AWS Serverless Application Repository support

aws-cloudformation / aws-cloudformation-resource-providers-cloudformation

The CloudFormation Resource Provider Package For AWS CloudFormation

https://aws.amazon.com/cloudformation/

Apache License 2.0

47 stars 35 forks source link

AWS Serverless Application Repository support #70

Open jarreds opened 3 years ago

jarreds commented 3 years ago

The new AWS::CloudFormation::ResourceVersion & AWS::CloudFormation::ResourceDefaultVersion are currently not supported in AWS SAR.

Really bummed to have hit this. Is there any way you all could work w/ the SAR team to get these resource types put in the "allow" list?

Thanks!

benkehoe commented 3 years ago

What functionality of SAR do you hope to use with a template with these resources in it? Would such a use case be solved by types in the CloudFormation registry being sharable between accounts?

jarreds commented 3 years ago

We'd like to make a number of resources available for use by our customers, so they need to be public. The other mechanism we've considered for distributing the resource versions is via the marketplace.

Anyway, we feel that asking our customers to embed a simple SAR resource that handles all the resource registration stuff is much simpler UX. We're a serverless product too, so that just feels right as well.

  SaaSCloudFormationResources:
    Type: AWS::Serverless::Application
    Properties:
      Location:
        ApplicationId: arn:aws:serverlessrepo:us-east-1:#######:applications/######
        SemanticVersion: 1.0.0

jarreds commented 3 years ago

Also, it seems we can get around this w/ custom resources in the SAR template, but who wants to write those.

benkehoe commented 3 years ago

Would you distribute this via as a public SAR app or as a template/SAM project to be deployed by the customer? If you would distribute via a public SAR app, would it work for you if it was possible to make your own public resource types, like the existing third-party ones like Datadog::Monitors::Monitor? https://aws.amazon.com/blogs/aws/cloudformation-update-cli-third-party-resource-support-registry/

jarreds commented 3 years ago

We do have public resource types, very similar to DataDog. The SAR template in question is simply to install our third-party resource types into the customer account in an IaC pure way.

So rather than saying run a CLI action like this to register our types:

aws cloudformation register-type \
    --region "<REGION>" \
    --type RESOURCE \
    --type-name "<DATADOG_RESOURCE_NAME>" \
    --schema-handler-package "<LINK_TO_S3>"

Just put this into CloudFormation, and you'll get the same net effect but via IaC:

  SaaSCloudFormationResources:
    Type: AWS::Serverless::Application
    Properties:
      Location:
        ApplicationId: arn:aws:serverlessrepo:us-east-1:#######:applications/######
        SemanticVersion: 1.0.0

jarreds commented 3 years ago

It also gives us better semantic versioning and whatnot.