AWS CDK vs CloudFormation

AWS CDK vs CloudFormation

AWS offers great Infrastructure-as-Code options – but which is best for you? This blog compares CDK vs CloudFormation and how to choose.

Jay Allen's photo
Jay Allen
·Aug 26, 2022·

8 min read

Subscribe to our newsletter and never miss any upcoming articles

Deploying an application on the cloud doesn't mean just deploying code. It means deploying all of the infrastructure - servers, storage, and other services - that your application requires to run.

Two of the most popular tools for deploying infrastructure-as-code on AWS are AWS CloudFormation and the Cloud Development Kit (CDK). But which one should you use? Let's look at the capabilities as well as the pros and cons of each.

What is CloudFormation?

AWS CloudFormation is the foundational technology for deploying infrastructure on the cloud service.

CloudFormation is a declarative language for defining infrastructure components such as virtual networks, virtual machines, and virtually (see what I did there?) any other AWS resource to boot. Generally, if you can create an AWS resource in the console or via a programmatic SDK, you can create it via CloudFormation.

Using CloudFormation, your team can forge its application into a template that you can deploy in a repeatable fashion. You can even parameterize your templates so you can use them to deploy your application in multiple stages.

CloudFormation architecture basics

A CloudFormation deployment consists, at a minimum, of either a JSON or a YAML file - called a template - that defines AWS resources. Developers use templates to create a set of resources called a stack.

A template is broken up into several major sections:

  • Parameters: A series of variables whose values are supplied to the template
  • Resources: The resources to create in your AWS account.
  • Outputs: Values resulting from resources created by the template.

image.png

When you create a stack from a template - called launching a stack - you can supply parameters either as arguments in the Management Console or via a separate parameters file.

A stack is complete when all of its resources finish creating. You can see the progress, as well as other values such as outputs, in the AWS Management Console.

image.png

Once a stack is created, you can create change sets to alert the resources in your stack. You can also delete a stack, which will reclaim all associated AWS resources.

In addition to creating base infrastructure, you can use CloudFormation to ship your application code. CloudFormation supports all of the major code deployment mechanisms in AWS, including Lambda, CodeDeploy, are Elastic Container Services (ECS).

CloudFormation has multiple methods that encourage code reuse. Instead of putting your entire infrastructure into a single template, you can spread it across multiple templates and chain their creation. This enables you, for example, to deploy a Virtual Private Cloud (VPC) in one template that you then populate with resources created in other templates.

You can further divide CloudFormation templates up into reusable modules. To take the previous example, you could create a module that defines a VPC that other developers can import into their own templates. You register modules in the CloudFormation registry in your AWS account, where other developers on your team can find and reuse them.

You can also use CloudFormation templates to deploy AWS resources across multiple accounts using CloudFormation StackSets. This is useful for companies that deploy independent stacks on behalf of customers.

What is the AWS CDK?

The AWS Cloud Development Kit (CDK) provides some of the same benefits of CloudFormation but with a few key differences.

The CDK is an infrastructure-as-code solution that you can use with several popular programming languages. In other words, it's like CloudFormation, but using a language you already know. The CDK also contains command line tools to create infrastructure-as-code templates and to instantiate, update, and tear down stacks.

Under the hood, the CDK generates CloudFormation templates for its deployments. It's essentially a way to generate CloudFormation using higher-level constructs.

AWS CDK architecture basics

The building blocks of the CDK are constructs. Constructs function like resources in CloudFormation but with a twist. A construct can exist at one of three levels:

  • L1: A basic AWS resource.
  • L2: An AWS resource with intent - e.g., an Amazon S3 bucket deployed with specific settings, such as disabling public access.
  • L3*: A pattern - i.e., a collection of L1 and L2 constucts knitted together into a single solution meant to address a specific real-world scenario.

To use the CDK, you create an app with a command-line call:

cdk init app --language typescript

You add resources to your app by creating constructs with specific values. For example, the following TypeScript code creates an Amazon S3 bucket:

import * as cdk from 'aws-cdk-lib';
import { aws_s3 as s3 } from 'aws-cdk-lib';

export class HelloCdkStack extends cdk.Stack {
  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    new s3.Bucket(this, 'MyFirstBucket', {
      versioned: true
    });
  }
}

Once you're finished writing your code, you can deploy it using the cdk deploy command. To deploy it, you need to specify an environment, which consists of an AWS account and an AWS region.

Comparing CloudFormation and the CDK

Both CloudFormation and the CDK share a number of benefits. They both enable you to:

  • Define your infrastructure as code, check it into source control, and make it part of your CI/CD deployment pipeline
  • Automate all aspects of an AWS application deployment
  • Create repeatable deployments across multiple stages

The way they each go about this, however, is different. And each has its strengths and weaknesses.

CloudFormation Pros

A plus in CloudFormation's column is its completeness and ubiquity. It's AWS's foundational infrastructure-as-code tech and is integrated into multiple AWS DevOps features, including CodeBuild and CodePipeline. It's been around for years and you can find a wealth of sample code online. (AWS themselves publish a pretty thorough repo of samples.)

Another benefit of CloudFormation is that the service handles parallelization and sequencing for you. If two resources are independent, CloudFormation can initiate creation simultaneously. It can also detect dependencies between two resources and create them in the proper order. Template developers can further specify a DependsOn relationship to specify explicit dependencies.

CloudFormation Cons

The major downside of CloudFormation is that it's another thing to learn. Rather than work in a language and programming model you're familiar with, you have to learn either the JSON or YAML format that CloudFormation defines. This can be an impediment to getting your development team more closely involved in building out your app's infrastructure.

Because CloudFormation is a declarative syntax and not a programming language, it lacks some helpful constructs that make authoring easier. The lack of type checking, for example, means you won't catch some obvious errors until runtime.

CDK Pros

Many developers end up embracing the CDK because it allows them to utilize their favorite programming language. Instead of learning an entirely new syntax, developers can create infrastructure using the same language they use to code their applications.

Additionally, the CDK provides a more structured reuse format than CloudFormation. The three-tiered reuse level of components, intents, and patterns means you can build up a library of reusable components and patterns your entire organization can use to build infrastructure and ship applications more quickly.

Finally, CDK code is more testable than CloudFormation. The CDK contains a testing framework you can use to test both the validity of the values it generates in AWS CloudFormation and to generate "snapshot" diffs against previous versions.

CDK Cons

The biggest downside with the AWS CDK is the level of experience required to use it. AWS itself recommends that CDK users be "moderately to highly experienced" in AWS and CloudFormation already. In other words, it's not a technology you'll want to use if your team is new to the cloud.

Another downside is the limited language support. If you develop applications in any of the six languages (TypeScript, JavaScript, Python, Java, C#, Go) that the CDK supports, then you're good to go. If you program in something else (e.g., Rust), and no one on your team is proficient in one of the supported languages, then the benefits of using the CDK drop dramatically.

Additionally, since the CDK generates CloudFormation, it can be difficult to debug on occasion. If the generated CloudFormation generates a runtime error, it may take some time to figure out how that error maps to changes in your codebase.

Which is the best for you?

Whether you use CloudFormation or the CDK will depend on a few factors:

  • Your team's experience level with AWS and CloudFormation
  • What programming languages your team knows
  • Your plans for reusability

If you're just starting out on your AWS journey, CloudFormation is the way to go. It's highly tested, well-supported, and well-documented. Start by finding sample templates that are a close fit to your app and modifying them to suit your needs. As your project evolves, you can grow your suite of templates and gradually refactor reusable components into modules.

For teams that have been using AWS and CloudFormation for a while and want to up their game, the CDK is a logical next progression. Identify what you're currently shipping in CloudFormation and break down how you would refactor that into CDK components.

Other considerations

If your team already has considerable experience with infrastructure-as-code on another platform, you may feel comfortable jumping into the CDK straightaway. For example, if you've used ARM templates or Bicep on Azure, CloudFormation will already feel familiar. You can go straight to the CDK and reap some of the advanced benefits it offers, such as type safety and enhanced testing.

The TinyStacks approach to CDK and CloudFormation

At TinyStacks, we've built an infrastructure-as-code platform that enables application developers to ship their code in a day instead of weeks. There's no need for everyone to be an expert in CloudFormation or the CDK. Define your deployment frameworks in a centralized manner.

To see how TinyStacks can revolutionize your DevOps deployments, sign up and check it out today.

 
Share this