# Step 3: Create a custom AWS AppConfig extension An extension defines one or more actions that it performs during an AWS AppConfig workflow. For example, the AWS authored `AWS AppConfig deployment events to Amazon SNS` extension includes an action to send a notification to an Amazon SNS topic. Each action is invoked either when you interact with AWS AppConfig or when AWS AppConfig is performing a process on your behalf. These are called *action points*. AWS AppConfig extensions support the following action points: **PRE\$1\$1 action points**: Extension actions configured on `PRE_*` action points are applied after request validation, but before AWS AppConfig performs the activity that corresponds to the action point name. These action invocations are processed at the same time as a request. If more than one request is made, action invocations run sequentially. Also note that `PRE_*` action points receive and can change the contents of a configuration. `PRE_*` action points can also respond to an error and prevent an action from happening. + `PRE_CREATE_HOSTED_CONFIGURATION_VERSION` + `PRE_START_DEPLOYMENT` **ON\$1\$1 action points**: An extension can also run in parallel with an AWS AppConfig workflow by using an `ON_*` action point. `ON_*` action points are invoked asynchronously. `ON_*` action points don't receive the contents of a configuration. If an extension experiences an error during an `ON_*` action point, the service ignores the error and continues the workflow. + `ON_DEPLOYMENT_START` + `ON_DEPLOYMENT_STEP` + `ON_DEPLOYMENT_BAKING` + `ON_DEPLOYMENT_COMPLETE` + `ON_DEPLOYMENT_ROLLED_BACK` **AT\$1\$1 action points**: Extension actions configured on `AT_*` action points are invoked synchronously and in parallel to an AWS AppConfig workflow. If an extension experiences an error during an `AT_*` action point, the service stops the workflow and rolls back the deployment. + `AT_DEPLOYMENT_TICK` The `AT_DEPLOYMENT_TICK` action point supports third-party monitoring integration. `AT_DEPLOYMENT_TICK` is invoked during configuration deployment processing orchestration. If you use a third-party monitoring solution (for example, Datadog or New Relic), you can create an AWS AppConfig extension that checks for alarms at the `AT_DEPLOYMENT_TICK` action point and, as a safety guardrail, rolls back the deployment if it triggered an alarm. If you use a third-party monitoring solution like Datadog or New Relic, you can create an AWS AppConfig extension that checks for alarms at the `AT_DEPLOYMENT_TICK` action point and, as a safety guardrail, rolls back the deployment if it triggered an alarm. For more information, see the following Datadog and New Relic integration examples on GitHub: + [Datadog](https://github.com/aws-samples/aws-appconfig-tick-extn-for-datadog) + [New Relic](https://github.com/aws-samples/sample-aws-appconfig-tick-extn-for-newrelic) For more information about AWS AppConfig extensions, see the following topics: + [Extending AWS AppConfig workflows using extensions](working-with-appconfig-extensions.md) + [Walkthrough: Creating custom AWS AppConfig extensions](working-with-appconfig-extensions-creating-custom.md) **Sample extension** The following sample extension defines one action that calls the `PRE_CREATE_HOSTED_CONFIGURATION_VERSION` action point. In the `Uri` field, the action specifies the Amazon Resource Name (ARN) of the `MyS3ConfigurationBackUpExtension` Lambda function created earlier in this walkthrough. The action also specifies the AWS Identity and Access Management (IAM) assume role ARN created earlier in this walkthrough. **Sample AWS AppConfig extension** ``` { "Name": "MySampleExtension", "Description": "A sample extension that backs up configurations to an S3 bucket.", "Actions": { "PRE_CREATE_HOSTED_CONFIGURATION_VERSION": [ { "Name": "PreCreateHostedConfigVersionActionForS3Backup", "Uri": "arn:aws:lambda:aws-region:111122223333:function:MyS3ConfigurationBackUpExtension", "RoleArn": "arn:aws:iam::111122223333:role/ExtensionsTestRole" } ] }, "Parameters" : { "S3_BUCKET": { "Required": false } } } ``` **Note** To view request syntax and field descriptions when creating an extension, see the [CreateExtension](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateExtension.html) topic in the *AWS AppConfig API Reference*. **To create an extension (console)** 1. Open the AWS Systems Manager console at [https://console.aws.amazon.com/systems-manager/appconfig/](https://console.aws.amazon.com/systems-manager/appconfig/). 1. In the navigation pane, choose **AWS AppConfig**. 1. On the **Extensions** tab, choose **Create extension**. 1. For **Extension name**, enter a unique name. For the purposes of this walkthrough, enter **MyS3ConfigurationBackUpExtension**. Optionally, enter a description. 1. In the **Actions** section, choose **Add new action**. 1. For **Action name**, enter a unique name. For the purposes of this walkthrough, enter **PreCreateHostedConfigVersionActionForS3Backup**. This name describes the action point used by the action and the extension purpose. 1. In the **Action point** list, choose **PRE\$1CREATE\$1HOSTED\$1CONFIGURATION\$1VERSION**. 1. For **Uri**, choose **Lambda function** and then choose the function in the **Lambda function** list. If you don't see your function, verify that you are in the same AWS Region where you created the function. 1. For **IAM Role**, choose the role you created earlier in this walkthrough. 1. In the **Extension parameters (optional)** section, choose **Add new parameter**. 1. For **Parameter name**, enter a name. For the purposes of this walkthrough, enter **S3\$1BUCKET**. 1. Repeat steps 5–11 to create a second action for the `PRE_START_DEPLOYMENT` action point. 1. Choose **Create extension**. # Customizing AWS authored notification extensions You don't have to create a Lambda or an extension to use [AWS authored notification extensions](https://docs.aws.amazon.com/appconfig/latest/userguide/working-with-appconfig-extensions-about-predefined.html). You can simply create an extension association and then perform an operation that calls one of the supported action points. By default, the AWS authored notification extensions support the following actions points: + `ON_DEPLOYMENT_START` + `ON_DEPLOYMENT_COMPLETE` + `ON_DEPLOYMENT_ROLLED_BACK` If you create custom versions of the `AWS AppConfig deployment events to Amazon SNS` extension and `AWS AppConfig deployment events to Amazon SQS` extensions, you can specify the action points for which you want to receive notifications. **Note** The `AWS AppConfig deployment events to EventBridge` extension doesn't support the `PRE_*` action points. You can create a custom version if you want to remove some of the default actions points assigned to the AWS authored version. You don't need to create a Lambda function if you create custom versions of the AWS authored notification extensions. You only need to specify an Amazon Resource Name (ARN) in the `Uri` field for the new extension version. + For a custom EventBridge notification extension, enter the ARN of the EventBridge default events in the `Uri` field. + For a custom Amazon SNS notification extension, enter the ARN of an Amazon SNS topic in the `Uri` field. + For a custom Amazon SQS notification extension, enter the ARN of an Amazon SQS message queue in the `Uri` field.