Create AWS Custom Resources in Go

Mo Asgari
2 min readSep 8, 2020

--

AWS CloudFormation is a service to set up and manage AWS resources. Sometimes the resource is not supported by CF (especially for new resource types) or you can’t configure some attributes in CF template.

Custom resources can be used to solve these problems.

In this post, I will show you how it works and how to create a simple custom resource.

You can check the code with a sample project here.

Create custom resources in AWS CloudFormation

How custom resources work

It is an API call with a special JSON payload like this:

{
"RequestType": "Create",
"RequestId": "ae4173ae-f6c5-41af-b669-8503dcd34b63",
"ResponseURL": "https://cloudformation-custom-resource-response-useast1.s3.amazonaws.com/...",
"ResourceType": "Custom::ApiKeyValue",
"LogicalResourceId": "DevApiKeyValue",
"StackId": "caller-stack-id",
"ResourceProperties": {
"ApiKeyId": "riqukj2f62",
"SsmParamPath": "/api/keys/dev",
"ServiceToken": "custom-resource-handler-arn"
}
}

RequestType: specifies the action, which is Create, Update, or Delete.

ResourceType: must start with Custom::

ResourceProperties: whatever we put in the template.

ServiceToken: ARN of a lambda or SNS topic that handles these requests. We will use the Lambda handler in this post.

In lambda function, must check the resource type and the action:

and handleMyResource will be something like this:

In the handler, you can invoke your REST API endpoint, or an AWS service or another cloud provider.

Here is an example of creating a custom resource to store the value of ApiKey in a secure SSM parameter:

To use it in your CF templates you have to deploy the lambda in the same region/account, and add the custom-resource snippet to the template.

[1] Custom resources User Guide

[2] How does AWS CloudFormation work

[3] Github repository

--

--