In this blog I will show you how to create and deploy an AWS CloudFormation custom provider in less than 5 minutes using a Python copier template. To create a custom resource in CloudFormation, is really simple. You just implement a create, update and delete method in a Lambda and you are done. But that is the easy part: you still have to create zip files, unit tests, documentation, demo’s, CI/CD deployment pipelines and more. This copier template has it all!
- it creates the source code for a custom resource provider
- all the build commands you need to build, test and deploy your provider
- it provides re-recordable unit testsusing botocore stubber recorder
- it deploys lambdas to buckets in all AWS regions in the world
- it supports semantic versioning using git-release-tag
- it provides a ready-to-deploy CI/CD pipeline on AWS Codebuild
Let’s say you want to create a custom resource for a Custom Domain of an AWS AppRunner service, because it does not yet exist. To get started, type:
$ pip install copier
$ copier https://github.com/binxio/cloudformation-custom-provider-template /tmp/cfn-app-runner-custom-domain-provider
🎤 the name of your custom resource type?
🎤 The name of your resource provider project?
🎤 The name of your Python module?
🎤 a short description for the custom provider?
manages app runner custom domains
🎤 Python version to use
🎤 Your full name?
Mark van Holsteijn
🎤 Your email address?
🎤 the URL to git source repository?
🎤 the AWS profile name
🎤 the AWS region name
🎤 prefix for the S3 bucket name to store the lambda zipfiles?
🎤 Access to lambda zip files?
> Running task 1 of 1: [[ ! -d .git ]] && ( git init && git add . && git commit -m 'initial import' && git tag 0.0.0) || exit 0
Initialized empty Git repository in /tmp/cfn-app-runner-custom-domain-provider/.git/
[main (root-commit) b2ce863] initial import
21 files changed, 619 insertions(+)
source code directory
The copier generates the following source code directory:
├── Dockerfile.lambda # creates the zip file
├── Makefile.mk # generic build steps for the provider
├── Makefile # customization of build steps
├── Pipfile # python virtual environment definition
│ ├── cfn-app-runner-custom-domain-provider.yaml # to deploy the provider
│ ├── cicd-pipeline.yaml # to deploy the Codebuild CI/CD pipeline
│ └── demo.yaml # to deploy the demo
│ └── AppRunnerCustomDomain.md # start documentation of resource
├── pyproject.toml # Python project definition
├── setup.cfg # Python package settings
├── tox.ini # Python test definitions
│ └── cfn_app_runner_custom_domain_provider
│ ├── __init__.py
│ ├── app_runner_custom_domain.py # custom resource definition source
│ └── logger.py
│ └── crud
│ ├── __init__.py
│ ├── base
│ │ └── __init__.py
│ └── test_crud.py # custom resource definition test
That is all that is needed to create a project with a working custom provider for the resource
AppRunnerCustomDomain. When you change to the directory and type:
$ pipenv install -d
$ make deploy-provider
$ make demo
Your provider will be up-and-running in less than 5 minutes!
Available build commands
to see a list of all of available build commands, type:
$ make help
build - build the lambda zip file
fmt - formats the source code using black
test - run python unit tests
test-record - run python unit tests, while recording the boto3 calls
test-templates - validate CloudFormation templates
deploy - AWS lambda zipfile to bucket
deploy-all-regions - AWS lambda zipfiles to all regional buckets
undeploy-all-regions - deletes AWS lambda zipfile of this release from all buckets in all regions
deploy-provider - deploys the custom provider
delete-provider - deletes the custom provider
deploy-pipeline - deploys the CI/CD deployment pipeline
delete-pipeline - deletes the CI/CD deployment pipeline
deploy-demo - deploys the demo stack
delete-demo - deletes the demo stack
tag-patch-release - create a tag for a new patch release
tag-minor-release - create a tag for a new minor release
tag-major-release - create a tag for new major release
Run the unit tests
To run the unit tests, type:
$ make test
The unit test will test the scaffold implementation generated by the botocore stubber recorder. To create unit tests for your resource, edit the source code in
./tests/. To implement your custom resource, edit the source code under
Re-recordable unit tests
Once you have your custom resource provider, it undoubtedly does some AWS API calls. The botocore stubber recorder library records the actual calls and generate the stub. The unit tests can be run in recording mode, where the test is against a real AWS account. To run your unit tests as integration test against a live system and record the stubs, type:
$ make test-record
To run the unit tests with the newly created stubs, type:
$ make test
The integration tests are run against the AWS profile and region you specified. To add a new test, type:
$ botocore-stubber-recorder --test-name failed_create
Deploy the zip file to the bucket
To copy the zip file with the source code of the AWS Lambda of the custom resource provider, the buckets must already exist. If they do not, type:
$ aws s3 mb s3://<bucket-prefix>-<bucket-region>
The build system expects the bucket name to consists of the prefix and the region name. This allows the provider to be made available for use in all regions.
Deploy the custom resource provider into the account
To configure the run-time parameters and permissions of the your provider, change the CloudFormation template in the directory
./cloudformation. Once that is done, type:
$ make deploy-provider
Deploy the custom resource demo
To deploy a CloudFormation stack with an example use of the custom resource, type:
$ make deploy-demo
Version your custom resource provider
Semantic versioning of the provider is implemented using the utility git-release-tag. To version your custom resource provider, you can use the following commands:
make tag-patch-release - create a tag for a new patch release
make tag-minor-release - create a tag for a new minor release
make tag-major-release - create a tag for new major release
This will: * runs the pre-tag command in the file
./release, to update all files with references to the semantic version * commit all outstanding changes in the workspace * tag the commit with the new version. To show the current version of the workspace, type:
Deploy provider to all regions
To deploy the current version of your provider to all regions, type:
This assumes you have buckets in all regions with the defined prefix.
Deploy CI/CD pipeline
To deploy the CI/CD pipeline based on AWS Codebuild, make sure that the AWS account can access the source repository. If that is the case, type:
Now, every time you tag a new release, it will automatically be deployed to all regions.
This copier template provides everything you need to quickly build, deploy and maintain a new custom AWS CloudFormation Provider! If you have any questions, problems or feedback feel free to contact me or add issues at https://github.com/binxio/cloudformation-custom-provider-template. If you want to create your resource provider in Golang, we also have a solution for that!