nSights Talks

How to Use AWS CDK for Terraform

Tutorial Highlights & Transcript

00:00 - Beginning of Video
So for today’s demo, I want to talk about CDK for TerraForm, or CDKTF.
00:13 - What is AWS CDK for Terraform?
So what is CDK? CDK is a cloud development kit. Basically, it enables you to use regular programming languages to define infrastructure, either using CloudFormation or TerraForm. In this case, working with the TerraForm version. So, this enables me to write code in TypeScript, Python GO. And CDK takes that and translates it to regular TerraForm configurations, and I don’t have to write any TerraForm directly. This is useful for when the TerraForm language limitations kick in like, I’m sure some of you probably have had this issues where you need to do I don’t know, a double loop and TerraForm just can’t handle it, or complex conditionals that you just can’t write in the language itself? Well, with CDK, you can just use regular programming in the language you want. And whatever crazy algorithm you develop, CDK will translate it to the corresponding TerraForm configuration.
01:27 - How does AWS CDK for Terraform work?
Okay, so how does it work? I already briefly explained that, but you can choose your programming language, so TypeScript, Python, Java, C#, GO, you write your configurations in that language, then CDK takes it and transforms it into regular TerraForm code. And you can leverage any provider you want. So AWS, Azure, Google Cloud, or as they are boasting here in this diagram, any of the 1000s of providers that they have available. How does it work. So if you have used regular AWS CDK, before with CloudFormation, this is super familiar, these are basically the same commands, you can run the CDK TF synths, which is short for synthesize. And that will basically take your configuration and render it into TerraForm code. You can see that configuration on a specific folder, so it generates a CDKTF.out folder. And inside you have a stacks folder with all the stacks you define. And inside of those directories, what you will have is working TerraForm code. So you could go into those folders and run TerraForm in it, and TerraForm plan TerraForm deploy. And all of those should work, no problem. That should be a regular old TerraForm configuration. Or you can make use of the actual CDK, TF CLI to make the deployment and you don’t have to run TerraForm directly.
03:12 - AWS CloudFormation vs. Terraform
Now what are the actual differences or perks between one and the other? I would say the best perk that both of them have is you can write regular code. So you can use anything that works on Python, anything that works on GO, you can do any type of loops you want, basically regular old programming. So that’s a really powerful thing to have. Now, from my experience using this CloudFormation version of CDK, I can tell you that one gets messed up a lot. So if you do CloudFormation, you have probably run into a broken CloudFormation stack that doesn’t want to roll back or it’s a failed state. And then you have to do a lot of things to get it back to a stable situation so you can update it or even delete it. If that happens with regular CloudFormation. I say it happens even more often with CDK. CDK will – if you make some changes and deploy it – chances are you will mess up the CloudFormation stack by doing so, and it’s really annoying. So that’s why I wanted to try TerraFormation because it is backed by TerraForm. So it doesn’t work as cloud formation where it tries to roll back on any error that happens. You’ll see when I’m doing the actual technical demo that when you run CDK TF deploy, what you see is the actual TerraForm output, it behaves the exact same way. So I don’t think we would run into that many problems with broken stacks as we do with the CloudFormation version. But that’s just like personal taste. And what I can tell you from experience working on that project, I feel like CDK for TerraForm would be a more friendly option. But that’s just commentary, you can make your own judgments once you use either one of the two.
05:26 - Demo of AWS CDK for Terraform
Okay, so, that being said, let’s move on to an actual technical demo. I have here, an already initialized CDK for TerraForm project. It’s one of their tutorials. It’s the only thing it does is it creates a Docker image and then runs the Docker container. And it’s a good initial example. So I’ll just show you this structure. So this is done with TypeScript. And sorry. So this is a TypeScript project. So everything is coded in TypeScript. All the files you see here are generated by the CDK tool when you initialize a project, I didn’t do any of this. The only changes I made were to where’s this file, CDKTF.JSON. Here, I added a provider, this is the Docker TerraForm provider and a version. And then on the main TypeScript file, this is also generated by the framework. And the only thing I added was, here in the middle, I added a Docker image, object, and a container object. And this is basically it. Once you have this, here, I’m in the right directory. So here, I can run CDK TF Synths – that’s basically rendering the code into TerraForm. And here you can see it tells me it generated the code. That code is in the directory I mentioned before, here, under CDKTF.out, you have a stacks folder. And here I have a CDKTF.JSON file. This is only like the not so cool part, the generated TerraForm files are in full JSON Syntax, so not super user friendly, but since they are automated, and you really won’t be modifying these, I guess that’s fine. But this TerraForm configuration we have here, I could CD into this folder and just run TerraForm in it and TerraForm apply and it should work. But since we’re using CDK, I’m not going to do that. I’m just going to do a CDK TF deploy. It synthesizes again. It did the init, it did the plan and now it’s giving me the same TerraForm confirmation and output, and I’m just going to type yes. And there we go. So this created a Docker image in my local and a Docker container. If I do Docker PS, here, I have my tutorial image. It’s been up for nine seconds. So this is the one and if I do now CDK TF destroy we will see the same TerraForm thing. So now it’s telling me it’s going to delete two things. I’m going to type yes. And everything is gone too. If I do Docker PS now the container is gone. So this is one of their things like getting started tutorials like Docker containers CDK project. But let’s quickly do one more with AWS resources. So you see that we’re going to create a folder here CDK TF AWS demo. Okay, so now that I have my folder to create a new CDK TerraForm project, you just use the same CLI tools or CDK TF. The command is entered. Here, you can choose a template. This is basically the language you want. So I’m going to go with TypeScript again. And this dash dash local is so the state is handled locally. I don’t want to configure an S3 back end for example. So I’m just going to do dash dash local. This will create all the scaffolding for the project. Here. It’s asking me for a name, by default it takes the folder name, so that’s fine, then it wants a description. So I can just put Friday demo CDK TF. Okay, so now that this is done, if I expand this folder, you see we have the exact same folder structure. It generates everything it needs. And here on the main TypeScript file is where I can put my resources. So here it gives you a spot where you can start adding in things. Before I jump into that, I’m going to define an AWS provider, we still need to do that. So that would go on here. CDKTF.JSON, we already have an array for TerraForm providers, you can just add it here, we want the AWS one, so HashiCorp AWS version constraint, 3.40 something. Okay. So with that, I have my provider defined. Now I can run CDK TF get. This is basically doing TerraForm in it, but for the TypeScript things. So now that I have this, I can go back to the main TypeScript file. One thing I needed to do here is I need to import the provider that I just installed. So here import AWS provider. I’m going to create an instance. So I’m just going to import this package. And then, now that we have it imported, we need to add the provider. So new AWS provider, let’s use another region, East one. So now we have our provider. Now we need an instance. So for that, this is the code to deploy an instance. And I actually need another AMI. Hold on, because the example was for another region. So this AMI ID won’t work. This is for the right region. Okay, so we have the provider. Now we’re using the provider to declare an instance. And the last thing we’re going to put here is a TerraForm output that we can put here at the bottom. And we want the public IP address of our instance. So instance.publicIP. Here, it’s complaining that I don’t have this package, so I can add it to the actual CDK import. So just add one more here, and now the error goes away. And that should be it. So let’s try to first sync that. This will just render the files and I should see my CDKTF.out folder. Once this is done, there we go. Okay, so it generated the code successfully, we can check it out under the output folder. Again, this is rendered in JSON in the HCl, like a friendlier version of TerraForm. But it works. So here we have the provider definitions, we have the resource AWS instance, our AMI or type. And that’s it. So now that we have it synth, we can deploy, actually, you need to set up a profile. Okay, so we have our plan, just want to create because it’s a single instance, just type yes. And this takes a few minutes, but it will just deploy the one EC2 instance I defined here and then I can destroy it with CDKTF destroy the same as we did with the Docker container.
Jasmeet Singh

Carlos Rodríguez

DevOps Team Lead


Carlos has been a Senior DevOps Engineer at nClouds since 2017 and works with customers to build modern, well-architected infrastructure on AWS. He has a long list of technical certifications, including AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, and AWS Certified SysOps Administrator - Associate.