やること
AWS CDKを利用するために必要なnode.jsとcdkコマンドのインストールを行う。
前提
Windows11 Powershellで実施
サンプルでTypeScriptを使用し、S3バケットを作成
実践!
1.node.jsインストール
1-1.下記へアクセスし、Node.jsをダウンロード
1-2.ダウンロードしたファイルを実行
1-3.PowerShellを開き、下記を実行
> node --version v18.16.0
2.cdkインストール
2-1.PowerShellを開き、下記を実行
> npm install -g aws-cdk added 1 package in 12s
2-2.下記を実行し、cdkがインストールされていることを確認
> cdk --version 2.146.0 (build b368c78)
3.AWS CDKでS3バケットを作成
3-1.下記を実行し、CDKプロジェクト用フォルダを作成
> mkdir cdk-workshop ディレクトリ: C:\ Mode LastWriteTime Length Name ---- ------------- ------ ---- d----- 2024/06/15 18:03 cdk-worksh > cd cdk-workshop
3-2.下記を実行し、サンプルプロジェクトを初期化
> cdk init sample-app --language typescript Applying project template sample-app for typescript # Welcome to your CDK TypeScript project You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`CdkWorkshopStack`) which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. The `cdk.json` file tells the CDK Toolkit how to execute your app. ## Useful commands * `npm run build` compile typescript to js * `npm run watch` watch for changes and compile * `npm run test` perform the jest unit tests * `cdk deploy` deploy this stack to your default AWS account/region * `cdk diff` compare deployed stack with current state * `cdk synth` emits the synthesized CloudFormation template Initializing a new git repository... Executing npm install... npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported ✅ All done!
3-3.下記を実行し、S3バケット作成に必要な依存関係をインストール
> npm install @aws-cdk/aws-s3 npm WARN deprecated @aws-cdk/cx-api@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html npm WARN deprecated @aws-cdk/cloud-assembly-schema@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html npm WARN deprecated @aws-cdk/core@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html npm WARN deprecated @aws-cdk/region-info@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html npm WARN deprecated @aws-cdk/aws-kms@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html npm WARN deprecated @aws-cdk/aws-events@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html npm WARN deprecated @aws-cdk/aws-s3@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html npm WARN deprecated @aws-cdk/aws-iam@1.204.0: AWS CDK v1 has reached End-of-Support on 2023-06-01. npm WARN deprecated This package is no longer being updated, and users should migrate to AWS CDK v2. npm WARN deprecated npm WARN deprecated For more information on how to migrate, see https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html added 13 packages, and audited 370 packages in 13s 34 packages are looking for funding run `npm fund` for details 8 moderate severity vulnerabilities To address all issues, run: npm audit fix Run `npm audit` for details.
3-4.下記を実行し、サンプル用TypeScriptファイルを編集
> vim lib/cdk-workshop-stack.ts
import * as cdk from 'aws-cdk-lib'; import { Construct } from 'constructs'; import * as s3 from 'aws-cdk-lib/aws-s3'; export class CdkWorkshopStack extends cdk.Stack { constructor(scope: Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); // S3バケットの作成 new s3.Bucket(this, 'MyBucket', { bucketName: 'my-unique-bucket-name-12345618181818181', // 重複しないS3バケット名を指定 versioned: true, // バージョニングを有効にする removalPolicy: cdk.RemovalPolicy.DESTROY, // スタックの削除時にバケットを削除する autoDeleteObjects: true, // バケットの削除時にオブジェクトも削除する }); } }
3-5.下記を実行し、エントリーポイントファイルを編集
> vim bin/cdk-workshop.ts
#!/usr/bin/env node import * as cdk from 'aws-cdk-lib'; import { CdkWorkshopStack } from '../lib/cdk-workshop-stack'; const app = new cdk.App(); new CdkWorkshopStack(app, 'CdkWorkshopStack');
3-6.下記を実行し、TypeScriptをビルド
> npm run build cdk-workshop@0.1.0 build >tsc
3-7.下記を実行し、CDKをデプロイ
> cdk deploy ✨ Synthesis time: 7.16s CdkWorkshopStack: start: Building 1d52cf2c4c14563d12ca62e769f1707a994e8ec19decfeba3fa09acc5394cf03:current_account-current_region CdkWorkshopStack: success: Built 1d52cf2c4c14563d12ca62e769f1707a994e8ec19decfeba3fa09acc5394cf03:current_account-current_region CdkWorkshopStack: start: Publishing 1d52cf2c4c14563d12ca62e769f1707a994e8ec19decfeba3fa09acc5394cf03:current_account-current_region CdkWorkshopStack: success: Published 1d52cf2c4c14563d12ca62e769f1707a994e8ec19decfeba3fa09acc5394cf03:current_account-current_region This deployment will make potentially sensitive changes according to your current security approval level (--require-approval broadening). Please confirm you intend to make the following modifications: IAM Statement Changes ┌───┬────────────────────────┬────────┬────────────────────────┬──────────────────────────┬───────────┐ │ │ Resource │ Effect │ Action │ Principal │ Condition │ ├───┼────────────────────────┼────────┼────────────────────────┼──────────────────────────┼───────────┤ │ + │ ${Custom::S3AutoDelete │ Allow │ sts:AssumeRole │ Service:lambda.amazonaws │ │ │ │ ObjectsCustomResourceP │ │ │ .com │ │ │ │ rovider/Role.Arn} │ │ │ │ │ ├───┼────────────────────────┼────────┼────────────────────────┼──────────────────────────┼───────────┤ │ + │ ${MyBucket.Arn} │ Allow │ s3:DeleteObject* │ AWS:${Custom::S3AutoDele │ │ │ │ ${MyBucket.Arn}/* │ │ s3:GetBucket* │ teObjectsCustomResourceP │ │ │ │ │ │ s3:List* │ rovider/Role.Arn} │ │ │ │ │ │ s3:PutBucketPolicy │ │ │ └───┴────────────────────────┴────────┴────────────────────────┴──────────────────────────┴───────────┘ IAM Policy Changes ┌───┬────────────────────────────────────────────────┬────────────────────────────────────────────────┐ │ │ Resource │ Managed Policy ARN │ ├───┼────────────────────────────────────────────────┼────────────────────────────────────────────────┤ │ + │ ${Custom::S3AutoDeleteObjectsCustomResourcePro │ {"Fn::Sub":"arn:${AWS::Partition}:iam::aws:pol │ │ │ vider/Role} │ icy/service-role/AWSLambdaBasicExecutionRole"} │ └───┴────────────────────────────────────────────────┴────────────────────────────────────────────────┘ (NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299) Do you wish to deploy these changes (y/n)? y CdkWorkshopStack: deploying... [1/1] CdkWorkshopStack: creating CloudFormation changeset... CdkWorkshopStack | 0/7 | 15:50:57 | REVIEW_IN_PROGRESS | AWS::CloudFormation::Stack | CdkWorkshopStack User Initiated CdkWorkshopStack | 0/7 | 15:51:04 | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | CdkWorkshopStack User Initiated CdkWorkshopStack | 0/7 | 15:51:07 | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::S3AutoDeleteObjectsCustomResourceProvider/Role (CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092) CdkWorkshopStack | 0/7 | 15:51:07 | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) CdkWorkshopStack | 0/7 | 15:51:07 | CREATE_IN_PROGRESS | AWS::S3::Bucket | MyBucket (MyBucketF68F3FF0) CdkWorkshopStack | 0/7 | 15:51:08 | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) Resource creation Initiated CdkWorkshopStack | 1/7 | 15:51:08 | CREATE_COMPLETE | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) CdkWorkshopStack | 1/7 | 15:51:08 | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::S3AutoDeleteObjectsCustomResourceProvider/Role (CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092) Resource creation Initiated CdkWorkshopStack | 1/7 | 15:51:09 | CREATE_IN_PROGRESS | AWS::S3::Bucket | MyBucket (MyBucketF68F3FF0) Resource creation Initiated CdkWorkshopStack | 2/7 | 15:51:25 | CREATE_COMPLETE | AWS::IAM::Role | Custom::S3AutoDeleteObjectsCustomResourceProvider/Role (CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092) CdkWorkshopStack | 3/7 | 15:51:33 | CREATE_COMPLETE | AWS::S3::Bucket | MyBucket (MyBucketF68F3FF0) CdkWorkshopStack | 3/7 | 15:51:34 | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler (CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F) CdkWorkshopStack | 3/7 | 15:51:35 | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | MyBucket/Policy (MyBucketPolicyE7FBAC7B) CdkWorkshopStack | 3/7 | 15:51:36 | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler (CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F) Resource creation Initiated CdkWorkshopStack | 3/7 | 15:51:36 | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | MyBucket/Policy (MyBucketPolicyE7FBAC7B) Resource creation Initiated CdkWorkshopStack | 4/7 | 15:51:37 | CREATE_COMPLETE | AWS::S3::BucketPolicy | MyBucket/Policy (MyBucketPolicyE7FBAC7B) CdkWorkshopStack | 4/7 | 15:51:37 | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler (CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F) Eventual consistency check initiated CdkWorkshopStack | 5/7 | 15:51:42 | CREATE_COMPLETE | AWS::Lambda::Function | Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler (CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F) CdkWorkshopStack | 5/7 | 15:51:43 | CREATE_IN_PROGRESS | Custom::S3AutoDeleteObjects | MyBucket/AutoDeleteObjectsCustomResource/Default (MyBucketAutoDeleteObjectsCustomResource2C28D565) CdkWorkshopStack | 5/7 | 15:51:45 | CREATE_IN_PROGRESS | Custom::S3AutoDeleteObjects | MyBucket/AutoDeleteObjectsCustomResource/Default (MyBucketAutoDeleteObjectsCustomResource2C28D565) Resource creation Initiated CdkWorkshopStack | 6/7 | 15:51:45 | CREATE_COMPLETE | Custom::S3AutoDeleteObjects | MyBucket/AutoDeleteObjectsCustomResource/Default (MyBucketAutoDeleteObjectsCustomResource2C28D565) CdkWorkshopStack | 7/7 | 15:51:46 | CREATE_COMPLETE | AWS::CloudFormation::Stack | CdkWorkshopStack ✅ CdkWorkshopStack ✨ Deployment time: 51.79s Stack ARN: arn:aws:cloudformation:ap-northeast-1:xxxxxxxxxxxx:stack/CdkWorkshopStack/c8e47780-2bac-11ef-8ea6-06e695c8199b ✨ Total time: 58.95s
3-8.下記を実行し、S3バケットが作成されていることを確認
> aws s3 ls 2024-06-16 15:51:37 my-unique-bucket-name-1234561818181818181
4.後片付け
4-1.下記を実行し、スタックとS3バケットを削除
> cdk destroy Are you sure you want to delete: CdkWorkshopStack (y/n)? y CdkWorkshopStack: destroying... [1/1] CdkWorkshopStack | 0 | 15:54:28 | DELETE_IN_PROGRESS | AWS::CloudFormation::Stack | CdkWorkshopStack User Initiated CdkWorkshopStack | 0 | 15:54:30 | DELETE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) CdkWorkshopStack | 0 | 15:54:30 | DELETE_IN_PROGRESS | Custom::S3AutoDeleteObjects | MyBucket/AutoDeleteObjectsCustomResource/Default (MyBucketAutoDeleteObjectsCustomResource2C28D565) CdkWorkshopStack | 1 | 15:54:31 | DELETE_COMPLETE | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) CdkWorkshopStack | 2 | 15:54:33 | DELETE_COMPLETE | Custom::S3AutoDeleteObjects | MyBucket/AutoDeleteObjectsCustomResource/Default (MyBucketAutoDeleteObjectsCustomResource2C28D565) CdkWorkshopStack | 2 | 15:54:34 | DELETE_IN_PROGRESS | AWS::Lambda::Function | Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler (CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F) CdkWorkshopStack | 2 | 15:54:34 | DELETE_IN_PROGRESS | AWS::S3::BucketPolicy | MyBucket/Policy (MyBucketPolicyE7FBAC7B) CdkWorkshopStack | 3 | 15:54:35 | DELETE_COMPLETE | AWS::S3::BucketPolicy | MyBucket/Policy (MyBucketPolicyE7FBAC7B) CdkWorkshopStack | 4 | 15:54:37 | DELETE_COMPLETE | AWS::Lambda::Function | Custom::S3AutoDeleteObjectsCustomResourceProvider/Handler (CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F) CdkWorkshopStack | 4 | 15:54:37 | DELETE_IN_PROGRESS | AWS::S3::Bucket | MyBucket (MyBucketF68F3FF0) CdkWorkshopStack | 4 | 15:54:37 | DELETE_IN_PROGRESS | AWS::IAM::Role | Custom::S3AutoDeleteObjectsCustomResourceProvider/Role (CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092) CdkWorkshopStack | 5 | 15:54:39 | DELETE_COMPLETE | AWS::S3::Bucket | MyBucket (MyBucketF68F3FF0) ✅ CdkWorkshopStack: destroyed
4-2.下記を実行し、S3バケットが削除されていることを確認
> aws s3 ls
感想
テンプレートをS3にアップロードしなくてもいいのでCloudFormationより楽な気がする。TypeScript勉強しないと。。。