DEV Community: Scott Hsieh 🇹🇼

How to migrate CDK v1 to CDK v2 in 10 minuets

Scott Hsieh 🇹🇼 — Fri, 10 Dec 2021 06:57:18 +0000

The article was updated on May 17th, 2023 (Wed) for keeping update-to-date.

Content table

Prologue
CDK Settings
- cdk.json
- Dependencies
- peerDependencies
- devDependnecies
Modify Import
- Stable
- Experimental modules
Bootstrapping
Conclusion

Prologue

The AWS Cloud Development Kit (AWS CDK) v2 is GA on Dec. 2nd, 2021 (Thur). You might have been using CDK v1, either Typescript, Javascript, Python, Java, or .NET, to create and manage your infrastructure for quite a while. Some crucial parts in CDK v2 are that every stable module is now integrated into a module called aws-cdk-lib and the Construct class is extracted into another library instead of cdk.Construct by import * as cdk from '@aws-cdk/core'; in CDK v1. In the mean time, those packages which are still in experimental mode (status) will still be like individual modules that you used to import in CDK v1.
In this post, I'll note the parts that I changed from an existing CDK application based on v1 to CDK v2, including the application part and its test. This application is composed of 30 resources and was deployed via CDK v1 in the past. Now, it is deployed with CDK v2 into production and no issue found so far.

My First Migration CDK Application from V1 to V2

CDK settings

`cdk.json`

Before



{
  "app": "npx ts-node --prefer-ts-exts bin/aws-helper.ts",
  "context": {
    "@aws-cdk/core:newStyleStackSynthesis": false,
    "@aws-cdk/core:stackRelativeExports": false,
    "@aws-cdk/aws-rds:lowercaseDbIdentifier": false,
    "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": false,
    "@aws-cdk/aws-lambda:recognizeVersionProps": false,
    "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": false
  }
}

After



{
  "app": "npx ts-node --prefer-ts-exts bin/aws-helper.ts",
  "context": {
    "@aws-cdk/core:newStyleStackSynthesis": false,
    "@aws-cdk/core:stackRelativeExports": false,
    "@aws-cdk/aws-rds:lowercaseDbIdentifier": false,
    "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": false,
    "@aws-cdk/aws-lambda:recognizeVersionProps": false,
    "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": false
  }
}

Theoretically, you just need to remove all the feature flags put on cdk.json in v1, and can check whether you need the new features listed on the official documentation via cdk diff. For further detail, you could also go to the Github documentation to take a look. As you could see, in my v1 cdk.json of the application, none of the features is related to those new suggested in the v2 cdk.json. Yet I love the concept of YOU DON'T TURN YOUR BACK ON FAMILY from Vin Diesel, I just put all of them onto the v2 cdk.json.

Dependencies

Before



"dependencies": {
  "@aws-cdk/aws-events": "^1.96.0",
  "@aws-cdk/aws-events-targets": "^1.96.0",
  "@aws-cdk/aws-iam": "^1.96.0",
  "@aws-cdk/aws-lambda": "^1.96.0",
  "@aws-cdk/aws-lambda-python": "^1.96.0",
  "@aws-cdk/aws-stepfunctions": "^1.105.0",
  "@aws-cdk/aws-stepfunctions-tasks": "^1.105.0",
  "@aws-cdk/core": "^1.96.0",
  "esbuild": "^0.11.2",
  "source-map-support": "^0.5.16"
}

After



"dependencies": {
  "@aws-cdk/aws-lambda-python-alpha": "^2.0.0-alpha.11",
  "aws-cdk-lib": "^2.0.0",
  "constructs": "^10.0.0"
}

Yes, that's it. In cdk v2, in general scenario, you only need aws-cdk-lib and constructs. Yet in my first migration application, I use @aws-cdk/aws-lambda-python to build up my Python-based Lambda functions based on ARM. And this module is still in experimental mode as you could notice on the v2 API references, therefore, you need to add it into the dependencies part of package.json. AND you don't see it wrong, all experimental modules will be suffixed with alpha, that's one of the conventions you need to adapt yourself to it. About what version you need to specify regarding experimental modules, go check it on npm, my child, that's the quickest way I could sense so far. After you're highly familiar with how experimental versions are progressed, you farewell with looking up on npm.

peerDependencies

I don't have any item in the peerDependencies part of package.json. And I added the following items into package.json with cdk v2.



"peerDependencies": {
  "aws-cdk-lib": "^2.0.0",
  "constructs": "^10.0.0"
},

devDependnecies

Before



"devDependencies": {
  "@aws-cdk/assert": "^1.96.0",
  "@types/jest": "^26.0.10",
  "@types/node": "^10.17.27",
  "aws-cdk": "^1.96.0",
  "jest": "^26.4.2",
  "ts-jest": "^26.2.0",
  "ts-node": "^9.0.0",
  "typescript": "~3.9.7"
}

After



"devDependencies": {
  "@aws-cdk/assert": "^2.1.0",
  "@types/jest": "^26.0.10",
  "@types/node": "^10.17.27",
  "aws-cdk-lib": "^2.0.0",
  "constructs": "^10.0.0",
  "jest": "^26.4.2",
  "ts-jest": "^26.2.0",
  "ts-node": "^9.0.0",
  "typescript": "~3.9.7"
}

Since in the CDK application, I have some tests about the application. The only part you need to mind is you upgrade the version of @aws-cdk/assert and add aws-cdk-lib and constructs. You think there is another name for testing? No, no, no, you upgrade the version. By doing so, you don't need to change the testing where you've put quite hard effort and enter into the v2 world.

Modify Import

Stable

import * as cdk from '@aws-cdk/core' => import {App, Fn, Tags} from 'aws-cdk-lib'.
import targets = require('@aws-cdk/aws-events-targets') => import targets = require('aws-cdk-lib/aws-events-targets')
import * as iam from '@aws-cdk/aws-iam'; => import { aws_iam as iam } from 'aws-cdk-lib';
import { Construct } from 'constructs';

There are three parts I gotta modify as you could see the list above. And about point 3, before #issue17860 is resolved, you just follow what I've done, otherwise, you may fail even executing yarn build. In my CDK application, there are four .ts files under the lib directory, do you modify one by one? You might ask. My child, that is feasible yet you may start doubting why you have an infrastructure role and why you are here at the moment you're migrating. I usually count on VS Code for programming, both services and infrastructure. And you got take advantage of the Replace All function in VS Cod., That will save your life, trust me.

Experimental modules

import {PythonFunction} from '@aws-cdk/aws-lambda-python' => import {PythonFunction} from '@aws-cdk/aws-lambda-python-alpha

That's it, just that easy.

Bootstrapping

Conversion from CDK v1 to CDK v2 seems not too cumbersome as a heavy user of CDK v1. On the documentation, it is suggested that you should not install CDK Toolkit v2 globally if you'll create both v1 and v2 projects. For new projects, I'm probably going to initialize them with CDK v2 yet for retaining risk to the lowest, I'll make v1 and v2 as different aliases.



# alias cdk1="npx aws-cdk@1.x" 
alias cdk="npx aws-cdk@2.x"
PROFILE_NAME="ker_ker"
ACCOUNT_ID=$(aws sts get-caller-identity --query 'Account' --profile ${PROFILE_NAME} | tr -d '\"')
AWS_REGION="YOUR_REGION_BABY"

export CDK_NEW_BOOTSTRAP=1 && cdk bootstrap \
 --profile ${PROFILE_NAME} \
 --cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \
 aws://${ACCOUNT_ID}/${AWS_REGION}

In other projects, I use the CDK pipelines module, therefore, I bootstrapped the environment for CDK v2 as the above. If you don't use the CDK pipelines module to execute automatic deployment for your infrastructure, your re-bootstrapping command will be simpler than mine.

Conclusion

After done with re-bootstrapping, from testing, upgrading packages to deployment, all the CDK commands remain the same. And there's still one issue, i.e., we might only need 10 minutes to migrate a v1 application to v2, what if there are decades of complicated applications? How I wish I could migrate my whole v1 applications to v2 just with one click. That a utopian world I'll enter in my dream now. Other than that, have good time on your migration journey from CDK v1 to CDK v2.

A Screenshot of CDK V2 API Reference

Scott's Journey on Passing AWS DevOps Engineer Professional Certification

Scott Hsieh 🇹🇼 — Sun, 03 Oct 2021 04:03:54 +0000

Content Table

Prologue
Official Exame Guide
Tips for Real Exam
- Compute
- Networking & Content Delivery
- Developer Tools
- Storage
- Log
- High Availability, Fault Tolerance, and Disaster Recover
- Others
Implementation Suggestions
Conclusion
References

Prologue

After passing the AWS DAS in February this year, I'd been fascinating about how to become a professional lazybones^[3] in spare time apart from building custom CDK constructs, sharing at the AWS Taiwan UG, internal sharing in my own company, and recording for an external session. All of sudden, I felt gotta keep moving on towards goals after studying the quintessence of lazybones for a while. So, the journey of pursuing the AWS DevOps Engineer Professional Certification began at that moment.

Official Exame Guide

Like you will check how many mountain trails you gotta walk through for taking down the Taipai Grand Trail and what materials you need to collect so that you could get a legendary weapon Kudzu for your ranger in Guild War 2. To get the One Piece of the DOP, you have to evaulaute whether you've had quite some sense what specific enterprise scenarios (cases) are going to show up in this certification and what AWS services you could consider resolving the issues transpired in those cases. From the website, you could see:

Validation on candidates' ability

Implement and manage continuous delivery systems and methodologies on AWS
Implement and automate security controls, governance processes, and compliance validation
Define and deploy monitoring, metrics, and logging systems on AWS
Implement systems that are highly available, scalable, and self-healing on the AWS platform
Design, manage, and maintain tools to automate operational processes

Recommended knowledge and experience

Experience developing code in at least one high-level programming language; building highly automated infrastructures; and administering operating systems
Understanding of modern development and operations processes and methodologies
Ability to implement and manage continuous delivery systems and methodologies on AWS
Ability to implement and automate security controls, governance processes, and compliance validation
Ability to define and deploy monitoring, metrics, and logging systems on AWS

In the exam guide, we could see the content expounds more detail into 6 fields that this certification is going to test whether you can respond rapidly towards forementioned enterprise scenarios and understand what AWS services can fulfil the requirements in those cases.

+----------+----------------------------------------------------------+-----+
| Domain 1 | SDLC Automation                                          | 22% |
+----------+----------------------------------------------------------+-----+
| Domain 2 | Configuration Management and Infrastructure as Code      | 19% |
+----------+----------------------------------------------------------+-----+
| Domain 3 | Monitoring and Logging                                   | 15% |
+----------+----------------------------------------------------------+-----+
| Domain 4 | Policies and Standards Automation                        | 10% |
+----------+----------------------------------------------------------+-----+
| Domain 5 | Incident and Event Response                              | 18% |
+----------+----------------------------------------------------------+-----+
| Domain 6 | High Availability, Fault Tolerance, and Disaster Recover | 16% |
+----------+----------------------------------------------------------+-----+

SDLC Automation

Apply concepts required to automate a CI/CD pipeline
Determine source control strategies and how to implement them
Apply concepts required to automate and integrate testing
Apply concepts required to build and manage artifacts securely
Determine deployment/delivery strategies (e.g., A/B, Blue/green, Canary, Red/black) and how to implement them using AWS services

Configuration Management and Infrastructure as Code

Determine deployment services based on deployment needs
Determine application and infrastructure deployment models based on business needs
Apply security concepts in the automation of resource provisioning
Determine how to implement lifecycle hooks on a deployment
Apply concepts required to manage systems using AWS configuration management tools and services

Monitoring and Logging

Determine how to set up the aggregation, storage, and analysis of logs and metrics
Apply concepts required to automate monitoring and event management of an environment
Apply concepts required to audit, log, and monitor operating systems, infrastructures, and applications
Determine how to implement tagging and other metadata strategies

Policies and Standards Automation

Apply concepts required to enforce standards for logging, metrics, monitoring, testing, and security
Determine how to optimize cost through automation
Apply concepts required to implement governance strategies

Incident and Event Response

Troubleshoot issues and determine how to restore operations
Determine how to automate event management and alerting
Apply concepts required to implement automated healing
Apply concepts required to set up event-driven automated actions

High Availability, Fault Tolerance, and Disaster Recovery

Determine appropriate use of multi-AZ versus multi-Region architectures
Determine how to implement high availability, scalability, and fault tolerance
Determine the right services based on business needs (e.g., RTO/RPO, cost)
Determine how to design and automate disaster recovery strategies
Evaluate a deployment for points of failure

Tips for Real Exam

Compute

Such as EC2, Elastic Beanstalk, Lambda, ECS, and Fargate, you need to grasp basic understanding of these services. By saying basic understanding, it doesn’t mean reading over related official documentations is enough, but at least you gotta equipped with operation experience of those services via the Web Console. Of course, if you work hard enough, deploying the services by CloudFormation (CFN will be used in the rest of the article) or the CDK can be beneficial both to smashing DOP and your own DevOps experience.

EC2 can be utilized to become an AP or API server; From scratch, you probably will grow your system gradually from a single functionality based on requirements. During the time, you might still log in the EC2 where your system, or function aggregation, resides via ssh with a key pair to manage the code snippets that support your system or service. Aside from ssh, is there a safer way to log in? Have you ever operated EC2 Instance Connect and Session Manager in AWS Systems Manager? To log in an EC2 server via two forementioned methods, do you know what steps you need to go through on authorization and configuration so that a user can log in via the services?

As time passes, you might realize that during some specific time spans, requesting number to your service, or server, is large and your server cannot handle this copious amount of requesting. Do you know in this moment you could consider using Elastic Load Balancing and EC2 AUto Scaling to tackle this kind of issue? About launch templates (LT) and launch configuration (LC), can you explain the difference between the two and what scenarios they are suitable? Is there any connection between Auto Scaling Groups (ASG), and LT and LC? What are EC2 Auto Scaling lifecycle hooks? What states are included in the lifecycle hooks? What events, or states, are followed after the scale-out and scale-in events? If traffic in the coming future cannot be predicted or depicted, among multiple scaling strategies of Auto Scaling, what option you can consider? After grasping all of the scaling strategies, what are their proper usage scenarios? What phenomena will make auto scaling start to work? Can I trigger auto scaling based on some condition? What conditions can I select? If auto scaling is at the scale-in state, before compute instances are going to be terminated, you want to snapshot the instances or create the AMIs, do you know in what state of the lifecycle hooks allows you to define the forementioned custom actions? Or what if there are running compute instances in an ASG, and for regulation purpose, the instances need to be attached the 2nd network interface for connecting to an independent subnet managed by other business unit, what you can do in the lifecycle hooks in order to achieve the requirements?

Introducing Native Support for Predictive Scaling with Amazon EC2 Auto Scaling^[41]

In terms of Elastic Load Balancing, can you name all of the load balancers^[9]? In what aspects there is the difference between Application Load Balancer (ALB) and Network Load Balancer (NLB)? In the OSI model, which kind of OSI level for load balancing do they support respectively? If load balancing is required to be integrated with Lambda, what load balancer should be chose?

Do you know what things Elastic Beanstalk as a service can do for you automatically? What are Elastic Beanstalk composed of? Can environment be categorized? If there are multiple kinds of environments, what specific tasks they are especially good at? What is .ebextensions for? What can it achieve? Can I modify hardware spec of compute instances via .ebextensions?

Model serving in Java with AWS Elastic Beanstalk made easy with Deep Java Library^[28]

With micro-service architecture becoming more popular and popular, after assimilating related concepts^[18]^[27]^[43], its history^[20], and what AWS services can assist you in building micro services^[8], you'll enter the world of Lambda, ECS, and Fargate. How many phases are there in terms of AWS Lambda execution environment? What programming languages does it support natively, or directly? If a programming language that isn't supported by AWS is preferred to be executed, what method you could consider to achieve the goal? What are the least permissions for an AWS Lambda function to be executed? If integration with other AWS services via Lambda is required, what needs to be done as wishes? If a web server hosted on an EC2 instance with authentication functionality is intended to be migrated to Lambda as serverless service, what components might be changed compared to the original architecture?

How to get notified on specific Lambda function error patterns using CloudWatch^[29]

ECS is for containers, as a managed service, what components are there in ECS? Like task definition, auto scaling, container agent, etc., you're supposed to distinguish components of ECS. Just follow classic examples on the official documentations for hands-on experience, with explanation in the technical documentations and a fabulous late melt with Hokkaido milk. What is the relationship between ECS and ECR? Do they need each other to work, or they can be combined to work together? Is there any one between the services that can execute other task independently?

Figure in How Steamhaus Used AWS Well-Architected to Improve Sperry Rail’s Artificial Intelligence System

You still need to manage web servers by deploying your applications or services to ECS, there exists operation cost to some extent. Hence, AWS who captured the customers' need launched AWS Fargate. What differences there are between the ECS container service and AWS Fargate? Why the need of AWS Fargate is getting more and more? When you attempt to figure out carefully, you'll realize what elegant and efficient developing experience is.

Figure in Game Server Hosting on AWS Fargate

Networking & Content Delivery

On the aspect of VPC, you'll also need some understanding, after all, the services mentioned so far are built upon VPC (except Amazon ECS Anywhere, Amazon EKS Anywhere, and AWS Outposts). Like what public subnets, private subnets, route tables, network ACL, and security group (SG) are. What are ENI, CIDR, Internet Gateway, NAT Gateway, and VPC endpoints, etc.? When grasping ENI at the beginning level, you could schedule some time to go deeply about what is the difference among ENI, ENA, and EFA^[36].

About Route53, you're suggested to have sense on how many kinds of DNS records there are, such as A, AAAA, CNAME, Alias records, etc. You gotta at least read through the documentation of routing policies. Geolocation and geo-proximity are all connected to geolocation. What is their difference? What can be achieved via DNS failover? What options can be considered for DNS failover?

Developer Tools

Deployment Models

Now we are about to enter into the scope of deployment models. If you look carefully at Point 5 of the SDLC Automation in domain knowledge of the exam guide, you'll see blue/green, canary^[11]^[38], and red/black deployment models. Regarding the blue/green deployment, I personally thought the 2015 speech given by Andy Mui and Vlad Vlasceanu will be a good start³². Its content delivered concise and informative information on what possible combinations there are to run through the blue/green deployment on the aspect of EC2 and ECS. Aside from some super helpful comparison, strategies at data level were also suggested, such as when a blue/gree deployment is about to be progressed, if data schema is also going to be changed, what corresponding methods can be implemented?

The red/back deployment and blue/green deployment can be regarded as the same deployment model. You could spend some time figuring out their mindset in back and then focus on the blue/green deployment. After all, in a presentation file titled Deployment Strategies on Kubernetes in the CNCF also equals the blue/green deployment and red/black deployment.

On the aspect of computing, you could see AWS offers numerous selections. How to progress the blue/green deployment for EC2? How about the blue/green deployment via CFN for ECS^[39]? How to execute a canary deployment for pure Lambda^[33]? If there is a serverless service combined with Lambda and Amazon API Gateway, a newer version to be deployed is required while visiting the original API should be allowed, what needs to be configured in procedure?

Blue/Green Deployments with Amazon Elastic Container Service^[16]

AWS CloudFormation and AWS Serverless Applicaiton Model

You must manipulate CFN, by sorely viewing technical documentation, you might not be able to have quite solid grasp. In CFN, how do you refer to resources in nested stacks? When infrastructure becomes huge, is there any organizing practice that can be followed in terms of stack building? What are cfn-init, cfn-signal, cfn-get-metadata, and cfn-hup for? What resources support the UpdatePolicy attribute? With AWS::AutoScaling::AutoScalingGroup, what other more specific options are provided for managing ASG via CFN? Do you know that custom resources can invoke Lambda functions and AWS APIs? For example, making Lambda functions managed by CFN updatable, which are stored in a S3 bucket where versioning is open, configuring event notification to Lambda on an existing S3 bucket (right now, CDK already supports this scenario), creating and updating AWS well-architected reviews, making the ARN of a Lambda function deployed by AWS::Serverless::Application visible to the following S3 Object Lambda deployment, etc. WaitCondition in CFN can make signals without accessing the Internet^[30].

Best practices for organizing larger serverless applications¹²

AWS CodeCommit, AWS CodeBuild, AWS CodeDeploy, and AWS CodePipeline

Developers might agree with that git is a popular tool for version control and CodeCommit is a managed service of version control by AWS. To empower developers in a team to execute specific git commands towards a CodeCommit repository, what needs to be set related to permissions? If a Git repository is going to be migrated to CodeCommit, what steps are necessary? If an action in CodePipeline failed, what can be implemented to notify DevOps engineers or related developers? (Not through AWS Chatbot) In a CodePipeline pipeline combined with CodeBuild and CodeDeploy, if the insertion of code testing (function test, unit test, integration test, bra bra) is intended, what you can do to achieve the goal? In a CICD pipeline, what way is feasible to make applications conform to security regulations? How many kinds of events can be listened in CodePipeline? What servcies are used for listening? CodeDeploy can not only assist in deployment for AWS resources but also IDC machines. If we want to deploy to IDC machines via CodeDeploy, what are the prerequisites? How do you build a cross-account CD pipeline? If sensitive information will be accessed in a CICD pipeline, do you know that AWS Systems Manager Parameter Store and AWS Secrets Manager can be adopted pertaining to security concerns?

Figure in CI/CD on Amazon EKS using AWS CodeCommit, AWS CodePipeline, AWS CodeBuild, and FluxCD

Storage

How many storage classes are there in S3? What are the differences among these classes? In what circumstances, you should select Intelligent Tiering? And in what situation One-Zone IA will be more suitable? What configuration you need to deal with so that the storage level of objects will be deleted and transitioned according to some time unit? What is ACL? How many kinds of pre-defined S3 ACLs are there? What is the bucket policy of an S3 bucket for? What is the application possibility on S3 object tags^[14]?

Amazon RDS and AWS DynamoDB as the solutions for RDBS and NoSQL respectively, what criteria you might consider when it comes to selecting storage place for your data? NoSQL doesn't mean that there is no relation among data, also, it is not an invention to replace RDBS. About this topic, I suggest you could refer to the one-hour speech²¹ given by Rick Houlihan as AWS NoSQL Principal Technologist, you'll have a wonderful trip there.

What is the functionality of Amazon Aurora Global Database? What are Amazon DynamoDB Global Tables for? Either Auora or DynamoDB, how to do the Multi-AZ and Multi-region backups? What are GSI and LSI? Regarding RDS, for improving read or write throughput, you probably will consider utilizing Amazon ElastiCache, either Memcached or Redis. To achieve the same result, do you know there is a thing called DAX²³? If you still have time, go check RCU and WCU. If data in DynamoDB is intended to archive to S3 based on some time frequency, what services can be integrated to achieve this^[40]?

Figure in Use Amazon DynamoDB Accelerator (DAX) from AWS Lambda to increase performance while reducing costs

Log

What is the major difference between CloudTrail and CloudWatch? To reach real-time processing on CloudWatch logs, what you can do? Is there any difference between CloudWatch Events and EventBridge? For example, if you want to monitor cross-account launch failure on EC2 instances, what you should do? To record topic, timestamp, resource IP in SES to a log group in CloudWatch, what service can be adopted to achieve the goal? If analyzing log data is intended, is there any functionality in CloudWatch that can help me query? Is there any choice on storage location for logs?

Figure in BBVA: Architecture for Large-Scale Macie Implementation

High Availability, Fault Tolerance, and Disaster Recover

With proper understanding on compute, networking, and storage services, you'll start to digest the concepts of high availability, failover, and disaster recovery (DR). About this field, I recommend Reliability Pillar in the AWS Well-Architected series. It is a book which organizes the concepts pretty much well. At least you need to know how many levels are defined in terms of disaster recovery. What is the definitions of RTO and RPO? In the real world, the people you're discussing with might not understand what the backup & restore is or what the pilot light is. Yet, by talking with time unit, you still can roughly get what level the disaster recovery being discussed belongs to.

About exam questions related to this field (DR), you will be in hell if you don't have solid grasp of the forementioned AWS services. You not only learn these services' functionalities, you gotta compare responding time on the aspects of backup and relaunch also. By going through this way, you'll be able to resonate in the content in Reliability Pillar.

Take a brief example, There is a company which has infrastructure in three continents. The base is Europe, and Asia and the United States are extended areas. There are analysts in the three continents. They analyze log data via a web application. The data is stored in DynamoDB of Europe and ECS on Fargate with ALB and auto scaling serves their web application. Now, the analyst in Asia and the United States are complaining about slow response time and the speed of specific analysis is starting killing them. How can you modify the infrastructure architecture and then send the anaysts a sincere Bon-Jovi-have-a-nice-day smile?

Figure in Implementing Multi-Region Disaster Recovery Using Event-Driven Architecture

Others

I suggest you also need some understanding on Amazon ES and AWS Storage Gateway, i.e., what are their functionalities? How the architectures look like? You have to grasp thoses to some extent. AWS OpsWorks can be used to manage instance configuration. What two automation services is it based on? What is the difference among AWS OpsWorks Stacks, AWS OpsWorks for Chef Automate, and AWS OpsWorks for Puppet Enterprise? AWS OpsWorks and AWS Systems Automation can both be taken to execute automation tasks. What is the difference? Amazon Inspector can be helpful on security. What is its difference to Amazon GuardDuty? Except vulnerability assessment on AWS resources according to assessment rules, is there anything else that AWS Inspector can do^[19]? What does AWS Trusted Advisor do? What is its difference to AWS Config? Apart from that AWS Config rules can work in a single account, if the enablement of AWS Config rules across multiple accounts is required, what needs to be done? If specific actions are intended to be executed automatically after targets are discovered by AWS Config rules, what can be adopted to reach this kind of automation? What is Tag Editor for? What we can do via AWS RAM?

Improve monitoring of AWS Systems Manager Agent^[26]

How to visualize multi-account Amazon Inspector findings with Amazon Elasticsearch Service^[37]

Implementation Suggestions

If possible, please get hands-on experience on all the AWS services mentioned above at least via the Web Console. Either they are simple examples (some of them I won't say it's easy, I prefer to take the term of classic to describe) organized by the documentations of AWS services or films on Youtube that were published by passionate developers, all of them are options that you can run through. Like ECS, a beginner example or an auto-scaling example both can be found on the Internet. Furthermore, if time permits, attempt to craft some application examples via CFN or CDK. From the AWS official documentations to AWS Samples to AWS blogs, they all provide CFN templates that you could deploy quickly. Just make your hands dirty, with description on the technical documentations, the ride can reach the final for sure. Lastly, if you still can squeeze somte time by accident, go manipulate CDK to build some applications based on miscellaneous scenarios with any one of the services mentioned above. Following the suggestions, I believe on the road of pursuing DOP, you'll feel safe.

As of me, looking to the past, I had experience on the CICD in the IDC and the CICDs with pure AWS solutions. I implemented the latter one with CFN and CDK. I also once built the construct of CICD combining AWS Glue DataBrew. About the compute services, once built them via CFN and CDK also. A project where the front-end and back-end are split. A project with pure back-end. A project for CloudFront extensions. For example, like DNS record type that points to an ALB, the application and renewal of ACM certifications, etc. When reading new articles in the AWS blogs, I'll try as much as possible to manipulate their mindset via CFN, if there exist, and then ponder possible variation based on them. It's not that as easy as you might feel when reading through this article, yet it's very similar to leveling up in an online game. From lvl 80 to lvl 81, you just need 36,065,092 exactly that much. It's inescapable.

Conclusion

In the DOP exam, it's included numerous condensed real scenarios (brief and comprehensive) to test whether you can act properly by given limitations or conditions and tackle the issues. Via grasping the essence of the AWS services and figuring out the solutions built by other developers, you'll be eventually capable of resolving problems swiftly when facing various and diverse of them.

About the DOP exam, normally, latest features won't come to you. In computing, such as Lambda container, Amazon ECS Anywhere, Amazon EKS Anywhere, Instance Refresh of EC2 Auto Scaling. In networking, like Amazon Route 53 Resolver DNS Firewall^[25]; Or like CFN modules^[17] and CFN registry. DOP usually tests your horizontal level and some will be deep (detail); about the k8s knowledge, you might consider the CKA, CKAD, and CKS created by the CNCF.

Concerning the SDLC automation, its implementation might differ^[42] because of industries, enterprise culture, and so on. What DOP tests you mostly focuses on horizontal level and the AWS services. Like unit test, integration test, and static analysis, you won't see in this exam. Regarding their detail, readers can consider joining the DevOps Taiwan group on Facebook. In addition to annual party, merely watching conversations among DevOps experts may already give you lessons learned. (Of course, not only the forementioned tests will be discussed, trust me, you have a bumper harvest by participating).

In the end, wanna share I took the exam on the Pearson VUE platform. There will be a proctor who watches you during the exam (shy shy >////<). The available languages are English and Japanese. I chose the English exam and an English proctor, strongly suggest you should bring your personal laptop. Actually, in the guidance of the online exam, it is also suggested that it's better to bring your own laptop. I didn't capture the information and took the company laptop to welcome the exam. And what happened is the anti-virus software in the company laptop didn't give the green light to the VUE online program for exams.

It took me around one hour to negotiate with the proctor to wait for my colleague (the unit who manages the anti-virus software) coming to take a look but to no avail, the proctor cancelled the exam, and rushed back to my living place to take my personal laptop. The most impressive thing is I purchased the exam at 10:26 AM and chose one which starts at 10:30 AM. (Different proctor in the first exam and second exam). I spent around 2 hours going through 75 questions and checked those which were tagged by me previously in the rest of time. In the last 3 minutes, nothing I could do anymore and submitted my exam. Eventually, I got the ONE PIECE of DOP.

If anyone who is thinking about taking the exam intends to choose the online way, PLEASE use your personal laptop. Trust me, you'll thank me. If you prefer testing centers, you probably need to evaluate the COVID-19 pandemic situation. By this channel, you also lose the flexibility of going through the exam 4 minutes later right after purchasing. However, you might benefit from the availability of physical little white board. If you'd learned something on taking the DOP exam from this sharing, this article would fulfill its mission. Good luck, fellows!

Day 2 is stasis. Followed by irrelevance. Followed by excruciating, painful decline. Followed by death. And that is why it is always Day 1. — Jeff Bezos

References

Contruct Hub, https://constructs.dev/search?q=scott.hsieh&offset=0
AWS User Group Taiwan Online Meetup 2021-07, https://youtu.be/HG8mQ32m970.
Genshin and the Revelation Online, along with watching bunches of K-dramas and western TV shows with Patrice. The last drama is Vocie 4.
Taipei Grand Trail, https://gisweb.taipei.gov.tw/release/.
Kudzu, https://wiki.guildwars2.com/wiki/Kudzu.
AWS Certified DevOps Engineer — Professional, https://aws.amazon.com/tw/certification/certified-devops-engineer-professional/.
DOP exame guide, https://d1.awsstatic.com/training-and-certification/docs-devops-pro/AWS-Certified-DevOps-Engineer-Professional_Exam-Guide.pdf.
Amazon Web Services, Inc. or its affiliates., 2017. Running Containerized Microservices on AWS. [ebook] Available at: https://d1.awsstatic.com/whitepapers/DevOps/running-containerized-microservices-on-aws.pdf [Accessed 25 July 2021].
Amazon Web Services, Inc. or its affiliates., 2021. Elastic Load Balancing features. [online] Amazon Web Services, Inc. Available at: https://aws.amazon.com/elasticloadbalancing/features/ [Accessed 7 August 2021].
Amazon Web Services, Inc. or its affiliates, 2021. Error retries and exponential backoff in AWS. [online] Docs.aws.amazon.com. Available at: https://docs.aws.amazon.com/general/latest/gr/api-retries.html [Accessed 31 July 2021].
Ball, D. and Fallahi, K., 2020. AWS CodeDeploy now supports linear and canary deployments for Amazon ECS. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/containers/aws-codedeploy-now-supports-linear-and-canary-deployments-for-amazon-ecs/ [Accessed 8 August 2021].
Beswick, J., 2020. Best practices for organizing larger serverless applications. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/compute/best-practices-for-organizing-larger-serverless-applications/ [Accessed 8 August 2021].
Bingöl, S., 2020. Exam Readiness : AWS DevOps Engineer Professional (DOP-C01). [online] Medium. Available at: https://medium.com/aws-certified-user-group-turkey/exam-readiness-aws-devops-engineer-professional-dop-c01-975e22b3f98a [Accessed 7 August 2021].
Bhattacharya, S., Benjamin, G. and Natarajan, V., 2021. Simplify your data lifecycle by using object tags with Amazon S3 Lifecycle. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/storage/simplify-your-data-lifecycle-by-using-object-tags-with-amazon-s3-lifecycle/ [Accessed 8 August 2021].
Chapman, C., 2020. Creating a secure DevOps pipeline for AWS Service Catalog. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/creating-a-secure-devops-pipeline-for-aws-service-catalog/ [Accessed 8 August 2021].
Cowan, J., Sharma, A. and Dalbhanjan, P., 2017. Blue/Green Deployments with Amazon Elastic Container Service. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/compute/bluegreen-deployments-with-amazon-ecs/ [Accessed 18 July 2021].
DeJong, K., 2020. Introducing AWS CloudFormation modules. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/introducing-aws-cloudformation-modules/ [Accessed 28 July 2021].
Docker Inc., 2021. Configure logging drivers. [online] Docker Documentation. Available at: https://docs.docker.com/config/containers/logging/configure/ [Accessed 31 July 2021].
Dodge, C. and Quigg, S., 2018. A simpler way to assess the network exposure of EC2 instances: AWS releases new network reachability assessments in Amazon Inspector. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/security/amazon-inspector-assess-network-exposure-ec2-instances-aws-network-reachability-assessments/ [Accessed 1 August 2021].
Hochstein, L., Prytoegrian, Siqueira, D., Basgall, S., Smith, S., Harvey, A. and Berry, C., 2016. Netflix/chaosmonkey: Chaos Monkey is a resiliency tool that helps applications tolerate random instance failures. [online] GitHub. Available at: https://github.com/netflix/chaosmonkey [Accessed 31 July 2021].
Houlihan, R., 2018. Amazon DynamoDB Deep Dive: Advanced Design Patterns for DynamoDB (DAT401). [video] Available at: https://youtu.be/HaEPXoXVf2k [Accessed 8 August 2021].
Jayendra’s Cloud Certification Blog. 2021. AWS Certified DevOps Engineer — Professional (DOP-C01) Exam Learning Path. [online] Available at: https://jayendrapatil.com/aws-certified-devops-engineer-professional-exam-learning-path/ [Accessed 24 May 2021].
Idziorek, J., 2017. Amazon DynamoDB Accelerator (DAX): A Read-Through/Write-Through Cache for DynamoDB. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/database/amazon-dynamodb-accelerator-dax-a-read-throughwrite-through-cache-for-dynamodb/ [Accessed 8 August 2021].
Intellipaat, 2019. Puppet Tutorial for Beginners | Puppet Tutorial | Intellipaat. [video] Available at: https://www.youtube.com/watch?v=kHD4KQKKP5Y [Accessed 3 August 2021].
Ismail, M. and Bentzen, M., 2021. Secure your Amazon VPC DNS resolution with Amazon Route 53 Resolver DNS Firewall. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/networking-and-content-delivery/secure-your-amazon-vpc-dns-resolution-with-amazon-route-53-resolver-dns-firewall/ [Accessed 7 August 2021].
Lempka, R., 2021. Improve monitoring of AWS Systems Manager Agent. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/improve-monitoring-of-aws-systems-manager-agent/ [Accessed 7 August 2021].
Lewis, J. and Fowler, M., 2014. Microservices. [online] martinfowler.com. Available at: https://martinfowler.com/articles/microservices.html [Accessed 31 July 2021].
Liu, F., 2021. Model serving in Java with AWS Elastic Beanstalk made easy with Deep Java Library. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/machine-learning/model-serving-in-java-with-aws-elastic-beanstalk-made-easy-with-deep-java-library/ [Accessed 2 August 2021].
Malhotra, S. and Mathur, R., 2020. How to get notified on specific Lambda function error patterns using CloudWatch. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/get-notified-specific-lambda-function-error-patterns-using-cloudwatch/ [Accessed 9 August 2021].
Meyer, C., 2018. Signaling AWS CloudFormation WaitConditions using AWS PrivateLink. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/mt/signaling-aws-cloudformation-waitconditions-using-aws-privatelink/ [Accessed 31 July 2021].
Miguelez, B. and Chapman, C., 2020. Standardizing CI/CD pipelines for .NET web applications with AWS Service Catalog. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/devops/standardizing-cicd-pipelines-net-web-applications-aws-service-catalog/ [Accessed 3 August 2021].
Mui, A. and Vlasceanu, V., 2015. (DVO401) Deep Dive into Blue/Green Deployments on AWS. [video] Available at: https://youtu.be/aX54mhZbN58 [Accessed 17 July 2021].
Munns, C., 2017. Implementing Canary Deployments of AWS Lambda Functions with Alias Traffic Shifting. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/compute/implementing-canary-deployments-of-aws-lambda-functions-with-alias-traffic-shifting/ [Accessed 5 August 2021].
Peven, B., 2020. Introducing Instance Refresh for EC2 Auto Scaling. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/compute/introducing-instance-refresh-for-ec2-auto-scaling/ [Accessed 31 July 2021].
Rakesh Singh, 2021. Blue/Green deployment with AWS Developer tools on Amazon EC2 using Amazon EFS to host application source code. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/devops/blue-green-deployment-with-aws-developer-tools-on-amazon-ec2-using-amazon-efs-to-host-application-source-code/ [Accessed 7 August 2021].
Rathore, A., 2020. AWS Networking — ENI, ENA & EFA. [online] Medium. Available at: https://medium.com/nerd-for-tech/aws-networking-eni-ena-efa-2db316fdbf85 [Accessed 6 August 2021].
Saha, M., 2020. How to visualize multi-account Amazon Inspector findings with Amazon Elasticsearch Service. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/security/how-to-visualize-multi-account-amazon-inspector-findings-with-amazon-elasticsearch-service/ [Accessed 1 August 2021].
Sato, D., 2014. bliki: CanaryRelease. [online] martinfowler.com. Available at: https://martinfowler.com/bliki/CanaryRelease.html [Accessed 31 July 2021].
Sharma, A., Cowan, J., Sosiak, Y., Dalbhanjan, P. and Siri, J., 2017. Reference architecture for doing blue green deployments on ECS. [online] GitHub. Available at: https://github.com/aws-samples/ecs-blue-green-deployment [Accessed 31 July 2021].
Wagner, A., 2017. Automatically Archive Items to S3 Using DynamoDB Time to Live (TTL) with AWS Lambda and Amazon Kinesis Firehose. [online] Amazon Web Services. Available at: https://aws.amazon.com/tw/blogs/database/automatically-archive-items-to-s3-using-dynamodb-time-to-live-with-aws-lambda-and-amazon-kinesis-firehose/ [Accessed 8 August 2021].
White, E., Horsfield, S. and Sethi, A., 2021. Introducing Native Support for Predictive Scaling with Amazon EC2 Auto Scaling. [online] Amazon Web Services. Available at: https://aws.amazon.com/blogs/compute/introducing-native-support-for-predictive-scaling-with-amazon-ec2-auto-scaling/ [Accessed 8 August 2021].
Wikipedia, 2021. Conway’s law. [online] En.wikipedia.org. Available at: https://en.wikipedia.org/wiki/Conway's_law [Accessed 31 July 2021].
Wiggins, A., 2017. The Twelve-Factor App. [online] 12factor.net. Available at: https://12factor.net/ [Accessed 31 July 2021].

How to Become A Programming Polyglot by One-language Effort

Scott Hsieh 🇹🇼 — Mon, 17 May 2021 05:21:29 +0000

example Github repo: https://github.com/HsiehShuJeng/projen-simple

Required Secrets by Github Actions in order to Publish Construct Library in Maven, PyPI, npm, and NuGet

Introduction

projen is a tool for developers to manage their project configurations via code. It currently supports, well, by the time I was writing this blog post, 15 genres of projects. The one I felt the most interested in is building AWS CDK construct libraries for popular programming languages. Behind the scene that you can generate out a construct library for the languages such as C#, Go, Java, Python, and Typescript through a single project managed by projen is due to the power of jsii.
Simply put, you could regard jsii a technology that enables the AWS CDK to deliver polyglot libraries from a singe codebase. More simply, you could attempt to remember that by the jsii technology, you are empowered to write a library with one programming language such as Typescript and output the corresponding libraries in .NET, Go, Java, and Python.
I’ve been writing the AWS CDK using Typescript for few months. I chose it because it’s the origin. Don’t you ever hear the voice in your heart: ‘It’s time to back to the Motherland’? And the Tomorrowland is awesome, too. You agree?
Aight, back to the track. The AWS CDK has been assisting me in personal and company projects. Just way better than JSON and YAML. I have strong confidence I’ll be loyal to the CDK for sure instead of composing a CloudFormation template using yaml if there is no necessity.
Few weeks ago, I was invited by an AWS Developer Advocate to participate in a project called cdk-cloudfront-plus, and the project is managed by projen. Truly impressed with the tool. And finally I got some time the last weekend to dig into the tool, projen, a little bit.

Preparation

During the survey, I found out a Github repo maintained by Sebastian Hesse is especially helpful though the part for Java (Maven) has been kinda outdated. My goal is to output a library with the all supported programming languages in jsii. My familiarity to those languages is Python, Java, Typescript, Go, and C#. Since I still haven’t grasped the mechanism between Javascript and Go via jsii and GOPATH, i.e., haven’t figured out what naming and settings in the projen project can make the CI of Github Actions work therefore the Go package of the construct library. Considering time, I would just share the core part of how to output packages in 4 programming languages at the same time.

Initialize a `projen` project

$ npx projen new awscdk-construct
$ alias pj='npx projen' // I moved it into ~/.bash_profile on my M1.

Figure out each projen command and arguments in `AwsCdkConstructLibrary`

Though Sebastian said it probably takes you around 30 minutes to get along with projen, I actually spent few hours to make projen my friend. And publishing to Central Maven occupies most of the time. Hope the following content might save some time for you on the way to become a programming polyglot.

Build a construct library

I searched articles in the AWS Blog with the first key appeared in my mind at the moment. And got this: ‘Introducing Amazon API Gateway service integration for AWS Step Functions’. I CDK-ified the first example combined with a state machine and an API Gateway Rest API and published it to 4 language repositories with projen.

State Machine Diagram Generated by CDK Example

Publishing to supported language repositories

How to publish a package in `npm`?

Arguments in the `.projenrc.js` you need to give attention to

releaseBranches: branches which trigger a release.
releaseToNpm: automatically release to npm when new versions are introduced.
releaseWorkflow: define a GitHub workflow for releasing from “main” when new versions are bumped.
releaseEveryCommit: automatically release new versions every commit to one of branches in releaseBranches.

new AwsCdkConstructLibrary({
   .
   .
   .
    releaseToNpm: true,
    releaseBranches: ['main'],
    releaseWorkflow: true,
    releaseEveryCommit: true
   .
   .
   .
   })

required information by Github Actions

NPM_TOKEN: it is required by Github Actions to publish the npm package.

After executing npx projen (you could consider making it as an alias such as pj), you’ll notice in the release.yml under .github/workflows
that NPM_TOKEN is required by Github Actions to publish the npm package. If you’re just an npm newbie as me, don’t panic! Be strong, be calm. The following steps are what you need to go through:

create an npm account (email validation is required)
create an access token on the web page of your npm account Choose the type of AUTOMATION when you’re about to create the access token. AUTOMATION! AUTOMATION! AUTOMATION TYPE! It’s important to be emphasized three times.
store the access token as an Actions secret in your Github repository.

If you go everything smoothly, you get an email whose content will be similar to the following picture. And you can find out published npm packages at the npm pool as here.

Email Message after Publishing an npm package via projen with success

How to publish a package to PyPi?

Arguments in `.projenrc.js` you need to give attention to

publishToPypi You gotta set a distribution name and a module name for the Python package.

publishToPypi: {    
    distName: 'scotthsieh_projen_statemachine',
    module: 'scotthsieh_projen_statemachine'  
}

Required information by Github Actions

TWINE_USERNAME
TWINE_PASSWORD

If you read the content related to publishing an npm package above, you’ll be very clear that those environment variables are required by what service. With proper settings in the .projenrc.js , you’ll find an entry release_pypi in the release.yml under .github/workflows.

TWINE_USERNAME and TWINE_PASSWORD is your PyPi account information. And your PyPi account needs to be verified.

With a green check symbol given by Github Actions, you can see your package (project) in your PyPI account which means you could find out the Python package by the name you've declared in the projen project in the PyPI pool.

Python Package in Your PyPI Account after a Successful CICD by Github Actions.

How to publish a package to Maven?

Arguments in the .projenrc.js you need to give attention to

publishToMaven You need to declare groupId, artifactId, and package as you always do in managing a Java application project by Maven except version information in this construct library project based on projen. The default Maven endpoint in the .projenrc.js is https://oss.sonatype.org. Due to the policy executed by Sonatype, you need to tweak it as https://s01.oss.sonatype.org in the .projenrc.js for those who create their Sonatype JIRA accounts after February, 2021.

publishToMaven: {
    mavenGroupId: 'io.github.hsiehshujeng',
    mavenArtifactId: 'projen-inception',
    javaPackage: 'io.github.hsiehshujeng.projen.inception',
    mavenEndpoint: 'https://s01.oss.sonatype.org' // check https://central.sonatype.org/publish/release/#login-into-ossrh
},

Few more steps for Maven

Create an account for Maven central

You need to create an account for Maven central via OSSRH. Two short films in the guide will be helpful. You could choose a domain as groupId e.g. org.example, for the account, or your Github name as groupId , e.g. io.github.${GITHUB_USERNAME}. (com.github has no long been supported as a valid groupId since Apr. 1st, 2021 and the detail can be looked up here)

After you create a JIRA issue in the Sonatype JIRA tracking system, you’ll get response within sometime. Take me for example, it’s only a 4-minute waiting after I created the JIRA issue. You only need to respond accordingly from their robotic response.
Within this exploration for projen, my account for Maven is connected to the JIRA issue OSSRH-68981.
Create a GPG key

How to generate the GPG key for my projen project to produce the Java library? You could refer to ‘How to create a GPG key?’ at the section of Maven in jsii-release. During the generating progress of the GPG key, you will be asked to enter a passphrase for the key. Please memorize the passphrase of the GPG key in any way like it’s your lifetime partner, promise me, since you’ll need it for an Actions secret and exporting the private key.

Some information you might find it useful.

* consider executing `$ gpg --full-generate-key` and choose **RSA** with the length of 4,096.  
* you’ll need to paste the public key onto [https://keyserver.ubuntu.com/](https://keyserver.ubuntu.com/).

After executing npx projen (you could consider making it as an alias such as pj), you should find the entry named release_maven in the release.yml under .github/workflows.

Required information by Github Actions

MAVEN_GPG_PRIVATE_KEY: execute echo $(cat -e private.pem) | sed 's/\$/\\n\g' | sed 's/\$$//' then past the one-line content to this Actions secret.
MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: the passphrase you entered during the generating progress of the GPG key.
MAVEN_USERNAME: the user name you take to log-in the Sonatype JIRA tracking system.
MAVEN_PASSWORD: the password you take to log-in the Sonatype JIRA tracking system.
MAVEN_STAGING_PROFILE_ID, an identity shown up on the URL of Staging Profile after logging in https://s01.oss.sonatype.org/.

If you go smoothly, you should be able to find the Java package similar to this.

Java Package Searched with io.github.hsiehshujeng after a Successful CICD by Github Actions.

When the tunnel to the Central Maven is open after you upload an artifact into the Nexus Repository Manager with success, you should be able to search your published Java package at https://search.maven.org.

Search Result at Maven Central Repository Search

How to publish a package to Nuget?

Arguments in the .projenrc.js you need to give attention to

publishToNuget Just follow the naming rules of NuGet packages.

publishToNuget: {
    dotNetNamespace: 'ScottHsieh.Examples',
    packageId: 'Projen.Inception',
},

By executing npx projen with proper command (you could consider making it as an alias such as pj), you are able to get the entry named release_nuget in the release.yml under .github/workflows.

required information by Github Actions

NUGET_API_KEY: a token that enables your project to deploy a NuGet package With a while after the CI in Github Actions is over, you should get an email similar to the following picture and can search your NuGet package as here in the NuGet Gallery. Received Email Message after Publishing a NuGet package via projen with success

Conclusion

If all things go done well, you should see the following diagram in your Github repository.

Packages Output to Supported Language Repositories with Success

By confirming the custom AWS construct has been published to the corresponding language pools, you could start deploying a stack with the construct through a programming language you prefer.

how to deploy with Typescript: refer to here
how to deploy with Python: refer to here
how to deploy with Java: refer to here
how to deploy with Csharp: refer to here A Glimpse of Successful Deployments via Different Programming Languages

If you wanna see the reality of this post by accident, please go to this repo maintained by me. May the code be with you. See you next time. ^.<

References

Ben-Israel, E., 2021. PROJECT STRUCTURE. [online] Cdkworkshop.com. Available at: https://cdkworkshop.com/40-dotnet/20-create-project/300-structure.html [Accessed 18 May 2021].
Bui-Palsulich, T., 2019. Publishing Go Modules — The Go Blog. [online] Blog.golang.org. Available at: https://blog.golang.org/publishing-go-modules [Accessed 15 May 2021].
Central.sonatype.org. 2021. Central Repository Changelog — The Central Repository Documentation. [online] Available at: https://central.sonatype.org/changelog/#2021-04-01-comgithub-is-not-supported-anymore-as-a-valid-coordinate [Accessed 15 May 2021].
Central.sonatype.org. 2021. OSSRH Guide — The Central Repository Documentation. [online] Available at: https://central.sonatype.org/publish/publish-guide/#deployment [Accessed 15 May 2021].
Docs.github.com. 2021. Encrypted secrets — GitHub Docs. [online] Available at: https://docs.github.com/en/actions/reference/encrypted-secrets [Accessed 15 May 2021].
Docs.npmjs.com. 2021. About access tokens | npm Docs. [online] Available at: https://docs.npmjs.com/about-access-tokens [Accessed 15 May 2021].
Hesse, S., 2021. Migrating a CDK Construct to projen and jsii . [online] Sebastian Hesse — Software Engineer. Available at: https://www.sebastianhesse.de/2021/03/01/migrating-a-cdk-construct-to-projen-and-jsii/ [Accessed 15 May 2021].
Jones, M., 2019. Scoped API keys. [online] Docs.microsoft.com. Available at: https://docs.microsoft.com/en-us/nuget/nuget-org/scoped-api-keys [Accessed 16 May 2021].
Sonatype, Inc., 2021. OSSRH Guide — The Central Repository Documentation. [online] Central.sonatype.org. Available at: https://central.sonatype.org/publish/publish-guide/ [Accessed 15 May 2021].
The Apache Software Foundation, 2021. Maven — Guide to uploading artifacts to the Central Repository. [online] Maven.apache.org. Available at: https://maven.apache.org/repository/guide-central-repository-upload.html [Accessed 15 May 2021].
seeebiii, 2021. Create and Publish CDK Constructs Using projen and jsii. [online] GitHub. Available at: https://github.com/seeebiii/projen-test [Accessed 15 May 2021].

DEV Community: Scott Hsieh 🇹🇼

How to migrate CDK v1 to CDK v2 in 10 minuets

Content table

Prologue

CDK settings

cdk.json

Dependencies

peerDependencies

devDependnecies

Modify Import

Stable

Experimental modules

Bootstrapping

Conclusion

Scott's Journey on Passing AWS DevOps Engineer Professional Certification

Content Table

Prologue

Official Exame Guide

Tips for Real Exam

Compute

Networking & Content Delivery

Developer Tools

Storage

Log

High Availability, Fault Tolerance, and Disaster Recover

Others

Implementation Suggestions

Conclusion

References

How to Become A Programming Polyglot by One-language Effort

Introduction

Preparation

Initialize a projen project

Figure out each projen command and arguments in AwsCdkConstructLibrary

Build a construct library

Publishing to supported language repositories

How to publish a package in npm?

Arguments in the .projenrc.js you need to give attention to

required information by Github Actions

How to publish a package to PyPi?

Arguments in .projenrc.js you need to give attention to

Required information by Github Actions

How to publish a package to Maven?

Arguments in the .projenrc.js you need to give attention to

Few more steps for Maven

Required information by Github Actions

How to publish a package to Nuget?

Arguments in the .projenrc.js you need to give attention to

required information by Github Actions

Conclusion

References

`cdk.json`

Initialize a `projen` project

Figure out each projen command and arguments in `AwsCdkConstructLibrary`

How to publish a package in `npm`?

Arguments in the `.projenrc.js` you need to give attention to

Arguments in `.projenrc.js` you need to give attention to