What is Infrastructure as Code with AWS CDK?

AWS CDK (Cloud Development Kit) is an open-source framework to define cloud infrastructure using familiar programming languages (TypeScript, Python, Java, C#, Go) — synthesizes to CloudFormation templates. Core concepts: App: root container for CDK stacks; Stack: unit of deployment (=CloudFormation stack); Construct: reusable cloud component. Three levels: L1 (Cfn constructs — direct CloudFormation mapping, raw), L2 (curated constructs — AWS opinionated, most common), L3 (patterns — complete solutions, multiple resources). L2 example (Python): from aws_cdk import Stack, aws_s3 as s3, aws_lambda as lam, aws_s3_notifications as s3n from constructs import Construct class MyStack(Stack): def __init__(self, scope: Construct, id: str, **kwargs): super().__init__(scope, id, **kwargs) bucket = s3.Bucket(self, "MyBucket", versioned=True, encryption=s3.BucketEncryption.S3_MANAGED, removal_policy=RemovalPolicy.DESTROY, auto_delete_objects=True) processor = lam.Function(self, "Processor", runtime=lam.Runtime.PYTHON_3_12, handler="index.handler", code=lam.Code.from_asset("lambda"), environment={"BUCKET_NAME": bucket.bucket_name}) bucket.grant_read(processor) bucket.add_event_notification(s3.EventType.OBJECT_CREATED, s3n.LambdaDestination(processor)). Grant methods (grantRead, grantReadWrite, grantPut) automatically create IAM policies. CDK Pipelines: self-mutating CI/CD pipeline using CDK. Aspects: apply changes across entire CDK tree (add tags, enforce compliance). cfn_nag / cdk-nag: security scanning of CDK/CloudFormation templates. CDK vs Terraform vs CloudFormation: CDK = type-safe, programmatic, native AWS; Terraform = multi-cloud, larger community, HCL; CloudFormation = JSON/YAML, no programming constructs. CDK compiles to CloudFormation.