Code?
Infrastructure as Code (IaC) is a concept that provides best practices to manage the infrastructure in a source code repository like git. The benefits are multifold:
- Changes to infrastructure could be done by code commits and pull requests to provide better control and review process
- The IaC repository itself provides the inventory of resources, so no need to maintain separate inventory management tools
- The infrastructure changes could be planned along with the regular product releases to reduce the iteration of changes done on production
- IaC repository provides full visibility to all stakeholders, thus reducing the access need of production infrastructure to limited people and tools
Although many 3rd party vendors like Terraform, Pulumi, also provide Infrastructure as Code tools, we will discuss the services offered by AWS to fulfill your IaC requirements.
AWS CloudFormation
The CloudFormation stack is defined by a template in Yaml or Json format and it is the single unit under which the related resources are managed.
The templates support input parameters for which the values can be specified when you create a CloudFormation stack, this makes the same template reusable in multiple stacks.
You can make changes to the stack by changing the template attached to it. While performing the changes you could also generate a Change set to help you review the changes before you actually apply it.
You can find differences (drift) between the cloudformation template and the actual state of resources.
You can also refer to the resources in one stack while creating the template for another stack. This helps you segregate your infrastructure into a set of stacks that could be managed individually.
AWS Cloud Development Kit
CDK is an open source project that leverages the power of your favorite programming language like TypeScript, Python, Java, .NET, and Go to help you build the infrastructure.
The library provides constructs for AWS resources along with their configurable attributes at multiple layers:
- L1 – CfnResources: This is a 1-1 mapping of CDK construct to a CloudFormation resource.
- L2 – AWS resources: Provides an abstraction of AWS resources with additional APIs to facilitate the intent of standard configurations, thus reducing the boilerplate code required when using CfnResource.
- L3 – AWS patterns: Is a further level of abstraction that allows you to provision the common tasks on AWS consisting of multiple resources.
Conclusion
AWS Cloud Development Kit provides the ability to create complex infrastructure with minimal lines of code and is a preferred choice for AWS Infrastructure as Code.
References
- What is AWS CloudFormation? – AWS CloudFormation. (n.d.). Amazon Web Services, Inc. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html
- What is the AWS CDK? – AWS Cloud Development Kit (CDK) v2. (n.d.). Amazon Web Services, Inc. https://docs.aws.amazon.com/cdk/v2/guide/home.html