It seems like AWS isn't good with cross cutting concerns. Eg instead of Cloudformation being part of a service during development, that they could even use during testing the service, every team creates a custom api and cf is an afterthought. It wouldn't surprise me if every service is also evaluating against iam policies independently as well.
That reminds me of the latter stages of Sun Microsystems, where it seemed like multiple teams were developing competing solutions for system management and patching. Seems a wasteful model and not one that is servicing customers.
Much of the services were built well before clod formation... Or cloud formation became popular... Or before everyone was willing to make the trade-off that features come later because they had to have cloud formation. Like any other best practice you invent along the way. I'll bet there's something about your 1/3/5/10/15 year old that isn't up to current snuff.
People forget, AWS is massive and taking care of edge case after edge case while being in a bullet point war with other cloud providers.
Even new features sometimes don’t get CloudFormation support for quite a while (sometimes longer than third-party support like Terraform). I keep wondering why they didn’t want it for their own integration testing.
