Q-Bits: Generating CDK Tests With Amazon Q Developer
Write CDK assertion and snapshot tests in minutes using Amazon Q Developer
Dor Fibert
Amazon Employee
Published Mar 24, 2025
Welcome to another installment of Q-Bits, our regular series showcasing cool ways Amazon employees are leveraging Amazon Q Developer. Today, we're diving into how Q Developer can assist with writing CDK tests.
Are you tired of discovering infrastructure bugs only after they've made it to production? You're not alone. While Infrastructure as Code revolutionized cloud deployment, testing these resources remains a challenge for many development teams. The good news? Amazon Q Developer is changing the game for CDK testing.
Testing Infrastructure as Code is often overlooked as teams rush to deploy cloud resources, but this critical step can save countless hours of troubleshooting and prevent costly production issues. By leveraging Amazon Q Developer's powerful AI capabilities, you can now create comprehensive tests for your CDK applications with unprecedented ease and efficiency.
In this guide, I'll walk you through practical techniques to generate robust CDK tests using Amazon Q Developer. Whether you're new to infrastructure testing or looking to enhance your existing practices, you'll discover how to catch configuration errors, validate resource properties, and ensure your infrastructure behaves as expected—all before deployment.
CDK testing allows you to verify that your infrastructure code generates the resources you expect it to create.
Rather than manually inspecting CloudFormation templates, you can write automated tests that confirm your resources have the correct properties and configurations.
Tests often run during your build process, acting as gatekeepers that prevent problematic code from being deployed.
Consider this simple CDK construct creating a secured S3 bucket:
Without tests, you're hoping everything deploys correctly. But with tests, you can verify these security configurations actually exist.
AWS CDK offers three testing approaches to ensure infrastructure reliability:
- Fine-grained assertions allow developers to verify specific aspects of CloudFormation templates using methods like
hasResource()andhasResourceProperties(), enabling precise validation of resource configurations and properties - Snapshot tests provide a way to detect unintended infrastructure changes by comparing the current CloudFormation template against a previously saved reference, making it easy to identify and review modifications
- Integration Tests, while more time-consuming, offer the most comprehensive validation by actually deploying resources to AWS, verifying that the infrastructure components work together correctly in a real environment and ensuring proper interaction between different AWS services.
In this post we will focus on Fine-grained Assertion and snapshot tests.
Assertion tests verify specific aspects of your infrastructure resources.
They check that individual properties are configured correctly, such as ensuring your S3 bucket has encryption enabled or confirming that your Lambda function has the right memory allocation.
These tests are focused and precise, making them excellent for validating security requirements or compliance controls.
In order to leverage Amazon Q Developer to help with these tests, simply ask it:
Write assertion tests for the SecureBucket CDK construct that creates a secured S3 bucket.Amazon Q Developer will generate something like this:
Amazon Q Developer understands both the CDK testing patterns and the underlying CloudFormation properties. The tests even follow a clear Given-When-Then pattern that's easy to understand.
Make sure to verify the response. You can even ask Amazon Q Developer to help fix any error you encounter.
Snapshot tests capture the entire CloudFormation template generated by your CDK code. They store this "snapshot" as a reference and alert you to any changes in subsequent test runs. This approach is great for detecting unintended changes to your infrastructure and ensuring stability over time.
Ask Amazon Q Developer:
Create a snapshot test for my CDK stack that creates a secured S3 bucket.Amazon Q Developer will generate a test like this:
The first time you run this test, it creates a snapshot file containing the CloudFormation template:
On subsequent runs, it compares against this baseline snapshot and fails if there are any differences. To keep this baseline snapshot up-to-date, you can update it when introducing intended changes to your infrastructure code.
This approach helps validate that your custom abstractions behave as expected.
Beyond generating test code, Amazon Q Developer can provide guidance on testing strategies.
Ask:
What are best practices for organizing CDK tests?Amazon Q Developer might suggest:
Personally, I've found Amazon Q Developer especially helpful for generating tests for expected errors. It managed to come up with creative ways to “break” my code, and verify the expected errors are being thrown.
Testing your CDK code is no longer a daunting task thanks to Amazon Q Developer. What was once considered a time-consuming obstacle is now a streamlined process that seamlessly integrates into your development workflow.
Throughout this guide, you've discovered how to leverage Amazon Q Developer to create assertion tests that validate specific resource properties, and implement snapshot tests that detect unintended changes to your infrastructure. These techniques provide multiple layers of protection against common deployment issues that plague many cloud environments.
The real game-changer is how Amazon Q Developer makes it incredibly easy to generate test code for both standard AWS resources and your custom constructs, making it accessible regardless of your experience level with CDK or testing frameworks.
Any opinions in this post are those of the individual author and may not reflect the opinions of AWS.