Reputation: 59
Difference between AWS CDK Higher Level constructs Vs Lower Level constructs
I am newbie in CDK, need to understand difference between Higher Level constructs Vs Lower Level constructs. Can someone explain in simple words :)
Warm regards.
Upvotes: 4
Views: 1494
Answers (1)
Reputation: 4425
CDK was built to make it easy for anyone to create components with preconfigured defaults. This means that you can (using higher level constructs) create a resource, using default values, approved by AWS (and the community in general).
For example, using CDK, if you were to create a S3 bucket using Lower Level Constructs, you would have to define the resource exactly as you would define a CloudFormation template, meaning you pick the options and you set the values for those options.
This is what a CloudFormation template would look like if you were to use a Lower Level Resource (L1):
CDK Python (L1 Construct):
s3.CfnBucket(self, 's3_bucket_l1')
CloudFormation Template:
s3bucketl1:
Type: AWS::S3::Bucket
If you were to create the same resource using the Higher Level Constructs (L2), CDK adds some defaults to the resources it creates, here's the same example using L2 resources:
CDK Python (L2 Construct):
s3.Bucket(self, 's3_bucket_l2')
CloudFormation Template:
s3bucketl249651147:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Expanding on the same, if I were to add PublicAccessBlockConfiguration to these S3 buckets, the L2 constructs do the same thing in less lines of code:
CDK Python (L1 Construct):
s3.CfnBucket(
self,
's3_bucket_l1',
public_access_block_configuration=s3.CfnBucket.PublicAccessBlockConfigurationProperty(
block_public_acls=True,
block_public_policy=True,
ignore_public_acls=True,
restrict_public_buckets=True
)
)
CloudFormation Template:
s3bucketl1:
Type: AWS::S3::Bucket
Properties:
PublicAccessBlockConfiguration:
BlockPublicAcls: true
BlockPublicPolicy: true
IgnorePublicAcls: true
RestrictPublicBuckets: true
CDK Python (L2 Construct):
s3.Bucket(
self,
's3_bucket_l2',
block_public_access=s3.BlockPublicAccess.BLOCK_ALL
)
CloudFormation Template:
s3bucketl249651147:
Type: AWS::S3::Bucket
Properties:
PublicAccessBlockConfiguration:
BlockPublicAcls: true
BlockPublicPolicy: true
IgnorePublicAcls: true
RestrictPublicBuckets: true
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
This is just one example using S3 as a resource. In the case of Lambda functions, things get really interesting. Using L2 constructs, with only a few lines of code, you can create a Lambda function, and CDK will also generate an IAM role with default permissions. If you were to do the same thing with L1 constructs, you would have to define both the Lambda construct as well as the IAM role construct to generate the CloudFormation template.
In essence, both constructs create CloudFormation templates, but the Higher Level Constructs gives the user powerful ways to create AWS resources using preconfigured defaults using less code.
Upvotes: 7
Related Questions
- The difference between a Stack and Construct in AWS CDK
- How does AWS CDK "know" which constructs have been created inside a class
- What is the purpose of aws-cdk-lib vs @aws-cdk/core, @aws-cdk/aws-iam, ...?
- What are the tradeoffs between NestedStacks and Constructs?
- CDK: aws_cdk.aws_ecs.EcrImage vs aws_cdk.aws_ecs.ContainerImage
- AWS CDK vs AWS Amplify
- CDK Aspects and Tokens which resolve to undefined
- What does CDK-compatible mean?
- AWS-CDK: Single stack vs. Multiple stacks?
- What are the differences in lambdas created by aws-cdk in the different packages?