diff --git a/content/docs/iac/concepts/vs/cloud-template-transpilers/aws-cdk/_index.md b/content/docs/iac/concepts/vs/cloud-template-transpilers/aws-cdk/_index.md index 477ea5978099..6a24e01e367e 100644 --- a/content/docs/iac/concepts/vs/cloud-template-transpilers/aws-cdk/_index.md +++ b/content/docs/iac/concepts/vs/cloud-template-transpilers/aws-cdk/_index.md @@ -1,7 +1,7 @@ --- title_tag: "Pulumi vs. AWS CDK" meta_desc: Pulumi and AWS Cloud Development Kit (CDK) share some similarities, but there are many key differences. Learn about these major differences here. -title: AWS CDK +title: Pulumi vs AWS Cloud Development Kit (CDK) h1: Pulumi vs AWS Cloud Development Kit (CDK) meta_image: /images/docs/meta-images/docs-meta.png menu: @@ -32,7 +32,44 @@ Choosing the right infrastructure as code tool is important, and we want you to ## What is AWS CDK? -AWS Cloud Development Kit (CDK) is an open-source software development framework for defining AWS cloud resources with general-purpose programming languages. CDK is a transpiler that converts program code into AWS CloudFormation JSON/YAML templates and other assets and then submits them to AWS and the CloudFormation deployment service. +AWS Cloud Development Kit (CDK) is an AWS-specific infrastructure as code tool for defining cloud resources with general-purpose programming languages. CDK is based on Node.js and converts program code into AWS CloudFormation JSON/YAML templates that are then deployed by the AWS CloudFormation deployment service. + +## Why choose Pulumi over AWS CDK? + +Pulumi and AWS CDK both utilize general-purpose programming languages for infrastructure as code. While CDK is tied to AWS CloudFormation, Pulumi offers distinct advantages in terms of speed, security, cost savings, and scalability. Pulumi's multi-language and multi-cloud capabilities allow it to support deployments across platforms like Azure, Snowflake, and AWS simultaneously, something CDK cannot achieve. Additionally, Pulumi's independent runtime provides a more seamless and productive developer experience, free from the limitations of CloudFormation. Users who have transitioned to Pulumi report improved performance, faster deployment times, and greater developer joy. See the [SST](https://sst.dev/blog/moving-away-from-cdk), [WhyLabs](/case-studies/whylabs/), and [Panther Labs](/case-studies/panther-labs/) case studies for more details. + +### Scale + +Pulumi is better equipped to handle large-scale deployments across multi-cloud environments. + +- __Workflow orchestration__: With its Automation API, Pulumi allows for the programmatic management of infrastructure at scale. This feature enables dynamic orchestration workflows that are not possible with CDK's CLI-based execution model. +- __Multi-cloud support__: Pulumi supports multi-cloud environments, Kubernetes, SaaS providers (e.g., Datadog, Databricks, Okta), and on-premises infrastructure. This flexibility enables organizations to scale across different platforms without being constrained by a single provider like AWS in the case of CDK. +- __Resource limits__: Unlike CloudFormation (and by extension CDK), which imposes a 500-resource limit per template, Pulumi imposes no hard limits on the number of resources in a stack, making it better suited for complex deployments. + +### Speed + +Pulumi enables faster development and deployment workflows compared to CDK due to its direct integration with cloud providers without going through a transpiler. + +- __Deployment__: Pulumi communicates directly with cloud providers, bypassing the intermediate step of generating CloudFormation templates as required by CDK. Since CDK relies on CloudFormation as its deployment engine, it inherits many of CloudFormation's speed limitations. (see [Pulumi vs. CloudFormation](/docs/concepts/vs/cloud-templates/cloudformation/)). +- __Development__: Pulumi's runtime engine allows for immediate feedback (milliseconds) in your IDE during deployment, enabling you to debug and iterate more quickly. In contrast, CDK's reliance on CloudFormation introduces delays (tens of minutes) due to template transpilation and longer error resolution times. +- __Testing__: Pulumi supports fast, in-memory unit tests that mock external calls, enabling developers to validate infrastructure without deploying it. CDK testing is limited to assertions against synthesized CloudFormation templates, which slows down the feedback loop. +- __Developer self-service__: Pulumi empowers you to build modern infrastructure platforms that enable developers to self-service cloud infrastructure. You can easily build GUI, CLI, or YAML based developer portals or use the built-in [New Project Wizard](/docs/pulumi-cloud/developer-portals/new-project-wizard/) with customizable organizational templates. In contrast, CDK lacks features specifically designed for building developer platforms. +- __AI-powered__: [Pulumi Copilot](/docs/pulumi-cloud/copilot/) is an AI-powered assistant that automates any infrastructure management task. It can generate a Pulumi program from a few simple text prompts, and it provides predictive insights to analyze and preempt potential operational issues. CDK doesn't include AI capabilities for generating code or providing operational insights. + +### Security + +Pulumi natively integrates security features with infrastructure provisioning. + +- __Secrets management__: Pulumi has built-in secrets management that encrypts secrets both in transit and at rest. It also integrates seamlessly with external secrets managers like AWS Secrets Manager. CDK has no built-in support for managing or handling encrypted secrets. +- __Policy as code__: Pulumi enables your organization to enforce security and compliance policies during deployment using Pulumi CrossGuard's policy as code. This feature is tightly integrated into Pulumi's workflows, whereas CDK offers only limited support for such policies. + +### Savings + +Pulumi can deliver cost savings over CDK due to its multi-cloud support and efficiency gains in the inner development loop. + +- __Multi-cloud support__. Pulumi supports over 160 cloud providers, allowing your organization to optimize costs by choosing the most cost-effective provider for your needs. CDK is limited to AWS, which may lock you into higher cost AWS services. Using CDK will also necessitate employing another IaC system to manage non-AWS resources which will increase training time for new engineers and operational complexity. +- __Operational efficiency__: Pulumi’s faster deployments reduce engineering time spent on debugging and iteration cycles. This translates into lower development time costs compared to the more time-intensive development workflows required by CDK. +- __Interoperability__: Pulumi can integrate with existing resources managed by other IaC tools, eliminating the need for costly migrations or extensive code refactoring. CDK lacks interoperability with other IaC tools, which requires full migration to CDK code in order to interact with existing resources. ## Pulumi vs. CDK: Similarities {#similarities} @@ -48,6 +85,12 @@ Moreover, because CDK depends on CloudFormation as the deployment engine, it sha Finally, while both CDK and Pulumi support automated testing, the scenarios they're able to support are quite different. For example, both CDK and Pulumi support unit testing, but Pulumi offers significant advantages as a result of the deep integration between language host and runtime. With Pulumi, you can run fast, in-memory (offline) unit tests that mock external calls to cloud providers, whereas with CDK, you're only able to run assertions against the rendered CloudFormation template synthesized by the CDK app, and there is no equivalent option for offline testing. +## Pulumi vs. CDK: Better Together {#better-together} + +While there are differences and similarities between Pulumi and AWS CDK, they can actually be used together for a more powerful experience in managing infrastructure. The pulumi-cdk library allows CDK code and constructs to be used directly in Pulumi programs, resulting in AWS resources being deployed and managed via Pulumi. Outputs of resources defined in a Pulumi program can be passed into AWS CDK constructs, and outputs from AWS CDK stacks can be used as inputs to other Pulumi resources. This allows CDK users to be able to use their existing constructs and access all the features of Pulumi Cloud (e.g., policy as code, drift detection, Insights and Copilot). See the [Pulumi CDK Adapter documentation](/docs/iac/clouds/aws/guides/cdk/) for more details. + +In addition to CDK interoperability, Pulumi can deploy CloudFormation stacks directly from a Pulumi program. See the [AWS provider documentation](/registry/packages/aws/api-docs/cloudformation/). If you already have CloudFormation resources, Pulumi stacks can reference resources from existing CloudFormation stacks. You can also easily convert CloudFormation templates to Pulumi programs. See the [AWS CloudFormation to Pulumi documention](/docs/iac/adopting-pulumi/migrating-to-pulumi/from-cloudformation/). + The following table summarizes some additional similarities and differences between Pulumi and CDK, and the sections below the table go into more detail. ### Feature Comparisons @@ -71,7 +114,9 @@ The following table summarizes some additional similarities and differences betw | [Adopt Existing Resources](#adopting) | Yes. Generates code as part of the import process | No | | [Import code from other IaC Tools](#import) | Yes | No | -Getting started with Pulumi is easy if you already have experience with CDK or a general-purpose programming language. Follow our [Adopting Pulumi from AWS CloudFormation](/docs/using-pulumi/adopting-pulumi/migrating-to-pulumi/from-aws/) or try our [CloudFormation conversion tool](/cf2pulumi/). To deploy a simple program, follow our Get Started guide: +Getting started with Pulumi is easy if you already have experience with CDK or a general-purpose programming language. Follow our [Adopting Pulumi from AWS CloudFormation](/docs/using-pulumi/adopting-pulumi/migrating-to-pulumi/from-aws/) or try our [CloudFormation conversion tool](/cf2pulumi/). To deploy CDK constructs with Pulumi, follow our [Pulumi CDK Adapter documentation](/docs/iac/clouds/aws/guides/cdk/). + +To deploy a simple program, follow our Get Started guide: {{< get-started >}}