Generate a dictionary of all publicly available AWS owned Cfn resources #13150
Conversation
silv-io
added
semver: patch
Test Results - Alternative Providers572 tests 330 ✅ 25m 49s ⏱️ Results for commit ea0a1de. ♻️ This comment has been updated with latest results. |
Test Results (amd64) - Integration, Bootstrap 5 files 5 suites 2h 37m 0s ⏱️ Results for commit ea0a1de. ♻️ This comment has been updated with latest results. |
silv-io
force-pushed
the
iac/generate-cfn-resource-list
branch
2 times, most recently
from
f4af4f0 to
f357667
Compare
silv-io
requested review from
alexrashed,
dfangl,
dominikschubert,
k-a-il,
pinzon and
simonrw
as code owners
There was a problem hiding this comment.
While this restriction may inconvenience users, I believe the greater challenge would come from conflicts with AWS itself—particularly when resources referenced in templates are unavailable in specific regions.
I'll leave the approval to @simonrw
| - name: Detect changes | ||
| id: diff | ||
| run: | | ||
| git diff --stat | ||
| if git diff --quiet; then | ||
| echo "changed=false" >> "$GITHUB_OUTPUT" | ||
| else | ||
| echo "changed=true" >> "$GITHUB_OUTPUT" | ||
| fi |
There was a problem hiding this comment.
nit: I think this step is not necessary because peter-evans/create-pull-request action would not create a PR if there are no changes
scripts/update_cfn_resources.py
Outdated
|
|
||
| for summary in response.get("TypeSummaries", []): | ||
| type_name = summary.get("TypeName") | ||
| if type_name and type_name.startswith("AWS::"): |
There was a problem hiding this comment.
comment: I am wondering if the assumption that we need to store only resources starting with AWS::`` prefix is correct. It seems that some CloudFormation resources provided by AWS do not start with AWS::prefix, for exampleAlexa::ASK::Skill`.
The list_types operation supports the Filters parameter which allows filtering by resource category type. Specifically, you can use it to list only resources available from Amazon by setting Category=AWS_TYPES. Maybe we can use this type of filtering instead of filtering by resource type prefix.
There was a problem hiding this comment.
Good catch, fixed it now
k-a-il
left a comment
k-a-il
left a comment
There was a problem hiding this comment.
Nice work, implementation looks good 🚀 I have a question about filtering CloudFormation resources, but it's mainly about the strategy behind choosing which resources to store, not the implementation itself
silv-io
force-pushed
the
iac/generate-cfn-resource-list
branch
from
f357667 to
3a574c1
Compare
simonrw
left a comment
simonrw
left a comment
There was a problem hiding this comment.
I have no issues with the implementation here, but I wanted to raise å couple of questions:
In the description you say
We can't be sure that there is one region that represents a superset of all resources, so we need to check all regions that are available to us
Is this level of parity really important here? What is the approximate breakdown of resources supported per region that we support in LocalStack?
Also: I have concerns about how this information will be used by LocalStack. We don't yet support the CFn extension registry where users can build their own types. But if we did then we would have to make sure we ignore any custom types they have registered when performing any validation.
@simonrw I think having this information is not immediately necessary, but it's easy to get and can be used for an easy usability win. |
alexrashed
added
the
notes: skip
Motivation
In our ongoing effort to improve IaC usability, we want to improve the accuracy and precision of our error messages.
One key part that is currently missing in our implementation is knowing which resources are actually publicly available on AWS itself.
To make this available we need to consider the following:
list_typesAPI. A comparison showed that thelist_typesAPI delivers more results (albeit only 1 resource more)Changes
localstack-corepackage.Testing
TODO
What's left to do: