feat(cloudformation): add AWS CloudFormation integration with 7 operations

[waleedlatif1]

Summary

• Add complete AWS CloudFormation integration: describe stacks, list resources, describe events, detect drift, drift detection status, get template, validate template
• 7 tool definitions, 7 API routes, block with conditional subBlocks, icon, registry entries, and docs
• Describe Stack Events supports configurable limit (default 50)
• Minor CloudWatch route fixes (consistent patterns)

Type of Change

• New feature

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Apr 5, 2026 1:29am

[cursor]

PR Summary

Medium Risk
Adds multiple new API routes that accept AWS credentials and call AWS CloudFormation, increasing surface area for auth/validation and response-shape regressions. Also changes CloudWatch timestamps/limits which could affect downstream consumers expecting prior units or pagination behavior.

Overview
Adds a new AWS CloudFormation integration end-to-end: new tool configs and types, seven authenticated Next.js API routes (stacks/resources/events/drift/template/validation), a new CloudFormationBlock with conditional inputs, and registration across block/tool registries and landing-page integration metadata.

Updates docs and icon mappings to expose cloudformation/cloudwatch entries, adds new CloudFormationIcon/CloudWatchIcon SVGs, and adjusts CloudWatch APIs to use millisecond timestamps in get-metric-statistics and to apply a consistent limit/MaxResults behavior in list-metrics.

^{Reviewed by Cursor Bugbot for commit ccf0e79. Configure here.}

[greptile-apps]

Greptile Summary

This PR adds a complete AWS CloudFormation integration to Sim with 7 operations: Describe Stacks, List Stack Resources, Describe Stack Events, Detect Stack Drift, Describe Stack Drift Detection Status, Get Template, and Validate Template. The integration follows the established Sim tool → API route → AWS SDK pattern used by the existing CloudWatch block, and all previously flagged pagination gaps have been resolved.

• Pagination via NextToken loops is correctly implemented in all three operations that require it (describe-stacks, list-stack-resources, describe-stack-events), including the improved early-stop logic for describe-stack-events that stops fetching pages once the accumulated event count reaches the requested limit, then slices the array to exactly that count
• All 7 routes follow consistent patterns: checkInternalAuth, operation-specific Zod schemas, createLogger (no console.log), and structured JSON error responses
• AWS credentials use visibility: 'user-only' per the team credential visibility rule (rule 2851870a-bd1b-44d3-bc5b-1c7e716acec8)
• Conditional subBlocks (stackName, stackDriftDetectionId, templateBody, limit) are correctly scoped to the operations that use them, using the condition field
• tools.config.params handles type coercions (including parseInt for limit) at execution time after variables are resolved — correct per architecture guidelines
• A Number.isNaN guard on parsedLimit would prevent a NaN value from reaching the server when a non-numeric string is entered for the limit field
• No tests were added (acknowledged in the PR checklist)

Confidence Score: 5/5

Safe to merge — all pagination issues from the prior review are resolved; only a minor NaN edge case on invalid limit input remains

All P1 findings from previous review iterations (missing pagination for list-stack-resources, describe-stacks, describe-stack-events) are confirmed fixed. The only remaining finding is a P2 edge case where a non-numeric limit value produces NaN, which the server-side Zod schema would reject with a 500 error. This does not affect the primary happy path and is not a blocker.

apps/sim/blocks/blocks/cloudformation.ts — minor parsedLimit NaN guard improvement

Important Files Changed

Filename	Overview
apps/sim/app/api/tools/cloudformation/describe-stacks/route.ts	Paginating DescribeStacksCommand with NextToken loop; correct auth, Zod validation, and error handling
apps/sim/app/api/tools/cloudformation/list-stack-resources/route.ts	Full pagination via NextToken loop; imports SDK StackResourceSummary type for the accumulator array
apps/sim/app/api/tools/cloudformation/describe-stack-events/route.ts	Paginates until accumulated events reach requested limit then slices — correctly honours limit across pages
apps/sim/app/api/tools/cloudformation/detect-stack-drift/route.ts	Single AWS call; returns stackDriftDetectionId; guards against missing ID in response
apps/sim/app/api/tools/cloudformation/describe-stack-drift-detection-status/route.ts	Single AWS call; maps all drift status fields correctly
apps/sim/app/api/tools/cloudformation/get-template/route.ts	Single AWS call; returns templateBody and stagesAvailable
apps/sim/app/api/tools/cloudformation/validate-template/route.ts	Single AWS call; maps parameters, capabilities, and declaredTransforms arrays
apps/sim/blocks/blocks/cloudformation.ts	Block config with 7 operations and correct conditional subBlocks; parsedLimit NaN edge case on non-numeric limit input
apps/sim/tools/cloudformation/types.ts	Complete TypeScript interfaces for all 7 operations with well-typed response shapes
apps/sim/tools/cloudformation/index.ts	Barrel export for all 7 CloudFormation tool configs
apps/sim/app/api/tools/cloudwatch/get-metric-statistics/route.ts	Minor pattern alignment with consistent auth and error handling
apps/sim/app/api/tools/cloudwatch/list-metrics/route.ts	Minor pattern alignment; limit > 500 silently returns AWS max of 500 (pre-existing behaviour)

Sequence Diagram

sequenceDiagram
    actor User
    participant UI as CloudFormation Block
    participant Executor as Sim Executor
    participant BlockCfg as tools.config (cloudformation.ts)
    participant ToolDef as ToolConfig (tools/cloudformation/)
    participant Route as /api/tools/cloudformation/{op}
    participant AWS as AWS CloudFormation SDK

    User->>UI: Configure operation, credentials, region, stack params
    User->>Executor: Run workflow
    Executor->>BlockCfg: tools.config.tool(params)
    BlockCfg-->>Executor: cloudformation_{operation}
    Executor->>BlockCfg: tools.config.params(params)
    Note over BlockCfg: Extract credentials, parseInt(limit)
    BlockCfg-->>Executor: Typed param object
    Executor->>ToolDef: Execute ToolConfig (remap awsRegion to region)
    ToolDef->>Route: POST { region, accessKeyId, secretAccessKey, ... }
    Route->>Route: checkInternalAuth then Zod parse
    Route->>Route: new CloudFormationClient({ region, credentials })
    alt Paginated ops (describe-stacks, list-resources, describe-events)
        loop NextToken pages
            Route->>AWS: client.send(Command + NextToken?)
            AWS-->>Route: { items[], NextToken? }
            Note over Route: describe-events stops when count >= limit
        end
    else Single-call ops (detect-drift, drift-status, get-template, validate-template)
        Route->>AWS: client.send(Command)
        AWS-->>Route: Single response
    end
    Route-->>ToolDef: NextResponse.json({ success: true, output })
    ToolDef-->>Executor: transformResponse returns typed output
    Executor-->>UI: Outputs available to downstream blocks

Loading

_{Reviews (2): Last reviewed commit: "fix(cloudformation): add pagination to l..." | Re-trigger Greptile}

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix prepared a fix for the issue found in the latest run.

• ✅ Fixed: Metric statistics output timestamps changed from seconds to milliseconds
  • Restored timestamp output to seconds by converting milliseconds back using Math.floor(getTime() / 1000) to maintain consistency with the seconds-based input parameters.

Preview

diff --git a/apps/sim/app/api/tools/cloudwatch/get-metric-statistics/route.ts b/apps/sim/app/api/tools/cloudwatch/get-metric-statistics/route.ts
--- a/apps/sim/app/api/tools/cloudwatch/get-metric-statistics/route.ts
+++ b/apps/sim/app/api/tools/cloudwatch/get-metric-statistics/route.ts
@@ -72,7 +72,7 @@
     const datapoints = (response.Datapoints ?? [])
       .sort((a, b) => (a.Timestamp?.getTime() ?? 0) - (b.Timestamp?.getTime() ?? 0))
       .map((dp) => ({
-        timestamp: dp.Timestamp ? dp.Timestamp.getTime() : 0,
+        timestamp: dp.Timestamp ? Math.floor(dp.Timestamp.getTime() / 1000) : 0,
         average: dp.Average,
         sum: dp.Sum,
         minimum: dp.Minimum,

_{This Bugbot Autofix run was free. To enable autofix for future PRs, go to the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit ccf0e79. Configure here.}