Category: HowTo

Adding Assets to CDK Staging Bucket

Today I discovered that you can deploy arbitrary files to the CDK staging bucket with a human readable file name! This feature is awesome if you are pre-synthing CDK apps to CloudFormation Templates.

CDK package.json Scripts

I found the following package.json scripts very convenient when managing a complex CDK app. The key is the -- operator, which allows us to append additional parameters.

Speed up CDK Pipelines Deployment

I recently converted a large CDK app to use CDK Pipelines. I LOVE how quickly it was to get working but it generated a UGLY and SLOW pipeline.

Write config.json to S3 with AWS CDK

To make prebuilt SPA installers with CDK I like to keep environment configuration outside of the minified code via a config.json file. This allows me to build the app once and move it between environments and stages.

Synth CDK app to Custom Bucket

Some AWS customers don’t use the CLI, and will not grant an external contractor CLI access. Trying to get access is a waste of time and resources. Do not fear, there is a solution!

AWS Athena SAM Policies

AWS Athena provides SQL queries over S3 data. The service depends on S3, Glue, and Athena itself so getting permissions set up can be tricky. Here is what worked for me.

Fargate with EFS CDK

I struggled WAY too long trying to sort out the permissions for EFS. Turns out, there are 2 layers. The IAM role, and the Posix permissions. Both throw a similar looking access denied. Finally!

Synth CDK app to Portable CloudFormation (obsolete)

Update 2/7/2022: Read Synth CDK app to Custom Bucket instead. Consulting requires you to work within the client’s parameters. Some clients have internal standards, and want you to deliver your white-label CDK app as CloudFormation. Call me old fashioned but…

My CloudFormation IDE

Writing CloudFormation or SAM templates without by hand is very powerful, but can also be quite frustrating without a good IDE setup…

Assume Role with MFA

CLI Assume Role with MFA ( script will assume a cross-account role using your MFA device and output the credentials into a named profile. 1234567891011121314151617181920212223#!