AWS CloudFormation Custom Resource ServiceToken Endpoints
Question
You are creating CloudFormation templates for new applications.
In the templates, you need to include certain custom resources as they are not supported by the AWS CloudFormation resource types.
You want to use the AWS::CloudFormation::CustomResource resource type to specify the custom resources.
The resource type has a ServiceToken property that determines where AWS CloudFormation sends requests to.
Which of the following endpoints can you configure in the ServiceToken property? (Select TWO.)
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answers: A & E.
Option A is CORRECT because you can configure an SNS topic ARN to receive the service token such as "arn:aws:sns:us-east-1:84969EXAMPLE:CRTest".
Options B, C and D are incorrect because you cannot configure SQS, CloudWatch Event rule or Step Function in the ServiceToken property.
Option E is CORRECT because a CloudFormation custom resource can send the service token to a Lambda function.
Please check the following references for the details.
References:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-custom-resources.html, https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cfn-customresource.htmlAWS CloudFormation provides a way for developers and DevOps engineers to define and deploy infrastructure resources as code. While CloudFormation provides a wide range of pre-built resources types that can be used to create infrastructure, sometimes there might be a need to use custom resources that are not supported by CloudFormation out of the box.
AWS::CloudFormation::CustomResource resource type allows developers to use custom resources within their CloudFormation templates. These custom resources can be implemented using AWS Lambda functions, AWS Step Functions, or other AWS services. When using the AWS::CloudFormation::CustomResource resource type, you need to specify the ServiceToken property that determines where AWS CloudFormation sends requests to.
The ServiceToken property can be configured with the following endpoints:
A. An Amazon SNS topic ARN: When an SNS topic ARN is specified in the ServiceToken property, CloudFormation sends a message to the specified SNS topic. The Lambda function subscribed to the topic can then handle the message and perform the custom resource operation.
B. An Amazon SQS queue ARN: When an SQS queue ARN is specified in the ServiceToken property, CloudFormation sends a message to the specified SQS queue. The Lambda function subscribed to the queue can then handle the message and perform the custom resource operation.
C. A CloudWatch Event rule ARN: When a CloudWatch Event rule ARN is specified in the ServiceToken property, CloudFormation sends an event to the specified CloudWatch Event rule. The Lambda function associated with the event rule can then handle the event and perform the custom resource operation.
D. An AWS Step Function name: When an AWS Step Function name is specified in the ServiceToken property, CloudFormation starts the specified Step Function. The Step Function can then execute the custom resource operation.
E. A Lambda function ARN: When a Lambda function ARN is specified in the ServiceToken property, CloudFormation directly invokes the specified Lambda function. The Lambda function can then perform the custom resource operation.
Therefore, the correct answer to this question is (A) An Amazon SNS topic ARN and (E) A Lambda function ARN.
