DEV Community

Farmin Farzin for AWS Community Builders

Posted on • Originally published at farmin.dev

3 1

Deploying different CloudFormation stacks based on different AWS accounts with AWS CDK

AWS CDK is a great tool to write AWS infrastructure as code in your favorite language. Apart from all the awesome features that CDK offers, one of the things that I personally like is that it helps us to make sure we don't repeat ourselves or DRY principal

As most of the teams use multiple environments to build a product, we need to deploy resources to all those environments. Not that always the environments have the same resources or configurations, in fact, most of the time you'd have different resources or setups for your dev compared to prod or staging. In the AWS, you would have different accounts for different environments due to various reasons such as security, access distribution and etc.

In my case, I wanted to deploy to these environments as efficiently as possible. I have some common resources between these environments and some resources that are specific to each one. On the other hand, I want to have only one CDK app handling my deployments to different environments.

The solution that I came up with was using assume role I can figure out which account we want to deploy and based on that account number and a simple mapping between environments and accounts, I figure out which environment is the one we want to deploy so I just deploy the stacks that I want for that environment.

As you can see this is very easy since we're writing the infrastructure imperatively:

/* eslint-disable no-new */

const AWS = require("aws-sdk");
const cdk = require("@aws-cdk/core");
const { CommonStack } = require("./stack");
const { DevStack } = require("./dev-stack");
const { ProdStack } = require("./prod-stack");


const sts = new AWS.STS({});

const TEST_REGION = "eu-west-1";
const DEV_REGION = "eu-west-1";

const AWS_ACCOUNT_IDS = {
  development: "000000000",
  quality: "00000000",
  production: "000000000",
};

class App extends cdk.App {

  deployCommonStacks() {
    this.commonStack = new CommonStack(
      this,
      "commonStack",
      {}
    );
  }

  deployDevStacks() {
    this.devStack = new DevStack(
      this,
      "devStack",
      {}
    );    
  }

  deployProdStacks() {
    this.prodStack = new ProdStack(
      this,
      "prodStack",
      {}
    );    

  }

  async deployStacks() {
    const assumed = await sts.getCallerIdentity({}).promise();
    console.log("deployStacks() caller identity:", assumed);

    this.deployCommonStacks();

    if (assumed.Account === AWS_ACCOUNT_IDS.development) {
      console.log("Deploying to development account:");
      this.deployDevStacks();
    }

    if (assumed.Account === AWS_ACCOUNT_IDS.production) {
      console.log("Deploying to production account:");
      this.deployProdStacks();
    }

    return assumed.Account;
  }
}

const app = new App();
app
  .deployStacks()
  .then(acc => {
    console.log(`deployStacks() completed for account: ${acc}`);
  })
  .catch(e => {
    console.log("error in deployStacks():", e);
  });
Enter fullscreen mode Exit fullscreen mode

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read full post →

Top comments (0)

Create a simple OTP system with AWS Serverless cover image

Create a simple OTP system with AWS Serverless

Implement a One Time Password (OTP) system with AWS Serverless services including Lambda, API Gateway, DynamoDB, Simple Email Service (SES), and Amplify Web Hosting using VueJS for the frontend.

Read full post