AWS CDK Setup

CDK is the AWS Cloud Developer Kit. Here is a small guide to the setup. I have created a new AWS account for myself that is empty. This will walk through the process of setting everything up to interact with the AWS infrastructure through CDK.

Tools

• Node.js download link
• TypeScript download details

Node.js is simple to install, just download, and it’s a next, next, accept type wizard.

To install TypeScript there is a little more to it that just downloading an installer and running it as is the case for Node.js. TypeScript needs to have Node.js installed before, as it uses Node.js to download and install.

In the TypeScript download link at the bottom, there is a section that is for installing TypeScript globally. This is what will be used.

Confirm Node.js is installed and run the command npm install -g typescript. In my case I needed to use sudo otherwise I received a permission error

Once installed, run the following commands to confirm the installation of both Node.js and TypeScript.

I have used MacOS for this, in Windows a new environment variable needs to be added for the global package to work correctly.

AWS Create IAM User for Console

Creating an IAM user for programmatic access, it is good practice for security reasons. The root user account shouldn’t ever be used. Below are the steps for creating a new user.

I have not added any user groups, policies or tags to the new user.

Currently, the new user has been created, but doesn’t have access to the AWS console (GUI) or to the CLI. This user is to have access to the CLI only and will need a security key created. The security key creation is located inside the IAM user and down near the bottom is the section to create a security key.

Once finished, there will be a security key. This will be used by the AWS CLI in the next part. If this is closed and the secret access key is not copied, then a new set of keys will need to be made.

Install AWS CLI

AWS CLI can be downloaded from this link. I will be using the MacOS installer. Again this is a next, next, accept wizard installer to make things easy.

Configuring AWS CLI for CLI Enabled IAM User

This part is just using the access key and secret key to configure the AWS CLI. The keys can be found only when creating them. If the user keys have already been created and the security access key is unknown, they will need to be recreated.

These credentials are sensitive so do not share them with anyone, in my case these will be deleted and recreated after. In the AWS CLI config enter the access key and secret key as requested.

A simple test is to list the s3 buckets in the account. This will result in a permission error due to the fact that the user doesn’t yet have any permissions.

Adding in user permissions is straightforward. Go back to IAM and the user, select add permissions.

I have given this user an administrator policy. The policy details are shown, allowing all actions on all resources.

After adding the new admin policy, the AWS CLI output should have changed.

This is looking better, but there isn’t any output as there aren’t any buckets yet. So let’s create a new bucket in the CLI and check again.

So, as shown above, the creating and listing of s3 resources is working as expected.