AWS Cloud Development Framework (CDK)

Description

This best practice for backend applications using the CDK for deployments

Structure

CDK project examples

For examples of how to structure a backend CDK project in TypeScript, see the following projects.

CRUK projects

bank-verification-service (microservice repo) - https://github.com/CRUKorg/bank-verification-service online-payments-services (monorepo) - https://github.com/CRUKorg/online-payments-services

External projects

CDK Patterns - https://github.com/cdk-patterns/serverless Serverless Land - https://github.com/aws-samples/serverless-patterns

GitHub Actions

@todo - A description of how we deploy our stacks via GHA instead of AWS Pipelines.

AWS Web Application Firewall (WAF)

@todo - Putting this as a placeholder as we have the #waf slack channel for sorting out what should go into it by default.

CDK-nag

For CDK stacks, to ensure your stack follows best practices and to reduce any security insights concerns in AWS Security Hub, install the npm module for cdk-nag.

In some cases it is necessary to suppress the warnings when best practices cannot be followed for valid reasons. See the documentation on how to create suppressions.

Example cdk stack using cdk-nag with suppressions: https://github.com/CRUKorg/bank-verification-service/blob/main/cdk/regional/stack.ts#L409

AWS Cloud Development Framework (CDK)

Description​

Structure​

CRUK projects​

External projects​

GitHub Actions​

AWS Web Application Firewall (WAF)​

CDK-nag​