Skip to content

CloudFormation service cast most types into strings #435

New issue
New issue
Open
Open
CloudFormation service cast most types into strings#435
Assignees
kddejong
Labels
questionFurther information is requestedresearching
@eduardomourar

Description

@eduardomourar
eduardomourar
opened on May 5, 2020

It is probably a known limitation, but I could not find another public issue to track this.

Whenever you develop a resource provider you define a detailed JSON schema, but that schema is not being fully used by the CloudFormation service. For instance, if one is defined like this (full version here):

{
    "typeName": "OC::Organizations::PasswordPolicy",
    "properties": {
        "MinimumPasswordLength": {
            "type": "integer"
        },
        "RequireLowercaseCharacters": {
            "type": "boolean"
        },
        ...
    },
    ...
}

If I try to create that resource in AWS using the following template:

AWSTemplateFormatVersion: '2010-09-09'

Resources:
  PasswordPolicy:
    Type: OC::Organizations::PasswordPolicy
    Properties:
      MinimumPasswordLength: 8
      RequireLowercaseCharacters: True

I would expect to receive the input JSON below:

{
    "requestData": {
        "resourceProperties": {
            "MinimumPasswordLength": 8,
            "RequireLowercaseCharacters": true,
            ...
        },
        ...
    },
    ...
}

Instead CloudFormation sends this event data where every property is being cast to string:

{
    "awsAccountId": <REDACTED>,
    "bearerToken": <REDACTED>,
    "region": "eu-central-1",
    "responseEndpoint": "https://cloudformation.eu-central-1.amazonaws.com",
    "action": "CREATE",
    "nextToken": null,
    "resourceType": "OC::Organizations::PasswordPolicy",
    "resourceTypeVersion": "00000029",
    "requestData": {
        "logicalResourceId": "PasswordPolicy",
        "resourceProperties": {
            "MinimumPasswordLength": "8",
            "RequireLowercaseCharacters": "true",
            "RequireNumbers": "true",
            "RequireUppercaseCharacters": "false",
            "AllowUsersToChangePassword": "true",
            "RequireSymbols": "false"
        },
        "previousResourceProperties": null,
        "callerCredentials": { <REDACTED> },
        "platformCredentials": { <REDACTED> },
        "providerCredentials": { <REDACTED> },
        "providerLogGroupName": "oc-organizations-passwordpolicy-logs",
        "systemTags": {
            "aws:cloudformation:stack-name": <REDACTED>,
            "aws:cloudformation:stack-id": <REDACTED>,
            "aws:cloudformation:logical-id": "PasswordPolicy"
        },
        "stackTags": null,
        "previousStackTags": null
    },
    "stackId": <REDACTED>
}

A behavior like this makes a lot harder to develop the resource provider as well as the language plugin itself.

Metadata

Metadata

Assignees

Labels

questionFurther information is requestedresearching

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions