Articles

Infrastructure as Code: Automate Your Cloud

March 24, 2026 6 min read

CDK is the only IaC tool that lets you use your favorite general-purpose programming language to define cloud infrastructure.

Here’s how CDK lets you define infrastructure with TypeScript.

import * as cdk from 'aws-cdk-lib';
import * as ec2 from 'aws-cdk-lib/aws-ec2';

export class MyCdkStack extends cdk.Stack {
  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    // Defines an AWS Cloud Resource
    new ec2.Vpc(this, 'MyVpc', {
      maxAzs: 2, // Default VPC has max 3 AZs.
      subnetConfiguration: [
        {
          cidrMask: 24,
          name: 'PublicSubnet',
          subnetType: ec2.SubnetType.PUBLIC,
        },
      ],
    });
  }
}

This TypeScript code defines a VPC with two Availability Zones and a public subnet. When you run cdk synth, it compiles this into a CloudFormation template.

Resources:
  MyVpcPublicSubnet1SubnetXXXXXXXX:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 0
        - !GetAtt MyVpcVPCXXXXXXXX
          .AvailabilityZones
      CidrBlock: !Join
        - ""
        - - !Select
            - 0
            - !Split
              - /
              - !Ref MyVpcSubnet2CidrBlockXXXXXXXX
          - /24
      VpcId: !Ref MyVpcVPCXXXXXXXX
      Tags:
        - Key: aws-cdk:subnet-name
          Value: PublicSubnet
        - Key: aws-cdk:availability-zone-index
          Value: 0
  MyVpcPublicSubnet2SubnetXXXXXXXX:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 1
        - !GetAtt MyVpcVPCXXXXXXXX
          .AvailabilityZones
      CidrBlock: !Join
        - ""
        - - !Select
            - 0
            - !Split
              - /
              - !Ref MyVpcSubnet2CidrBlockXXXXXXXX
          /24
      VpcId: !Ref MyVpcVPCXXXXXXXX
      Tags:
        - Key: aws-cdk:subnet-name
          Value: PublicSubnet
        - Key: aws-cdk:availability-zone-index
          Value: 1
  MyVpcVPCXXXXXXXX:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: aws-cdk:asset
          Value: 5e4591b823622798864775a82d186373f29e85f421735514b50e214f9e020261
Outputs:
  MyVpcPublicSubnet1SubnetXXXXXXXX:
    Description: PublicSubnet 0
    Value: !Ref MyVpcPublicSubnet1SubnetXXXXXXXX
  MyVpcPublicSubnet2SubnetXXXXXXXX:
    Description: PublicSubnet 1
    Value: !Ref MyVpcPublicSubnet2SubnetXXXXXXXX

This is the CloudFormation template that CDK generates. The cdk deploy command then takes this template and provisions the resources.

What Problem Does This Solve?

Traditionally, managing cloud infrastructure involved manual clicking in the AWS console or writing imperative scripts. This led to inconsistent environments, difficult rollbacks, and a lack of version control for infrastructure. IaC tools like CDK, Terraform, and CloudFormation address this by allowing you to define your infrastructure in code, enabling versioning, automation, and repeatability.

How Does It Work Internally?

CDK uses a construct-based approach. Constructs are reusable, higher-level building blocks that abstract away complex CloudFormation configurations. When you instantiate a construct (like ec2.Vpc), it generates one or more CloudFormation resources. The cdk synth command translates your CDK code into a CloudFormation template, and cdk deploy uses the AWS CloudFormation service to create, update, or delete resources based on that template.

The Exact Levers You Control

  • Constructs: These are the primary building blocks. You choose specific constructs for services (e.g., ec2.Vpc, s3.Bucket, lambda.Function).
  • Properties: Each construct has properties that configure its behavior (e.g., maxAzs: 2, bucketName: 'my-unique-bucket-name').
  • Stacks: A stack is a CloudFormation stack that represents a deployable unit of your infrastructure. You can group related constructs into a stack.
  • App: An app is a collection of stacks. This is your entry point for the CDK application.
  • CDK CLI: Commands like cdk synth (generate CloudFormation), cdk deploy (deploy to AWS), and cdk destroy (tear down resources) are your interface to the CDK framework.

A surprisingly powerful aspect of CDK is its ability to define custom constructs. You can package common patterns of infrastructure (e.g., a secure, hardened VPC with specific subnets and security groups) into your own construct. This allows your team to consume these patterns as simple, high-level components, enforcing best practices and reducing boilerplate code across multiple projects. You can define a construct that takes a few parameters and outputs a fully configured, opinionated set of AWS resources.

The next concept you’ll encounter is managing cross-stack dependencies and inter-stack communication using CDK outputs and imports.

Want structured learning?

Take the full Cloud Computing course →