DEV Community

AWS Community Builders profile image Nao San
Nao San for AWS Community Builders

Posted on

[AWS] The best CDK code that anyone can write with the power of Kiro [Kiro]

#aws #cdk #kiro #devtools

This article is a machine translation of the contents of the following URL, which I wrote in Japanese:

https://qiita.com/Nana_777/items/02b26afa8b5d4480b14f

Introduction

In a previous article, I created an API test environment using Kiro Powers in Postman. This time, I'll explain how to implement CDK code using Kiro Powers, which is related to implementing IaC code, including the CDK.

↓ Previous Kiro Powers articles

https://dev.to/aws-builders/aws-power-up-kiro-with-kiro-powers-5620

Conclusion

Kiro Powers' "Build AWS infrastructure with CDK and CloudFormation" is highly recommended. It's a useful tool for beginners and advanced users alike.

Recommended Points of "Build AWS infrastructure with CDK and CloudFormation"

  • Streamline CDK learning for beginners
  • High-quality code implementation that always reflects the latest best practices
  • Efficient implementation verification

MCP Servers for CDK

There have been several MCP tools available to support CDK development. I'll introduce them.

Deprecated "AWS CDK MCP Server"

https://awslabs.github.io/mcp/servers/cdk-mcp-server

The "AWS CDK MCP Server" was the first MCP server to support CDK development. However, this MCP server has been deprecated as its functionality has been integrated into the AWS IaC MCP Server, which offers broader support.

Replacement "AWS IaC MCP Server"

https://awslabs.github.io/mcp/servers/aws-iac-mcp-server

The AWS IaC MCP Server is an MCP server that supports IaC code creation and troubleshooting.
It allows you to search documentation for not only AWS CDK but also services including CloudFormation, perform compliance checks, and troubleshoot deployments.

Kiro powers "Build AWS infrastructure with CDK and CloudFormation" that internally invokes AWS IaC MCP Server

https://github.com/kirodotdev/powers/tree/main/aws-infrastructure-as-code

image.png

A recent new feature in Kiro, powers, supports CDK and CloudFormation development.

This power is called "Build AWS infrastructure with CDK and CloudFormation."

This power is actually an "AWS IaC MCP Server," but it offers benefits unique to powers, such as dynamic activation of MCP tools.
image.png

Configuring "Build AWS infrastructure with CDK and CloudFormation"

Setting it up in KiroIDE is easy.
As mentioned in a previous article, you can install it by selecting "Build AWS infrastructure with CDK and CloudFormation" from the official Kiro page or the powers menu in Kiro IDE.

image.png
image.png
Clicking the Install button will add the settings to mcp.json. You can then use it by setting the variable to a valid profile name for your environment.
image.png

What you can do with Build AWS infrastructure with CDK and CloudFormation

By using Kiro's chat feature and asking Kiro questions in natural language, you can accomplish the following:

Research and design support before writing code

You can obtain configuration patterns and implementation samples to help you implement CDK code.
For example, you can use sample code as a reference when learning about or implementing AWS CDK.
In the example below, when I requested a CDK code sample using TypeScript, Kiro (powers) called up several MCP functions and suggested the results.

image.png

image.png

In this test, we obtained the following answers along with specific code:

  • Project initialization procedure
  • Basic stack structure
  • Practical example
  • Lambda + DynamoDB pattern
  • API Gateway + Lambda + DynamoDB pattern
  • S3 + CloudFront static site
  • VPC + RDS + Lambda Patterns
  • Best Practices
  • Configurable Constructs
  • Environment-Specific Configurations (How to Set Environment-Dependent Variables for Development and Production Environments)
  • Test Examples
  • Main Commands
  • Commands for building, generating CloudFormation templates, listing stacks, deploying, checking differences, deleting stacks, and running tests Related Functions: search_cdk_documentation, search_cdk_samples_and_constructs

Applying Best Practices

As shown in the code sample above, this tool not only generates code but also applies CDK best practices.
Kiro (powers) calls the cdk_best_practices function to obtain best practice information.

Related Function: cdk_best_practices

Code Verification and Quality Improvement

This tool validates the contents of CloudFormation templates, discovering and correcting deprecated definitions.
In the example below, it discovered and corrected a deprecated runtime version.

image.png
In terms of security and compliance, this test also uncovered and fixed six issues:

  • S3_BUCKET_DEFAULT_LOCK_ENABLED (Object Lock disabled)
  • S3_BUCKET_LOGGING_ENABLED (Access logging disabled)
  • S3_BUCKET_NO_PUBLIC_RW_ACL (Insufficient public read/write access control)
  • S3_BUCKET_REPLICATION_ENABLED (Replication disabled)
  • S3_BUCKET_VERSIONING_ENABLED (Versioning disabled)
  • IAM_NO_INLINE_POLICY_CHECK (Using inline policies)

image.png

Kiro also fixes deprecations and security issues that are often overlooked through manual checks, so you can rest assured.

Related functions: validate_cloudformation_template, check_cloudformation_template_compliance

Troubleshooting

Kiro (powers) can also be used to resolve issues such as deployment failures.

It can suggest solutions based on known failure patterns and retrieve CloudTrail logs to investigate problems.

Related functions: troubleshoot_cloudformation_deployment, include_cloudtrail

Build AWS infrastructure with CDK and CloudFormation Summary of when and where it is available

Item When there is no Power When there is Power
Documentation Research Search in your browser or ask the AI. The freshness and reliability of the source information is uncertain You can obtain the latest, reliable official information at the time of execution.
Implementation Example Search Search in your browser or ask the AI. The freshness and reliability of the source information is uncertain Obtain official samples by language. High-quality official AWS implementation examples make it easy to compare multiple patterns.
Best Practices Read official documentation and understand it yourself before implementation. It is uncertain whether the information is up to date Obtain the latest best practices all at once. Comprehensive guide including CDK-NAG rules. Standardize security configurations.
API Specification Review Read official documentation and understand it yourself before implementation. Instantly obtain complete specifications for specific constructs. Integrated display of properties, methods, and usage examples. Related constructs are also suggested.
Code Validation Manually perform code validation using tools such as cfn-lint. Automatically validate synthesized templates. Check syntax, schema, and security all at once. Obtain specific correction suggestions.
Development Time The quality and efficiency of investigation, implementation, and verification depend on the developer. Takes a relatively long time. Access to the latest official information improves the quality and efficiency of investigation, implementation, and verification. High-quality implementation is possible in a relatively short time.
Quality Depends on developer skill. Possibility of not being able to obtain the latest information. Possibility of security implementation omissions. Uniform automated checks based on official AWS standards prevent oversights. Ensures high consistency. Prevents security implementation omissions.
Learning Benefits It's difficult to learn consistently based on the latest information and best practices Systematic knowledge acquisition, integrated implementation and theory learning, and natural acquisition of best practices

Conclusion

AWS CDK offers a significant advantage in terms of abstraction. However, the learning curve seems relatively higher than CloudFormation, especially in terms of implementation techniques and environment construction. Furthermore, frequent feature additions and improvements make it difficult to keep up.
Kiro Powers, the "Build AWS infrastructure with CDK and CloudFormation" tutorial introduced here, allows you to learn using the latest documentation, best practices, and code that reflects them. In addition to learning, it also allows you to efficiently verify and troubleshoot implementations, making it a useful tool for beginners and advanced users alike.

Top comments (0)