Docs Home
We recommend new projects start with resources from the AWS provider.
aws-native.cloudformation.CustomResourceEmulator
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
The Custom Resource Emulator allows you to use AWS CloudFormation Custom Resources directly in your Pulumi programs. It provides a way to invoke AWS Lambda functions that implement custom provisioning logic following the CloudFormation Custom Resource protocol.
Note: Currently, only Lambda-backed Custom Resources are supported. SNS-backed Custom Resources are not supported at this time.
Example Usage
import * as aws from "@pulumi/aws-native";
const bucket = new aws.s3.Bucket('custom-resource-emulator');
// Create a Custom Resource that invokes a Lambda function
const cr = new aws.cloudformation.CustomResourceEmulator('cr', {
bucketName: bucket.id,
bucketKeyPrefix: 'custom-resource-emulator',
customResourceProperties: {
hello: "world"
},
serviceToken: "arn:aws:lambda:us-west-2:123456789012:function:my-custom-resource",
resourceType: 'Custom::MyResource',
}, { customTimeouts: { create: '5m', update: '5m', delete: '5m' } });
// Access the response data
export const customResourceData = customResource.data;
A full example of creating a CloudFormation Custom Resource Lambda function and using it in Pulumi can be found here.
About CloudFormation Custom Resources
CloudFormation Custom Resources allow you to write custom provisioning logic for resources that aren’t directly available as AWS CloudFormation resource types. Common use cases include:
- Implementing complex provisioning logic
- Performing custom validations or transformations
- Integrating with third-party services
- Implementing organization-specific infrastructure patterns
For more information about CloudFormation Custom Resources, see Custom Resources in the AWS CloudFormation User Guide.
Permissions
The IAM principal used by your Pulumi program must have the following permissions:
lambda:InvokeFunctionon the Lambda function specified inserviceToken- S3 permissions on the bucket specified in
bucketName:s3:PutObjects3:GetObjects3:HeadObject
Lambda Function Requirements
The Lambda function specified in serviceToken must implement the CloudFormation Custom Resource lifecycle.
For detailed information about implementing Lambda-backed Custom Resources, see AWS Lambda-backed Custom Resources in the AWS CloudFormation User Guide.
Timeouts
Custom Resources have a default timeout of 60 minutes, matching the CloudFormation timeout for custom resource operations. You can customize it using the customTimeouts resource option.
Create CustomResourceEmulator Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CustomResourceEmulator(name: string, args: CustomResourceEmulatorArgs, opts?: CustomResourceOptions);@overload
def CustomResourceEmulator(resource_name: str,
args: CustomResourceEmulatorArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CustomResourceEmulator(resource_name: str,
opts: Optional[ResourceOptions] = None,
bucket_key_prefix: Optional[str] = None,
bucket_name: Optional[str] = None,
custom_resource_properties: Optional[Mapping[str, Any]] = None,
resource_type: Optional[str] = None,
service_token: Optional[str] = None,
stack_id: Optional[str] = None)func NewCustomResourceEmulator(ctx *Context, name string, args CustomResourceEmulatorArgs, opts ...ResourceOption) (*CustomResourceEmulator, error)public CustomResourceEmulator(string name, CustomResourceEmulatorArgs args, CustomResourceOptions? opts = null)
public CustomResourceEmulator(String name, CustomResourceEmulatorArgs args)
public CustomResourceEmulator(String name, CustomResourceEmulatorArgs args, CustomResourceOptions options)
type: aws-native:cloudformation:CustomResourceEmulator
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CustomResourceEmulatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CustomResourceEmulatorArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CustomResourceEmulatorArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CustomResourceEmulatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CustomResourceEmulatorArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
CustomResourceEmulator Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CustomResourceEmulator resource accepts the following input properties:
- Bucket
Key stringPrefix - The prefix to use for the bucket key when storing the response from the Custom Resource provider.
- Bucket
Name string The name of the S3 bucket to use for storing the response from the Custom Resource.
The IAM principal configured for the provider must have
s3:PutObject,s3:HeadObjectands3:GetObjectpermissions on this bucket.- Custom
Resource Dictionary<string, object>Properties - The properties to pass as an input to the Custom Resource. The properties are passed as a map of key-value pairs whereas all primitive values (number, boolean) are converted to strings for CloudFormation interoperability.
- Resource
Type string - The CloudFormation type of the Custom Resource. For example,
Custom::MyCustomResource. This is required for CloudFormation interoperability. - Service
Token string The service token to use for the Custom Resource. The service token is invoked when the resource is created, updated, or deleted. This can be a Lambda Function ARN with optional version or alias identifiers.
The IAM principal configured for the provider must have
lambda:InvokeFunctionpermissions on this service token.- Stack
Id string - A stand-in value for the CloudFormation stack ID. This is required for CloudFormation interoperability. If not provided, the Pulumi Stack ID is used.
- Bucket
Key stringPrefix - The prefix to use for the bucket key when storing the response from the Custom Resource provider.
- Bucket
Name string The name of the S3 bucket to use for storing the response from the Custom Resource.
The IAM principal configured for the provider must have
s3:PutObject,s3:HeadObjectands3:GetObjectpermissions on this bucket.- Custom
Resource map[string]interface{}Properties - The properties to pass as an input to the Custom Resource. The properties are passed as a map of key-value pairs whereas all primitive values (number, boolean) are converted to strings for CloudFormation interoperability.
- Resource
Type string - The CloudFormation type of the Custom Resource. For example,
Custom::MyCustomResource. This is required for CloudFormation interoperability. - Service
Token string The service token to use for the Custom Resource. The service token is invoked when the resource is created, updated, or deleted. This can be a Lambda Function ARN with optional version or alias identifiers.
The IAM principal configured for the provider must have
lambda:InvokeFunctionpermissions on this service token.- Stack
Id string - A stand-in value for the CloudFormation stack ID. This is required for CloudFormation interoperability. If not provided, the Pulumi Stack ID is used.
- bucket
Key StringPrefix - The prefix to use for the bucket key when storing the response from the Custom Resource provider.
- bucket
Name String The name of the S3 bucket to use for storing the response from the Custom Resource.
The IAM principal configured for the provider must have
s3:PutObject,s3:HeadObjectands3:GetObjectpermissions on this bucket.- custom
Resource Map<String,Object>Properties - The properties to pass as an input to the Custom Resource. The properties are passed as a map of key-value pairs whereas all primitive values (number, boolean) are converted to strings for CloudFormation interoperability.
- resource
Type String - The CloudFormation type of the Custom Resource. For example,
Custom::MyCustomResource. This is required for CloudFormation interoperability. - service
Token String The service token to use for the Custom Resource. The service token is invoked when the resource is created, updated, or deleted. This can be a Lambda Function ARN with optional version or alias identifiers.
The IAM principal configured for the provider must have
lambda:InvokeFunctionpermissions on this service token.- stack
Id String - A stand-in value for the CloudFormation stack ID. This is required for CloudFormation interoperability. If not provided, the Pulumi Stack ID is used.
- bucket
Key stringPrefix - The prefix to use for the bucket key when storing the response from the Custom Resource provider.
- bucket
Name string The name of the S3 bucket to use for storing the response from the Custom Resource.
The IAM principal configured for the provider must have
s3:PutObject,s3:HeadObjectands3:GetObjectpermissions on this bucket.- custom
Resource {[key: string]: any}Properties - The properties to pass as an input to the Custom Resource. The properties are passed as a map of key-value pairs whereas all primitive values (number, boolean) are converted to strings for CloudFormation interoperability.
- resource
Type string - The CloudFormation type of the Custom Resource. For example,
Custom::MyCustomResource. This is required for CloudFormation interoperability. - service
Token string The service token to use for the Custom Resource. The service token is invoked when the resource is created, updated, or deleted. This can be a Lambda Function ARN with optional version or alias identifiers.
The IAM principal configured for the provider must have
lambda:InvokeFunctionpermissions on this service token.- stack
Id string - A stand-in value for the CloudFormation stack ID. This is required for CloudFormation interoperability. If not provided, the Pulumi Stack ID is used.
- bucket_
key_ strprefix - The prefix to use for the bucket key when storing the response from the Custom Resource provider.
- bucket_
name str The name of the S3 bucket to use for storing the response from the Custom Resource.
The IAM principal configured for the provider must have
s3:PutObject,s3:HeadObjectands3:GetObjectpermissions on this bucket.- custom_
resource_ Mapping[str, Any]properties - The properties to pass as an input to the Custom Resource. The properties are passed as a map of key-value pairs whereas all primitive values (number, boolean) are converted to strings for CloudFormation interoperability.
- resource_
type str - The CloudFormation type of the Custom Resource. For example,
Custom::MyCustomResource. This is required for CloudFormation interoperability. - service_
token str The service token to use for the Custom Resource. The service token is invoked when the resource is created, updated, or deleted. This can be a Lambda Function ARN with optional version or alias identifiers.
The IAM principal configured for the provider must have
lambda:InvokeFunctionpermissions on this service token.- stack_
id str - A stand-in value for the CloudFormation stack ID. This is required for CloudFormation interoperability. If not provided, the Pulumi Stack ID is used.
- bucket
Key StringPrefix - The prefix to use for the bucket key when storing the response from the Custom Resource provider.
- bucket
Name String The name of the S3 bucket to use for storing the response from the Custom Resource.
The IAM principal configured for the provider must have
s3:PutObject,s3:HeadObjectands3:GetObjectpermissions on this bucket.- custom
Resource Map<Any>Properties - The properties to pass as an input to the Custom Resource. The properties are passed as a map of key-value pairs whereas all primitive values (number, boolean) are converted to strings for CloudFormation interoperability.
- resource
Type String - The CloudFormation type of the Custom Resource. For example,
Custom::MyCustomResource. This is required for CloudFormation interoperability. - service
Token String The service token to use for the Custom Resource. The service token is invoked when the resource is created, updated, or deleted. This can be a Lambda Function ARN with optional version or alias identifiers.
The IAM principal configured for the provider must have
lambda:InvokeFunctionpermissions on this service token.- stack
Id String - A stand-in value for the CloudFormation stack ID. This is required for CloudFormation interoperability. If not provided, the Pulumi Stack ID is used.
Outputs
All input properties are implicitly available as output properties. Additionally, the CustomResourceEmulator resource produces the following output properties:
- Bucket string
- The name of the S3 bucket to use for storing the response from the Custom Resource.
- Data Dictionary<string, object>
- The response data returned by invoking the Custom Resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- No
Echo bool - Whether the response data contains sensitive information that should be marked as secret and not logged.
- Physical
Resource stringId - The name or unique identifier that corresponds to the
PhysicalResourceIdincluded in the Custom Resource response. If noPhysicalResourceIdis provided in the response, a random ID will be generated.
- Bucket string
- The name of the S3 bucket to use for storing the response from the Custom Resource.
- Data map[string]interface{}
- The response data returned by invoking the Custom Resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- No
Echo bool - Whether the response data contains sensitive information that should be marked as secret and not logged.
- Physical
Resource stringId - The name or unique identifier that corresponds to the
PhysicalResourceIdincluded in the Custom Resource response. If noPhysicalResourceIdis provided in the response, a random ID will be generated.
- bucket String
- The name of the S3 bucket to use for storing the response from the Custom Resource.
- data Map<String,Object>
- The response data returned by invoking the Custom Resource.
- id String
- The provider-assigned unique ID for this managed resource.
- no
Echo Boolean - Whether the response data contains sensitive information that should be marked as secret and not logged.
- physical
Resource StringId - The name or unique identifier that corresponds to the
PhysicalResourceIdincluded in the Custom Resource response. If noPhysicalResourceIdis provided in the response, a random ID will be generated.
- bucket string
- The name of the S3 bucket to use for storing the response from the Custom Resource.
- data {[key: string]: any}
- The response data returned by invoking the Custom Resource.
- id string
- The provider-assigned unique ID for this managed resource.
- no
Echo boolean - Whether the response data contains sensitive information that should be marked as secret and not logged.
- physical
Resource stringId - The name or unique identifier that corresponds to the
PhysicalResourceIdincluded in the Custom Resource response. If noPhysicalResourceIdis provided in the response, a random ID will be generated.
- bucket str
- The name of the S3 bucket to use for storing the response from the Custom Resource.
- data Mapping[str, Any]
- The response data returned by invoking the Custom Resource.
- id str
- The provider-assigned unique ID for this managed resource.
- no_
echo bool - Whether the response data contains sensitive information that should be marked as secret and not logged.
- physical_
resource_ strid - The name or unique identifier that corresponds to the
PhysicalResourceIdincluded in the Custom Resource response. If noPhysicalResourceIdis provided in the response, a random ID will be generated.
- bucket String
- The name of the S3 bucket to use for storing the response from the Custom Resource.
- data Map<Any>
- The response data returned by invoking the Custom Resource.
- id String
- The provider-assigned unique ID for this managed resource.
- no
Echo Boolean - Whether the response data contains sensitive information that should be marked as secret and not logged.
- physical
Resource StringId - The name or unique identifier that corresponds to the
PhysicalResourceIdincluded in the Custom Resource response. If noPhysicalResourceIdis provided in the response, a random ID will be generated.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.