Skip to content

Instantly share code, notes, and snippets.

@kamauwashington

kamauwashington/aws-cdk-with-dotenv-and-typescript.md

Last active May 22, 2025 16:16
Show Gist options
  • Save kamauwashington/541af996114cfd83082b656ced3faf7d to your computer and use it in GitHub Desktop.
Save kamauwashington/541af996114cfd83082b656ced3faf7d to your computer and use it in GitHub Desktop.
Download ZIP
Using AWS CDK with dotenv and TypeScript (--require module implementation)
Raw
aws-cdk-with-dotenv-and-typescript.md

Using AWS CDK with dotenv and TypeScript

Note, I prefer the node --require option of loading .env variables over importing or requiring in application code.

TLDR;

  • install dotenv as a development dependency
  • in the cdk.json in the root of the project directory add the following in bold :
    • { "app": "npx ts-node -r dotenv/config --prefer-ts-exts bin/<stack-name>.ts" }

When developing via AWS CDK it is easy to set environment variables on resources as they are being defined to be stored in AWS. However, in some repositories there is a need to set environment variables for the CDK Stack to use.

This can be done from the command line, or by setting the environment variables for the user, terminal, or machine. However these options do not provide the convenience of dotenv especially when many environment variables are needed during local development (See my notes on dotenv for local only here)

Steps

  1. confirm that ts-node can be found in the package.json of the AWS CDK project
  • it should be present as it is a part of cdk init
  • if ts-node is not present run npm install -D ts-node
  • npx can also be used
  1. run npm install -D dotenv for the current AWS CDK TypeScript project
  2. create a .env file in the project root and add the necessary environment variables
  3. ensure the .env is added to the .gitignore file as this should not be kept in the repository
  4. open the cdk.json file
  • find the app keyword
  • add -r dotenv/config right after npx ts-node
  • the end result should look like this :
    • "app": "npx ts-node -r dotenv/config --prefer-ts-exts bin/<stack-name>.ts",

Once this is done, the cdk commands will utilize the environment variables from the .env file. This is a very convenient way to load environment variables using a nodejs standard that most developers know, without having to install additional libraries, clis, or custom scripts.

Before

{
  "app": "npx ts-node --prefer-ts-exts bin/my-stack.ts",
  "watch": {
    "include": [
      "**"
    ],
    "exclude": [
      "README.md",
      "cdk*.json",
      "**/*.d.ts",
      "**/*.js",
      "tsconfig.json",
      "package*.json",
      "yarn.lock",
      "node_modules",
      "test"
    ]
  },
  "context": {
    "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": true,
    "@aws-cdk/core:stackRelativeExports": true,
    "@aws-cdk/aws-rds:lowercaseDbIdentifier": true,
    "@aws-cdk/aws-lambda:recognizeVersionProps": true,
    "@aws-cdk/aws-lambda:recognizeLayerVersion": true,
    "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": true,
    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
    "@aws-cdk/core:checkSecretUsage": true,
    "@aws-cdk/aws-iam:minimizePolicies": true,
    "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
    "@aws-cdk/core:validateSnapshotRemovalPolicy": true,
    "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
    "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
    "@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
    "@aws-cdk/core:enablePartitionLiterals": true,
    "@aws-cdk/core:target-partitions": [
      "aws",
      "aws-cn"
    ]
  }
}

After

{
  "app": "npx ts-node -r dotenv/config --prefer-ts-exts bin/my-stack.ts",
  "watch": {
    "include": [
      "**"
    ],
    "exclude": [
      "README.md",
      "cdk*.json",
      "**/*.d.ts",
      "**/*.js",
      "tsconfig.json",
      "package*.json",
      "yarn.lock",
      "node_modules",
      "test"
    ]
  },
  "context": {
    "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": true,
    "@aws-cdk/core:stackRelativeExports": true,
    "@aws-cdk/aws-rds:lowercaseDbIdentifier": true,
    "@aws-cdk/aws-lambda:recognizeVersionProps": true,
    "@aws-cdk/aws-lambda:recognizeLayerVersion": true,
    "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": true,
    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
    "@aws-cdk/core:checkSecretUsage": true,
    "@aws-cdk/aws-iam:minimizePolicies": true,
    "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
    "@aws-cdk/core:validateSnapshotRemovalPolicy": true,
    "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
    "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
    "@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
    "@aws-cdk/core:enablePartitionLiterals": true,
    "@aws-cdk/core:target-partitions": [
      "aws",
      "aws-cn"
    ]
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment