Name of the resource
AWS::CloudFormation::CustomResource
Resource name
No response
Reference Link
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/crpg-ref-requesttypes-delete.html
Details
I am observing behavior in Custom Resources that I have been unable to find anywhere else on either the web or AWS documentation. It involves the presence of a value in PhysicalResourceId that I suspect CloudFormation is generating on-the-fly under specific rollback scenarios.
This behavior only surfaces during the rollback of a stack creation operation in which a custom resource began to be provisioned prior to the rollback-inducing event.
Here's the sequence of events from CloudFormation's perspective:
- CFN begins creating resources, one of which is an
AWS::CloudFormation::CustomResource
- While the custom resource is still
CREATE_IN_PROGRESS, another resource fails to be created
- CFN begins to roll back the stack creation
- CFN emits a
CREATE_FAILED event (with reason Resource creation cancelled) for the custom resource
- CFN begins deleting the custom resource (event:
DELETE_IN_PROGRESS)
On the custom resource side, I've observed the following:
- I get a
Delete request for the custom resource (makes sense)
- The
Delete request is sent before the Create request response was ever received by CFN (makes less sense)
- The
Delete request contains a physical resource ID that I never set on the resource. It's always a concatenation of a) the stack name, b) the logical ID, and c) some random hash. For example: MYSTACK-LOGICALID-B36FTLCJN97H
I've been unable to find any documentation explaining the pseudo-physical resource ID that CloudFormation includes on Delete requests sent due to a stack rollback (if that is indeed the intended scenario where this occurs). All documentation implies that the PhysicalResourceId field is always a value that was provided by the custom resource provider after a successful Create request.
Name of the resource
AWS::CloudFormation::CustomResource
Resource name
No response
Reference Link
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/crpg-ref-requesttypes-delete.html
Details
I am observing behavior in Custom Resources that I have been unable to find anywhere else on either the web or AWS documentation. It involves the presence of a value in
PhysicalResourceIdthat I suspect CloudFormation is generating on-the-fly under specific rollback scenarios.This behavior only surfaces during the rollback of a stack creation operation in which a custom resource began to be provisioned prior to the rollback-inducing event.
Here's the sequence of events from CloudFormation's perspective:
AWS::CloudFormation::CustomResourceCREATE_IN_PROGRESS, another resource fails to be createdCREATE_FAILEDevent (with reasonResource creation cancelled) for the custom resourceDELETE_IN_PROGRESS)On the custom resource side, I've observed the following:
Deleterequest for the custom resource (makes sense)Deleterequest is sent before theCreaterequest response was ever received by CFN (makes less sense)Deleterequest contains a physical resource ID that I never set on the resource. It's always a concatenation of a) the stack name, b) the logical ID, and c) some random hash. For example:MYSTACK-LOGICALID-B36FTLCJN97HI've been unable to find any documentation explaining the pseudo-physical resource ID that CloudFormation includes on
Deleterequests sent due to a stack rollback (if that is indeed the intended scenario where this occurs). All documentation implies that thePhysicalResourceIdfield is always a value that was provided by the custom resource provider after a successfulCreaterequest.