Skills cdk-patterns
📦

cdk-patterns

Safe

Build AWS CDK Infrastructure Patterns

Design production-ready AWS infrastructure using CDK constructs. Apply proven patterns for serverless APIs, containers, and data pipelines with reusable L2/L3 constructs.

Supports: Claude Codex Code(CC)
📊 71 Adequate
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Test it

Using "cdk-patterns". Create a serverless API with Lambda and DynamoDB

Expected outcome:

Generates a complete CDK construct with API Gateway integration, Lambda function with proper runtime configuration, DynamoDB table with on-demand billing, IAM permissions using grantReadWriteData, and X-Ray tracing enabled for observability.

Using "cdk-patterns". Review my CDK stack for best practices

Expected outcome:

Provides specific recommendations: replace CfnFunction with lambda.Function L2 construct, add RemovalPolicy.RETAIN for stateful resources, implement least privilege IAM using table.grantReadWriteData instead of inline policies, and add cdk.Tags for resource organization.

Security Audit

Safe
v1 • 2/25/2026

All static analysis findings are false positives. The 'Dynamic function constructor' at line 53 is actually a CDK Lambda construct (new lambda.Function). The 'Ruby/shell backtick execution' detections are markdown code block delimiters (```typescript), not shell commands. The 'Weak cryptographic algorithm' findings reference description text, not actual crypto code. This skill contains only documentation and example CDK TypeScript code with no executable security risks.

1
Files scanned
80
Lines analyzed
0
findings
1
Total audits
No security issues found
Audited by: claude

Quality Score

38
Architecture
100
Maintainability
87
Content
31
Community
100
Security
91
Spec Compliance

What You Can Build

Serverless API Development

Build production-ready serverless APIs using API Gateway, Lambda, and DynamoDB with proper IAM permissions and monitoring enabled.

Reusable Infrastructure Constructs

Create organization-standard L3 constructs that encode best practices for consistent infrastructure deployments across teams.

CDK Code Review and Optimization

Review existing CDK code for anti-patterns, security issues, and opportunities to use higher-level constructs.

Try These Prompts

Basic CDK Stack Generation 
Create a CDK stack in TypeScript that deploys a Lambda function with an S3 bucket. Use L2 constructs, apply removal policies, and enable X-Ray tracing.
Serverless API Pattern 
Generate a reusable CDK construct for a serverless API with API Gateway, Lambda, and DynamoDB. Include proper IAM permissions, environment variables, and CloudWatch alarms.
Multi-Stack Architecture 
Design a multi-stack CDK application separating stateful resources (RDS, S3) from stateless compute (Lambda, ECS). Show how to pass references between stacks.
CDK Code Review 
Review this CDK stack for security anti-patterns, IAM over-permissions, and opportunities to use L2 constructs instead of L1. Suggest specific improvements.

Best Practices

  • Use L2 constructs over L1 (Cfn*) constructs for safer defaults and less boilerplate code
  • Separate stateful resources (databases, buckets) from stateless compute into different stacks for independent lifecycle management
  • Apply the principle of least privilege to all IAM roles using grant methods instead of broad inline policies

Avoid

  • Using L1 (Cfn*) constructs when L2 alternatives exist, resulting in more code and weaker safety guarantees
  • Hardcoding account IDs or regions instead of using cdk.Aws.ACCOUNT_ID and cdk.Aws.REGION for portability
  • Deploying stateful and stateless resources in the same stack, coupling their lifecycles unnecessarily

Frequently Asked Questions

What is the difference between L1 and L2 CDK constructs?
L1 constructs (Cfn*) are auto-generated from CloudFormation and map 1:1 to resources. L2 constructs provide higher-level abstractions with sensible defaults, validation, and helper methods. Always prefer L2 constructs when available.
How do I handle secrets in CDK?
Use AWS Secrets Manager or SSM Parameter Store. Reference secrets using secret.secretValueFromJson() and grant read access to Lambda functions using secret.grantRead(handler). Never hardcode secrets in your CDK code.
What is the recommended stack separation strategy?
Separate stateful resources (databases, S3 buckets) from stateless compute (Lambda, ECS). This allows independent deployments and prevents accidental data loss when updating compute resources.
How do I enable monitoring in my CDK stacks?
Enable X-Ray tracing on Lambda functions with tracing: lambda.Tracing.ACTIVE. Add CloudWatch alarms for error rates, latency, and throttling. Use CDK Monitoring constructs or aws-cdk-lib/aws-cloudwatch for alarm definitions.
Can I use this skill with Python or Java instead of TypeScript?
Yes. The patterns are language-agnostic. The skill can generate CDK code in TypeScript, Python, or Java. The underlying constructs and best practices remain the same across languages.
How do I handle circular dependencies between stacks?
Extract shared resources into a dedicated base stack. Pass resource references (ARNs, IDs) between stacks using constructor props or cross-stack references via stack exports and Fn.importValue().

Developer Details

Author

sickn33

License

MIT

Repository

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/cdk-patterns

Ref

main

File structure

📄 SKILL.md