aws-cdk-lib.CustomResourceProvider

class CustomResourceProvider (construct)

LanguageType name
.NETAmazon.CDK.CustomResourceProvider
Gogithub.com/aws/aws-cdk-go/awscdk/v2#CustomResourceProvider
Javasoftware.amazon.awscdk.CustomResourceProvider
Pythonaws_cdk.CustomResourceProvider
TypeScript (source)aws-cdk-lib » CustomResourceProvider

Implements IConstruct, IDependable

An AWS-Lambda backed custom resource provider, for CDK Construct Library constructs.

This is a provider for CustomResource constructs, backed by an AWS Lambda Function. It only supports NodeJS runtimes.

Application builders do not need to use this provider type. This is not a generic custom resource provider class. It is specifically intended to be used only by constructs in the AWS CDK Construct Library, and only exists here because of reverse dependency issues (for example, it cannot use iam.PolicyStatement objects, since the iam library already depends on the CDK core library and we cannot have cyclic dependencies).

If you are not writing constructs for the AWS Construct Library, you should use the Provider class in the custom-resources module instead, which has a better API and supports all Lambda runtimes, not just Node.

N.B.: When you are writing Custom Resource Providers, there are a number of lifecycle events you have to pay attention to. These are documented in the README of the custom-resources module. Be sure to give the documentation in that module a read, regardless of whether you end up using the Provider class in there or this one.

Example

const provider = CustomResourceProvider.getOrCreateProvider(this, 'Custom::MyCustomResourceType', {
  codeDirectory: `${__dirname}/my-handler`,
  runtime: CustomResourceProviderRuntime.NODEJS_14_X,
});
provider.addToRolePolicy({
  Effect: 'Allow',
  Action: 's3:GetObject',
  Resource: '*',
})

Initializer (protected)

super(scope: Construct, id: string, props: CustomResourceProviderProps)

Parameters

  • scope Construct
  • id string
  • props CustomResourceProviderProps

Construct Props

NameTypeDescription
codeDirectorystringA local file system directory with the provider's code.
runtimeCustomResourceProviderRuntimeThe AWS Lambda runtime and version to use for the provider.
description?stringA description of the function.
environment?{ [string]: string }Key-value pairs that are passed to Lambda as Environment.
memorySize?SizeThe amount of memory that your function has access to.
policyStatements?any[]A set of IAM policy statements to include in the inline policy of the provider's lambda function.
timeout?DurationAWS Lambda timeout for the provider.
useCfnResponseWrapper?booleanWhether or not the cloudformation response wrapper (nodejs-entrypoint.ts) is used. If set to true, nodejs-entrypoint.js is bundled in the same asset as the custom resource and set as the entrypoint. If set to false, the custom resource provided is the entrypoint.

codeDirectory

Type: string

A local file system directory with the provider's code.

The code will be bundled into a zip asset and wired to the provider's AWS Lambda function.


runtime

Type: CustomResourceProviderRuntime

The AWS Lambda runtime and version to use for the provider.


description?

Type: string (optional, default: No description.)

A description of the function.


environment?

Type: { [string]: string } (optional, default: No environment variables.)

Key-value pairs that are passed to Lambda as Environment.


memorySize?

Type: Size (optional, default: Size.mebibytes(128))

The amount of memory that your function has access to.

Increasing the function's memory also increases its CPU allocation.


policyStatements?

Type: any[] (optional, default: no additional inline policy)

A set of IAM policy statements to include in the inline policy of the provider's lambda function.

Please note: these are direct IAM JSON policy blobs, not iam.PolicyStatement objects like you will see in the rest of the CDK. Example

const provider = CustomResourceProvider.getOrCreateProvider(this, 'Custom::MyCustomResourceType', {
  codeDirectory: `${__dirname}/my-handler`,
  runtime: CustomResourceProviderRuntime.NODEJS_14_X,
  policyStatements: [
    {
      Effect: 'Allow',
      Action: 's3:PutObject*',
      Resource: '*',
    }
  ],
});

timeout?

Type: Duration (optional, default: Duration.minutes(15))

AWS Lambda timeout for the provider.


useCfnResponseWrapper?

Type: boolean (optional, default: true if inlineCode: false and false otherwise.)

Whether or not the cloudformation response wrapper (nodejs-entrypoint.ts) is used. If set to true, nodejs-entrypoint.js is bundled in the same asset as the custom resource and set as the entrypoint. If set to false, the custom resource provided is the entrypoint.

Properties

NameTypeDescription
codeHashstringThe hash of the lambda code backing this provider.
nodeNodeThe tree node.
roleArnstringThe ARN of the provider's AWS Lambda function role.
serviceTokenstringThe ARN of the provider's AWS Lambda function which should be used as the serviceToken when defining a custom resource.

codeHash

Type: string

The hash of the lambda code backing this provider.

Can be used to trigger updates on code changes, even when the properties of a custom resource remain unchanged.


node

Type: Node

The tree node.


roleArn

Type: string

The ARN of the provider's AWS Lambda function role.


serviceToken

Type: string

The ARN of the provider's AWS Lambda function which should be used as the serviceToken when defining a custom resource. Example

declare const myProvider: CustomResourceProvider;

new CustomResource(this, 'MyCustomResource', {
  serviceToken: myProvider.serviceToken,
  properties: {
    myPropertyOne: 'one',
    myPropertyTwo: 'two',
  },
});

Methods

NameDescription
addToRolePolicy(statement)Add an IAM policy statement to the inline policy of the provider's lambda function's role.
toString()Returns a string representation of this construct.
static getOrCreate(scope, uniqueid, props)Returns a stack-level singleton ARN (service token) for the custom resource provider.
static getOrCreateProvider(scope, uniqueid, props)Returns a stack-level singleton for the custom resource provider.

addToRolePolicy(statement)

public addToRolePolicy(statement: any): void

Parameters

  • statement any

Add an IAM policy statement to the inline policy of the provider's lambda function's role.

Please note: this is a direct IAM JSON policy blob, not a iam.PolicyStatement object like you will see in the rest of the CDK. Example

declare const myProvider: CustomResourceProvider;

myProvider.addToRolePolicy({
  Effect: 'Allow',
  Action: 's3:GetObject',
  Resource: '*',
});

toString()

public toString(): string

Returns

  • string

Returns a string representation of this construct.


static getOrCreate(scope, uniqueid, props)

public static getOrCreate(scope: Construct, uniqueid: string, props: CustomResourceProviderProps): string

Parameters

  • scope Construct — Construct scope.
  • uniqueid string — A globally unique id that will be used for the stack-level construct.
  • props CustomResourceProviderProps — Provider properties which will only be applied when the provider is first created.

Returns

  • string

Returns a stack-level singleton ARN (service token) for the custom resource provider.


static getOrCreateProvider(scope, uniqueid, props)

public static getOrCreateProvider(scope: Construct, uniqueid: string, props: CustomResourceProviderProps): CustomResourceProvider

Parameters

  • scope Construct — Construct scope.
  • uniqueid string — A globally unique id that will be used for the stack-level construct.
  • props CustomResourceProviderProps — Provider properties which will only be applied when the provider is first created.

Returns

  • CustomResourceProvider

Returns a stack-level singleton for the custom resource provider.