Stack is hung using CloudFormation with SNS-backed CustomResources

Question

I'm trying to learn working of CustomResources in CloudFormation Template. Created simple template to create s3 bucket. But on creating stack, it remains in Create in progress state for long time and no bucket is created. Is there anything, I'm missing in below validated template:

  {
   "AWSTemplateFormatVersion" : "2010-09-09",
   "Description" : "Building A bucket With customeResources in CloudFormation",
   "Parameters" : {
        "NewBucket": {
            "Default": "",
            "Description": "S3 bucket containing customer assets",
            "Type": "String"
    }
   },

    "Conditions": {
        "NewBucket": {
            "Fn::Not": [
                {
                    "Fn::Equals": [
                        {
                            "Ref": "NewBucket"
                        },
                        ""
                    ]
                }
            ]
        }
    },

  "Resources" : {

    "CustomResource": {

        "Properties": {
            "S3Bucket": {
                    "Ref": "NewBucket"
                },
            "ServiceToken": "SNS topic ARN"    
            },
        "Type": "AWS::CloudFormation::CustomResource"
        }
  },
  "Outputs": {
    "BucketName": {
        "Value": {
            "Fn::GetAtt": [ "CustomResource", {"Ref": "NewBucket"} ]
        }
    }
}
}

Answer 1

It would appear that your SNS-backed custom resource is not sending a response back to cloud formation, and it is stuck waiting for that response.

From Amazon Simple Notification Service-backed Custom Resources:

The custom resource provider processes the data sent by the template developer and determines whether the Create request was successful. The resource provider then uses the S3 URL sent by AWS CloudFormation to send a response of either SUCCESS or FAILED.

When the request is made to the SNS service provider, it include the following object:

{
  "RequestType": "Create",
  "ServiceToken": "arn:aws:sns:us-west-2:2342342342:Critical-Alerts-development",
  "ResponseURL": "https:\/\/cloudformation-custom-resource-response-uswest2.s3-us-west-2.amazonaws.com\/arn%3Aaws%3Acloudformation%3Aus-west-2%3A497903502641%3Astack\/custom-resource\/6bf07a80-d44a-11e7-84df-503aca41a029%7CCustomResource%7C5a695f41-61d7-475b-9110-cdbaec04ee55?AWSAccessKeyId=AKIAI4KYMPPRGIACET5Q&Expires=1511887381&Signature=WmHQVqIDCBwQSfcBMpzTfiWHz9I%3D",
  "StackId": "arn:aws:cloudformation:us-west-2:asdasdasd:stack\/custom-resource\/6bf07a80-d44a-11e7-84df-503aca41a029",
  "RequestId": "5a695f41-61d7-475b-9110-cdbaec04ee55",
  "LogicalResourceId": "CustomResource",
  "ResourceType": "AWS::CloudFormation::CustomResource",
  "ResourceProperties": {
    "ServiceToken": "arn:aws:sns:us-west-2:234234234:Critical-Alerts-development",
    "S3Bucket": "test-example-com"
  }
}

You will need to send a success/fail response to the ResponseURL provided in the event for Cloud Formation to continue processing.

I would also note that the bucket will not be created unless your custom service provider creates it. The Custom Resource function is only sending the request to the provider.