Overview of AWS Service Catalog AppRegistry - AWS Service Catalog AppRegistry
ApplicationsThe AWS application tagApplication resourcesAttribute groupsTagsApplication sharing

Overview of AWS Service Catalog AppRegistry

This topic describes the key components of AppRegistry.

Applications

With AppRegistry, you create a repository that helps you understand the context of your applications by their associated resources and metadata.

When you create an application, you provide the application with a name and description. After you create an application, you can add a tag-based resource group or an AWS CloudFormation stack resource group to it. You can also associate attribute groups and tags with the application.

Note

When you create an application, AppRegistry vends a user tag called the AWS application tag. The AWS application tag identifies resources associated with an application. For more information, see The AWS application tag.

You can create applications in the console and with the AWS CLI using the AppRegistry API. You can also create applications with the AWS CDK or an AWS SDK of your choice.

You can view and manage applications in the console and with the AWS CLI, as well as in a set of AWS services.

The AWS application tag

The AWS application tag is a user tag that AppRegistry vends when you create an application. This tag consists of a key-value pair, where the key is awsApplication and value is the Amazon Resource Name of an AWS resource.

You can use the AWS application tag to add and remove resources from applications and identify which resources are associated with an application.

When you add the AWS application tag to a resource, the resource becomes part of the application you specify. You can add the AWS application tag to a resource using the AppRegistry API or any of the existing methods for tagging resources.

Note

For applications created before November 13th, 2023, AppRegistry creates the AWS application tag after you perform your first resource association. Applications created after November 13th, 2023, include the AWS application tag by default.

Example: AWS CLI output with applicationTag parameter

The following is an example of the output for an application created in the AWS CLI, which includes the applicationTag parameter. 

{ 
                    "application": { 
                    "arn": "string", 
                    "creationTime": "string", 
                    "description": "string", 
                    "id": "string", 
                    "lastUpdatedTime": "string", 
                    "name": "string", 
                    "applicationTag": {"awsApplication":"arn:aws:resource-groups:us-east-1:234567891011:group/myExampleApp/012345example6789101112131"}
                    }
                }
            }

You can add the AWS application tag to a resource with the AppRegistry AssociateResource API and specifying the APPLY_APPLICATION_TAG option. You can remove the AWS application tag from a resource with the AppRegistry DisassociateResource API.

Note

Adding and removing resources associated with AWS application tag requires certain permissions. For more information, see AssociateResource and DisassociateResource in the AWS Service Catalog Developer Guide.

You can also use the AWS application tag with AWS Billing to analyze cost trends for your application and resources. For more information, see User-defined cost allocation tags in the AWS Billing User Guide.

Application resources

An application resource is an object within an AWS service that you can tag with the AWS application tag. The AWS application tag identifies resources associated with an application.

You can add resources with an application using the AWS application tag. You can also add AWS CloudFormation stack resources to an application in the console and with the AWS CLI using the AppRegistry API or with CDK constructs.

To make sure application definitions stay up-to-date, include them in your infrastructure as code, and deploy them through your continuous delivery and continuous integration pipeline.

You can view and manage application resources in the console and with the AWS CLI, as well as in a set of AWS services. For information about resource types and related functionalities you can use with AppRegistry applications, see Supported resource types for AppRegistry applications.

Attribute groups

Attribute groups are JSON objects that store application metadata. You associate attribute groups with applications to understand applications in the context of their associated metadata.

Example: Attribute group with metadata

The following snippet shows an attribute group with metadata that includes a team name, department number, department name, and email address. 

{
 "Team" : "WebTeam",
 "Department": "10006",
 "ParentDept": "Research",
 "ContactAlias": "research@team.com"
}

You can use the AppRegistry AssociateAttributeGroup API to apply metadata to an application. You can use the AppRegistry DisassociateAttributeGroup API to remove metadata from an application.

You can associate attribute groups with applications in the console and with the AWS CLI using the AppRegistry API, with AWS CloudFormation stack resources, or with CDK constructs.

You can update an attribute group definition at any time with the AppRegistry UpdateAttributeGroup API. When you update an attribute group definition, the update applies to every application the attribute group is associated with.

You can share attribute groups to accounts, organizations, and organizational units with the following permissions:

  • Allow associations

    Allows IAM principals in shared accounts to associate and disassociate attribute groups.

  • Read only associations

    Allows IAM principals in shared accounts to view attribute groups

You can automate stack updates and metadata changes in a continuous delivery and continuous integration pipeline. This allows stakeholders to query and receive information about attribute groups

You can view and manage attribute groups in the console and with the AWS CLI.

Tags

Tags are key-value pairs that act as metadata. You create tags using key-value pairs. You can add tags to applications and attribute groups, so you can group them by environment, owner, purpose, or other criteria.

Note

This tag is not the same as the the AWS application tag. The AWS application tag is an AWS user tag that AppRegistry vends when you create an application. You can add the AWS application tag to resources, so you can identify which resources are associated with an application.

Example: AWS CLI output with tags parameter

The following is an example of the output for an application created in the AWS CLI, which includes the tags and applicationTag parameters. 

{ 
                    "application": { 
                    "arn": "string", 
                    "creationTime": "string", 
                    "description": "string", 
                    "id": "string", 
                    "lastUpdatedTime": "string", 
                    "name": "string", 
                    "applicationTag": {"awsApplication":"arn:aws:resource-groups:us-east-1:234567891011:group/myExampleApp/012345example6789101112131"},
                    "tags": {
                        "myKey":"myValue"
                    }
                }
            }

You can view and manage tags in the console and with the AWS CLI.

Application sharing

Deploying applications across multiple AWS accounts is common and considered a best practice that can help isolate and manage business applications and data. With AppRegistry and AWS Resource Access Manager (AWS RAM), you can share applications and attribute groups with one or more accounts, organizations, and organizaional units. You can share applications and attributes in the console and AWS CLI using the AWS Resource Access Manager API and infrastructure as code. Resources can be associated with shared applications. For more information, see Sharing resources with accounts in your organization.