Do you use Python CustomResources in your CloudFormation stacks?

If so, you need to act before 01 April 2021.

What is the Issue?

You may have already received correspondence directly from AWS but here’s your final reminder that if you use Python for CloudFormation Lambda backed CustomResources, then you may need to act before 01 April 2021.

Starting on 01 April 2021, AWS Lambda will no longer support the botocore.vendored.requests library in Python runtimes.

Any AWS CloudFormation stacks that use the Python runtime for Lambda-backed Custom Resources must be updated to ensure you can continue to maintain your cloud infrastructure. If you do not act now, after 01 April 2021 you will no longer be able to create, update or delete those custom resources.

Why is this happening?

For more information on the background to the change, please see the referenced blog post

Am I affected?

Any CloudFormation stacks containing Python-based custom resources must be updated before 01 April 2021.

Using CloudFormation across your AWS estate means this is not a trivial issue.

We have developed a command line tool to help you identify any impacted resources across your estate.

How do I fix it?

We have worked examples in the tool readme

What you must do depends on how you have packaged your custom resources:

  • If you reference cfn-response implicitly using inline code using ZipFile: then you need to perform a change to trigger an update (see this link for an example)
  • If you package your Lambda using S3 and manage the cfn-response module yourself, e.g. using AWS SAM, then you must update the cfn-response module to the latest available code

Help!

If you need assistance, please get in touch!