Extension types Public extensions Private extensions

CloudFormation registry concepts

This topic explains key concepts to help you learn about the CloudFormation registry and start using it.

Extension types

The registry offers the following extension types:

Hooks: Hooks are validation checks that inspect your stacks or specific resources before they're created, updated, or deleted by CloudFormation. Additionally, Hooks can be invoked during a create change set operation. They provide a mechanism for enforcing organizational standards and best practices by validating resource configurations against specific requirements. If a Hook detects any configurations that don't comply with your Hook logic, it can either issue a warning or fail the provisioning process to prevent non-compliant resources from being deployed. For more information, see the AWS CloudFormation Hooks user guide.
Modules: Modules are reusable resource configurations that can be included across multiple CloudFormation stack templates. They're designed to simplify the creation and maintenance of CloudFormation templates by encapsulating complex or frequently used resource configurations into reusable components. This promotes consistency and standardization across your organization's infrastructure deployments.
Resource types: Resource types allow you to model and automate third-party resources or custom resources that aren't natively supported by CloudFormation. By developing resource types, you can extend CloudFormation's capabilities to provision and manage resources from various third-party services.

Public extensions types

Public extensions are CloudFormation extensions that are publicly published in the registry for use by all CloudFormation users. This includes extensions published by AWS and third-party extension publishers.

There are two kinds of public extensions:

AWS public extensions – Extensions published by AWS are always public, and activated by default, so you don't have to take any action before using them in your account. In addition, AWS controls the versioning of the extension, so you are always using the latest available version.
Third-party public extensions – These are extensions made available for general use by publishers other than AWS. To use a public extension, you must first activate it in your account and Region. For more information, see Use third-party public extensions from the CloudFormation registry.

Note

As with private extensions, public extensions from third-party publishers may implement event handlers that runs during resource create, read, update, list, and delete stack operations. Because of this, using these extensions in your CloudFormation stacks may incur charges to your account. This is in addition to any charges incurred for the resources created. For more information, see AWS CloudFormation pricing.

Private extensions types

Private extensions are those extensions from third parties that you have explicitly activated for use in your AWS account.

There are two kinds of private extensions:

Activated private extensions – Are the local copies of third-party extensions that you have activated for your account and Region. When you activate a third-party public extension, CloudFormation creates a local copy of that extension in your account's registry. For more information, see Use third-party private extensions that have been shared with you.
Registered private extensions – Can also activate private extensions that aren't listed in the public CloudFormation registry. These may be extensions you've created yourself, or ones shared with you by your organization or other third party. To use such a private extension in your account, you must first register it. Registering the extension uploads a copy of it to the CloudFormation registry in your account and activates it.

Any use of private extensions in your account is analogous to using it in a sandbox environment. This is because extensions are version-controlled, and provisioning behavior is version-specific, which means that private extensions behave the same as if they were made public.

Note

Private extensions, and activated public extensions from third-party publishers, may implement event handlers that runs during create, read, update, list, and delete operations. Because of this, using these extensions in your CloudFormation stacks incurs charges to your account. This is in addition to any charges incurred for the resources created. For more information, see AWS CloudFormation pricing.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Managing extensions with the CloudFormation registry

View the available and activated extensions