CDK for Terraform AWS Provider

21.22.1 · active · verified Fri Apr 17

The `cdktf-cdktf-provider-aws` library provides a Pythonic interface to the AWS Terraform provider within the Cloud Development Kit for Terraform (CDKTF) ecosystem. It allows users to define AWS infrastructure using familiar Python constructs, which CDKTF then synthesizes into Terraform HCL for deployment. This library, currently at version 21.22.1, is updated frequently to reflect new versions of the underlying AWS Terraform provider and the `cdktf` core library.

Common errors

```
ModuleNotFoundError: No module named 'cdktf_cdktf_provider_aws'
```
cause The `cdktf-cdktf-provider-aws` library is not installed in the active Python environment, or the environment is not correctly activated.

fix Activate your Python virtual environment (if using one) and run `pip install cdktf-cdktf-provider-aws`. Ensure you are running your script from the correct environment.
```
Error: creating S3 Bucket: NoCredentialProviders: no valid providers in chain. Deprecated.
```
cause AWS credentials are not configured or found by the AWS provider when `cdktf deploy` attempts to provision resources. The specific error message might vary slightly but indicates authentication failure.

fix Configure AWS credentials using environment variables (`AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_REGION`), an AWS config/credentials file (`~/.aws/credentials`), or by assuming an IAM role. Ensure the region is also correctly set either via environment variable or explicitly in the `AwsProvider` constructor.
```
AttributeError: 'S3Bucket' object has no attribute 'bucket_name'
```
cause Attempting to access or set a non-existent, misspelled, or read-only attribute on a `cdktf-cdktf-provider-aws` resource or provider object. The generated Python classes strictly enforce the underlying Terraform schema.

fix Consult the `cdktf-cdktf-provider-aws` documentation for the specific resource (e.g., `S3Bucket`) or the official Terraform AWS provider documentation to find the correct attribute names. Use IDE autocompletion for guidance.
```
TypeError: __init__() missing 1 required positional argument: 'id'
```
cause All Constructs in CDKTF (including providers and resources like `AwsProvider` or `S3Bucket`) require a `scope` (parent construct) and a unique `id` during instantiation.

fix Ensure that when you instantiate any construct, you provide both a parent scope (e.g., `self` within a `TerraformStack`) and a unique string `id`. For example: `S3Bucket(self, "my-unique-bucket-id", ...) `.

Warnings

breaking Provider regeneration (breaking changes in underlying Terraform AWS provider). The `cdktf-cdktf-provider-aws` library is a generated wrapper around the official Terraform AWS provider. When the upstream Terraform AWS provider introduces significant changes, or when the `cdktf` core library is updated, the provider library is regenerated. This can lead to breaking changes in resource attributes, arguments, or behavior.
Fix: Refer to the `cdktf` and Terraform AWS provider release notes. Upgrade `cdktf-cdktf-provider-aws` and `cdktf` to compatible versions, reviewing changelogs for attribute name changes or type changes. Use `cdktf diff` before `cdktf deploy` to see proposed changes.
gotcha Terraform Provider versioning. `cdktf-cdktf-provider-aws` bundles a specific version of the Terraform AWS provider. If you need a different provider version (e.g., for a new AWS feature, bug fix, or to align with other Terraform configurations) or run into conflicts, you might need to manually configure provider requirements.
Fix: Check the `cdktf-cdktf-provider-aws` changelog or documentation for the bundled Terraform provider version. If necessary, you can override the provider version in your `cdktf.json` by adding `terraform.required_providers` for `aws`, but ensure compatibility with your installed `cdktf-cdktf-provider-aws` version.
gotcha Python version compatibility. The `cdktf-cdktf-provider-aws` library specifically requires Python `~=3.9`. Using an incompatible Python version (e.g., Python 3.8 or lower, or potentially Python 4.x in the future) will lead to installation failures or runtime errors.
Fix: Ensure your development environment uses Python 3.9 or a newer version (e.g., 3.10, 3.11, 3.12). Using `pyenv` or `conda` can help manage multiple Python versions and virtual environments.

Install

pip install cdktf-cdktf-provider-aws Install `cdktf-cdktf-provider-aws`
npm i -g cdktf-cli Install CDKTF CLI (required)

Imports

AwsProvider
wrong:
```
from cdktf_aws import AwsProvider
```
correct:
```
from cdktf_cdktf_provider_aws.provider import AwsProvider
```
The generated Python package uses `cdktf_cdktf_provider_aws` as its root namespace.
S3Bucket
wrong:
```
from cdktf_cdktf_provider_aws.s3 import S3Bucket
```
correct:
```
from cdktf_cdktf_provider_aws.s3_bucket import S3Bucket
```
Each Terraform resource type typically resides in its own module named after the resource (e.g., `s3_bucket.py`).

Quickstart

This quickstart defines a `TerraformStack` that provisions a simple AWS S3 bucket using the `cdktf-cdktf-provider-aws` library. It configures the AWS provider and creates an S3 bucket with a unique prefix and tags. The bucket's domain name is then exported as a Terraform output. Ensure `AWS_REGION`, `AWS_ACCESS_KEY_ID`, and `AWS_SECRET_ACCESS_KEY` environment variables are set for deployment, or configure them via other AWS credential methods. After running `python main.py` (assuming the code is in `main.py`), use `cdktf deploy my-cdktf-aws-stack` to provision the resources.

from constructs import Construct
from cdktf import App, TerraformStack, TerraformOutput
from cdktf_cdktf_provider_aws.provider import AwsProvider
from cdktf_cdktf_provider_aws.s3_bucket import S3Bucket
import os

class MyAwsStack(TerraformStack):
    def __init__(self, scope: Construct, id: str):
        super().__init__(scope, id)

        # Configure AWS Provider
        AwsProvider(self, "AWS", 
                    region=os.environ.get('AWS_REGION', 'us-east-1'),
                    access_key=os.environ.get('AWS_ACCESS_KEY_ID', ''),
                    secret_key=os.environ.get('AWS_SECRET_ACCESS_KEY', ''))

        # Create an S3 Bucket
        bucket = S3Bucket(self, "my-cdktf-unique-bucket",
                          bucket_prefix="my-cdktf-prefix-",
                          acl="private",
                          tags={
                              "Environment": "Development",
                              "Project": "CDKTF-Demo"
                          })

        # Output the bucket name
        TerraformOutput(self, "bucket_name",
                        value=bucket.bucket_domain_name,
                        description="The domain name of the created S3 bucket")

app = App()
MyAwsStack(app, "my-cdktf-aws-stack")
app.synth()

# To deploy, run: cdktf deploy my-cdktf-aws-stack

view raw JSON →