code for article pfeilbr/aws-cloudformation-custom-resource-type-playground
examples for creating CloudFormation extensions and specifically CloudFormation Custom Resource Type
An extension is an artifact, registered in the CloudFormation Registry, which augments the functionality of CloudFormation in a native manner
You can use the CloudFormation CLI to register extensions—both those you create yourself, as well as ones shared with you—with the CloudFormation registry. This enables you to use CloudFormation capabilities to create, provision, and manage these custom types in a safe and repeatable manner, just as you would any AWS resource
There are the following four types of CloudFormation extension mechanisms:
- CloudFormation Custom Resources
- CloudFormation Module
- CloudFormation Custom Resource Types
- CloudFormation Macros
Example Custom Resource Types
Notes
- Custom resources can be backed by lambda or SNS topic
TODO
- Org::Service::WAFCDN -> CDK app containing
- API Gateway (custom auth token | or cloudformation security context identity) -> Step Fn -> create stack -> wait stack -> loop
- custom resource lambda handler is just a pass through to APIG provisioning the resources.
- store API Key in secrets manager and reference from cfn custom resource type property
- Sid: DeleteAppRoles
Effect: Allow
Action:
- wafcdn:*
Resource: !Sub "arn:aws:cloudformation:${AWS::Region}:${AWS::AccountId}:type/resource/MyOrg-MyService-MyResource/*"
Resources
- User Guide for Extension Development
- Use Python to manage third-party resources in AWS CloudFormation | Amazon Web Services
- Learn Best Practices for Implementing AWS Lambda-backed Custom Resources with AWS CloudFormation
- Writing an AWS CloudFormation Resource Provider in Python: Step by Step - Cloudar
- CloudFormation Resource Providers - A Chicken and Egg Problem
- Resolve the "Resource timed out waiting for creation of physical resource" error in AWS CloudFormation
- Deploying CloudFormation resource type
Twitter • Reddit