When you're using an Infrastructure-as-Software platform like the AWS CDK, chances are you'll have parameters that you want to pass in at runtime. Whether they're plain text or secrets, you'll need a way to pass in the values as the code runs. The two questions become:
In this blog post, you'll earn about how you can store parameters in CloudTruth and pass them in at runtime with the AWS CDK.
To follow along with this post blog, you should have:
In the world of Infrastructure-as-Code, you must learn a new configuration language. Whether it's HCL, JSON, or YAML. Chances are, many people already understand JSON or YAML, but the problem is with many Infrastructure-as-Code tools, there's a specific syntax that you must follow when setting up your infrastructure code. The point being is that a lot of developers just want to write infrastructure code in a language of their choosing. A language that they're comfortable with and write in every day.
With the AWS CDK, developers have the opportunity to do that. Infrastructure-as-Software, which is what a lot of engineers are calling tools like the AWS CDK, is a way to write Infrastructure-as-Code but with a general-purpose programming language like Go or Python.
There's also something to be said about the code base. If your organization is, for example, using Go, you have a certain way of doing things. For example, how tests are run. You may be using a specific platform to run security tests against your code and certain libraries/packages to run unit tests, integration tests, etc. for your Go code. If you have a new configuration language that you have to support, that means you have to come up with an entirely new solution for the security tests, unit tests, and integration tests. Utilizing the AWS CDK, you can test the code the same way you're testing your other Go code.
At the time of writing this, the AWS CDK supports:
Before passing in parameters at runtime, you'll need a place to store those parameters. That place is CloudTruth. In this section, you're going to learn how to create a CloudTruth project and store the AWS CDK parameters inside of CloudTruth.
1. Log into the CloudTruth portal and click on Projects.
2. Click the blue Add Project button.
3. Give your project a name, like awscdk, and then click the blue Create Project button.
4. Switch to the awscdk project and click the Parameters menu item.
5. Click the blue Add parameter or Secret button.
6. Enter bucketname for the name of the parameter and click the blue Create Parameter button.
7. Give the bucket a name and click the blue Save button.
Now that you have a new CloudTruth project with a parameter saved, it's time to create a CDK app and pass in the CloudTruth parameter at runtime.
First, create a new directory, cd into that directory, and create a new stack for the Go language. Please note that the new directory must have nothing else inside of it.
cdk init app --language go
You'll now see a new CDK project created.
Next, run the following command to ensure that all of the needed packages are brought down to your computer.
go mod tidy
Open up the goapp.go file and you'll see a template for the AWS CDK Go code. It contains the following:
For the purposes of this example, you're going to be creating a new S3 bucket. That means you have to change some logic in the code around.
Replace the following code:
awssns.NewTopic(stack, jsii.String("MyTopic"), &awssns.TopicProps{
DisplayName: jsii.String("MyCoolTopic"),
})
With
var bucket = awss3.NewBucket(stack, jsii.String(os.Getenv("bucketname")), &awss3.BucketProps{
Versioned: jsii.Bool(true),
})
Notice how in the Getenv()function the name is bucketname, which is the name of the CloudTruth parameter.
All together, the code for the goapp.go file should look like the below:
package main
import (
"fmt"
"os"
"github.com/aws/aws-cdk-go/awscdk"
"github.com/aws/aws-cdk-go/awscdk/awss3"
"github.com/aws/constructs-go/constructs/v3"
"github.com/aws/jsii-runtime-go"
)
type GoappStackProps struct {
awscdk.StackProps
}
func NewGoappStack(scope constructs.Construct, id string, props *GoappStackProps) awscdk.Stack {
var sprops awscdk.StackProps
if props != nil {
sprops = props.StackProps
}
stack := awscdk.NewStack(scope, &id, &sprops)
var bucket = awss3.NewBucket(stack, jsii.String(os.Getenv("bucketname")), &awss3.BucketProps{
Versioned: jsii.Bool(true),
})
fmt.Println(bucket)
return stack
}
func main() {
app := awscdk.NewApp(nil)
NewGoappStack(app, "GoappStack", &GoappStackProps{
awscdk.StackProps{
Env: env(),
},
})
app.Synth(nil)
}
func env() *awscdk.Environment {
return nil
}
Now that you have a CDK app created, it's time to deploy it with CloudTruth using a few simple commands.
With the CDK, you first must synth the code, then deploy it. You'll use CloudTruth for both.
Inside the directory where the AWS CDK app is, run the following command:
cloudtruth --project "awscdk" --env development run -- cdk synth
You'll see an output similar to the screenshot below, which is the CloudFormation Stack.
Next, deploy the new S3 bucket with the following command:
cloudtruth --project "awscdk" --env development run -- cdk deploy
You should see an output similar to the screenshot below.
Congrats! You have officially deployed an AWS CDK with CloudTruth.