Fn::GetAtt is an important function in AWS CloudFormation that returns the value of an attribute of a given AWS resource type.
The problem is that when you want to reference AWS resources in your AWS CloudFormation template, it can be really time-consuming to track down which attributes are available for it. This cheat sheet solves that problem by showing a single table overview of all available (900+) AWS resource types including their available attributes.
Note: If a resource type doesn't have any attributes, then it will be marked with "❌".
I made another cheat sheet called AWS CloudFormation Resource Type properties that shows a single table overview of all available (900+) AWS resource types including their available resource properties.
If you like this AWS CloudFormation Attributes cheat sheet, then you might also like the CloudFormation Snippets VSCode extension that I published on the Visual Studio Code Marketplace.
| Resource type | Attributes |
|---|---|
| AWS::ACMPCA::Certificate | Arn, Certificate |
| AWS::ACMPCA::CertificateAuthority | Arn, CertificateSigningRequest |
| AWS::ACMPCA::CertificateAuthorityActivation | CompleteCertificateChain |
| AWS::ACMPCA::Permission | ❌ |
| AWS::APS::RuleGroupsNamespace | Arn |
| AWS::APS::Workspace | Arn, PrometheusEndpoint, WorkspaceId |
| AWS::AccessAnalyzer::Analyzer | Arn |
| AWS::AmazonMQ::Broker | AmqpEndpoints, Arn, ConfigurationId, ConfigurationRevision, IpAddresses, MqttEndpoints, OpenWireEndpoints, StompEndpoints, WssEndpoints |
| AWS::AmazonMQ::Configuration | Arn, Id, Revision |
| AWS::AmazonMQ::ConfigurationAssociation | ❌ |
| AWS::Amplify::App | AppId, AppName, Arn, DefaultDomain |
| AWS::Amplify::Branch | Arn, BranchName |
| AWS::Amplify::Domain | Arn, AutoSubDomainCreationPatterns, AutoSubDomainIAMRole, CertificateRecord, DomainName, DomainStatus, EnableAutoSubDomain, StatusReason |
| AWS::AmplifyUIBuilder::Component | AppId, EnvironmentName, Id |
| AWS::AmplifyUIBuilder::Theme | AppId, CreatedAt, EnvironmentName, Id, ModifiedAt |
| AWS::ApiGateway::Account | Id |
| AWS::ApiGateway::ApiKey | APIKeyId |
| AWS::ApiGateway::Authorizer | AuthorizerId |
| AWS::ApiGateway::BasePathMapping | ❌ |
| AWS::ApiGateway::ClientCertificate | ClientCertificateId |
| AWS::ApiGateway::Deployment | DeploymentId |
| AWS::ApiGateway::DocumentationPart | ❌ |
| AWS::ApiGateway::DocumentationVersion | ❌ |
| AWS::ApiGateway::DomainName | DistributionDomainName, DistributionHostedZoneId, RegionalDomainName, RegionalHostedZoneId |
| AWS::ApiGateway::GatewayResponse | Id |
| AWS::ApiGateway::Method | ❌ |
| AWS::ApiGateway::Model | ❌ |
| AWS::ApiGateway::RequestValidator | RequestValidatorId |
| AWS::ApiGateway::Resource | ResourceId |
| AWS::ApiGateway::RestApi | RootResourceId |
| AWS::ApiGateway::Stage | ❌ |
| AWS::ApiGateway::UsagePlan | Id |
| AWS::ApiGateway::UsagePlanKey | Id |
| AWS::ApiGateway::VpcLink | ❌ |
| AWS::ApiGatewayV2::Api | ApiEndpoint |
| AWS::ApiGatewayV2::ApiGatewayManagedOverrides | ❌ |
| AWS::ApiGatewayV2::ApiMapping | ❌ |
| AWS::ApiGatewayV2::Authorizer | ❌ |
| AWS::ApiGatewayV2::Deployment | ❌ |
| AWS::ApiGatewayV2::DomainName | RegionalDomainName, RegionalHostedZoneId |
| AWS::ApiGatewayV2::Integration | ❌ |
| AWS::ApiGatewayV2::IntegrationResponse | ❌ |
| AWS::ApiGatewayV2::Model | ❌ |
| AWS::ApiGatewayV2::Route | ❌ |
| AWS::ApiGatewayV2::RouteResponse | ❌ |
| AWS::ApiGatewayV2::Stage | ❌ |
| AWS::ApiGatewayV2::VpcLink | ❌ |
| AWS::AppConfig::Application | ❌ |
| AWS::AppConfig::ConfigurationProfile | ❌ |
| AWS::AppConfig::Deployment | ❌ |
| AWS::AppConfig::DeploymentStrategy | ❌ |
| AWS::AppConfig::Environment | ❌ |
| AWS::AppConfig::HostedConfigurationVersion | ❌ |
| AWS::AppFlow::ConnectorProfile | ConnectorProfileArn, CredentialsArn |
| AWS::AppFlow::Flow | FlowArn |
| AWS::AppIntegrations::DataIntegration | DataIntegrationArn, Id |
| AWS::AppIntegrations::EventIntegration | Associations, EventIntegrationArn |
| AWS::AppMesh::GatewayRoute | Arn, GatewayRouteName, MeshName, MeshOwner, ResourceOwner, Uid, VirtualGatewayName |
| AWS::AppMesh::Mesh | Arn, MeshName, MeshOwner, ResourceOwner, Uid |
| AWS::AppMesh::Route | Arn, MeshName, MeshOwner, ResourceOwner, RouteName, Uid, VirtualRouterName |
| AWS::AppMesh::VirtualGateway | Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualGatewayName |
| AWS::AppMesh::VirtualNode | Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualNodeName |
| AWS::AppMesh::VirtualRouter | Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualRouterName |
| AWS::AppMesh::VirtualService | Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualServiceName |
| AWS::AppRunner::ObservabilityConfiguration | Latest, ObservabilityConfigurationArn, ObservabilityConfigurationRevision |
| AWS::AppRunner::Service | ServiceArn, ServiceId, ServiceUrl, Status |
| AWS::AppRunner::VpcConnector | VpcConnectorArn, VpcConnectorRevision |
| AWS::AppStream::AppBlock | Arn, CreatedTime |
| AWS::AppStream::Application | Arn, CreatedTime |
| AWS::AppStream::ApplicationEntitlementAssociation | ❌ |
| AWS::AppStream::ApplicationFleetAssociation | ❌ |
| AWS::AppStream::DirectoryConfig | ❌ |
| AWS::AppStream::Entitlement | CreatedTime, LastModifiedTime |
| AWS::AppStream::Fleet | ❌ |
| AWS::AppStream::ImageBuilder | StreamingUrl |
| AWS::AppStream::Stack | ❌ |
| AWS::AppStream::StackFleetAssociation | ❌ |
| AWS::AppStream::StackUserAssociation | ❌ |
| AWS::AppStream::User | ❌ |
| AWS::AppSync::ApiCache | ❌ |
| AWS::AppSync::ApiKey | ApiKey, Arn |
| AWS::AppSync::DataSource | DataSourceArn, Name |
| AWS::AppSync::DomainName | AppSyncDomainName, DomainName, HostedZoneId |
| AWS::AppSync::DomainNameApiAssociation | ApiAssociationIdentifier |
| AWS::AppSync::FunctionConfiguration | DataSourceName, FunctionArn, FunctionId, Name |
| AWS::AppSync::GraphQLApi | ApiId, Arn, GraphQLUrl |
| AWS::AppSync::GraphQLSchema | ❌ |
| AWS::AppSync::Resolver | FieldName, ResolverArn, TypeName |
| AWS::ApplicationAutoScaling::ScalableTarget | ❌ |
| AWS::ApplicationAutoScaling::ScalingPolicy | ❌ |
| AWS::ApplicationInsights::Application | ApplicationARN |
| AWS::Athena::DataCatalog | ❌ |
| AWS::Athena::NamedQuery | NamedQueryId |
| AWS::Athena::PreparedStatement | ❌ |
| AWS::Athena::WorkGroup | CreationTime, WorkGroupConfiguration.EngineVersion.EffectiveEngineVersion |
| AWS::AuditManager::Assessment | Arn, AssessmentId, CreationTime, Delegations |
| AWS::AutoScaling::AutoScalingGroup | LaunchConfigurationName, LaunchTemplateSpecification, MixedInstancesPolicy, PlacementGroup, VPCZoneIdentifier |
| AWS::AutoScaling::LaunchConfiguration | ❌ |
| AWS::AutoScaling::LifecycleHook | ❌ |
| AWS::AutoScaling::ScalingPolicy | ❌ |
| AWS::AutoScaling::ScheduledAction | ❌ |
| AWS::AutoScaling::WarmPool | ❌ |
| AWS::AutoScalingPlans::ScalingPlan | ScalingPlanName, ScalingPlanVersion |
| AWS::Backup::BackupPlan | BackupPlanArn, BackupPlanId, VersionId |
| AWS::Backup::BackupSelection | BackupPlanId, Id, SelectionId |
| AWS::Backup::BackupVault | BackupVaultArn, BackupVaultName |
| AWS::Backup::Framework | CreationTime, DeploymentStatus, FrameworkArn, FrameworkStatus |
| AWS::Backup::ReportPlan | ReportPlanArn |
| AWS::Batch::ComputeEnvironment | ComputeEnvironmentArn |
| AWS::Batch::JobDefinition | ❌ |
| AWS::Batch::JobQueue | JobQueueArn |
| AWS::Batch::SchedulingPolicy | Arn |
| AWS::BillingConductor::BillingGroup | Arn, CreationTime, LastModifiedTime, Size, Status, StatusReason |
| AWS::BillingConductor::CustomLineItem | Arn, AssociationSize, CreationTime, CurrencyCode, LastModifiedTime, ProductCode |
| AWS::BillingConductor::PricingPlan | Arn, CreationTime, LastModifiedTime, Size |
| AWS::BillingConductor::PricingRule | Arn, AssociatedPricingPlanCount, CreationTime, LastModifiedTime |
| AWS::Budgets::Budget | ❌ |
| AWS::Budgets::BudgetsAction | ActionId |
| AWS::CE::AnomalyMonitor | CreationDate, DimensionalValueCount, LastEvaluatedDate, LastUpdatedDate, MonitorArn |
| AWS::CE::AnomalySubscription | AccountId, SubscriptionArn |
| AWS::CE::CostCategory | Arn, EffectiveStart |
| AWS::CUR::ReportDefinition | ❌ |
| AWS::Cassandra::Keyspace | ❌ |
| AWS::Cassandra::Table | ❌ |
| AWS::CertificateManager::Account | AccountId |
| AWS::CertificateManager::Certificate | ❌ |
| AWS::Chatbot::SlackChannelConfiguration | Arn |
| AWS::Cloud9::EnvironmentEC2 | Arn, Name |
| AWS::CloudFormation::CustomResource | ❌ |
| AWS::CloudFormation::HookDefaultVersion | Arn |
| AWS::CloudFormation::HookTypeConfig | ConfigurationArn |
| AWS::CloudFormation::HookVersion | Arn, IsDefaultVersion, TypeArn, VersionId, Visibility |
| AWS::CloudFormation::Macro | ❌ |
| AWS::CloudFormation::ModuleDefaultVersion | ❌ |
| AWS::CloudFormation::ModuleVersion | Arn, Description, DocumentationUrl, IsDefaultVersion, Schema, TimeCreated, VersionId, Visibility |
| AWS::CloudFormation::PublicTypeVersion | PublicTypeArn, PublisherId, TypeVersionArn |
| AWS::CloudFormation::Publisher | IdentityProvider, PublisherId, PublisherProfile, PublisherStatus |
| AWS::CloudFormation::ResourceDefaultVersion | Arn |
| AWS::CloudFormation::ResourceVersion | Arn, IsDefaultVersion, ProvisioningType, TypeArn, VersionId, Visibility |
| AWS::CloudFormation::Stack | ❌ |
| AWS::CloudFormation::StackSet | StackSetId |
| AWS::CloudFormation::TypeActivation | Arn |
| AWS::CloudFormation::WaitCondition | Data |
| AWS::CloudFormation::WaitConditionHandle | ❌ |
| AWS::CloudFront::CachePolicy | Id, LastModifiedTime |
| AWS::CloudFront::CloudFrontOriginAccessIdentity | Id, S3CanonicalUserId |
| AWS::CloudFront::Distribution | DomainName, Id |
| AWS::CloudFront::Function | FunctionARN, FunctionMetadata.FunctionARN, Stage |
| AWS::CloudFront::KeyGroup | Id, LastModifiedTime |
| AWS::CloudFront::OriginRequestPolicy | Id, LastModifiedTime |
| AWS::CloudFront::PublicKey | CreatedTime, Id |
| AWS::CloudFront::RealtimeLogConfig | Arn |
| AWS::CloudFront::ResponseHeadersPolicy | Id, LastModifiedTime |
| AWS::CloudFront::StreamingDistribution | DomainName |
| AWS::CloudTrail::Trail | Arn, SnsTopicArn |
| AWS::CloudWatch::Alarm | Arn |
| AWS::CloudWatch::AnomalyDetector | ❌ |
| AWS::CloudWatch::CompositeAlarm | Arn |
| AWS::CloudWatch::Dashboard | ❌ |
| AWS::CloudWatch::InsightRule | Arn, RuleName |
| AWS::CloudWatch::MetricStream | Arn, CreationDate, LastUpdateDate, State |
| AWS::CodeArtifact::Domain | Arn, EncryptionKey, Name, Owner |
| AWS::CodeArtifact::Repository | Arn, DomainName, DomainOwner, Name |
| AWS::CodeBuild::Project | Arn |
| AWS::CodeBuild::ReportGroup | Arn |
| AWS::CodeBuild::SourceCredential | ❌ |
| AWS::CodeCommit::Repository | Arn, CloneUrlHttp, CloneUrlSsh, Name |
| AWS::CodeDeploy::Application | ❌ |
| AWS::CodeDeploy::DeploymentConfig | ❌ |
| AWS::CodeDeploy::DeploymentGroup | ❌ |
| AWS::CodeGuruProfiler::ProfilingGroup | Arn |
| AWS::CodeGuruReviewer::RepositoryAssociation | AssociationArn |
| AWS::CodePipeline::CustomActionType | ❌ |
| AWS::CodePipeline::Pipeline | Version |
| AWS::CodePipeline::Webhook | Url |
| AWS::CodeStar::GitHubRepository | ❌ |
| AWS::CodeStarConnections::Connection | ConnectionArn, ConnectionStatus, OwnerAccountId |
| AWS::CodeStarNotifications::NotificationRule | Arn |
| AWS::Cognito::IdentityPool | Name |
| AWS::Cognito::IdentityPoolRoleAttachment | ❌ |
| AWS::Cognito::UserPool | Arn, ProviderName, ProviderURL |
| AWS::Cognito::UserPoolClient | ClientSecret, Name |
| AWS::Cognito::UserPoolDomain | ❌ |
| AWS::Cognito::UserPoolGroup | ❌ |
| AWS::Cognito::UserPoolIdentityProvider | ❌ |
| AWS::Cognito::UserPoolResourceServer | ❌ |
| AWS::Cognito::UserPoolRiskConfigurationAttachment | ❌ |
| AWS::Cognito::UserPoolUICustomizationAttachment | ❌ |
| AWS::Cognito::UserPoolUser | ❌ |
| AWS::Cognito::UserPoolUserToGroupAttachment | ❌ |
| AWS::Config::AggregationAuthorization | AggregationAuthorizationArn |
| AWS::Config::ConfigRule | Arn, Compliance.Type, ConfigRuleId |
| AWS::Config::ConfigurationAggregator | ConfigurationAggregatorArn |
| AWS::Config::ConfigurationRecorder | ❌ |
| AWS::Config::ConformancePack | ❌ |
| AWS::Config::DeliveryChannel | ❌ |
| AWS::Config::OrganizationConfigRule | ❌ |
| AWS::Config::OrganizationConformancePack | ❌ |
| AWS::Config::RemediationConfiguration | ❌ |
| AWS::Config::StoredQuery | QueryArn, QueryId |
| AWS::Connect::ContactFlow | ContactFlowArn |
| AWS::Connect::ContactFlowModule | ContactFlowModuleArn, Status |
| AWS::Connect::HoursOfOperation | HoursOfOperationArn |
| AWS::Connect::PhoneNumber | Address, PhoneNumberArn |
| AWS::Connect::QuickConnect | QuickConnectArn |
| AWS::Connect::User | UserArn |
| AWS::Connect::UserHierarchyGroup | UserHierarchyGroupArn |
| AWS::CustomerProfiles::Domain | CreatedAt, LastUpdatedAt |
| AWS::CustomerProfiles::Integration | CreatedAt, LastUpdatedAt |
| AWS::CustomerProfiles::ObjectType | CreatedAt, LastUpdatedAt |
| AWS::DAX::Cluster | Arn, ClusterDiscoveryEndpoint, ClusterDiscoveryEndpointURL |
| AWS::DAX::ParameterGroup | ❌ |
| AWS::DAX::SubnetGroup | ❌ |
| AWS::DLM::LifecyclePolicy | Arn |
| AWS::DMS::Certificate | ❌ |
| AWS::DMS::Endpoint | ExternalId |
| AWS::DMS::EventSubscription | ❌ |
| AWS::DMS::ReplicationInstance | ReplicationInstancePrivateIpAddresses, ReplicationInstancePublicIpAddresses |
| AWS::DMS::ReplicationSubnetGroup | ❌ |
| AWS::DMS::ReplicationTask | ❌ |
| AWS::DataBrew::Dataset | ❌ |
| AWS::DataBrew::Job | ❌ |
| AWS::DataBrew::Project | ❌ |
| AWS::DataBrew::Recipe | ❌ |
| AWS::DataBrew::Ruleset | ❌ |
| AWS::DataBrew::Schedule | ❌ |
| AWS::DataPipeline::Pipeline | ❌ |
| AWS::DataSync::Agent | AgentArn, EndpointType |
| AWS::DataSync::LocationEFS | LocationArn, LocationUri |
| AWS::DataSync::LocationFSxLustre | LocationArn, LocationUri |
| AWS::DataSync::LocationFSxOpenZFS | LocationArn, LocationUri |
| AWS::DataSync::LocationFSxWindows | LocationArn, LocationUri |
| AWS::DataSync::LocationHDFS | LocationArn, LocationUri |
| AWS::DataSync::LocationNFS | LocationArn, LocationUri |
| AWS::DataSync::LocationObjectStorage | LocationArn, LocationUri |
| AWS::DataSync::LocationS3 | LocationArn, LocationUri |
| AWS::DataSync::LocationSMB | LocationArn, LocationUri |
| AWS::DataSync::Task | DestinationNetworkInterfaceArns, ErrorCode, ErrorDetail, SourceNetworkInterfaceArns, Status, TaskArn |
| AWS::Detective::Graph | Arn |
| AWS::Detective::MemberInvitation | ❌ |
| AWS::DevOpsGuru::NotificationChannel | Id |
| AWS::DevOpsGuru::ResourceCollection | ResourceCollectionType |
| AWS::DirectoryService::MicrosoftAD | Alias, DnsIpAddresses |
| AWS::DirectoryService::SimpleAD | Alias, DnsIpAddresses |
| AWS::DocDB::DBCluster | ClusterResourceId, Endpoint, Port, ReadEndpoint |
| AWS::DocDB::DBClusterParameterGroup | ❌ |
| AWS::DocDB::DBInstance | Endpoint, Port |
| AWS::DocDB::DBSubnetGroup | ❌ |
| AWS::DynamoDB::GlobalTable | Arn, StreamArn, TableId |
| AWS::DynamoDB::Table | Arn, StreamArn |
| AWS::EC2::CapacityReservation | AvailabilityZone, AvailableInstanceCount, InstanceType, Tenancy, TotalInstanceCount |
| AWS::EC2::CapacityReservationFleet | CapacityReservationFleetId |
| AWS::EC2::CarrierGateway | CarrierGatewayId, OwnerId, State |
| AWS::EC2::ClientVpnAuthorizationRule | ❌ |
| AWS::EC2::ClientVpnEndpoint | ❌ |
| AWS::EC2::ClientVpnRoute | ❌ |
| AWS::EC2::ClientVpnTargetNetworkAssociation | ❌ |
| AWS::EC2::CustomerGateway | ❌ |
| AWS::EC2::DHCPOptions | DhcpOptionsId |
| AWS::EC2::EC2Fleet | FleetId |
| AWS::EC2::EIP | AllocationId |
| AWS::EC2::EIPAssociation | ❌ |
| AWS::EC2::EgressOnlyInternetGateway | Id |
| AWS::EC2::EnclaveCertificateIamRoleAssociation | CertificateS3BucketName, CertificateS3ObjectKey, EncryptionKmsKeyId |
| AWS::EC2::FlowLog | Id |
| AWS::EC2::GatewayRouteTableAssociation | AssociationId |
| AWS::EC2::Host | HostId |
| AWS::EC2::IPAM | Arn, IpamId, PrivateDefaultScopeId, PublicDefaultScopeId, ScopeCount |
| AWS::EC2::IPAMAllocation | IpamPoolAllocationId |
| AWS::EC2::IPAMPool | Arn, IpamArn, IpamPoolId, IpamScopeArn, IpamScopeType, PoolDepth, State, StateMessage |
| AWS::EC2::IPAMScope | Arn, IpamArn, IpamScopeId, IpamScopeType, IsDefault, PoolCount |
| AWS::EC2::Instance | AvailabilityZone, PrivateDnsName, PrivateIp, PublicDnsName, PublicIp |
| AWS::EC2::InternetGateway | InternetGatewayId |
| AWS::EC2::KeyPair | KeyFingerprint, KeyPairId |
| AWS::EC2::LaunchTemplate | DefaultVersionNumber, LatestVersionNumber |
| AWS::EC2::LocalGatewayRoute | State, Type |
| AWS::EC2::LocalGatewayRouteTableVPCAssociation | LocalGatewayId, LocalGatewayRouteTableVpcAssociationId, State |
| AWS::EC2::NatGateway | ❌ |
| AWS::EC2::NetworkAcl | Id |
| AWS::EC2::NetworkAclEntry | Id |
| AWS::EC2::NetworkInsightsAccessScope | CreatedDate, NetworkInsightsAccessScopeArn, NetworkInsightsAccessScopeId, UpdatedDate |
| AWS::EC2::NetworkInsightsAccessScopeAnalysis | AnalyzedEniCount, EndDate, FindingsFound, NetworkInsightsAccessScopeAnalysisArn, NetworkInsightsAccessScopeAnalysisId, StartDate, Status, StatusMessage |
| AWS::EC2::NetworkInsightsAnalysis | AlternatePathHints, Explanations, ForwardPathComponents, NetworkInsightsAnalysisArn, NetworkInsightsAnalysisId, NetworkPathFound, ReturnPathComponents, StartDate, Status, StatusMessage |
| AWS::EC2::NetworkInsightsPath | CreatedDate, NetworkInsightsPathArn, NetworkInsightsPathId |
| AWS::EC2::NetworkInterface | Id, PrimaryPrivateIpAddress, SecondaryPrivateIpAddresses |
| AWS::EC2::NetworkInterfaceAttachment | ❌ |
| AWS::EC2::NetworkInterfacePermission | ❌ |
| AWS::EC2::PlacementGroup | ❌ |
| AWS::EC2::PrefixList | Arn, OwnerId, PrefixListId, Version |
| AWS::EC2::Route | ❌ |
| AWS::EC2::RouteTable | RouteTableId |
| AWS::EC2::SecurityGroup | GroupId, VpcId |
| AWS::EC2::SecurityGroupEgress | ❌ |
| AWS::EC2::SecurityGroupIngress | ❌ |
| AWS::EC2::SpotFleet | Id |
| AWS::EC2::Subnet | AvailabilityZone, Ipv6CidrBlocks, NetworkAclAssociationId, OutpostArn, SubnetId, VpcId |
| AWS::EC2::SubnetCidrBlock | ❌ |
| AWS::EC2::SubnetNetworkAclAssociation | AssociationId |
| AWS::EC2::SubnetRouteTableAssociation | Id |
| AWS::EC2::TrafficMirrorFilter | ❌ |
| AWS::EC2::TrafficMirrorFilterRule | ❌ |
| AWS::EC2::TrafficMirrorSession | ❌ |
| AWS::EC2::TrafficMirrorTarget | ❌ |
| AWS::EC2::TransitGateway | Id |
| AWS::EC2::TransitGatewayAttachment | Id |
| AWS::EC2::TransitGatewayConnect | CreationTime, State, TransitGatewayAttachmentId, TransitGatewayId |
| AWS::EC2::TransitGatewayMulticastDomain | CreationTime, State, TransitGatewayMulticastDomainArn, TransitGatewayMulticastDomainId |
| AWS::EC2::TransitGatewayMulticastDomainAssociation | ResourceId, ResourceType, State |
| AWS::EC2::TransitGatewayMulticastGroupMember | GroupMember, GroupSource, MemberType, ResourceId, ResourceType, SourceType, SubnetId, TransitGatewayAttachmentId |
| AWS::EC2::TransitGatewayMulticastGroupSource | GroupMember, GroupSource, MemberType, ResourceId, ResourceType, SourceType, SubnetId, TransitGatewayAttachmentId |
| AWS::EC2::TransitGatewayPeeringAttachment | CreationTime, State, TransitGatewayAttachmentId |
| AWS::EC2::TransitGatewayRoute | ❌ |
| AWS::EC2::TransitGatewayRouteTable | ❌ |
| AWS::EC2::TransitGatewayRouteTableAssociation | ❌ |
| AWS::EC2::TransitGatewayRouteTablePropagation | ❌ |
| AWS::EC2::TransitGatewayVpcAttachment | Id |
| AWS::EC2::VPC | CidrBlock, CidrBlockAssociations, DefaultNetworkAcl, DefaultSecurityGroup, Ipv6CidrBlocks, VpcId |
| AWS::EC2::VPCCidrBlock | ❌ |
| AWS::EC2::VPCDHCPOptionsAssociation | Id |
| AWS::EC2::VPCEndpoint | CreationTimestamp, DnsEntries, NetworkInterfaceIds |
| AWS::EC2::VPCEndpointConnectionNotification | ❌ |
| AWS::EC2::VPCEndpointService | ❌ |
| AWS::EC2::VPCEndpointServicePermissions | ❌ |
| AWS::EC2::VPCGatewayAttachment | ❌ |
| AWS::EC2::VPCPeeringConnection | ❌ |
| AWS::EC2::VPNConnection | ❌ |
| AWS::EC2::VPNConnectionRoute | ❌ |
| AWS::EC2::VPNGateway | ❌ |
| AWS::EC2::VPNGatewayRoutePropagation | Id |
| AWS::EC2::Volume | ❌ |
| AWS::EC2::VolumeAttachment | ❌ |
| AWS::ECR::PublicRepository | Arn |
| AWS::ECR::PullThroughCacheRule | ❌ |
| AWS::ECR::RegistryPolicy | RegistryId |
| AWS::ECR::ReplicationConfiguration | RegistryId |
| AWS::ECR::Repository | Arn, RepositoryUri |
| AWS::ECS::CapacityProvider | ❌ |
| AWS::ECS::Cluster | Arn |
| AWS::ECS::ClusterCapacityProviderAssociations | ❌ |
| AWS::ECS::PrimaryTaskSet | ❌ |
| AWS::ECS::Service | Name, ServiceArn |
| AWS::ECS::TaskDefinition | TaskDefinitionArn |
| AWS::ECS::TaskSet | Id |
| AWS::EFS::AccessPoint | AccessPointId, Arn |
| AWS::EFS::FileSystem | Arn, FileSystemId |
| AWS::EFS::MountTarget | Id, IpAddress |
| AWS::EKS::Addon | Arn |
| AWS::EKS::Cluster | Arn, CertificateAuthorityData, ClusterSecurityGroupId, EncryptionConfigKeyArn, Endpoint, KubernetesNetworkConfig.ServiceIpv6Cidr, OpenIdConnectIssuerUrl |
| AWS::EKS::FargateProfile | Arn |
| AWS::EKS::IdentityProviderConfig | IdentityProviderConfigArn |
| AWS::EKS::Nodegroup | Arn, ClusterName, Id, NodegroupName |
| AWS::EMR::Cluster | MasterPublicDNS |
| AWS::EMR::InstanceFleetConfig | ❌ |
| AWS::EMR::InstanceGroupConfig | ❌ |
| AWS::EMR::SecurityConfiguration | ❌ |
| AWS::EMR::Step | ❌ |
| AWS::EMR::Studio | Arn, StudioId, Url |
| AWS::EMR::StudioSessionMapping | ❌ |
| AWS::EMRContainers::VirtualCluster | Arn, Id |
| AWS::ElastiCache::CacheCluster | ConfigurationEndpoint.Address, ConfigurationEndpoint.Port, RedisEndpoint.Address, RedisEndpoint.Port |
| AWS::ElastiCache::GlobalReplicationGroup | GlobalReplicationGroupId, Status |
| AWS::ElastiCache::ParameterGroup | ❌ |
| AWS::ElastiCache::ReplicationGroup | ConfigurationEndPoint.Address, ConfigurationEndPoint.Port, PrimaryEndPoint.Address, PrimaryEndPoint.Port, ReadEndPoint.Addresses, ReadEndPoint.Addresses.List, ReadEndPoint.Ports, ReadEndPoint.Ports.List, ReaderEndPoint.Address, ReaderEndPoint.Port |
| AWS::ElastiCache::SecurityGroup | ❌ |
| AWS::ElastiCache::SecurityGroupIngress | ❌ |
| AWS::ElastiCache::SubnetGroup | ❌ |
| AWS::ElastiCache::User | Arn, Status |
| AWS::ElastiCache::UserGroup | Arn, Status |
| AWS::ElasticBeanstalk::Application | ❌ |
| AWS::ElasticBeanstalk::ApplicationVersion | ❌ |
| AWS::ElasticBeanstalk::ConfigurationTemplate | ❌ |
| AWS::ElasticBeanstalk::Environment | EndpointURL |
| AWS::ElasticLoadBalancing::LoadBalancer | CanonicalHostedZoneName, CanonicalHostedZoneNameID, DNSName, SourceSecurityGroup.GroupName, SourceSecurityGroup.OwnerAlias |
| AWS::ElasticLoadBalancingV2::Listener | ListenerArn |
| AWS::ElasticLoadBalancingV2::ListenerCertificate | ❌ |
| AWS::ElasticLoadBalancingV2::ListenerRule | IsDefault, RuleArn |
| AWS::ElasticLoadBalancingV2::LoadBalancer | CanonicalHostedZoneID, DNSName, LoadBalancerFullName, LoadBalancerName, SecurityGroups |
| AWS::ElasticLoadBalancingV2::TargetGroup | LoadBalancerArns, TargetGroupFullName, TargetGroupName |
| AWS::Elasticsearch::Domain | Arn, DomainArn, DomainEndpoint |
| AWS::EventSchemas::Discoverer | CrossAccount, DiscovererArn, DiscovererId |
| AWS::EventSchemas::Registry | RegistryArn, RegistryName |
| AWS::EventSchemas::RegistryPolicy | Id |
| AWS::EventSchemas::Schema | SchemaArn, SchemaName, SchemaVersion |
| AWS::Events::ApiDestination | Arn |
| AWS::Events::Archive | ArchiveName, Arn |
| AWS::Events::Connection | Arn, SecretArn |
| AWS::Events::Endpoint | Arn, EndpointId, EndpointUrl, State, StateReason |
| AWS::Events::EventBus | Arn, Name, Policy |
| AWS::Events::EventBusPolicy | ❌ |
| AWS::Events::Rule | Arn |
| AWS::Evidently::Experiment | Arn |
| AWS::Evidently::Feature | Arn |
| AWS::Evidently::Launch | Arn |
| AWS::Evidently::Project | Arn |
| AWS::FIS::ExperimentTemplate | Id |
| AWS::FMS::NotificationChannel | ❌ |
| AWS::FMS::Policy | Arn, Id |
| AWS::FSx::FileSystem | DNSName, LustreMountName, RootVolumeId |
| AWS::FSx::Snapshot | ResourceARN |
| AWS::FSx::StorageVirtualMachine | ResourceARN, StorageVirtualMachineId, UUID |
| AWS::FSx::Volume | ResourceARN, UUID, VolumeId |
| AWS::FinSpace::Environment | AwsAccountId, DedicatedServiceAccountId, EnvironmentArn, EnvironmentId, EnvironmentUrl, SageMakerStudioDomainUrl, Status |
| AWS::Forecast::Dataset | Arn |
| AWS::Forecast::DatasetGroup | DatasetGroupArn |
| AWS::FraudDetector::Detector | Arn, CreatedTime, DetectorVersionId, EventType.Arn, EventType.CreatedTime, EventType.LastUpdatedTime, LastUpdatedTime |
| AWS::FraudDetector::EntityType | Arn, CreatedTime, LastUpdatedTime |
| AWS::FraudDetector::EventType | Arn, CreatedTime, LastUpdatedTime |
| AWS::FraudDetector::Label | Arn, CreatedTime, LastUpdatedTime |
| AWS::FraudDetector::Outcome | Arn, CreatedTime, LastUpdatedTime |
| AWS::FraudDetector::Variable | Arn, CreatedTime, LastUpdatedTime |
| AWS::GameLift::Alias | AliasId |
| AWS::GameLift::Build | ❌ |
| AWS::GameLift::Fleet | FleetId |
| AWS::GameLift::GameServerGroup | AutoScalingGroupArn, GameServerGroupArn |
| AWS::GameLift::GameSessionQueue | Arn, Name |
| AWS::GameLift::MatchmakingConfiguration | Arn, Name |
| AWS::GameLift::MatchmakingRuleSet | Arn, Name |
| AWS::GameLift::Script | Arn, Id |
| AWS::GlobalAccelerator::Accelerator | AcceleratorArn, DnsName |
| AWS::GlobalAccelerator::EndpointGroup | EndpointGroupArn |
| AWS::GlobalAccelerator::Listener | ListenerArn |
| AWS::Glue::Classifier | ❌ |
| AWS::Glue::Connection | ❌ |
| AWS::Glue::Crawler | ❌ |
| AWS::Glue::DataCatalogEncryptionSettings | ❌ |
| AWS::Glue::Database | ❌ |
| AWS::Glue::DevEndpoint | ❌ |
| AWS::Glue::Job | ❌ |
| AWS::Glue::MLTransform | ❌ |
| AWS::Glue::Partition | ❌ |
| AWS::Glue::Registry | Arn |
| AWS::Glue::Schema | Arn, InitialSchemaVersionId |
| AWS::Glue::SchemaVersion | VersionId |
| AWS::Glue::SchemaVersionMetadata | ❌ |
| AWS::Glue::SecurityConfiguration | ❌ |
| AWS::Glue::Table | ❌ |
| AWS::Glue::Trigger | ❌ |
| AWS::Glue::Workflow | ❌ |
| AWS::Greengrass::ConnectorDefinition | Arn, Id, LatestVersionArn, Name |
| AWS::Greengrass::ConnectorDefinitionVersion | ❌ |
| AWS::Greengrass::CoreDefinition | Arn, Id, LatestVersionArn, Name |
| AWS::Greengrass::CoreDefinitionVersion | ❌ |
| AWS::Greengrass::DeviceDefinition | Arn, Id, LatestVersionArn, Name |
| AWS::Greengrass::DeviceDefinitionVersion | ❌ |
| AWS::Greengrass::FunctionDefinition | Arn, Id, LatestVersionArn, Name |
| AWS::Greengrass::FunctionDefinitionVersion | ❌ |
| AWS::Greengrass::Group | Arn, Id, LatestVersionArn, Name, RoleArn, RoleAttachedAt |
| AWS::Greengrass::GroupVersion | ❌ |
| AWS::Greengrass::LoggerDefinition | Arn, Id, LatestVersionArn, Name |
| AWS::Greengrass::LoggerDefinitionVersion | ❌ |
| AWS::Greengrass::ResourceDefinition | Arn, Id, LatestVersionArn, Name |
| AWS::Greengrass::ResourceDefinitionVersion | ❌ |
| AWS::Greengrass::SubscriptionDefinition | Arn, Id, LatestVersionArn, Name |
| AWS::Greengrass::SubscriptionDefinitionVersion | ❌ |
| AWS::GreengrassV2::ComponentVersion | Arn, ComponentName, ComponentVersion |
| AWS::GroundStation::Config | Arn, Id, Type |
| AWS::GroundStation::DataflowEndpointGroup | Arn, Id |
| AWS::GroundStation::MissionProfile | Arn, Id, Region |
| AWS::GuardDuty::Detector | ❌ |
| AWS::GuardDuty::Filter | ❌ |
| AWS::GuardDuty::IPSet | ❌ |
| AWS::GuardDuty::Master | ❌ |
| AWS::GuardDuty::Member | ❌ |
| AWS::GuardDuty::ThreatIntelSet | ❌ |
| AWS::HealthLake::FHIRDatastore | DatastoreArn, DatastoreEndpoint, DatastoreId, DatastoreStatus |
| AWS::IAM::AccessKey | SecretAccessKey |
| AWS::IAM::Group | Arn |
| AWS::IAM::InstanceProfile | Arn |
| AWS::IAM::ManagedPolicy | ❌ |
| AWS::IAM::OIDCProvider | Arn |
| AWS::IAM::Policy | ❌ |
| AWS::IAM::Role | Arn, RoleId |
| AWS::IAM::SAMLProvider | Arn |
| AWS::IAM::ServerCertificate | Arn |
| AWS::IAM::ServiceLinkedRole | ❌ |
| AWS::IAM::User | Arn |
| AWS::IAM::UserToGroupAddition | ❌ |
| AWS::IAM::VirtualMFADevice | SerialNumber |
| AWS::IVS::Channel | Arn, IngestEndpoint, PlaybackUrl |
| AWS::IVS::PlaybackKeyPair | Arn, Fingerprint |
| AWS::IVS::RecordingConfiguration | Arn, State |
| AWS::IVS::StreamKey | Arn, Value |
| AWS::ImageBuilder::Component | Arn, Encrypted, Name, Type |
| AWS::ImageBuilder::ContainerRecipe | Arn, Name |
| AWS::ImageBuilder::DistributionConfiguration | Arn, Name |
| AWS::ImageBuilder::Image | Arn, ImageId, ImageUri, Name |
| AWS::ImageBuilder::ImagePipeline | Arn, Name |
| AWS::ImageBuilder::ImageRecipe | Arn, Name |
| AWS::ImageBuilder::InfrastructureConfiguration | Arn, Name |
| AWS::Inspector::AssessmentTarget | Arn |
| AWS::Inspector::AssessmentTemplate | Arn |
| AWS::Inspector::ResourceGroup | Arn |
| AWS::InspectorV2::Filter | Arn |
| AWS::IoT1Click::Device | Arn, DeviceId, Enabled |
| AWS::IoT1Click::Placement | PlacementName, ProjectName |
| AWS::IoT1Click::Project | Arn, ProjectName |
| AWS::IoT::AccountAuditConfiguration | ❌ |
| AWS::IoT::Authorizer | Arn |
| AWS::IoT::Certificate | Arn, Id |
| AWS::IoT::CustomMetric | MetricArn |
| AWS::IoT::Dimension | Arn |
| AWS::IoT::DomainConfiguration | Arn, DomainType, ServerCertificates |
| AWS::IoT::FleetMetric | CreationDate, LastModifiedDate, MetricArn, Version |
| AWS::IoT::JobTemplate | Arn |
| AWS::IoT::Logging | ❌ |
| AWS::IoT::MitigationAction | MitigationActionArn, MitigationActionId |
| AWS::IoT::Policy | Arn |
| AWS::IoT::PolicyPrincipalAttachment | ❌ |
| AWS::IoT::ProvisioningTemplate | TemplateArn |
| AWS::IoT::ResourceSpecificLogging | TargetId |
| AWS::IoT::ScheduledAudit | ScheduledAuditArn |
| AWS::IoT::SecurityProfile | SecurityProfileArn |
| AWS::IoT::Thing | ❌ |
| AWS::IoT::ThingPrincipalAttachment | ❌ |
| AWS::IoT::TopicRule | Arn |
| AWS::IoT::TopicRuleDestination | Arn, StatusReason |
| AWS::IoTAnalytics::Channel | Id |
| AWS::IoTAnalytics::Dataset | Id |
| AWS::IoTAnalytics::Datastore | Id |
| AWS::IoTAnalytics::Pipeline | Id |
| AWS::IoTCoreDeviceAdvisor::SuiteDefinition | SuiteDefinitionArn, SuiteDefinitionId, SuiteDefinitionVersion |
| AWS::IoTEvents::AlarmModel | ❌ |
| AWS::IoTEvents::DetectorModel | ❌ |
| AWS::IoTEvents::Input | ❌ |
| AWS::IoTFleetHub::Application | ApplicationArn, ApplicationCreationDate, ApplicationId, ApplicationLastUpdateDate, ApplicationState, ApplicationUrl, ErrorMessage, SsoClientId |
| AWS::IoTSiteWise::AccessPolicy | AccessPolicyArn, AccessPolicyId |
| AWS::IoTSiteWise::Asset | AssetArn, AssetId |
| AWS::IoTSiteWise::AssetModel | AssetModelArn, AssetModelId |
| AWS::IoTSiteWise::Dashboard | DashboardArn, DashboardId |
| AWS::IoTSiteWise::Gateway | GatewayId |
| AWS::IoTSiteWise::Portal | PortalArn, PortalClientId, PortalId, PortalStartUrl |
| AWS::IoTSiteWise::Project | ProjectArn, ProjectId |
| AWS::IoTThingsGraph::FlowTemplate | ❌ |
| AWS::IoTTwinMaker::ComponentType | Arn, CreationDateTime, IsAbstract, IsSchemaInitialized, UpdateDateTime |
| AWS::IoTTwinMaker::Entity | Arn, CreationDateTime, HasChildEntities, UpdateDateTime |
| AWS::IoTTwinMaker::Scene | Arn, CreationDateTime, UpdateDateTime |
| AWS::IoTTwinMaker::Workspace | Arn, CreationDateTime, UpdateDateTime |
| AWS::IoTWireless::Destination | Arn |
| AWS::IoTWireless::DeviceProfile | Arn, Id |
| AWS::IoTWireless::FuotaTask | Arn, FuotaTaskStatus, Id, LoRaWAN.StartTime |
| AWS::IoTWireless::MulticastGroup | Arn, Id, LoRaWAN.NumberOfDevicesInGroup, LoRaWAN.NumberOfDevicesRequested, Status |
| AWS::IoTWireless::PartnerAccount | Arn |
| AWS::IoTWireless::ServiceProfile | Arn, Id, LoRaWAN.ChannelMask, LoRaWAN.DevStatusReqFreq, LoRaWAN.DlBucketSize, LoRaWAN.DlRate, LoRaWAN.DlRatePolicy, LoRaWAN.DrMax, LoRaWAN.DrMin, LoRaWAN.HrAllowed, LoRaWAN.MinGwDiversity, LoRaWAN.NwkGeoLoc, LoRaWAN.PrAllowed, LoRaWAN.RaAllowed, LoRaWAN.ReportDevStatusBattery, LoRaWAN.ReportDevStatusMargin, LoRaWAN.TargetPer, LoRaWAN.UlBucketSize, LoRaWAN.UlRate, LoRaWAN.UlRatePolicy |
| AWS::IoTWireless::TaskDefinition | Arn, Id |
| AWS::IoTWireless::WirelessDevice | Arn, Id, ThingName |
| AWS::IoTWireless::WirelessGateway | Arn, Id, ThingName |
| AWS::KMS::Alias | ❌ |
| AWS::KMS::Key | Arn, KeyId |
| AWS::KMS::ReplicaKey | Arn, KeyId |
| AWS::KafkaConnect::Connector | ConnectorArn |
| AWS::Kendra::DataSource | Arn, Id |
| AWS::Kendra::Faq | Arn, Id |
| AWS::Kendra::Index | Arn, Id |
| AWS::Kinesis::Stream | Arn |
| AWS::Kinesis::StreamConsumer | ConsumerARN, ConsumerCreationTimestamp, ConsumerName, ConsumerStatus, StreamARN |
| AWS::KinesisAnalytics::Application | ❌ |
| AWS::KinesisAnalytics::ApplicationOutput | ❌ |
| AWS::KinesisAnalytics::ApplicationReferenceDataSource | ❌ |
| AWS::KinesisAnalyticsV2::Application | ❌ |
| AWS::KinesisAnalyticsV2::ApplicationOutput | ❌ |
| AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource | ❌ |
| AWS::KinesisFirehose::DeliveryStream | Arn |
| AWS::KinesisVideo::SignalingChannel | Arn |
| AWS::KinesisVideo::Stream | Arn |
| AWS::LakeFormation::DataLakeSettings | ❌ |
| AWS::LakeFormation::Permissions | ❌ |
| AWS::LakeFormation::Resource | ❌ |
| AWS::Lambda::Alias | ❌ |
| AWS::Lambda::CodeSigningConfig | CodeSigningConfigArn, CodeSigningConfigId |
| AWS::Lambda::EventInvokeConfig | ❌ |
| AWS::Lambda::EventSourceMapping | Id |
| AWS::Lambda::Function | Arn |
| AWS::Lambda::LayerVersion | ❌ |
| AWS::Lambda::LayerVersionPermission | ❌ |
| AWS::Lambda::Permission | ❌ |
| AWS::Lambda::Url | FunctionArn, FunctionUrl |
| AWS::Lambda::Version | Version |
| AWS::Lex::Bot | Arn, Id |
| AWS::Lex::BotAlias | Arn, BotAliasId, BotAliasStatus |
| AWS::Lex::BotVersion | BotVersion |
| AWS::Lex::ResourcePolicy | Id, RevisionId |
| AWS::LicenseManager::Grant | GrantArn, Version |
| AWS::LicenseManager::License | LicenseArn, Version |
| AWS::Lightsail::Alarm | AlarmArn, State |
| AWS::Lightsail::Bucket | AbleToUpdateBundle, BucketArn, Url |
| AWS::Lightsail::Certificate | CertificateArn, Status |
| AWS::Lightsail::Container | ContainerArn, Url |
| AWS::Lightsail::Database | DatabaseArn |
| AWS::Lightsail::Disk | AttachedTo, AttachmentState, DiskArn, Iops, IsAttached, Path, ResourceType, State, SupportCode |
| AWS::Lightsail::Distribution | AbleToUpdateBundle, DistributionArn, Status |
| AWS::Lightsail::Instance | Hardware.CpuCount, Hardware.RamSizeInGb, InstanceArn, IsStaticIp, Location.AvailabilityZone, Location.RegionName, Networking.MonthlyTransfer.GbPerMonthAllocated, PrivateIpAddress, PublicIpAddress, ResourceType, SshKeyName, State.Code, State.Name, SupportCode, UserName |
| AWS::Lightsail::LoadBalancer | LoadBalancerArn |
| AWS::Lightsail::LoadBalancerTlsCertificate | LoadBalancerTlsCertificateArn, Status |
| AWS::Lightsail::StaticIp | IpAddress, IsAttached, StaticIpArn |
| AWS::Location::GeofenceCollection | Arn, CollectionArn, CreateTime, UpdateTime |
| AWS::Location::Map | Arn, CreateTime, DataSource, MapArn, UpdateTime |
| AWS::Location::PlaceIndex | Arn, CreateTime, IndexArn, UpdateTime |
| AWS::Location::RouteCalculator | Arn, CalculatorArn, CreateTime, UpdateTime |
| AWS::Location::Tracker | Arn, CreateTime, TrackerArn, UpdateTime |
| AWS::Location::TrackerConsumer | ❌ |
| AWS::Logs::Destination | Arn |
| AWS::Logs::LogGroup | Arn |
| AWS::Logs::LogStream | ❌ |
| AWS::Logs::MetricFilter | ❌ |
| AWS::Logs::QueryDefinition | QueryDefinitionId |
| AWS::Logs::ResourcePolicy | ❌ |
| AWS::Logs::SubscriptionFilter | ❌ |
| AWS::LookoutEquipment::InferenceScheduler | InferenceSchedulerArn |
| AWS::LookoutMetrics::Alert | Arn |
| AWS::LookoutMetrics::AnomalyDetector | Arn |
| AWS::LookoutVision::Project | Arn |
| AWS::MSK::BatchScramSecret | ❌ |
| AWS::MSK::Cluster | Arn |
| AWS::MSK::Configuration | Arn |
| AWS::Macie::CustomDataIdentifier | Arn, Id |
| AWS::Macie::FindingsFilter | Arn, FindingsFilterListItems, Id |
| AWS::Macie::Session | AwsAccountId, ServiceRole |
| AWS::ManagedBlockchain::Member | MemberId, NetworkId |
| AWS::ManagedBlockchain::Node | Arn, MemberId, NetworkId, NodeId |
| AWS::MediaConnect::Flow | FlowArn, FlowAvailabilityZone, Source.IngestIp, Source.SourceArn, Source.SourceIngestPort |
| AWS::MediaConnect::FlowEntitlement | EntitlementArn |
| AWS::MediaConnect::FlowOutput | OutputArn |
| AWS::MediaConnect::FlowSource | IngestIp, SourceArn, SourceIngestPort |
| AWS::MediaConnect::FlowVpcInterface | NetworkInterfaceIds |
| AWS::MediaConvert::JobTemplate | Arn, Name |
| AWS::MediaConvert::Preset | Arn, Name |
| AWS::MediaConvert::Queue | Arn, Name |
| AWS::MediaLive::Channel | Arn, Inputs |
| AWS::MediaLive::Input | Arn, Destinations, Sources |
| AWS::MediaLive::InputSecurityGroup | Arn |
| AWS::MediaPackage::Asset | Arn, CreatedAt, EgressEndpoints |
| AWS::MediaPackage::Channel | Arn |
| AWS::MediaPackage::OriginEndpoint | Arn, Url |
| AWS::MediaPackage::PackagingConfiguration | Arn |
| AWS::MediaPackage::PackagingGroup | Arn, DomainName |
| AWS::MediaStore::Container | Endpoint |
| AWS::MediaTailor::PlaybackConfiguration | ❌ |
| AWS::MemoryDB::ACL | Arn, Status |
| AWS::MemoryDB::Cluster | ARN, ClusterEndpoint.Address, ClusterEndpoint.Port, ParameterGroupStatus, Status |
| AWS::MemoryDB::ParameterGroup | ARN |
| AWS::MemoryDB::SubnetGroup | ARN |
| AWS::MemoryDB::User | Arn, Status |
| AWS::Neptune::DBCluster | ClusterResourceId, Endpoint, Port, ReadEndpoint |
| AWS::Neptune::DBClusterParameterGroup | ❌ |
| AWS::Neptune::DBInstance | Endpoint, Port |
| AWS::Neptune::DBParameterGroup | ❌ |
| AWS::Neptune::DBSubnetGroup | ❌ |
| AWS::NetworkFirewall::Firewall | EndpointIds, FirewallArn, FirewallId |
| AWS::NetworkFirewall::FirewallPolicy | FirewallPolicyArn, FirewallPolicyId |
| AWS::NetworkFirewall::LoggingConfiguration | ❌ |
| AWS::NetworkFirewall::RuleGroup | RuleGroupArn, RuleGroupId |
| AWS::NetworkManager::CustomerGatewayAssociation | ❌ |
| AWS::NetworkManager::Device | DeviceArn, DeviceId |
| AWS::NetworkManager::GlobalNetwork | Arn, Id |
| AWS::NetworkManager::Link | LinkArn, LinkId |
| AWS::NetworkManager::LinkAssociation | ❌ |
| AWS::NetworkManager::Site | SiteArn, SiteId |
| AWS::NetworkManager::TransitGatewayRegistration | ❌ |
| AWS::NimbleStudio::LaunchProfile | LaunchProfileId |
| AWS::NimbleStudio::StreamingImage | EulaIds, Owner, Platform, StreamingImageId |
| AWS::NimbleStudio::Studio | HomeRegion, SsoClientId, StudioId, StudioUrl |
| AWS::NimbleStudio::StudioComponent | StudioComponentId |
| AWS::OpenSearchService::Domain | Arn, DomainArn, DomainEndpoint, Id |
| AWS::OpsWorks::App | ❌ |
| AWS::OpsWorks::ElasticLoadBalancerAttachment | ❌ |
| AWS::OpsWorks::Instance | AvailabilityZone, PrivateDnsName, PrivateIp, PublicDnsName, PublicIp |
| AWS::OpsWorks::Layer | ❌ |
| AWS::OpsWorks::Stack | ❌ |
| AWS::OpsWorks::UserProfile | SshUsername |
| AWS::OpsWorks::Volume | ❌ |
| AWS::OpsWorksCM::Server | Arn, Endpoint, Id |
| AWS::Panorama::ApplicationInstance | ApplicationInstanceId, Arn, CreatedTime, DefaultRuntimeContextDeviceName, HealthStatus, LastUpdatedTime, Status, StatusDescription |
| AWS::Panorama::Package | Arn, CreatedTime, PackageId |
| AWS::Panorama::PackageVersion | IsLatestPatch, PackageArn, PackageName, RegisteredTime, Status, StatusDescription |
| AWS::Personalize::Dataset | DatasetArn |
| AWS::Personalize::DatasetGroup | DatasetGroupArn |
| AWS::Personalize::Schema | SchemaArn |
| AWS::Personalize::Solution | SolutionArn |
| AWS::Pinpoint::ADMChannel | ❌ |
| AWS::Pinpoint::APNSChannel | ❌ |
| AWS::Pinpoint::APNSSandboxChannel | ❌ |
| AWS::Pinpoint::APNSVoipChannel | ❌ |
| AWS::Pinpoint::APNSVoipSandboxChannel | ❌ |
| AWS::Pinpoint::App | Arn |
| AWS::Pinpoint::ApplicationSettings | ❌ |
| AWS::Pinpoint::BaiduChannel | ❌ |
| AWS::Pinpoint::Campaign | Arn, CampaignId |
| AWS::Pinpoint::EmailChannel | ❌ |
| AWS::Pinpoint::EmailTemplate | Arn |
| AWS::Pinpoint::EventStream | ❌ |
| AWS::Pinpoint::GCMChannel | ❌ |
| AWS::Pinpoint::InAppTemplate | Arn |
| AWS::Pinpoint::PushTemplate | Arn |
| AWS::Pinpoint::SMSChannel | ❌ |
| AWS::Pinpoint::Segment | Arn, SegmentId |
| AWS::Pinpoint::SmsTemplate | Arn |
| AWS::Pinpoint::VoiceChannel | ❌ |
| AWS::PinpointEmail::ConfigurationSet | ❌ |
| AWS::PinpointEmail::ConfigurationSetEventDestination | ❌ |
| AWS::PinpointEmail::DedicatedIpPool | ❌ |
| AWS::PinpointEmail::Identity | IdentityDNSRecordName1, IdentityDNSRecordName2, IdentityDNSRecordName3, IdentityDNSRecordValue1, IdentityDNSRecordValue2, IdentityDNSRecordValue3 |
| AWS::QLDB::Ledger | ❌ |
| AWS::QLDB::Stream | Arn, Id |
| AWS::QuickSight::Analysis | Arn, CreatedTime, DataSetArns, LastUpdatedTime, Sheets, Status |
| AWS::QuickSight::Dashboard | Arn, CreatedTime, LastPublishedTime, LastUpdatedTime |
| AWS::QuickSight::DataSet | Arn, ConsumedSpiceCapacityInBytes, CreatedTime, LastUpdatedTime, OutputColumns |
| AWS::QuickSight::DataSource | Arn, CreatedTime, LastUpdatedTime, Status |
| AWS::QuickSight::Template | Arn, CreatedTime, LastUpdatedTime |
| AWS::QuickSight::Theme | Arn, CreatedTime, LastUpdatedTime, Type |
| AWS::RAM::ResourceShare | Arn |
| AWS::RDS::DBCluster | Endpoint.Address, Endpoint.Port, ReadEndpoint.Address |
| AWS::RDS::DBClusterParameterGroup | ❌ |
| AWS::RDS::DBInstance | Endpoint.Address, Endpoint.Port |
| AWS::RDS::DBParameterGroup | ❌ |
| AWS::RDS::DBProxy | DBProxyArn, Endpoint |
| AWS::RDS::DBProxyEndpoint | DBProxyEndpointArn, Endpoint, IsDefault, VpcId |
| AWS::RDS::DBProxyTargetGroup | TargetGroupArn |
| AWS::RDS::DBSecurityGroup | ❌ |
| AWS::RDS::DBSecurityGroupIngress | ❌ |
| AWS::RDS::DBSubnetGroup | ❌ |
| AWS::RDS::EventSubscription | ❌ |
| AWS::RDS::GlobalCluster | ❌ |
| AWS::RDS::OptionGroup | ❌ |
| AWS::RUM::AppMonitor | ❌ |
| AWS::Redshift::Cluster | DeferMaintenanceIdentifier, Endpoint.Address, Endpoint.Port, Id |
| AWS::Redshift::ClusterParameterGroup | ❌ |
| AWS::Redshift::ClusterSecurityGroup | ❌ |
| AWS::Redshift::ClusterSecurityGroupIngress | ❌ |
| AWS::Redshift::ClusterSubnetGroup | ❌ |
| AWS::Redshift::EndpointAccess | Address, EndpointCreateTime, EndpointStatus, Port, VpcSecurityGroups |
| AWS::Redshift::EndpointAuthorization | AllowedAllVPCs, AllowedVPCs, AuthorizeTime, ClusterStatus, EndpointCount, Grantee, Grantor, Status |
| AWS::Redshift::EventSubscription | CustSubscriptionId, CustomerAwsId, EventCategoriesList, SourceIdsList, Status, SubscriptionCreationTime |
| AWS::Redshift::ScheduledAction | NextInvocations, State |
| AWS::RefactorSpaces::Application | ApiGatewayId, ApplicationIdentifier, Arn, NlbArn, NlbName, ProxyUrl, StageName, VpcLinkId |
| AWS::RefactorSpaces::Environment | Arn, EnvironmentIdentifier, TransitGatewayId |
| AWS::RefactorSpaces::Route | Arn, PathResourceToId, RouteIdentifier |
| AWS::RefactorSpaces::Service | Arn, ServiceIdentifier |
| AWS::Rekognition::Collection | Arn |
| AWS::Rekognition::Project | Arn |
| AWS::Rekognition::StreamProcessor | Arn, Status, StatusMessage |
| AWS::ResilienceHub::App | AppArn |
| AWS::ResilienceHub::ResiliencyPolicy | PolicyArn |
| AWS::ResourceGroups::Group | Arn |
| AWS::RoboMaker::Fleet | Arn |
| AWS::RoboMaker::Robot | Arn |
| AWS::RoboMaker::RobotApplication | Arn, CurrentRevisionId |
| AWS::RoboMaker::RobotApplicationVersion | ApplicationVersion, Arn |
| AWS::RoboMaker::SimulationApplication | Arn, CurrentRevisionId |
| AWS::RoboMaker::SimulationApplicationVersion | ApplicationVersion, Arn |
| AWS::Route53::DNSSEC | ❌ |
| AWS::Route53::HealthCheck | HealthCheckId |
| AWS::Route53::HostedZone | Id, NameServers |
| AWS::Route53::KeySigningKey | ❌ |
| AWS::Route53::RecordSet | ❌ |
| AWS::Route53::RecordSetGroup | ❌ |
| AWS::Route53RecoveryControl::Cluster | ClusterArn, ClusterEndpoints, Status |
| AWS::Route53RecoveryControl::ControlPanel | ControlPanelArn, DefaultControlPanel, RoutingControlCount, Status |
| AWS::Route53RecoveryControl::RoutingControl | RoutingControlArn, Status |
| AWS::Route53RecoveryControl::SafetyRule | SafetyRuleArn, Status |
| AWS::Route53RecoveryReadiness::Cell | CellArn, ParentReadinessScopes |
| AWS::Route53RecoveryReadiness::ReadinessCheck | ReadinessCheckArn |
| AWS::Route53RecoveryReadiness::RecoveryGroup | RecoveryGroupArn |
| AWS::Route53RecoveryReadiness::ResourceSet | ResourceSetArn |
| AWS::Route53Resolver::FirewallDomainList | Arn, CreationTime, CreatorRequestId, DomainCount, Id, ManagedOwnerName, ModificationTime, Status, StatusMessage |
| AWS::Route53Resolver::FirewallRuleGroup | Arn, CreationTime, CreatorRequestId, Id, ModificationTime, OwnerId, RuleCount, ShareStatus, Status, StatusMessage |
| AWS::Route53Resolver::FirewallRuleGroupAssociation | Arn, CreationTime, CreatorRequestId, Id, ManagedOwnerName, ModificationTime, Status, StatusMessage |
| AWS::Route53Resolver::ResolverConfig | AutodefinedReverse, Id, OwnerId |
| AWS::Route53Resolver::ResolverDNSSECConfig | Id, OwnerId, ValidationStatus |
| AWS::Route53Resolver::ResolverEndpoint | Arn, Direction, HostVPCId, IpAddressCount, Name, ResolverEndpointId |
| AWS::Route53Resolver::ResolverQueryLoggingConfig | Arn, AssociationCount, CreationTime, CreatorRequestId, Id, OwnerId, ShareStatus, Status |
| AWS::Route53Resolver::ResolverRule | Arn, DomainName, Name, ResolverEndpointId, ResolverRuleId, TargetIps |
| AWS::Route53Resolver::ResolverRuleAssociation | Name, ResolverRuleAssociationId, ResolverRuleId, VPCId |
| AWS::S3::AccessPoint | Alias, Arn, Name, NetworkOrigin |
| AWS::S3::Bucket | Arn, DomainName, DualStackDomainName, RegionalDomainName, WebsiteURL |
| AWS::S3::BucketPolicy | ❌ |
| AWS::S3::MultiRegionAccessPoint | Alias, CreatedAt |
| AWS::S3::MultiRegionAccessPointPolicy | ❌ |
| AWS::S3::StorageLens | StorageLensConfiguration.StorageLensArn |
| AWS::S3ObjectLambda::AccessPoint | Arn, CreationDate |
| AWS::S3ObjectLambda::AccessPointPolicy | ❌ |
| AWS::S3Outposts::AccessPoint | Arn |
| AWS::S3Outposts::Bucket | Arn |
| AWS::S3Outposts::BucketPolicy | ❌ |
| AWS::S3Outposts::Endpoint | Arn, CidrBlock, CreationTime, Id, NetworkInterfaces, Status |
| AWS::SDB::Domain | ❌ |
| AWS::SES::ConfigurationSet | ❌ |
| AWS::SES::ConfigurationSetEventDestination | Id |
| AWS::SES::ContactList | ❌ |
| AWS::SES::ReceiptFilter | ❌ |
| AWS::SES::ReceiptRule | ❌ |
| AWS::SES::ReceiptRuleSet | ❌ |
| AWS::SES::Template | Id |
| AWS::SNS::Subscription | ❌ |
| AWS::SNS::Topic | TopicName |
| AWS::SNS::TopicPolicy | ❌ |
| AWS::SQS::Queue | Arn, QueueName, QueueUrl |
| AWS::SQS::QueuePolicy | ❌ |
| AWS::SSM::Association | AssociationId |
| AWS::SSM::Document | ❌ |
| AWS::SSM::MaintenanceWindow | ❌ |
| AWS::SSM::MaintenanceWindowTarget | ❌ |
| AWS::SSM::MaintenanceWindowTask | ❌ |
| AWS::SSM::Parameter | Type, Value |
| AWS::SSM::PatchBaseline | ❌ |
| AWS::SSM::ResourceDataSync | SyncName |
| AWS::SSMContacts::Contact | Arn |
| AWS::SSMContacts::ContactChannel | Arn |
| AWS::SSMIncidents::ReplicationSet | Arn |
| AWS::SSMIncidents::ResponsePlan | Arn |
| AWS::SSO::Assignment | ❌ |
| AWS::SSO::InstanceAccessControlAttributeConfiguration | ❌ |
| AWS::SSO::PermissionSet | PermissionSetArn |
| AWS::SageMaker::App | AppArn |
| AWS::SageMaker::AppImageConfig | AppImageConfigArn |
| AWS::SageMaker::CodeRepository | CodeRepositoryName |
| AWS::SageMaker::DataQualityJobDefinition | CreationTime, JobDefinitionArn |
| AWS::SageMaker::Device | ❌ |
| AWS::SageMaker::DeviceFleet | ❌ |
| AWS::SageMaker::Domain | DomainArn, DomainId, HomeEfsFileSystemId, SecurityGroupIdForDomainBoundary, SingleSignOnManagedApplicationInstanceId, Url |
| AWS::SageMaker::Endpoint | EndpointName |
| AWS::SageMaker::EndpointConfig | EndpointConfigName |
| AWS::SageMaker::FeatureGroup | ❌ |
| AWS::SageMaker::Image | ImageArn |
| AWS::SageMaker::ImageVersion | ContainerImage, ImageArn, ImageVersionArn, Version |
| AWS::SageMaker::Model | ModelName |
| AWS::SageMaker::ModelBiasJobDefinition | CreationTime, JobDefinitionArn |
| AWS::SageMaker::ModelExplainabilityJobDefinition | CreationTime, JobDefinitionArn |
| AWS::SageMaker::ModelPackageGroup | CreationTime, ModelPackageGroupArn, ModelPackageGroupStatus |
| AWS::SageMaker::ModelQualityJobDefinition | CreationTime, JobDefinitionArn |
| AWS::SageMaker::MonitoringSchedule | CreationTime, LastModifiedTime, MonitoringScheduleArn |
| AWS::SageMaker::NotebookInstance | NotebookInstanceName |
| AWS::SageMaker::NotebookInstanceLifecycleConfig | NotebookInstanceLifecycleConfigName |
| AWS::SageMaker::Pipeline | ❌ |
| AWS::SageMaker::Project | CreationTime, ProjectArn, ProjectId, ProjectStatus |
| AWS::SageMaker::UserProfile | UserProfileArn |
| AWS::SageMaker::Workteam | WorkteamName |
| AWS::SecretsManager::ResourcePolicy | ❌ |
| AWS::SecretsManager::RotationSchedule | ❌ |
| AWS::SecretsManager::Secret | ❌ |
| AWS::SecretsManager::SecretTargetAttachment | ❌ |
| AWS::SecurityHub::Hub | ❌ |
| AWS::ServiceCatalog::AcceptedPortfolioShare | ❌ |
| AWS::ServiceCatalog::CloudFormationProduct | ProductName, ProvisioningArtifactIds, ProvisioningArtifactNames |
| AWS::ServiceCatalog::CloudFormationProvisionedProduct | CloudformationStackArn, ProvisionedProductId, RecordId |
| AWS::ServiceCatalog::LaunchNotificationConstraint | ❌ |
| AWS::ServiceCatalog::LaunchRoleConstraint | ❌ |
| AWS::ServiceCatalog::LaunchTemplateConstraint | ❌ |
| AWS::ServiceCatalog::Portfolio | PortfolioName |
| AWS::ServiceCatalog::PortfolioPrincipalAssociation | ❌ |
| AWS::ServiceCatalog::PortfolioProductAssociation | ❌ |
| AWS::ServiceCatalog::PortfolioShare | ❌ |
| AWS::ServiceCatalog::ResourceUpdateConstraint | ❌ |
| AWS::ServiceCatalog::ServiceAction | Id |
| AWS::ServiceCatalog::ServiceActionAssociation | ❌ |
| AWS::ServiceCatalog::StackSetConstraint | ❌ |
| AWS::ServiceCatalog::TagOption | ❌ |
| AWS::ServiceCatalog::TagOptionAssociation | ❌ |
| AWS::ServiceCatalogAppRegistry::Application | Arn, Id |
| AWS::ServiceCatalogAppRegistry::AttributeGroup | Arn, Id |
| AWS::ServiceCatalogAppRegistry::ResourceAssociation | ApplicationArn, Id, ResourceArn |
| AWS::ServiceDiscovery::HttpNamespace | Arn, Id |
| AWS::ServiceDiscovery::Instance | ❌ |
| AWS::ServiceDiscovery::PrivateDnsNamespace | Arn, HostedZoneId, Id |
| AWS::ServiceDiscovery::PublicDnsNamespace | Arn, HostedZoneId, Id |
| AWS::ServiceDiscovery::Service | Arn, Id, Name |
| AWS::Signer::ProfilePermission | ❌ |
| AWS::Signer::SigningProfile | Arn, ProfileName, ProfileVersion, ProfileVersionArn |
| AWS::StepFunctions::Activity | Arn, Name |
| AWS::StepFunctions::StateMachine | Arn, Name |
| AWS::Synthetics::Canary | Id, State |
| AWS::Timestream::Database | Arn |
| AWS::Timestream::ScheduledQuery | Arn, SQErrorReportConfiguration, SQKmsKeyId, SQName, SQNotificationConfiguration, SQQueryString, SQScheduleConfiguration, SQScheduledQueryExecutionRoleArn, SQTargetConfiguration |
| AWS::Timestream::Table | Arn, Name |
| AWS::Transfer::Server | Arn, ServerId |
| AWS::Transfer::User | Arn, ServerId, UserName |
| AWS::Transfer::Workflow | Arn, WorkflowId |
| AWS::VoiceID::Domain | DomainId |
| AWS::WAF::ByteMatchSet | ❌ |
| AWS::WAF::IPSet | ❌ |
| AWS::WAF::Rule | ❌ |
| AWS::WAF::SizeConstraintSet | ❌ |
| AWS::WAF::SqlInjectionMatchSet | ❌ |
| AWS::WAF::WebACL | ❌ |
| AWS::WAF::XssMatchSet | ❌ |
| AWS::WAFRegional::ByteMatchSet | ❌ |
| AWS::WAFRegional::GeoMatchSet | ❌ |
| AWS::WAFRegional::IPSet | ❌ |
| AWS::WAFRegional::RateBasedRule | ❌ |
| AWS::WAFRegional::RegexPatternSet | ❌ |
| AWS::WAFRegional::Rule | ❌ |
| AWS::WAFRegional::SizeConstraintSet | ❌ |
| AWS::WAFRegional::SqlInjectionMatchSet | ❌ |
| AWS::WAFRegional::WebACL | ❌ |
| AWS::WAFRegional::WebACLAssociation | ❌ |
| AWS::WAFRegional::XssMatchSet | ❌ |
| AWS::WAFv2::IPSet | Arn, Id |
| AWS::WAFv2::LoggingConfiguration | ManagedByFirewallManager |
| AWS::WAFv2::RegexPatternSet | Arn, Id |
| AWS::WAFv2::RuleGroup | Arn, AvailableLabels, ConsumedLabels, Id, LabelNamespace |
| AWS::WAFv2::WebACL | Arn, Capacity, Id, LabelNamespace |
| AWS::WAFv2::WebACLAssociation | ❌ |
| AWS::Wisdom::Assistant | AssistantArn, AssistantId |
| AWS::Wisdom::AssistantAssociation | AssistantArn, AssistantAssociationArn, AssistantAssociationId |
| AWS::Wisdom::KnowledgeBase | KnowledgeBaseArn, KnowledgeBaseId |
| AWS::WorkSpaces::ConnectionAlias | AliasId, Associations, ConnectionAliasState |
| AWS::WorkSpaces::Workspace | ❌ |
| AWS::XRay::Group | GroupARN |
| AWS::XRay::SamplingRule | RuleARN |
| Alexa::ASK::Skill | ❌ |
Note: The data was automatically fetched from the official AWS CloudFormation resource specification and got parsed in this markdown table using a custom python script.