Question for those who wants to “code everything”… In my company we have many third-party services (G Workspaces, Atlassian, VPN Provider, Slack…) .. etc. Once a new member joins the company, somebody has to go manually and create each account, assign each permission, each group… This doesn’t scale, I want to code something in a way that I can execute it many times, and also have some audit of it. Is was thinking to have a sort of “stack” where I can make API calls to Google, Atlassian, Slack .. etc. Somebody knows a framework or tool to do this?

I used to do this with terraform

Interesting.

yeah there is actually

😮

Yeah I saw it.

I actually prefer the TF language. It's more declarative so once you get used to it everyone's tf configs look the same

It’s right to use CDK for my purpose?

no it's seperate, I haven't tried cdktf but technically it should work for you

Ok, going to take a look, I wanted to test CDKTF, maybe this is the opportunity.

I personally hate the

constructs

library at this point haha and am sad that this is what is becoming the standard

Whyyy?

I like it conceptually, I just don't like the implementation

Ah ok, that makes sense.

I think because I work with it at a lower level I run into certain issues. Everything being constructor based is my #1 problem, makes it so everything has to be synchronous and this means there's so much that breaks

I see.

can't use dynamic imports, which means we can't have optional dependencies can't use anything that requires async so we have to do all kinda of crazy hacks

Oh yeah the async stuff it’s true.

yeah you can now with functional stacks but for us on the SST team building constructs, we also want to use async await inside construct code

@Adrián Mouly regarding stuff outside CDK needs - perhaps Zapier + it's competitors might be worth a look for integrating things that have an API

Interesting.

Having just started working with AWS Step Functions, onboarding sounds like a task well suited for the service.

Interesting.

I've only built some basic workflows with Step Functions, but it feels like it could be used for this

Yeah feels more natural to be IaC... But actually is not Infra.. Ops as Code? Haha.

If your third party services expose APIs, I bet you could do something clever with Event Bridge API Destinations

the difference is you have to maintain state if you do it that way

Terraform seems well suited for this type of thing

Yeah, it looks like.

So do you mean basically like SSO as code?

Sort of, but in my case I need to provision other things, not only new accounts.

OK, gotcha. Yea, with other things, Terraform has been good. I tried their CDK about a year ago while it's in alpha stage and it did not do that well. Would be interesting to re-try it now and see if it's much more stable.

Yeah looks more stable now.