aws-cdk-development
The aws-cdk-development skill provides expert guidance for building AWS infrastructure using the Cloud Development Kit with TypeScript or Python. Use it when creating CDK stacks, defining constructs, implementing infrastructure as code, or when working with CDK commands like synth and deploy. It includes integrated MCP servers for accessing current AWS documentation and CDK best practices, covering stack composition, construct patterns, and deployment workflows.
git clone --depth 1 https://github.com/zxkane/aws-skills /tmp/aws-cdk-development && cp -r /tmp/aws-cdk-development/plugins/aws-cdk/skills/aws-cdk-development ~/.claude/skills/aws-cdk-developmentSKILL.md
# AWS CDK Development
This skill provides comprehensive guidance for developing AWS infrastructure using the Cloud Development Kit (CDK), with integrated MCP servers for accessing latest AWS knowledge and CDK utilities.
## AWS Documentation Requirement
Always verify AWS facts using MCP tools (`mcp__aws-mcp__*` or `mcp__*awsdocs*__*`) before answering. The `aws-mcp-setup` dependency is auto-loaded — if MCP tools are unavailable, guide the user through that skill's setup flow.
## Integrated MCP Servers
This skill includes the CDK MCP server automatically configured with the plugin:
### AWS CDK MCP Server
**When to use**: For CDK-specific guidance and utilities
- Get CDK construct recommendations
- Retrieve CDK best practices
- Access CDK pattern suggestions
- Validate CDK configurations
- Get help with CDK-specific APIs
**Important**: Leverage this server for CDK construct guidance and advanced CDK operations.
## When to Use This Skill
Use this skill when:
- Creating new CDK stacks or constructs
- Refactoring existing CDK infrastructure
- Implementing Lambda functions within CDK
- Following AWS CDK best practices
- Validating CDK stack configurations before deployment
- Verifying AWS service capabilities and regional availability
## Core CDK Principles
### Resource Naming
**CRITICAL**: Do NOT explicitly specify resource names when they are optional in CDK constructs.
**Why**: CDK-generated names enable:
- **Reusable patterns**: Deploy the same construct/pattern multiple times without conflicts
- **Parallel deployments**: Multiple stacks can deploy simultaneously in the same region
- **Cleaner shared logic**: Patterns and shared code can be initialized multiple times without name collision
- **Stack isolation**: Each stack gets uniquely identified resources automatically
**Pattern**: Let CDK generate unique names automatically using CloudFormation's naming mechanism.
```typescript
// ❌ BAD - Explicit naming prevents reusability and parallel deployments
new lambda.Function(this, 'MyFunction', {
functionName: 'my-lambda', // Avoid this
// ...
});
// ✅ GOOD - Let CDK generate unique names
new lambda.Function(this, 'MyFunction', {
// No functionName specified - CDK generates: StackName-MyFunctionXXXXXX
// ...
});
```
**Security Note**: For different environments (dev, staging, prod), follow AWS Security Pillar best practices by using separate AWS accounts rather than relying on resource naming within a single account. Account-level isolation provides stronger security boundaries.
### Lambda Function Development
Use the appropriate Lambda construct based on runtime:
**TypeScript/JavaScript**: Use `@aws-cdk/aws-lambda-nodejs`
```typescript
import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs';
new NodejsFunction(this, 'MyFunction', {
entry: 'lambda/handler.ts',
handler: 'handler',
// Automatically handles bundling, dependencies, and transpilation
});
```
**Python**: Use `@aws-cdk/aws-lambda-python`
```typescript
import { PythonFunction } from '@aws-cdk/aws-lambda-python-alpha';
new PythonFunction(this, 'MyFunction', {
entry: 'lambda',
index: 'handler.py',
handler: 'handler',
// Automatically handles dependencies and packaging
});
```
**Benefits**:
- Automatic bundling and dependency management
- Transpilation handled automatically
- No manual packaging required
- Consistent deployment patterns
### Pre-Deployment Validation
Use a **multi-layer validation strategy** for comprehensive CDK quality checks:
#### Layer 1: Real-Time IDE Feedback (Recommended)
**For TypeScript/JavaScript projects**:
Install [cdk-nag](https://github.com/cdklabs/cdk-nag) for synthesis-time validation:
```bash
npm install --save-dev cdk-nag
```
Add to your CDK app:
```typescript
import { Aspects } from 'aws-cdk-lib';
import { AwsSolutionsChecks } from 'cdk-nag';
const app = new App();
Aspects.of(app).add(new AwsSolutionsChecks());
```
**Optional - VS Code users**: Install [CDK NAG Validator extension](https://marketplace.visualstudio.com/items?itemName=alphacrack.cdk-nag-validator) for faster feedback on file save.
**For Python/Java/C#/Go projects**: cdk-nag is available in all CDK languages and provides the same synthesis-time validation.
#### Layer 2: Synthesis-Time Validation (Required)
1. **Synthesis with cdk-nag**: Validate stack with comprehensive rules
```bash
cdk synth # cdk-nag runs automatically via Aspects
```
2. **Suppress legitimate exceptions** with documented reasons:
```typescript
import { NagSuppressions } from 'cdk-nag';
// Document WHY the exception is needed
NagSuppressions.addResourceSuppressions(resource, [
{
id: 'AwsSolutions-L1',
reason: 'Lambda@Edge requires specific runtime for CloudFront compatibility'
}
]);
```
#### Layer 3: Pre-Commit Safety Net
1. **Build**: Ensure compilation succeeds
```bash
npm run build # or language-specific build command
```
2. **Tests**: Run unit and integration tests
```bash
npm test # or pytest, mvn test, etc.
```
3. **Validation Script**: Meta-level checks
```bash
./scripts/validate-stack.sh
```
The validation script now focuses on:
- Language detection
- Template size and resource count analysis
- Synthesis success verification
- (Note: Detailed anti-pattern checks are handled by cdk-nag)
## Workflow Guidelines
### Development Workflow
1. **Design**: Plan infrastructure resources and relationships
2. **Verify AWS Services**: Use AWS Documentation MCP to confirm service availability and features
- Check regional availability for all required services
- Verify service limits and quotas
- Confirm latest API specifications
3. **Implement**: Write CDK constructs following best practices
- Use CDK MCP server for construct recommendations
- Reference CDK best practices via MCP tools
4. **Validate**: Run pre-deployment checks (see above)
5. **Synthesize**: Generate CloudFormation templates
6. **Review**:AWS Bedrock AgentCore comprehensive expert for deploying and managing AI agents at scale. Use when working with any AgentCore service including Gateway, Runtime, Memory, Identity, Code Interpreter, Browser, Observability, Agent Registry, or Evaluations. Covers agent deployment, MCP tool integration, credential management, agent discovery, governance workflows, and automated quality assessment. Essential when user mentions AgentCore, agent runtime, agent registry, agent evaluation, MCP gateway, deploy agent, register MCP server, discover agents, evaluate agent quality, agent credentials, or wants to build, deploy, catalog, or monitor AI agents on AWS.
Configure AWS MCP servers for documentation search and API access. Use when setting up AWS MCP, configuring AWS documentation tools, troubleshooting MCP connectivity, or when user mentions aws-mcp, awsdocs, uvx setup, or MCP server configuration. Covers both Full AWS MCP Server (with uvx + credentials) and lightweight Documentation MCP (no auth required).
AWS cost optimization, monitoring, and operational excellence expert. Use when analyzing AWS bills, estimating costs, setting up CloudWatch alarms, querying logs, auditing CloudTrail activity, or assessing security posture. Essential when user mentions AWS costs, spending, billing, budget, pricing, CloudWatch, observability, monitoring, alerting, CloudTrail, audit, or wants to optimize AWS infrastructure costs and operational efficiency.
AWS serverless and event-driven architecture expert based on Well-Architected Framework. Use when building serverless APIs, Lambda functions, REST APIs, microservices, or async workflows. Covers Lambda with TypeScript/Python, API Gateway (REST/HTTP), DynamoDB, Step Functions, EventBridge, SQS, SNS, and serverless patterns. Essential when user mentions serverless, Lambda, API Gateway, event-driven, async processing, queues, pub/sub, or wants to build scalable serverless applications with AWS best practices.