aws

Evan Bernard 2024-06-05T18:28:19.081949Z

hello! I’m getting started with the AWS CDK, and in doing so, I wanted to get a good handle on the cdk diff command, particularly to diff local stacks (as in not-yet-deployed stacks) to check myself on whether I’m introducing unintended changes as I learn. however, I’m getting something in the output that I don’t quite understand, and I haven’t managed to google my way through it, either. 1. I created a fairly simple stack (in clojure, no less). I sent the CloudFormation template to a file, e.g. cdk synth > template.yml 2. I immediately try cdk diffing it to confirm that there’s no change (nor should there be; I haven’t made any changes!) output:

% cdk diff --template='./template.yml' --fail
Synthesized to: cdk.out

Other Changes
[-] Unknown Synthesized to: cdk.out
✨  Number of stacks with differences: 1

% echo $?
1
does anyone know what might be causing the Unknown Synthesized to: cdk.out bit? that seems like the thing that’s registering as a diff, hence the exit code of 1 ANSWER: I was holding it wrong! I was sending stdout to a file named template.yml, but that picked up the log line Synthesized to: cdk.out which looked enough like yaml that I didn’t catch it as NOT being an actual part of the cloudformation template. looked right past it. everything else was CDK fundamental stuff that @aisamu helped me with - thanks again!

🎉 1
Evan Bernard 2024-06-05T18:35:24.895109Z

hmm. I notice that template.yml starts with: Synthesized to: cdk.out . that seems awfully relevant!

aisamu 2024-06-05T18:37:42.628229Z

Isn't "Unknown" the name of the stack? (where it's supposed to go, that is)

Evan Bernard 2024-06-05T18:38:11.143029Z

I’m betting that diff isn’t picking up that testStack is the name of the stack within the template.yml file

aisamu 2024-06-05T18:38:46.390019Z

IIRC you can synth and diff against stacknames, there's not need to explicitly use files

Evan Bernard 2024-06-05T18:39:15.224039Z

ah, sure enough - if I remove that first line such that template.yml no longer contains Synthesized to: cdk.out, we see what I expected:

% cdk diff testStack --template='template.yml' --fail
Synthesized to: cdk.out

There were no differences

✨  Number of stacks with differences: 0

% echo $?
0

Evan Bernard 2024-06-05T18:42:35.404979Z

hmm. maybe I don’t quite understand stacks yet! how could I do that if I’m working off the same bit of CDK? I’m hoping to: 1. generate a CloudFormation template using some CDK code (e.g. that’s built from calling cdk synth that points to a cdk.json with an app attribute of clj -X main/-main ) 2. make some changes to main.clj 3. and then diff the CloudFormation template from step 1 with the result of the changes from step 2

aisamu 2024-06-05T18:43:05.547539Z

And the way I remember grabbing templates wasn't by piping to a file - they should be inside cdk.out!

Evan Bernard 2024-06-05T18:43:45.628879Z

ah .. let me fiddle with that! maybe I’m being weird for routing stdout to a file. I’ll wipe the cdk.out/ dir and see what that changes

Evan Bernard 2024-06-05T18:45:00.118509Z

ah, that’s why I was doing that; cdk.out doesn’t seem to contain the output yaml

aisamu 2024-06-05T18:45:34.544129Z

IIRC it contains json templates, not yaml!

Evan Bernard 2024-06-05T18:46:32.911079Z

ahhh - are the json files the templates, and the yaml output of cdk synth is the cloudformation BUILT from those json templates? did I mention I’m new at this 😄

aisamu 2024-06-05T18:47:43.403339Z

Cloudformation accepts both yaml and json!

aisamu 2024-06-05T18:48:47.283669Z

CDK is a regular library that spits cloudformation json templates

Evan Bernard 2024-06-05T18:49:17.286709Z

ooohh my goodness I know what’s going on. I think the answer is a lot more straightforward - I’m looking at the output of cdk synth… and the first line is, i think, a log! Synthesized to: cdk.out if that is indeed a log, my piping of the output yaml to a file for later comparison ended up scooping up that line which looks an awful lot like YAML, ergo…

aisamu 2024-06-05T18:49:54.808379Z

You got it!

Evan Bernard 2024-06-05T18:50:01.059209Z

woof!

Evan Bernard 2024-06-05T18:51:36.904899Z

well - I might be still suck with the same desire I started with, just with a really goofy problem out of the way. I still want to compare the YAML spit out by cdk synth between two changes to main.clj, but the stacks can’t exist simultaneously since they would be built from the same codebase

Evan Bernard 2024-06-05T18:52:03.362329Z

now that I realize what I’m doing, i could always kill the first line of the output of cdk synth > template.yml , but that feels trashy

aisamu 2024-06-05T18:56:32.629579Z

You can specify the output directory

cdk synth --output=~/templates

aisamu 2024-06-05T18:57:07.315979Z

then use the different folder as a source of comparison

cdk diff --template ~/stacks/MyStack.old MyStack

Evan Bernard 2024-06-05T18:57:11.523639Z

aha! just ran into that in cdk synth --help 🙂 foolish me, I was just looking https://docs.aws.amazon.com/cdk/v2/guide/ref-cli-cmd-synth.htmlwhich isn’t exhaustive

aisamu 2024-06-05T18:57:51.935349Z

These might also be useful: https://docs.aws.amazon.com/cdk/v2/guide/cli.html

👀 1
Evan Bernard 2024-06-05T18:59:27.269739Z

hmm. that just changes the directory of where the json gets stored. that might be useful, but if it is I don’t get how yet. but I bet i’m missing a fundamental: what’s the distinction between the json files that get generated and saved to disk vs. the YAML output that cdk synth emits to stdout by default?

aisamu 2024-06-05T19:00:07.139609Z

None! Json and Yaml are "equivalent"

Evan Bernard 2024-06-05T19:02:35.142099Z

I see, and so I’ve been focusing too hard on the YAML that I see and the JSON that’s always been there!

✅ 1
Evan Bernard 2024-06-05T19:04:17.412819Z

yep! just confirmed after a fresh round of cdk synthing, as well as introducing a small change to confirm that the diff picks it up:

% cdk diff --template='templates/testStack.template.json' --fail
Synthesized to: cdk.out

There were no differences

✨  Number of stacks with differences: 0

% cdk diff --template='templates/testStack.template.json' --fail
Synthesized to: cdk.out

Resources
[~] AWS::IAM::Role test-lambda-role testlambdaroleF589601D replace
 └─ [~] RoleName (requires replacement)
     ├─ [-] test-lambda-role
     └─ [+] test-lambda-role-NEW


✨  Number of stacks with differences: 1

Evan Bernard 2024-06-05T19:04:36.545609Z

you’ve taught me a lot - thank you very much!

aisamu 2024-06-05T19:08:08.805649Z

You're welcome! But note that you handled almost everything yourself :)

Evan Bernard 2024-06-05T19:08:12.014059Z

that’s a nice, tight feedback cycle too: 1. make change 2. compare with cdk diff --template='template/fooStack.template.json' 3. if satisfied, cdk synth and move along once I know what I’m doing more, I can skip effectively cdk synthing twice 🙂

Evan Bernard 2024-06-05T19:08:47.712749Z

hah, well thanks for also being an excellent rubber duck and taking the time, then!

❤️ 1
aisamu 2024-06-05T19:09:11.692079Z

In a more regular setting you don't have to synth at all (it does that for you automatically), and you diff your local, proposed changes against something that's deployed (so no need to generate two templates locally - you compare the local/default template against the remote, deployed template)

Evan Bernard 2024-06-05T19:10:06.199709Z

yeah, once I’m at the point where I’m willing to deploy, we’ll really be in business

Evan Bernard 2024-06-05T19:11:02.746529Z

I think once I’m there, it’s just cdk diff FooStack, and that’ll compare what i’ve got locally to an actually-deployed stack named FooStack, right?

⭐ 1
Evan Bernard 2024-06-05T19:58:57.518019Z

oh no - are you ready for the worst part? it’s MY log line!!

😂 1
Evan Bernard 2024-06-05T19:59:18.830289Z

Evan Bernard 2024-06-05T19:59:22.706079Z

it was me the whole time..