Setting up AWS CLI and CDK
Yesterday, I set up AWS IAM Identity Center. You can check out my previous post here:
https://dev.to/tofu1216/why-use-aws-iam-identity-center-2jko
Today, I want to connect my local VS Code environment with AWS CLI and CDK.
What Makes AWS CLI and CDK So Convenient?
Let me recap what AWS CLI and CDK bring to the table:
- AWS CLI lets you operate from the terminal, so you don't have to manually click through AWS console settings anymore.
- AWS CDK allows you to write infrastructure using programming languages instead of hand-writing YAML files.
- This theoretically enables someone like me (an individual) to build enterprise-level infrastructure. (Though I still have a lot to learn! 🔥)
Setting up AWS CLI
I followed this official AWS documentation for the CLI setup: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
- Sign in to AWS access portal using your IAM Identity Center username and password.
- Click on Access keys for your account and copy the SSO start URL and SSO region information.
- Run the following command in your local VS Code terminal:
aws configure sso
- You'll be prompted to enter information as follows:
| Item | Input |
|---|---|
| SSO session name (Recommended) | Set freely |
| SSO start URL | URL copied from previous step |
| SSO region | Region copied from previous step |
| SSO registration scopes | Enter sso:account:access
|
- A browser will launch for authentication. After completing authentication, enter the remaining items in the terminal:
| Item | Input |
|---|---|
| There are n AWS accounts available to you. | Select the account you want to use |
| There are n roles available to you. | Select the role you want to use |
| CLI default client Region | For example, Tokyo is ap-northeast-1
|
| CLI default output format | Press Enter (json will be set as default) |
| CLI profile name | Enter any name for your configuration |
What is a profile name?
A profile name is what you use to save and identify your CLI session settings (from login to logout). You can create multiple profiles, which is convenient because it allows you to work in parallel with different permissions.
Setting up AWS CDK
I followed this official AWS documentation for CDK setup: https://docs.aws.amazon.com/cdk/v2/guide/hello-world.html
Here are the key points I encountered while doing steps 1-3:
Step 1: Create a CDK project
- Create a new CDK project by running this command in your terminal:
mkdir hello-cdk && cd hello-cdk
- Initialize the project (prepare it for execution) with this command. I followed the tutorial default and used TypeScript:
cdk init app --language typescript
Step 2: Configure AWS environment
- To get your AWS account ID, run this command in the terminal. Make sure to use the
--profileoption to specify your profile name:
aws sts get-caller-identity --profile your-profile-name --query "Account" --output text
⚠️ I got multiple errors when I ran this command without specifying --profile, so be careful!
- To get your AWS region name, run this command in the terminal. Make sure to use the
--profileoption to specify your profile name:
aws configure get region --profile your-profile-name
⚠️ I got multiple errors when I ran this command without specifying --profile, so be careful😅
- Open your project files and edit bin/hello-cdk.ts. Replace the env information with your own account ID and region:
import 'source-map-support/register';
import * as cdk from 'aws-cdk-lib';
import { HelloCdkStack } from '../lib/hello-cdk-stack';
const app = new cdk.App();
new HelloCdkStack(app, 'HelloCdkStack', {
env: { account: '123456789012', region: 'us-east-1' },
});
⚠️ The env is initially commented out, so you need to remove the // from //env.
⚠️ Don't forget to save with Shift + S after making changes!
Step 3: Bootstrap your AWS environment
What is bootstrapping?
Bootstrapping is preparing the foundational resources that AWS CDK needs to perform deployment operations.
The following are automatically created in your AWS environment:
├ S3 bucket (for storing CDK assets)
├ IAM roles (permissions used by CDK)
├ ECR repository (for Docker images)
└ SSM parameters (configuration information)
Bootstrapping before/after
Before:
AWS environment: Empty state
└ CDK deploy → Error (no workspace available)
After:
AWS environment:
├ CDKToolkit-S3Bucket (asset storage)
├ CDKToolkit-IAMRole (deployment permissions)
└ CDK ready
└ CDK deploy → Success
Why is this necessary?
When CDK converts code to AWS resources, it follows this process (my buddy Claude taught me this! 🎓):
- Compile TypeScript and other code
- Store generated files in S3
- Create resources with CloudFormation
=> This workflow requires dedicated S3 buckets and IAM roles.
How to bootstrap
Run this command in your terminal:
cdk bootstrap --profile your-profile-name
⚠️ I got multiple errors when I ran this command without specifying --profile, so be careful😭
Tomorrow I'll actually follow the tutorial and create Lambda resources!
Top comments (0)