AWS::CloudFormation::ResourceVersion - Region-Allow private resource type to be available globally

[eduardomourar]

1. Title

AWS::CloudFormation::ResourceVersion-Region-Allow private resource type to be available globally

2. Scope of request

It would be nice to have the option to register a private resource provider for a particular AWS account and to all regions. This applies to AWS API itself so that we can have the same behavior across AWS CLI, CloudFormation template (when available), etc.

I would even argue that Resource Types should be global by default just like IAM resources.

3. Expected behavior

In Create/Update, we should have a property to set that resource type globally available.

4. Suggest specific test cases

One could try to use the following hypothetical template:

Type: AWS::CloudFormation::ResourceVersion
Properties:
    ExecutionRoleArn: ...
    LoggingConfig: ...
    SchemaHandlerPackage: ...
    TypeName: Organization::Service::Resource
    Visibility: PRIVATE  # Even if visibility could be set to public/private in the future
    Global: true

5. Helpful Links to speed up research and evaluation

PR on GitHub: https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-cloudformation/pull/4

6. Category

Management (CloudTrail, Config...)

[rjlohan]

I would even argue that Resource Types should be global by default just like IAM resources.

Whilst I agree that having a single registration option would be ideal to publish to all regions, this bit :point_up: is probably not right at least for AWS resources. This is because a Type maps to availability in that AWS region, and not all services exist in every region. Having the Registry reflect resource availability accurately per-region is part of the design philosophy there.

[eduardomourar]

Yes, you are completely right. I forgot that AWS public resources would use the same API/process.

Then, having something like aRegions property where it can be an array of regions or global would simplify a lot.