CDK CloudFormation Disassembler
WIP - this module is still not fully functional:
- [ ] Does not handle intrinsic functions
- [ ] Only handles the "Resources" section (parameters, outputs, mappings, conditions, ...)
- [ ] Keys in JSON blobs (such as IAM policies) are converted to camel case (instead of remain as pascal case).
- [ ] Only TypeScript is supported
Converts an AWS CloudFormation template into AWS CDK code which synthesizes the same exact template.
Why you should not use this tool?
Generally, this is not a recommended approach when using the AWS CDK, but some people may find this useful as a means to get started or migrate an existing template.
Using this method means that you will have to use the low-level resources (e.g.
s3.CfnBucket
instead of s3.Bucket
). This means that you lose a substantial
portion of the value of the CDK, which abstracts away much of the boilerplate
and glue logic required to work with AWS resources.
For example, this is how you would define an S3 bucket encrypted with a KMS key with high-level resources:
new s3.Bucket(this, 'MyBucket', {
encryption: s3.BucketEncryption.Kms
});
And this is how the same exact configuration will be defined using low-level resources:
new kms.CfnKey(this, 'MyBucketKeyC17130CF', {
keyPolicy: {
"statement": [
{
"action": [ "kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*", "kms:Update*", "kms:Revoke*", "kms:Disable*", "kms:Get*", "kms:Delete*", "kms:ScheduleKeyDeletion", "kms:CancelKeyDeletion" ],
"effect": "Allow",
"principal": {
"aws": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::", { "Ref": "AWS::AccountId" }, ":root" ] ] }
},
"resource": "*"
}
],
"version": "2012-10-17"
}
});
new s3.CfnBucket(this, 'MyBucketF68F3FF0', {
bucketEncryption: {
"serverSideEncryptionConfiguration": [
{
"serverSideEncryptionByDefault": {
"kmsMasterKeyId": Fn.getAtt('MyBucketKeyC17130CF', 'Arn').toString(),
"sseAlgorithm": "aws:kms"
}
}
]
},
});
As you can see, there are a lot of details here that you really don't want to
care about (like the value to put under sseAlgorithm
or which actions are
required in the key policy so the key can be managed by administrators. Also,
this is actually one of the more simple examples we have in the CDK.
The AWS Construct Library includes a very large amount of "undifferentiated heavy lifting" that you can only enjoy if you use the high level resources which encapsulate all this goodness for you behind a nice clean object-oriented API.
Therefore, we encourage you to use the high-level constructs in the AWS Construct Library as much as possible. If you encounter a gap or missing capability or resource, take a look at the Escape Hatches section of the User Guide.
Usage
$ cdk-dasm < my-stack-template.json > my-stack.ts
For example, given:
{
"Resources": {
"MyTopic": {
"Type": "AWS::SNS::Topic",
"Properties": {
"DisplayName": "YoTopic"
}
}
}
}
The output will be:
// generated by cdk-dasm at 2019-08-07T02:52:01.561Z
import { Stack, StackProps, Construct, Fn } from '@aws-cdk/core';
import * as sns from '@aws-cdk/aws-sns';
export class MyStack extends Stack {
constructor(scope: Construct, id: string, props: StackProps = {}) {
super(scope, id, props);
new sns.CfnTopic(this, 'MyTopic', {
displayName: "YoTopic",
});
}
}