Habr

GitOps для AWS CDK

В какой-то момент в нашей команде стало очевидно: пора тащить всю инфраструктуру в Git — по-взрослому, через GitOps. Kubernetes у нас уже был, ArgoCD тоже. Осталось «дотащить» туда AWS-ресурсы, которые мы описываем с помощью AWS CDK. Идея казалась простой: есть CDK-код в Git, запускается ArgoCD, всё красиво деплоится в облако. Но реальность оказалась совсем не такой. CDK — это не YAML и даже не Terraform. Это исполняемый код. GitOps — это про декларативность и kubectl apply . CDK с этим не дружит. Ожидалось, что наверняка есть готовый Kubernetes-оператор, который запускает cdk deploy при изменении кода. Как это уже сделано для Terraform (через ArgoCD Terraform Controller), Pulumi, или хотя бы через ACK. Но после долгого ресерча выяснилось: нет ничего рабочего и production-ready . Так появилась идея — написать собственный Kubernetes-оператор, который сможет: - раз в какое-то время (или по коммиту в Git) запускать cdk deploy ; - проверять cdk diff и cdk drift для отслеживания изменений и дрифта; - удалять CloudFormation-стэк, если ресурс удалили из Git; - интегрироваться с ArgoCD и Prometheus. Получился полноценный GitOps-воркфлоу для AWS CDK — без пайплайнов, без ручных cdk deploy , без дрейфующих стэков. Под катом — расскажу, как мы подошли к проблеме, как устроен Custom Resource CdkTsStack , какие фишки мы добавили (метрики, хуки, IAM-пользователи), и почему наш подход оказался практичнее, чем существующие альтернативы вроде Terraform Operator или Pulumi.

habr.com/ru/articles/933148/

#kubernetes_operator #kubernetes #iaac #cdk #aws

GitOps для AWS CDK

В какой-то момент в нашей команде стало очевидно: пора…

Хабр
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸

Still futzing with #CDK... the DNS and certs seem to deploy, but I'm having trouble with my dynamic page handlers. Something about how CDK bundles the Lambdas, or maybe how I'm handling 404s?

This shit's hard!

🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸

I spoke too soon; #Route53 domain management with #CDK is not as straightforward as I had hoped. Mainly certificate management. My vibecoded CDK was trying to deploy the DNS zones before the certs, and it was deploying new certs every deployment 🤦

Decided to add some copilot instructions for CDK best-practices, and now it's using Aspects(?)m Constructs(?), and Tags(?) so... progress? At least it's not recreating the certs anymore.

Jul 28, 2025, 18:53 · · · 0 · 0
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸

Mind you, it takes 270 lines of #CDK to accomplish what #Architect could (mostly*) do in about 25.

*you still had to drop down to click-ops to set up the #Route53 zones, ACM certs, and #Cloudfront distributions.

🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸

I've been faffing about with #CDK for over a year now, reading books, vibecoding projects, and I only now actually got around to deploying something with it.

It's not that bad--when you've got Q's help 😆

#AWS #cloud #serverless

🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸

I built my website using @enhance_dev a couple years ago but I feel like I should use a more popular #IaC framework for deploying to #AWS like #CDK, #SAM, #Terraform or just raw #CloudFormation.

The problem is, I'm spoiled; Enhance makes #serverless so easy. I find myself just reimplementing all it's features; file based routing, html templates, session management, etc.

#webDev

Kito D. Mann

So I've been spending a lot of time lately with the #aws #cdk. I've enjoyed using the #java variant; it beats anything YaML-based and helps minimize the annoyance of dealing with #aws. Someone recently mentioned #Pluomi to me as an alternative. Other than supporting other cloud providers (which is a huge plus), what do people like about it? Does it handle rollbacks better? That would be really nice...

Matthias Mailänder

#JChemPaint based on #CDK really is a gem from the 90s. The 2D chemical structure editor got a beta release yesterday after nearly a decade and during the #CDK25UGM hackathon I created a #flatpak at flathub.org/apps/io.github.jch for it.

Install JChemPaint on Linux | Flathub

Chemical 2D structure editor

Flathub - Apps for Linux
Mar 13, 2025, 07:30 · · · 2 · 0
pacovk

TIL: #AWS CDKWakeful exists and aims to reduce the undifferentiated heavily lifting in monitoring and alerting. CDKWakeful employs #CDK Aspects to inspect your code and set a foundational level of alarms.
#Typescript and #Python are supported.

Link: github.com/aws-samples/cdk-wak

#AWS #serverless #cdk

GitHub - aws-samples/cdk-wakeful

Contribute to aws-samples/cdk-wakeful development by…

GitHub
hannah aubry

So I'm joining the team because I think I can help them continue and accelerate their good work, and because I'm excited about the project I'll be working on, #CDK. It's a vital tool for many in the #AWS community, and there's a lot of work to do, but I'm excited to collaborate with folks at the #OpenConstructFoundation and in the broader community to build the #CDK we want to see. My doors are always open to anyone with ideas. DM me here or email me at aubryha[@]amazon[.]com!

michabbb

📦 #LocalStack 3.7 Released: Local #AWS Emulator

🛠️ Emulates 50+ #AWS services locally (#Lambda, #S3, #DynamoDB, #Kinesis, #SQS, #SNS, more)
🐳 Runs in a single #Docker container on your machine or #CI environment
💻 Enables local #CloudDevelopment without connecting to remote cloud
🧪 Ideal for testing complex #CDK applications or #Terraform configurations
🔧 Supports additional features like #CloudDevelopment workflows
🆓 Open-source version available, with extended Pro version

#LocalStack provides a comprehensive local #AWS environment for developers and testers, simplifying cloud application development and reducing costs. Compatible with various deployment methods including CLI, Docker, and Helm.

#devops

github.com/localstack/localsta

GitHub - localstack/localstack: 💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline

💻 A fully functional local AWS cloud stack. Develop…

GitHub
(((Jann Gobble)))🏳️‍🌈

@kjhealy #CDK said the same thing to auto retailers here in the US. 😂

Philipp Garbe

Starting the week with two ugly bugs:
1) Cloudformation allows to update the same TaskDefinition Family from multiple stacks 🤯
2) EcsRunTask task in StepFunctions CDK references task definition only by family, w/out revision 🤦‍♂️

#cdk #cloudformation #aws

Delta Wye

SAM-IT is reporting that the #CDK systems are still screwed up and they are intending to pay ransom.

There’s a claim that I think is pretty wild - idea that ransomware could be used to facilitate money laundering or fraud. I’m a bit skeptical about that.

What I’m not skeptical about are the statements of how badly this system was set up regarding backups and redundancy. It sounds like an unbelievable level of failure to follow the most basic IT security guidelines.

m.youtube.com/watch?v=4ywzQIYB