This tutorial provides step-by-step instructions to configure an AWS account and its permissions for use with the AWS CDK.
Introduction
I have a project that requires deploying cloud infrastructure on AWS. The infrastructure consists of several containers that communicate via Kafka. As a proponent of “Infrastructure as Code,” I will implement this infrastructure with the AWS CDK.
To use the CDK, you must first have an AWS account with the necessary permissions.
As a software engineer who writes code daily, it is natural for me to model cloud infrastructure in code. The great thing is that I can execute this code and obtain a fully working infrastructure as a result.
Prerequisites
Assuming you are the root user of an AWS account, we can dive right into configuring it. Be aware that setting up this infrastructure may incur costs, so you will need a credit card linked to your account.
Background
Infrastructure as Code (IaC) is the practice of defining and managing cloud infrastructure through code. It enables automation of deployment and management, making infrastructure more reliable, scalable, and efficient. With IaC, infrastructure can be versioned, tested, and deployed repeatedly and consistently, reducing human error and improving collaboration between development and operations teams.
The AWS Cloud Development Kit (CDK) is a framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. It lets you model infrastructure using familiar programming languages such as TypeScript, Python, and Java, enabling software development practices—version control, code review, and automated testing—to be applied to infrastructure. Using the CDK makes it easier to manage and scale cloud resources and is a key element of the IaC approach.
Step-by-Step Guide
Overview of the steps:
- Add a new IAM user.
- Create an Access Key ID and Secret Access Key.
- Create a group and assign the user to this group.
To use the AWS CDK, you need an access key. While you could create one using your root user, this is generally a bad idea. AWS will warn you if you attempt to do so.
Go to the IAM dashboard.
Click “Users.”
Then click “Add users.”
Enter the user’s name (in this case, “cdk-user”) and click “Next.”
Next, assign permissions to the user.
I left the defaults and clicked “Create user.” We will create the group later.
Store the displayed access information securely and click “Return to user list.”
To create a new access key for the user, select the user and click “Create access key.”
Choose how you want to use the key.
I left the defaults and clicked “Next.” I am not sure what the second option refers to or how it differs from the method shown here; I will investigate that another time.
Click “Create access key” to complete the process.
Now assign the required permissions to the user.
Click “Add permissions.”
Click “Create group” and select “AWSCloudFormationFullAccess” and “AdministratorAccess” to grant the necessary permissions.
Click “Create user group.”
Add the user “cdk-user” to the group.
Finally, click “Add permissions.”
Conclusion
This document provided a step-by-step guide to configuring an AWS account and its permissions for use with the AWS CDK. In the next tutorial, we will use the access key generated here to deploy infrastructure with the CDK.
Thank you for reading!