AWS CDK: Python Tips, Tricks, and Examples

In the app.py in the root of your CDK construct: add env={‘region’: ‘us-east-2’} to your ConstructStack(…). At time of writing this is on line 9 by default. It should look something like this:

app = core.App()
MyConstructStack(app, "my-construct", env={'region': 'us-east-2'})

Install new packages

When working with a new services you may need to install them with a command similar to the one below:

pip install aws-cdk.aws_apigateway

CDK leaving orphaned CloudFormation deployments

If you change the name of your stack in app.py CDK doesn’t seem to be smart enough to delete the old stack. It deploys your new stack with its new name and orphans the old one. If you know of a workaround for this please let me know.

Using a Secure String from Parameter Store in ECS

I recommend storing secrets in AWS Secrets manager, it is much easier to use with the CDK. If you must use parameter store then here is how.

Example

#You must add the task execution role to KMS key used to encrypt the secret for ECS to deploy the task successfully
parameter_store_location = ssm.StringParameter.from_secure_string_parameter_attributes( self, "ParameterStoreTest",
        parameter_name="/my/parametersrore/location", #Remeber, KMS permissions for task execution role for parameter store key!
        version=1
    )

my_container = my_task.add_container( "myContainer",
    ...
    secrets = {
        "PARAMETERSTORETEST": ecs.Secret.from_ssm_parameter( parameter_store_location )
    }
)

Docs for parameter store.

Docs for add_container() method.

AWS SSO Support

AWS SSO does not work with the CDK right out of the box. Check this Git issue for a solution that works for you.

AWS CDK + AWS SAM

These tools can be used in conjunction, check these docs out:

Examples

Basics

Read the docs!

Set the deployment region