昨天分析完了整個 sample-app 程式,今天就直接來執行它吧!
今日的主題除了教大家怎麼把 sample-app 部署到 AWS 上面之外還會教大家怎麼簡單的修改 CDK 程式先體驗 CDK 的方便之處,那就來看看今天的內容吧!
第一次使用 CDK 先執行 bootstrap
如果之前有做過了就不需要再做了呦!
$ cdk bootstrap
⏳ Bootstrapping environment aws://888888888888/us-west-2...
✅ Environment aws://888888888888/us-west-2 bootstrapped (no changes).
看一下部署腳本
一開始使用 CDK 還是可以先看一下如果使用 CloudFormation 會怎麼寫的,看完就會這樣寫真的滿辛苦的
$ cdk synth
Resources:
HelloCdkQueueB56C77B9:
Type: AWS::SQS::Queue
Properties:
VisibilityTimeout: 300
Metadata:
aws:cdk:path: HelloCdkStack/HelloCdkQueue/Resource
HelloCdkQueuePolicy027FC30A:
Type: AWS::SQS::QueuePolicy
Properties:
PolicyDocument:
Statement:
- Action: sqs:SendMessage
Condition:
ArnEquals:
aws:SourceArn:
Ref: HelloCdkTopic1F583424
Effect: Allow
Principal:
Service: sns.amazonaws.com
Resource:
Fn::GetAtt:
- HelloCdkQueueB56C77B9
- Arn
Version: "2012-10-17"
Queues:
- Ref: HelloCdkQueueB56C77B9
Metadata:
aws:cdk:path: HelloCdkStack/HelloCdkQueue/Policy/Resource
HelloCdkQueueHelloCdkStackHelloCdkTopic850E0FBD36A066B9:
Type: AWS::SNS::Subscription
Properties:
Protocol: sqs
TopicArn:
Ref: HelloCdkTopic1F583424
Endpoint:
Fn::GetAtt:
- HelloCdkQueueB56C77B9
- Arn
Metadata:
aws:cdk:path: HelloCdkStack/HelloCdkQueue/HelloCdkStackHelloCdkTopic850E0FBD/Resource
HelloCdkTopic1F583424:
Type: AWS::SNS::Topic
Metadata:
aws:cdk:path: HelloCdkStack/HelloCdkTopic/Resource
CDKMetadata:
Type: AWS::CDK::Metadata
Properties:
Modules: aws-cdk=1.63.0,@aws-cdk/aws-cloudwatch=1.63.0,@aws-cdk/aws-iam=1.63.0,@aws-cdk/aws-kms=1.63.0,@aws-cdk/aws-sns=1.63.0,@aws-cdk/aws-sns-subscriptions=1.63.0,@aws-cdk/aws-sqs=1.63.0,@aws-cdk/cloud-assembly-schema=1.63.0,@aws-cdk/core=1.63.0,@aws-cdk/cx-api=1.63.0,@aws-cdk/region-info=1.63.0,jsii-runtime=node.js/v12.16.3
Condition: CDKMetadataAvailable
Conditions:
CDKMetadataAvailable:
Fn::Or:
- Fn::Or:
- Fn::Equals:
- Ref: AWS::Region
- ap-east-1
- Fn::Equals:
- Ref: AWS::Region
- ap-northeast-1
- Fn::Equals:
- Ref: AWS::Region
- ap-northeast-2
- Fn::Equals:
- Ref: AWS::Region
- ap-south-1
- Fn::Equals:
- Ref: AWS::Region
- ap-southeast-1
- Fn::Equals:
- Ref: AWS::Region
- ap-southeast-2
- Fn::Equals:
- Ref: AWS::Region
- ca-central-1
- Fn::Equals:
- Ref: AWS::Region
- cn-north-1
- Fn::Equals:
- Ref: AWS::Region
- cn-northwest-1
- Fn::Equals:
- Ref: AWS::Region
- eu-central-1
- Fn::Or:
- Fn::Equals:
- Ref: AWS::Region
- eu-north-1
- Fn::Equals:
- Ref: AWS::Region
- eu-west-1
- Fn::Equals:
- Ref: AWS::Region
- eu-west-2
- Fn::Equals:
- Ref: AWS::Region
- eu-west-3
- Fn::Equals:
- Ref: AWS::Region
- me-south-1
- Fn::Equals:
- Ref: AWS::Region
- sa-east-1
- Fn::Equals:
- Ref: AWS::Region
- us-east-1
- Fn::Equals:
- Ref: AWS::Region
- us-east-2
- Fn::Equals:
- Ref: AWS::Region
- us-west-1
- Fn::Equals:
- Ref: AWS::Region
- us-west-2
開始執行部屬,執行此指令如果有修改權限都會再一次跟使用者確定修改的內容,確定請按 y
$ cdk deploy
This deployment will make potentially sensitive changes according to your current security approval level (--require-approval broadening).
Please confirm you intend to make the following modifications:
IAM Statement Changes
┌───┬───────────────────┬────────┬───────────────────┬───────────────────┬─────────────────────┐
│ │ Resource │ Effect │ Action │ Principal │ Condition │
├───┼───────────────────┼────────┼───────────────────┼───────────────────┼─────────────────────┤
│ + │ ${HelloCdkQueue.A │ Allow │ sqs:SendMessage │ Service:sns.amazo │ "ArnEquals": { │
│ │ rn} │ │ │ naws.com │ "aws:SourceArn": │
│ │ │ │ │ │ "${HelloCdkTopic}" │
│ │ │ │ │ │ } │
└───┴───────────────────┴────────┴───────────────────┴───────────────────┴─────────────────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)
Do you wish to deploy these changes (y/n)? y
HelloCdkStack: deploying...
[██████████████████████████████████████████████████████████] (6/6)
✅ HelloCdkStack
Stack ARN:
arn:aws:cloudformation:us-west-2:888888888888:stack/HelloCdkStack/cbb80510-f9d0-11ea-b44e-0a8a148431ae
文字版
圖片版
在這邊可以很清楚的看到上面的 Stack ARN 與我們的 Stack ID 一樣,並且有部署成功
再來檢查一下 Resources 的部分
到 SNS 看看新建的 Topic
到 SQS 檢查 timeout 為 300 秒也就是 5 分鐘,並且訂閱了 SNS
體驗一下如果把某些程式註解是否會真的幫我們移除對應的服務,把 13 ~ 16 行註解
import * as sns from "@aws-cdk/aws-sns";
import * as subs from "@aws-cdk/aws-sns-subscriptions";
import * as sqs from "@aws-cdk/aws-sqs";
import * as cdk from "@aws-cdk/core";
export class HelloCdkStack extends cdk.Stack {
constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const queue = new sqs.Queue(this, "HelloCdkQueue", {
visibilityTimeout: cdk.Duration.seconds(300),
});
// const topic = new sns.Topic(this, 'HelloCdkTopic');
// topic.addSubscription(new subs.SqsSubscription(queue));
}
}
執行一下 cdk diff 可以很清楚的看到什麼 Resources 被移除了
$ cdk diff
Stack HelloCdkStack
IAM Statement Changes
┌───┬───────────────────┬────────┬───────────────────┬───────────────────┬─────────────────────┐
│ │ Resource │ Effect │ Action │ Principal │ Condition │
├───┼───────────────────┼────────┼───────────────────┼───────────────────┼─────────────────────┤
│ - │ ${HelloCdkQueue.A │ Allow │ sqs:SendMessage │ Service:sns.amazo │ "ArnEquals": { │
│ │ rn} │ │ │ naws.com │ "aws:SourceArn": │
│ │ │ │ │ │ "${HelloCdkTopic1F5 │
│ │ │ │ │ │ 83424}" │
│ │ │ │ │ │ } │
└───┴───────────────────┴────────┴───────────────────┴───────────────────┴─────────────────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)
Resources
[-] AWS::SQS::QueuePolicy HelloCdkQueuePolicy027FC30A destroy
[-] AWS::SNS::Subscription HelloCdkQueueHelloCdkStackHelloCdkTopic850E0FBD36A066B9 destroy
[-] AWS::SNS::Topic HelloCdkTopic1F583424 destroy
文字版
圖片版
看完之後我們來執行一次 cdk deploy,等執行成功就來檢查一下
$ cdk deploy
HelloCdkStack: deploying...
HelloCdkStack: creating CloudFormation changeset...
[██████████████████████████████████████████████████████████] (5/5)
✅ HelloCdkStack
Stack ARN:
arn:aws:cloudformation:us-west-2:888888888888:stack/HelloCdkStack/cbb80510-f9d0-11ea-b44e-0a8a148431ae
可以發現剩下一個 SQS,代表有執行成功!
剛剛的 SNS 也已經被移除掉了
確定沒有 SNS 的訂閱資料
今天的講解差不多結束了,我們來把整個 cdk destroy 掉
執行會出現警告直接按下 y 即可
$ cdk destroy
Are you sure you want to delete: HelloCdkStack (y/n)? y
HelloCdkStack: destroying...
9:20:24 AM | DELETE_IN_PROGRESS | AWS::CloudFormation::Stack | HelloCdkStack
9:20:26 AM | DELETE_IN_PROGRESS | AWS::SQS::Queue | HelloCdkQueue
✅ HelloCdkStack: destroyed
文字版
圖片版
可以發現已經沒有任何東西拉!
以上是 AWS CDK sample-app 的執行與測試
文章內容主要是網路或是程式開發類型的文章
本文同步刊載於 Clarence 部落格:Day 5 - 執行 AWS CDK sample-app
「AWS CDK 完全學習手冊:打造雲端基礎架構程式碼 IaC」
本書改編並延伸自第 12 屆 iT 邦幫忙鐵人賽獲得 DevOps 組冠軍的《用 CDK 定義 AWS 架構》系列文章,以簡單、好讀的行文風格詳述技術細節,並提供完整的程式碼範例與說明,一步一步帶領新手從零開始踏上 AWS CDK 技術達人之路。有興趣的朋友歡迎至天瓏書局選購!
iThome鐵人賽
看影片追技術