Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

CloudFormation Custom Resource Hangs for 1 Hour

1

My CloudFormation stack has been stuck in CREATE_IN_PROGRESS for over 44 minutes now on a custom resource. The stack events show:

AWS::CloudFormation::CustomResource | MyCustomResource | CREATE_IN_PROGRESS

No error, no follow-up event. The Lambda function's CloudWatch logs are completely empty, no invocation logs at all.

My Lambda code (inline ZipFile):

import cfnresponse boto3
import json

def handler(event, context):
    # ... rest of code

I've checked:

  • Lambda execution role has proper permissions
  • Lambda timeout is set to 300 seconds
  • The custom resource ServiceToken points to the correct Lambda ARN

Why is it hanging? Will it ever finish?

Topics
ServerlessManagement & GovernanceComputeNetworking & Content Delivery
Tags
Amazon CloudWatchAWS CloudFormationAWS Lambda
Language
English
asked 17 days ago45 views
1 Answer
3
Accepted Answer

Your stack will eventually fail after hanging for approximately 1 hour. The default timeout for custom resources in CloudFormation is 3600 seconds (1 hour). Since your Lambda function isn't being invoked at all (as evidenced by the empty CloudWatch logs), CloudFormation is waiting for a response that will never come, and it will ultimately fail the stack operation when this timeout expires.

The most likely cause of your Lambda function not being invoked is a syntax error in your code. Looking at your import statement, you have import cfnresponse boto3 which is missing a comma or newline between cfnresponse and boto3. This syntax error would prevent the Lambda function from being created or deployed properly, which explains why there are no invocation logs.

To resolve this issue:

  1. Fix the import statement - It should be either:
import cfnresponse
import boto3
import json

or

import cfnresponse, boto3, json

  1. Consider setting a ServiceTimeout property on your custom resource to fail faster during development. Since you expect your Lambda to respond within 5 minutes (given your 300-second Lambda timeout), you could set ServiceTimeout: 300 in your custom resource definition. This way, if there's an error, CloudFormation will fail the stack operation after 5 minutes instead of waiting the full hour. However, make sure not to set this value too low - ensure your custom resource has enough time to perform its actions and return a response.

  2. Ensure your Lambda function sends a response to the pre-signed URL provided in the event, using the cfnresponse library or by manually sending a SUCCESS or FAILED status to the ResponseURL. Without this response, CloudFormation will always wait until timeout.

Once you fix the syntax error and redeploy, your Lambda function should be invoked properly and you'll see logs in CloudWatch.
Sources
Create custom provisioning logic with custom resources - AWS CloudFormation
CloudFormation custom resource request and response reference - AWS CloudFormation
Using AWS Lambda with CloudFormation - AWS Lambda

answered 17 days ago
EXPERT
reviewed 17 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content