This is Chapter 2 of the Infrastructure as Code with AWS CDK series. Four approaches to environment-specific configuration in CDK stacks - same use case throughout so the trade-offs sit side by side. Use case: An S3 bucket and Lambda function where bucket name, log level, and Lambda timeout vary per environment (dev, staging, prod). Quick comparison Approach Version controlled Supports secrets Change without redeploy Shared across stacks Static config (cdk.json) Yes No No No Dynamic config No Partial Yes No Secrets Manager No Yes Yes Yes CI/CD context injection No No Yes No Local dev patterns Suitable for personal projects or local development. Neither is a good fit for CI/CD pipelines or shared team environments. ...

This is Chapter 1 of the Infrastructure as Code with AWS CDK series. Two things come before writing any stack code: initialising the CDK project and bootstrapping the AWS account. Prerequisites Python 3.9+ Node.js 18+ (CDK CLI is a Node package) AWS CLI v2 configured with valid credentials - see Connect to AWS SSO and SSH into EC2 Instance An AWS account with permissions to create IAM roles, S3 buckets, and CloudFormation stacks Install the CDK CLI globally: ...

EC2 does not send memory or disk metrics to CloudWatch by default - only CPU, network and status checks. The CloudWatch agent runs inside the instance and collects system-level metrics and logs directly. Prerequisites EC2 instance running (Amazon Linux 2 or Ubuntu) SSH access to the instance - see Connect to AWS SSO and SSH into EC2 Instance Terminal Attach IAM role to the instance The agent needs permission to write metrics and logs to CloudWatch. In the AWS console: ...

Two paths depending on your setup - follow one: Without SSO: personal AWS account, direct IAM credentials With SSO: enterprise/team setup with an SSO start URL (e.g. https://company.awsapps.com/start) Prerequisites Without SSO: AWS CLI v2 AWS IAM user credentials (Access Key ID and Secret Access Key) Terminal With SSO: AWS CLI v2 AWS SSO start URL and access Terminal Files you will need ~/ ├── .aws/ │ ├── config │ └── credentials └── .ssh/ ├── ec2-key.pem └── config Path A: Without SSO Create .aws folder if it doesn’t exist. Run from your home directory (~). ...