Building AWS infrastructure with CloudFormation requires knowing the exact properties available for each AWS resource type. This comprehensive reference provides instant access to all 1430+ AWS resource types and their configurable properties, making CloudFormation template development faster and more accurate.
Why Use This CloudFormation Properties Reference?
When creating CloudFormation templates, you need to know which properties are available for each AWS resource. The official AWS documentation spreads this information across thousands of pages, making it time-consuming to find the exact property names and configurations you need.
This cheat sheet solves that problem by consolidating every AWS resource type and its properties into a single, searchable reference - saving you hours of documentation hunting.
Quick CloudFormation Template Property Syntax
Resources:
MyS3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: my-unique-bucket-name
VersioningConfiguration:
Status: Enabled
PublicAccessBlockConfiguration:
BlockPublicAcls: true
BlockPublicPolicy: trueHow to Use This CloudFormation Properties Guide
- Search (Ctrl+F) for your AWS service or resource type (e.g., "AWS::S3::Bucket")
- Find the available properties in the second column
- Click the resource type link to view the official AWS documentation
- Copy property names into your CloudFormation template
- Configure each property according to your infrastructure requirements
Complete AWS CloudFormation Resource Properties Table
The table below contains every AWS resource type with their configurable properties, updated for 2025. Click any resource type to view the official AWS CloudFormation documentation:
| Resource type | Properties |
|---|---|
| AWS::ACMPCA::Certificate | ApiPassthrough, CertificateAuthorityArn, CertificateSigningRequest, SigningAlgorithm, TemplateArn, Validity, ValidityNotBefore |
| AWS::ACMPCA::CertificateAuthority | CsrExtensions, KeyAlgorithm, KeyStorageSecurityStandard, RevocationConfiguration, SigningAlgorithm, Subject, Tags, Type, UsageMode |
| AWS::ACMPCA::CertificateAuthorityActivation | Certificate, CertificateAuthorityArn, CertificateChain, Status |
| AWS::ACMPCA::Permission | Actions, CertificateAuthorityArn, Principal, SourceAccount |
| AWS::AIOps::InvestigationGroup | ChatbotNotificationChannels, CrossAccountConfigurations, EncryptionConfig, InvestigationGroupPolicy, IsCloudTrailEventHistoryEnabled, Name, RetentionInDays, RoleArn, TagKeyBoundaries, Tags |
| AWS::APS::RuleGroupsNamespace | Data, Name, Tags, Workspace |
| AWS::APS::Scraper | Alias, Destination, RoleConfiguration, ScrapeConfiguration, Source, Tags |
| AWS::APS::Workspace | AlertManagerDefinition, Alias, KmsKeyArn, LoggingConfiguration, QueryLoggingConfiguration, Tags, WorkspaceConfiguration |
| AWS::ARCRegionSwitch::Plan | AssociatedAlarms, Description, ExecutionRole, Name, PrimaryRegion, RecoveryApproach, RecoveryTimeObjectiveMinutes, Regions, Tags, Triggers, Workflows |
| AWS::ARCZonalShift::AutoshiftObserverNotificationStatus | Status |
| AWS::ARCZonalShift::ZonalAutoshiftConfiguration | PracticeRunConfiguration, ResourceIdentifier, ZonalAutoshiftStatus |
| AWS::AccessAnalyzer::Analyzer | AnalyzerConfiguration, AnalyzerName, ArchiveRules, Tags, Type |
| AWS::AmazonMQ::Broker | AuthenticationStrategy, AutoMinorVersionUpgrade, BrokerName, Configuration, DataReplicationMode, DataReplicationPrimaryBrokerArn, DeploymentMode, EncryptionOptions, EngineType, EngineVersion, HostInstanceType, LdapServerMetadata, Logs, MaintenanceWindowStartTime, PubliclyAccessible, SecurityGroups, StorageType, SubnetIds, Tags, Users |
| AWS::AmazonMQ::Configuration | AuthenticationStrategy, Data, Description, EngineType, EngineVersion, Name, Tags |
| AWS::AmazonMQ::ConfigurationAssociation | Broker, Configuration |
| AWS::Amplify::App | AccessToken, AutoBranchCreationConfig, BasicAuthConfig, BuildSpec, CacheConfig, ComputeRoleArn, CustomHeaders, CustomRules, Description, EnableBranchAutoDeletion, EnvironmentVariables, IAMServiceRole, JobConfig, Name, OauthToken, Platform, Repository, Tags |
| AWS::Amplify::Branch | AppId, Backend, BasicAuthConfig, BranchName, BuildSpec, ComputeRoleArn, Description, EnableAutoBuild, EnablePerformanceMode, EnablePullRequestPreview, EnableSkewProtection, EnvironmentVariables, Framework, PullRequestEnvironmentName, Stage, Tags |
| AWS::Amplify::Domain | AppId, AutoSubDomainCreationPatterns, AutoSubDomainIAMRole, CertificateSettings, DomainName, EnableAutoSubDomain, SubDomainSettings |
| AWS::AmplifyUIBuilder::Component | AppId, BindingProperties, Children, CollectionProperties, ComponentType, EnvironmentName, Events, Name, Overrides, Properties, SchemaVersion, SourceId, Tags, Variants |
| AWS::AmplifyUIBuilder::Form | AppId, Cta, DataType, EnvironmentName, Fields, FormActionType, LabelDecorator, Name, SchemaVersion, SectionalElements, Style, Tags |
| AWS::AmplifyUIBuilder::Theme | AppId, EnvironmentName, Name, Overrides, Tags, Values |
| AWS::ApiGateway::Account | CloudWatchRoleArn |
| AWS::ApiGateway::ApiKey | CustomerId, Description, Enabled, GenerateDistinctId, Name, StageKeys, Tags, Value |
| AWS::ApiGateway::Authorizer | AuthType, AuthorizerCredentials, AuthorizerResultTtlInSeconds, AuthorizerUri, IdentitySource, IdentityValidationExpression, Name, ProviderARNs, RestApiId, Type |
| AWS::ApiGateway::BasePathMapping | BasePath, DomainName, Id, RestApiId, Stage |
| AWS::ApiGateway::BasePathMappingV2 | BasePath, DomainNameArn, RestApiId, Stage |
| AWS::ApiGateway::ClientCertificate | Description, Tags |
| AWS::ApiGateway::Deployment | DeploymentCanarySettings, Description, RestApiId, StageDescription, StageName |
| AWS::ApiGateway::DocumentationPart | Location, Properties, RestApiId |
| AWS::ApiGateway::DocumentationVersion | Description, DocumentationVersion, RestApiId |
| AWS::ApiGateway::DomainName | CertificateArn, DomainName, EndpointConfiguration, MutualTlsAuthentication, OwnershipVerificationCertificateArn, RegionalCertificateArn, RoutingMode, SecurityPolicy, Tags |
| AWS::ApiGateway::DomainNameAccessAssociation | AccessAssociationSource, AccessAssociationSourceType, DomainNameArn, Tags |
| AWS::ApiGateway::DomainNameV2 | CertificateArn, DomainName, EndpointConfiguration, Policy, RoutingMode, SecurityPolicy, Tags |
| AWS::ApiGateway::GatewayResponse | ResponseParameters, ResponseTemplates, ResponseType, RestApiId, StatusCode |
| AWS::ApiGateway::Method | ApiKeyRequired, AuthorizationScopes, AuthorizationType, AuthorizerId, HttpMethod, Integration, MethodResponses, OperationName, RequestModels, RequestParameters, RequestValidatorId, ResourceId, RestApiId |
| AWS::ApiGateway::Model | ContentType, Description, Name, RestApiId, Schema |
| AWS::ApiGateway::RequestValidator | Name, RestApiId, ValidateRequestBody, ValidateRequestParameters |
| AWS::ApiGateway::Resource | ParentId, PathPart, RestApiId |
| AWS::ApiGateway::RestApi | ApiKeySourceType, BinaryMediaTypes, Body, BodyS3Location, CloneFrom, Description, DisableExecuteApiEndpoint, EndpointConfiguration, FailOnWarnings, MinimumCompressionSize, Mode, Name, Parameters, Policy, Tags |
| AWS::ApiGateway::Stage | AccessLogSetting, CacheClusterEnabled, CacheClusterSize, CanarySetting, ClientCertificateId, DeploymentId, Description, DocumentationVersion, MethodSettings, RestApiId, StageName, Tags, TracingEnabled, Variables |
| AWS::ApiGateway::UsagePlan | ApiStages, Description, Quota, Tags, Throttle, UsagePlanName |
| AWS::ApiGateway::UsagePlanKey | KeyId, KeyType, UsagePlanId |
| AWS::ApiGateway::VpcLink | Description, Name, Tags, TargetArns |
| AWS::ApiGatewayV2::Api | ApiKeySelectionExpression, BasePath, Body, BodyS3Location, CorsConfiguration, CredentialsArn, Description, DisableExecuteApiEndpoint, DisableSchemaValidation, FailOnWarnings, IpAddressType, Name, ProtocolType, RouteKey, RouteSelectionExpression, Tags, Target, Version |
| AWS::ApiGatewayV2::ApiGatewayManagedOverrides | ApiId, Integration, Route, Stage |
| AWS::ApiGatewayV2::ApiMapping | ApiId, ApiMappingKey, DomainName, Stage |
| AWS::ApiGatewayV2::Authorizer | ApiId, AuthorizerCredentialsArn, AuthorizerPayloadFormatVersion, AuthorizerResultTtlInSeconds, AuthorizerType, AuthorizerUri, EnableSimpleResponses, IdentitySource, IdentityValidationExpression, JwtConfiguration, Name |
| AWS::ApiGatewayV2::Deployment | ApiId, Description, StageName |
| AWS::ApiGatewayV2::DomainName | DomainName, DomainNameConfigurations, MutualTlsAuthentication, RoutingMode, Tags |
| AWS::ApiGatewayV2::Integration | ApiId, ConnectionId, ConnectionType, ContentHandlingStrategy, CredentialsArn, Description, IntegrationMethod, IntegrationSubtype, IntegrationType, IntegrationUri, PassthroughBehavior, PayloadFormatVersion, RequestParameters, RequestTemplates, ResponseParameters, TemplateSelectionExpression, TimeoutInMillis, TlsConfig |
| AWS::ApiGatewayV2::IntegrationResponse | ApiId, ContentHandlingStrategy, IntegrationId, IntegrationResponseKey, ResponseParameters, ResponseTemplates, TemplateSelectionExpression |
| AWS::ApiGatewayV2::Model | ApiId, ContentType, Description, Name, Schema |
| AWS::ApiGatewayV2::Route | ApiId, ApiKeyRequired, AuthorizationScopes, AuthorizationType, AuthorizerId, ModelSelectionExpression, OperationName, RequestModels, RequestParameters, RouteKey, RouteResponseSelectionExpression, Target |
| AWS::ApiGatewayV2::RouteResponse | ApiId, ModelSelectionExpression, ResponseModels, ResponseParameters, RouteId, RouteResponseKey |
| AWS::ApiGatewayV2::RoutingRule | Actions, Conditions, DomainNameArn, Priority |
| AWS::ApiGatewayV2::Stage | AccessLogSettings, AccessPolicyId, ApiId, AutoDeploy, ClientCertificateId, DefaultRouteSettings, DeploymentId, Description, RouteSettings, StageName, StageVariables, Tags |
| AWS::ApiGatewayV2::VpcLink | Name, SecurityGroupIds, SubnetIds, Tags |
| AWS::AppConfig::Application | Description, Name, Tags |
| AWS::AppConfig::ConfigurationProfile | ApplicationId, DeletionProtectionCheck, Description, KmsKeyIdentifier, LocationUri, Name, RetrievalRoleArn, Tags, Type, Validators |
| AWS::AppConfig::Deployment | ApplicationId, ConfigurationProfileId, ConfigurationVersion, DeploymentStrategyId, Description, DynamicExtensionParameters, EnvironmentId, KmsKeyIdentifier, Tags |
| AWS::AppConfig::DeploymentStrategy | DeploymentDurationInMinutes, Description, FinalBakeTimeInMinutes, GrowthFactor, GrowthType, Name, ReplicateTo, Tags |
| AWS::AppConfig::Environment | ApplicationId, DeletionProtectionCheck, Description, Monitors, Name, Tags |
| AWS::AppConfig::Extension | Actions, Description, LatestVersionNumber, Name, Parameters, Tags |
| AWS::AppConfig::ExtensionAssociation | ExtensionIdentifier, ExtensionVersionNumber, Parameters, ResourceIdentifier, Tags |
| AWS::AppConfig::HostedConfigurationVersion | ApplicationId, ConfigurationProfileId, Content, ContentType, Description, LatestVersionNumber, VersionLabel |
| AWS::AppFlow::Connector | ConnectorLabel, ConnectorProvisioningConfig, ConnectorProvisioningType, Description |
| AWS::AppFlow::ConnectorProfile | ConnectionMode, ConnectorLabel, ConnectorProfileConfig, ConnectorProfileName, ConnectorType, KMSArn |
| AWS::AppFlow::Flow | Description, DestinationFlowConfigList, FlowName, FlowStatus, KMSArn, MetadataCatalogConfig, SourceFlowConfig, Tags, Tasks, TriggerConfig |
| AWS::AppIntegrations::Application | ApplicationConfig, ApplicationSourceConfig, Description, IframeConfig, InitializationTimeout, IsService, Name, Namespace, Permissions, Tags |
| AWS::AppIntegrations::DataIntegration | Description, FileConfiguration, KmsKey, Name, ObjectConfiguration, ScheduleConfig, SourceURI, Tags |
| AWS::AppIntegrations::EventIntegration | Description, EventBridgeBus, EventFilter, Name, Tags |
| AWS::AppMesh::GatewayRoute | GatewayRouteName, MeshName, MeshOwner, Spec, Tags, VirtualGatewayName |
| AWS::AppMesh::Mesh | MeshName, Spec, Tags |
| AWS::AppMesh::Route | MeshName, MeshOwner, RouteName, Spec, Tags, VirtualRouterName |
| AWS::AppMesh::VirtualGateway | MeshName, MeshOwner, Spec, Tags, VirtualGatewayName |
| AWS::AppMesh::VirtualNode | MeshName, MeshOwner, Spec, Tags, VirtualNodeName |
| AWS::AppMesh::VirtualRouter | MeshName, MeshOwner, Spec, Tags, VirtualRouterName |
| AWS::AppMesh::VirtualService | MeshName, MeshOwner, Spec, Tags, VirtualServiceName |
| AWS::AppRunner::AutoScalingConfiguration | AutoScalingConfigurationName, MaxConcurrency, MaxSize, MinSize, Tags |
| AWS::AppRunner::ObservabilityConfiguration | ObservabilityConfigurationName, Tags, TraceConfiguration |
| AWS::AppRunner::Service | AutoScalingConfigurationArn, EncryptionConfiguration, HealthCheckConfiguration, InstanceConfiguration, NetworkConfiguration, ObservabilityConfiguration, ServiceName, SourceConfiguration, Tags |
| AWS::AppRunner::VpcConnector | SecurityGroups, Subnets, Tags, VpcConnectorName |
| AWS::AppRunner::VpcIngressConnection | IngressVpcConfiguration, ServiceArn, Tags, VpcIngressConnectionName |
| AWS::AppStream::AppBlock | Description, DisplayName, Name, PackagingType, PostSetupScriptDetails, SetupScriptDetails, SourceS3Location, Tags |
| AWS::AppStream::AppBlockBuilder | AccessEndpoints, AppBlockArns, Description, DisplayName, EnableDefaultInternetAccess, IamRoleArn, InstanceType, Name, Platform, Tags, VpcConfig |
| AWS::AppStream::Application | AppBlockArn, AttributesToDelete, Description, DisplayName, IconS3Location, InstanceFamilies, LaunchParameters, LaunchPath, Name, Platforms, Tags, WorkingDirectory |
| AWS::AppStream::ApplicationEntitlementAssociation | ApplicationIdentifier, EntitlementName, StackName |
| AWS::AppStream::ApplicationFleetAssociation | ApplicationArn, FleetName |
| AWS::AppStream::DirectoryConfig | CertificateBasedAuthProperties, DirectoryName, OrganizationalUnitDistinguishedNames, ServiceAccountCredentials |
| AWS::AppStream::Entitlement | AppVisibility, Attributes, Description, Name, StackName |
| AWS::AppStream::Fleet | ComputeCapacity, Description, DisconnectTimeoutInSeconds, DisplayName, DomainJoinInfo, EnableDefaultInternetAccess, FleetType, IamRoleArn, IdleDisconnectTimeoutInSeconds, ImageArn, ImageName, InstanceType, MaxConcurrentSessions, MaxSessionsPerInstance, MaxUserDurationInSeconds, Name, Platform, SessionScriptS3Location, StreamView, Tags, UsbDeviceFilterStrings, VpcConfig |
| AWS::AppStream::ImageBuilder | AccessEndpoints, AppstreamAgentVersion, Description, DisplayName, DomainJoinInfo, EnableDefaultInternetAccess, IamRoleArn, ImageArn, ImageName, InstanceType, Name, Tags, VpcConfig |
| AWS::AppStream::Stack | AccessEndpoints, ApplicationSettings, AttributesToDelete, DeleteStorageConnectors, Description, DisplayName, EmbedHostDomains, FeedbackURL, Name, RedirectURL, StorageConnectors, StreamingExperienceSettings, Tags, UserSettings |
| AWS::AppStream::StackFleetAssociation | FleetName, StackName |
| AWS::AppStream::StackUserAssociation | AuthenticationType, SendEmailNotification, StackName, UserName |
| AWS::AppStream::User | AuthenticationType, FirstName, LastName, MessageAction, UserName |
| AWS::AppSync::Api | EventConfig, Name, OwnerContact, Tags |
| AWS::AppSync::ApiCache | ApiCachingBehavior, ApiId, AtRestEncryptionEnabled, HealthMetricsConfig, TransitEncryptionEnabled, Ttl, Type |
| AWS::AppSync::ApiKey | ApiId, ApiKeyId, Description, Expires |
| AWS::AppSync::ChannelNamespace | ApiId, CodeHandlers, CodeS3Location, HandlerConfigs, Name, PublishAuthModes, SubscribeAuthModes, Tags |
| AWS::AppSync::DataSource | ApiId, Description, DynamoDBConfig, ElasticsearchConfig, EventBridgeConfig, HttpConfig, LambdaConfig, MetricsConfig, Name, OpenSearchServiceConfig, RelationalDatabaseConfig, ServiceRoleArn, Type |
| AWS::AppSync::DomainName | CertificateArn, Description, DomainName, Tags |
| AWS::AppSync::DomainNameApiAssociation | ApiId, DomainName |
| AWS::AppSync::FunctionConfiguration | ApiId, Code, CodeS3Location, DataSourceName, Description, FunctionVersion, MaxBatchSize, Name, RequestMappingTemplate, RequestMappingTemplateS3Location, ResponseMappingTemplate, ResponseMappingTemplateS3Location, Runtime, SyncConfig |
| AWS::AppSync::GraphQLApi | AdditionalAuthenticationProviders, ApiType, AuthenticationType, EnhancedMetricsConfig, EnvironmentVariables, IntrospectionConfig, LambdaAuthorizerConfig, LogConfig, MergedApiExecutionRoleArn, Name, OpenIDConnectConfig, OwnerContact, QueryDepthLimit, ResolverCountLimit, Tags, UserPoolConfig, Visibility, XrayEnabled |
| AWS::AppSync::GraphQLSchema | ApiId, Definition, DefinitionS3Location |
| AWS::AppSync::Resolver | ApiId, CachingConfig, Code, CodeS3Location, DataSourceName, FieldName, Kind, MaxBatchSize, MetricsConfig, PipelineConfig, RequestMappingTemplate, RequestMappingTemplateS3Location, ResponseMappingTemplate, ResponseMappingTemplateS3Location, Runtime, SyncConfig, TypeName |
| AWS::AppSync::SourceApiAssociation | Description, MergedApiIdentifier, SourceApiAssociationConfig, SourceApiIdentifier |
| AWS::AppTest::TestCase | Description, Name, Steps, Tags |
| AWS::ApplicationAutoScaling::ScalableTarget | MaxCapacity, MinCapacity, ResourceId, RoleARN, ScalableDimension, ScheduledActions, ServiceNamespace, SuspendedState |
| AWS::ApplicationAutoScaling::ScalingPolicy | PolicyName, PolicyType, PredictiveScalingPolicyConfiguration, ResourceId, ScalableDimension, ScalingTargetId, ServiceNamespace, StepScalingPolicyConfiguration, TargetTrackingScalingPolicyConfiguration |
| AWS::ApplicationInsights::Application | AttachMissingPermission, AutoConfigurationEnabled, CWEMonitorEnabled, ComponentMonitoringSettings, CustomComponents, GroupingType, LogPatternSets, OpsCenterEnabled, OpsItemSNSTopicArn, ResourceGroupName, SNSNotificationArn, Tags |
| AWS::ApplicationSignals::Discovery | |
| AWS::ApplicationSignals::ServiceLevelObjective | BurnRateConfigurations, Description, ExclusionWindows, Goal, Name, RequestBasedSli, Sli, Tags |
| AWS::Athena::CapacityReservation | CapacityAssignmentConfiguration, Name, Tags, TargetDpus |
| AWS::Athena::DataCatalog | ConnectionType, Description, Error, Name, Parameters, Status, Tags, Type |
| AWS::Athena::NamedQuery | Database, Description, Name, QueryString, WorkGroup |
| AWS::Athena::PreparedStatement | Description, QueryStatement, StatementName, WorkGroup |
| AWS::Athena::WorkGroup | Description, Name, RecursiveDeleteOption, State, Tags, WorkGroupConfiguration |
| AWS::AuditManager::Assessment | AssessmentReportsDestination, AwsAccount, Delegations, Description, FrameworkId, Name, Roles, Scope, Status, Tags |
| AWS::AutoScaling::AutoScalingGroup | AutoScalingGroupName, AvailabilityZoneDistribution, AvailabilityZoneImpairmentPolicy, AvailabilityZones, CapacityRebalance, CapacityReservationSpecification, Context, Cooldown, DefaultInstanceWarmup, DesiredCapacity, DesiredCapacityType, HealthCheckGracePeriod, HealthCheckType, InstanceId, InstanceMaintenancePolicy, LaunchConfigurationName, LaunchTemplate, LifecycleHookSpecificationList, LoadBalancerNames, MaxInstanceLifetime, MaxSize, MetricsCollection, MinSize, MixedInstancesPolicy, NewInstancesProtectedFromScaleIn, NotificationConfigurations, PlacementGroup, ServiceLinkedRoleARN, SkipZonalShiftValidation, Tags, TargetGroupARNs, TerminationPolicies, TrafficSources, VPCZoneIdentifier |
| AWS::AutoScaling::LaunchConfiguration | AssociatePublicIpAddress, BlockDeviceMappings, ClassicLinkVPCId, ClassicLinkVPCSecurityGroups, EbsOptimized, IamInstanceProfile, ImageId, InstanceId, InstanceMonitoring, InstanceType, KernelId, KeyName, LaunchConfigurationName, MetadataOptions, PlacementTenancy, RamDiskId, SecurityGroups, SpotPrice, UserData |
| AWS::AutoScaling::LifecycleHook | AutoScalingGroupName, DefaultResult, HeartbeatTimeout, LifecycleHookName, LifecycleTransition, NotificationMetadata, NotificationTargetARN, RoleARN |
| AWS::AutoScaling::ScalingPolicy | AdjustmentType, AutoScalingGroupName, Cooldown, EstimatedInstanceWarmup, MetricAggregationType, MinAdjustmentMagnitude, PolicyType, PredictiveScalingConfiguration, ScalingAdjustment, StepAdjustments, TargetTrackingConfiguration |
| AWS::AutoScaling::ScheduledAction | AutoScalingGroupName, DesiredCapacity, EndTime, MaxSize, MinSize, Recurrence, StartTime, TimeZone |
| AWS::AutoScaling::WarmPool | AutoScalingGroupName, InstanceReusePolicy, MaxGroupPreparedCapacity, MinSize, PoolState |
| AWS::AutoScalingPlans::ScalingPlan | ApplicationSource, ScalingInstructions |
| AWS::B2BI::Capability | Configuration, InstructionsDocuments, Name, Tags, Type |
| AWS::B2BI::Partnership | Capabilities, CapabilityOptions, Email, Name, Phone, ProfileId, Tags |
| AWS::B2BI::Profile | BusinessName, Email, Logging, Name, Phone, Tags |
| AWS::B2BI::Transformer | InputConversion, Mapping, Name, OutputConversion, SampleDocuments, Status, Tags |
| AWS::BCMDataExports::Export | Export, Tags |
| AWS::Backup::BackupPlan | BackupPlan, BackupPlanTags |
| AWS::Backup::BackupSelection | BackupPlanId, BackupSelection |
| AWS::Backup::BackupVault | AccessPolicy, BackupVaultName, BackupVaultTags, EncryptionKeyArn, LockConfiguration, Notifications |
| AWS::Backup::Framework | FrameworkControls, FrameworkDescription, FrameworkName, FrameworkTags |
| AWS::Backup::LogicallyAirGappedBackupVault | AccessPolicy, BackupVaultName, BackupVaultTags, MaxRetentionDays, MinRetentionDays, Notifications |
| AWS::Backup::ReportPlan | ReportDeliveryChannel, ReportPlanDescription, ReportPlanName, ReportPlanTags, ReportSetting |
| AWS::Backup::RestoreTestingPlan | RecoveryPointSelection, RestoreTestingPlanName, ScheduleExpression, ScheduleExpressionTimezone, StartWindowHours, Tags |
| AWS::Backup::RestoreTestingSelection | IamRoleArn, ProtectedResourceArns, ProtectedResourceConditions, ProtectedResourceType, RestoreMetadataOverrides, RestoreTestingPlanName, RestoreTestingSelectionName, ValidationWindowHours |
| AWS::BackupGateway::Hypervisor | Host, KmsKeyArn, LogGroupArn, Name, Password, Tags, Username |
| AWS::Batch::ComputeEnvironment | ComputeEnvironmentName, ComputeResources, Context, EksConfiguration, ReplaceComputeEnvironment, ServiceRole, State, Tags, Type, UnmanagedvCpus, UpdatePolicy |
| AWS::Batch::ConsumableResource | ConsumableResourceName, ResourceType, Tags, TotalQuantity |
| AWS::Batch::JobDefinition | ConsumableResourceProperties, ContainerProperties, EcsProperties, EksProperties, JobDefinitionName, NodeProperties, Parameters, PlatformCapabilities, PropagateTags, RetryStrategy, SchedulingPriority, Tags, Timeout, Type |
| AWS::Batch::JobQueue | ComputeEnvironmentOrder, JobQueueName, JobQueueType, JobStateTimeLimitActions, Priority, SchedulingPolicyArn, ServiceEnvironmentOrder, State, Tags |
| AWS::Batch::SchedulingPolicy | FairsharePolicy, Name, Tags |
| AWS::Batch::ServiceEnvironment | CapacityLimits, ServiceEnvironmentName, ServiceEnvironmentType, State, Tags |
| AWS::Bedrock::Agent | ActionGroups, AgentCollaboration, AgentCollaborators, AgentName, AgentResourceRoleArn, AutoPrepare, CustomOrchestration, CustomerEncryptionKeyArn, Description, FoundationModel, GuardrailConfiguration, IdleSessionTTLInSeconds, Instruction, KnowledgeBases, MemoryConfiguration, OrchestrationType, PromptOverrideConfiguration, SkipResourceInUseCheckOnDelete, Tags, TestAliasTags |
| AWS::Bedrock::AgentAlias | AgentAliasName, AgentId, Description, RoutingConfiguration, Tags |
| AWS::Bedrock::ApplicationInferenceProfile | Description, InferenceProfileName, ModelSource, Tags |
| AWS::Bedrock::Blueprint | BlueprintName, KmsEncryptionContext, KmsKeyId, Schema, Tags, Type |
| AWS::Bedrock::DataAutomationProject | CustomOutputConfiguration, KmsEncryptionContext, KmsKeyId, OverrideConfiguration, ProjectDescription, ProjectName, StandardOutputConfiguration, Tags |
| AWS::Bedrock::DataSource | DataDeletionPolicy, DataSourceConfiguration, Description, KnowledgeBaseId, Name, ServerSideEncryptionConfiguration, VectorIngestionConfiguration |
| AWS::Bedrock::Flow | CustomerEncryptionKeyArn, Definition, DefinitionS3Location, DefinitionString, DefinitionSubstitutions, Description, ExecutionRoleArn, Name, Tags, TestAliasTags |
| AWS::Bedrock::FlowAlias | ConcurrencyConfiguration, Description, FlowArn, Name, RoutingConfiguration, Tags |
| AWS::Bedrock::FlowVersion | Description, FlowArn |
| AWS::Bedrock::Guardrail | BlockedInputMessaging, BlockedOutputsMessaging, ContentPolicyConfig, ContextualGroundingPolicyConfig, CrossRegionConfig, Description, KmsKeyArn, Name, SensitiveInformationPolicyConfig, Tags, TopicPolicyConfig, WordPolicyConfig |
| AWS::Bedrock::GuardrailVersion | Description, GuardrailIdentifier |
| AWS::Bedrock::IntelligentPromptRouter | Description, FallbackModel, Models, PromptRouterName, RoutingCriteria, Tags |
| AWS::Bedrock::KnowledgeBase | Description, KnowledgeBaseConfiguration, Name, RoleArn, StorageConfiguration, Tags |
| AWS::Bedrock::Prompt | CustomerEncryptionKeyArn, DefaultVariant, Description, Name, Tags, Variants |
| AWS::Bedrock::PromptVersion | Description, PromptArn, Tags |
| AWS::Billing::BillingView | DataFilterExpression, Description, Name, SourceViews, Tags |
| AWS::BillingConductor::BillingGroup | AccountGrouping, ComputationPreference, Description, Name, PrimaryAccountId, Tags |
| AWS::BillingConductor::CustomLineItem | AccountId, BillingGroupArn, BillingPeriodRange, CustomLineItemChargeDetails, Description, Name, Tags |
| AWS::BillingConductor::PricingPlan | Description, Name, PricingRuleArns, Tags |
| AWS::BillingConductor::PricingRule | BillingEntity, Description, ModifierPercentage, Name, Operation, Scope, Service, Tags, Tiering, Type, UsageType |
| AWS::Budgets::Budget | Budget, NotificationsWithSubscribers, ResourceTags |
| AWS::Budgets::BudgetsAction | ActionThreshold, ActionType, ApprovalModel, BudgetName, Definition, ExecutionRoleArn, NotificationType, ResourceTags, Subscribers |
| AWS::CE::AnomalyMonitor | MonitorDimension, MonitorName, MonitorSpecification, MonitorType, ResourceTags |
| AWS::CE::AnomalySubscription | Frequency, MonitorArnList, ResourceTags, Subscribers, SubscriptionName, Threshold, ThresholdExpression |
| AWS::CE::CostCategory | DefaultValue, Name, RuleVersion, Rules, SplitChargeRules, Tags |
| AWS::CUR::ReportDefinition | AdditionalArtifacts, AdditionalSchemaElements, BillingViewArn, Compression, Format, RefreshClosedReports, ReportName, ReportVersioning, S3Bucket, S3Prefix, S3Region, TimeUnit |
| AWS::Cassandra::Keyspace | ClientSideTimestampsEnabled, KeyspaceName, ReplicationSpecification, Tags |
| AWS::Cassandra::Table | AutoScalingSpecifications, BillingMode, CdcSpecification, ClientSideTimestampsEnabled, ClusteringKeyColumns, DefaultTimeToLive, EncryptionSpecification, KeyspaceName, PartitionKeyColumns, PointInTimeRecoveryEnabled, RegularColumns, ReplicaSpecifications, TableName, Tags |
| AWS::Cassandra::Type | Fields, KeyspaceName, TypeName |
| AWS::CertificateManager::Account | ExpiryEventsConfiguration |
| AWS::CertificateManager::Certificate | CertificateAuthorityArn, CertificateExport, CertificateTransparencyLoggingPreference, DomainName, DomainValidationOptions, KeyAlgorithm, SubjectAlternativeNames, Tags, ValidationMethod |
| AWS::Chatbot::CustomAction | ActionName, AliasName, Attachments, Definition, Tags |
| AWS::Chatbot::MicrosoftTeamsChannelConfiguration | ConfigurationName, CustomizationResourceArns, GuardrailPolicies, IamRoleArn, LoggingLevel, SnsTopicArns, Tags, TeamId, TeamsChannelId, TeamsChannelName, TeamsTenantId, UserRoleRequired |
| AWS::Chatbot::SlackChannelConfiguration | ConfigurationName, CustomizationResourceArns, GuardrailPolicies, IamRoleArn, LoggingLevel, SlackChannelId, SlackWorkspaceId, SnsTopicArns, Tags, UserRoleRequired |
| AWS::CleanRooms::AnalysisTemplate | AnalysisParameters, Description, Format, MembershipIdentifier, Name, Schema, Source, SourceMetadata, Tags |
| AWS::CleanRooms::Collaboration | AnalyticsEngine, CreatorDisplayName, CreatorMLMemberAbilities, CreatorMemberAbilities, CreatorPaymentConfiguration, DataEncryptionMetadata, Description, JobLogStatus, Members, Name, QueryLogStatus, Tags |
| AWS::CleanRooms::ConfiguredTable | AllowedColumns, AnalysisMethod, AnalysisRules, Description, Name, SelectedAnalysisMethods, TableReference, Tags |
| AWS::CleanRooms::ConfiguredTableAssociation | ConfiguredTableAssociationAnalysisRules, ConfiguredTableIdentifier, Description, MembershipIdentifier, Name, RoleArn, Tags |
| AWS::CleanRooms::IdMappingTable | Description, InputReferenceConfig, KmsKeyArn, MembershipIdentifier, Name, Tags |
| AWS::CleanRooms::IdNamespaceAssociation | Description, IdMappingConfig, InputReferenceConfig, MembershipIdentifier, Name, Tags |
| AWS::CleanRooms::Membership | CollaborationIdentifier, DefaultJobResultConfiguration, DefaultResultConfiguration, JobLogStatus, PaymentConfiguration, QueryLogStatus, Tags |
| AWS::CleanRooms::PrivacyBudgetTemplate | AutoRefresh, MembershipIdentifier, Parameters, PrivacyBudgetType, Tags |
| AWS::CleanRoomsML::TrainingDataset | Description, Name, RoleArn, Tags, TrainingData |
| AWS::Cloud9::EnvironmentEC2 | AutomaticStopTimeMinutes, ConnectionType, Description, ImageId, InstanceType, Name, OwnerArn, Repositories, SubnetId, Tags |
| AWS::CloudFormation::CustomResource | ServiceTimeout, ServiceToken |
| AWS::CloudFormation::GuardHook | Alias, ExecutionRole, FailureMode, HookStatus, LogBucket, Options, RuleLocation, StackFilters, TargetFilters, TargetOperations |
| AWS::CloudFormation::HookDefaultVersion | TypeName, TypeVersionArn, VersionId |
| AWS::CloudFormation::HookTypeConfig | Configuration, ConfigurationAlias, TypeArn, TypeName |
| AWS::CloudFormation::HookVersion | ExecutionRoleArn, LoggingConfig, SchemaHandlerPackage, TypeName |
| AWS::CloudFormation::LambdaHook | Alias, ExecutionRole, FailureMode, HookStatus, LambdaFunction, StackFilters, TargetFilters, TargetOperations |
| AWS::CloudFormation::Macro | Description, FunctionName, LogGroupName, LogRoleARN, Name |
| AWS::CloudFormation::ModuleDefaultVersion | Arn, ModuleName, VersionId |
| AWS::CloudFormation::ModuleVersion | ModuleName, ModulePackage |
| AWS::CloudFormation::PublicTypeVersion | Arn, LogDeliveryBucket, PublicVersionNumber, Type, TypeName |
| AWS::CloudFormation::Publisher | AcceptTermsAndConditions, ConnectionArn |
| AWS::CloudFormation::ResourceDefaultVersion | TypeName, TypeVersionArn, VersionId |
| AWS::CloudFormation::ResourceVersion | ExecutionRoleArn, LoggingConfig, SchemaHandlerPackage, TypeName |
| AWS::CloudFormation::Stack | NotificationARNs, Parameters, Tags, TemplateURL, TimeoutInMinutes |
| AWS::CloudFormation::StackSet | AdministrationRoleARN, AutoDeployment, CallAs, Capabilities, Description, ExecutionRoleName, ManagedExecution, OperationPreferences, Parameters, PermissionModel, StackInstancesGroup, StackSetName, Tags, TemplateBody, TemplateURL |
| AWS::CloudFormation::TypeActivation | AutoUpdate, ExecutionRoleArn, LoggingConfig, MajorVersion, PublicTypeArn, PublisherId, Type, TypeName, TypeNameAlias, VersionBump |
| AWS::CloudFormation::WaitCondition | Count, Handle, Timeout |
| AWS::CloudFormation::WaitConditionHandle | |
| AWS::CloudFront::AnycastIpList | IpCount, Name, Tags |
| AWS::CloudFront::CachePolicy | CachePolicyConfig |
| AWS::CloudFront::CloudFrontOriginAccessIdentity | CloudFrontOriginAccessIdentityConfig |
| AWS::CloudFront::ConnectionGroup | AnycastIpListId, Enabled, Ipv6Enabled, Name, Tags |
| AWS::CloudFront::ContinuousDeploymentPolicy | ContinuousDeploymentPolicyConfig |
| AWS::CloudFront::Distribution | DistributionConfig, Tags |
| AWS::CloudFront::DistributionTenant | ConnectionGroupId, Customizations, DistributionId, Domains, Enabled, ManagedCertificateRequest, Name, Parameters, Tags |
| AWS::CloudFront::Function | AutoPublish, FunctionCode, FunctionConfig, FunctionMetadata, Name |
| AWS::CloudFront::KeyGroup | KeyGroupConfig |
| AWS::CloudFront::KeyValueStore | Comment, ImportSource, Name |
| AWS::CloudFront::MonitoringSubscription | DistributionId, MonitoringSubscription |
| AWS::CloudFront::OriginAccessControl | OriginAccessControlConfig |
| AWS::CloudFront::OriginRequestPolicy | OriginRequestPolicyConfig |
| AWS::CloudFront::PublicKey | PublicKeyConfig |
| AWS::CloudFront::RealtimeLogConfig | EndPoints, Fields, Name, SamplingRate |
| AWS::CloudFront::ResponseHeadersPolicy | ResponseHeadersPolicyConfig |
| AWS::CloudFront::StreamingDistribution | StreamingDistributionConfig, Tags |
| AWS::CloudFront::VpcOrigin | Tags, VpcOriginEndpointConfig |
| AWS::CloudTrail::Channel | Destinations, Name, Source, Tags |
| AWS::CloudTrail::Dashboard | Name, RefreshSchedule, Tags, TerminationProtectionEnabled, Widgets |
| AWS::CloudTrail::EventDataStore | AdvancedEventSelectors, BillingMode, ContextKeySelectors, FederationEnabled, FederationRoleArn, IngestionEnabled, InsightSelectors, InsightsDestination, KmsKeyId, MaxEventSize, MultiRegionEnabled, Name, OrganizationEnabled, RetentionPeriod, Tags, TerminationProtectionEnabled |
| AWS::CloudTrail::ResourcePolicy | ResourceArn, ResourcePolicy |
| AWS::CloudTrail::Trail | AdvancedEventSelectors, CloudWatchLogsLogGroupArn, CloudWatchLogsRoleArn, EnableLogFileValidation, EventSelectors, IncludeGlobalServiceEvents, InsightSelectors, IsLogging, IsMultiRegionTrail, IsOrganizationTrail, KMSKeyId, S3BucketName, S3KeyPrefix, SnsTopicName, Tags, TrailName |
| AWS::CloudWatch::Alarm | ActionsEnabled, AlarmActions, AlarmDescription, AlarmName, ComparisonOperator, DatapointsToAlarm, Dimensions, EvaluateLowSampleCountPercentile, EvaluationPeriods, ExtendedStatistic, InsufficientDataActions, MetricName, Metrics, Namespace, OKActions, Period, Statistic, Tags, Threshold, ThresholdMetricId, TreatMissingData, Unit |
| AWS::CloudWatch::AnomalyDetector | Configuration, Dimensions, MetricCharacteristics, MetricMathAnomalyDetector, MetricName, Namespace, SingleMetricAnomalyDetector, Stat |
| AWS::CloudWatch::CompositeAlarm | ActionsEnabled, ActionsSuppressor, ActionsSuppressorExtensionPeriod, ActionsSuppressorWaitPeriod, AlarmActions, AlarmDescription, AlarmName, AlarmRule, InsufficientDataActions, OKActions, Tags |
| AWS::CloudWatch::Dashboard | DashboardBody, DashboardName |
| AWS::CloudWatch::InsightRule | ApplyOnTransformedLogs, RuleBody, RuleName, RuleState, Tags |
| AWS::CloudWatch::MetricStream | ExcludeFilters, FirehoseArn, IncludeFilters, IncludeLinkedAccountsMetrics, Name, OutputFormat, RoleArn, StatisticsConfigurations, Tags |
| AWS::CodeArtifact::Domain | DomainName, EncryptionKey, PermissionsPolicyDocument, Tags |
| AWS::CodeArtifact::PackageGroup | ContactInfo, Description, DomainName, DomainOwner, OriginConfiguration, Pattern, Tags |
| AWS::CodeArtifact::Repository | Description, DomainName, DomainOwner, ExternalConnections, PermissionsPolicyDocument, RepositoryName, Tags, Upstreams |
| AWS::CodeBuild::Fleet | BaseCapacity, ComputeConfiguration, ComputeType, EnvironmentType, FleetProxyConfiguration, FleetServiceRole, FleetVpcConfig, ImageId, Name, OverflowBehavior, ScalingConfiguration, Tags |
| AWS::CodeBuild::Project | Artifacts, AutoRetryLimit, BadgeEnabled, BuildBatchConfig, Cache, ConcurrentBuildLimit, Description, EncryptionKey, Environment, FileSystemLocations, LogsConfig, Name, QueuedTimeoutInMinutes, ResourceAccessRole, SecondaryArtifacts, SecondarySourceVersions, SecondarySources, ServiceRole, Source, SourceVersion, Tags, TimeoutInMinutes, Triggers, Visibility, VpcConfig |
| AWS::CodeBuild::ReportGroup | DeleteReports, ExportConfig, Name, Tags, Type |
| AWS::CodeBuild::SourceCredential | AuthType, ServerType, Token, Username |
| AWS::CodeCommit::Repository | Code, KmsKeyId, RepositoryDescription, RepositoryName, Tags, Triggers |
| AWS::CodeConnections::Connection | ConnectionName, HostArn, ProviderType, Tags |
| AWS::CodeDeploy::Application | ApplicationName, ComputePlatform, Tags |
| AWS::CodeDeploy::DeploymentConfig | ComputePlatform, DeploymentConfigName, MinimumHealthyHosts, TrafficRoutingConfig, ZonalConfig |
| AWS::CodeDeploy::DeploymentGroup | AlarmConfiguration, ApplicationName, AutoRollbackConfiguration, AutoScalingGroups, BlueGreenDeploymentConfiguration, Deployment, DeploymentConfigName, DeploymentGroupName, DeploymentStyle, ECSServices, Ec2TagFilters, Ec2TagSet, LoadBalancerInfo, OnPremisesInstanceTagFilters, OnPremisesTagSet, OutdatedInstancesStrategy, ServiceRoleArn, Tags, TerminationHookEnabled, TriggerConfigurations |
| AWS::CodeGuruProfiler::ProfilingGroup | AgentPermissions, AnomalyDetectionNotificationConfiguration, ComputePlatform, ProfilingGroupName, Tags |
| AWS::CodeGuruReviewer::RepositoryAssociation | BucketName, ConnectionArn, Name, Owner, Tags, Type |
| AWS::CodePipeline::CustomActionType | Category, ConfigurationProperties, InputArtifactDetails, OutputArtifactDetails, Provider, Settings, Tags, Version |
| AWS::CodePipeline::Pipeline | ArtifactStore, ArtifactStores, DisableInboundStageTransitions, ExecutionMode, Name, PipelineType, RestartExecutionOnUpdate, RoleArn, Stages, Tags, Triggers, Variables |
| AWS::CodePipeline::Webhook | Authentication, AuthenticationConfiguration, Filters, Name, RegisterWithThirdParty, TargetAction, TargetPipeline, TargetPipelineVersion |
| AWS::CodeStar::GitHubRepository | Code, ConnectionArn, EnableIssues, IsPrivate, RepositoryAccessToken, RepositoryDescription, RepositoryName, RepositoryOwner |
| AWS::CodeStarConnections::Connection | ConnectionName, HostArn, ProviderType, Tags |
| AWS::CodeStarConnections::RepositoryLink | ConnectionArn, EncryptionKeyArn, OwnerId, RepositoryName, Tags |
| AWS::CodeStarConnections::SyncConfiguration | Branch, ConfigFile, PublishDeploymentStatus, RepositoryLinkId, ResourceName, RoleArn, SyncType, TriggerResourceUpdateOn |
| AWS::CodeStarNotifications::NotificationRule | CreatedBy, DetailType, EventTypeId, EventTypeIds, Name, Resource, Status, Tags, TargetAddress, Targets |
| AWS::Cognito::IdentityPool | AllowClassicFlow, AllowUnauthenticatedIdentities, CognitoEvents, CognitoIdentityProviders, CognitoStreams, DeveloperProviderName, IdentityPoolName, IdentityPoolTags, OpenIdConnectProviderARNs, PushSync, SamlProviderARNs, SupportedLoginProviders |
| AWS::Cognito::IdentityPoolPrincipalTag | IdentityPoolId, IdentityProviderName, PrincipalTags, UseDefaults |
| AWS::Cognito::IdentityPoolRoleAttachment | IdentityPoolId, RoleMappings, Roles |
| AWS::Cognito::LogDeliveryConfiguration | LogConfigurations, UserPoolId |
| AWS::Cognito::ManagedLoginBranding | Assets, ClientId, ReturnMergedResources, Settings, UseCognitoProvidedValues, UserPoolId |
| AWS::Cognito::UserPool | AccountRecoverySetting, AdminCreateUserConfig, AliasAttributes, AutoVerifiedAttributes, DeletionProtection, DeviceConfiguration, EmailAuthenticationMessage, EmailAuthenticationSubject, EmailConfiguration, EmailVerificationMessage, EmailVerificationSubject, EnabledMfas, LambdaConfig, MfaConfiguration, Policies, Schema, SmsAuthenticationMessage, SmsConfiguration, SmsVerificationMessage, UserAttributeUpdateSettings, UserPoolAddOns, UserPoolName, UserPoolTags, UserPoolTier, UsernameAttributes, UsernameConfiguration, VerificationMessageTemplate, WebAuthnRelyingPartyID, WebAuthnUserVerification |
| AWS::Cognito::UserPoolClient | AccessTokenValidity, AllowedOAuthFlows, AllowedOAuthFlowsUserPoolClient, AllowedOAuthScopes, AnalyticsConfiguration, AuthSessionValidity, CallbackURLs, ClientName, DefaultRedirectURI, EnablePropagateAdditionalUserContextData, EnableTokenRevocation, ExplicitAuthFlows, GenerateSecret, IdTokenValidity, LogoutURLs, PreventUserExistenceErrors, ReadAttributes, RefreshTokenRotation, RefreshTokenValidity, SupportedIdentityProviders, TokenValidityUnits, UserPoolId, WriteAttributes |
| AWS::Cognito::UserPoolDomain | CustomDomainConfig, Domain, ManagedLoginVersion, UserPoolId |
| AWS::Cognito::UserPoolGroup | Description, GroupName, Precedence, RoleArn, UserPoolId |
| AWS::Cognito::UserPoolIdentityProvider | AttributeMapping, IdpIdentifiers, ProviderDetails, ProviderName, ProviderType, UserPoolId |
| AWS::Cognito::UserPoolResourceServer | Identifier, Name, Scopes, UserPoolId |
| AWS::Cognito::UserPoolRiskConfigurationAttachment | AccountTakeoverRiskConfiguration, ClientId, CompromisedCredentialsRiskConfiguration, RiskExceptionConfiguration, UserPoolId |
| AWS::Cognito::UserPoolUICustomizationAttachment | CSS, ClientId, UserPoolId |
| AWS::Cognito::UserPoolUser | ClientMetadata, DesiredDeliveryMediums, ForceAliasCreation, MessageAction, UserAttributes, UserPoolId, Username, ValidationData |
| AWS::Cognito::UserPoolUserToGroupAttachment | GroupName, UserPoolId, Username |
| AWS::Comprehend::DocumentClassifier | DataAccessRoleArn, DocumentClassifierName, InputDataConfig, LanguageCode, Mode, ModelKmsKeyId, ModelPolicy, OutputDataConfig, Tags, VersionName, VolumeKmsKeyId, VpcConfig |
| AWS::Comprehend::Flywheel | ActiveModelArn, DataAccessRoleArn, DataLakeS3Uri, DataSecurityConfig, FlywheelName, ModelType, Tags, TaskConfig |
| AWS::Config::AggregationAuthorization | AuthorizedAccountId, AuthorizedAwsRegion, Tags |
| AWS::Config::ConfigRule | Compliance, ConfigRuleName, Description, EvaluationModes, InputParameters, MaximumExecutionFrequency, Scope, Source |
| AWS::Config::ConfigurationAggregator | AccountAggregationSources, ConfigurationAggregatorName, OrganizationAggregationSource, Tags |
| AWS::Config::ConfigurationRecorder | Name, RecordingGroup, RecordingMode, RoleARN |
| AWS::Config::ConformancePack | ConformancePackInputParameters, ConformancePackName, DeliveryS3Bucket, DeliveryS3KeyPrefix, TemplateBody, TemplateS3Uri, TemplateSSMDocumentDetails |
| AWS::Config::DeliveryChannel | ConfigSnapshotDeliveryProperties, Name, S3BucketName, S3KeyPrefix, S3KmsKeyArn, SnsTopicARN |
| AWS::Config::OrganizationConfigRule | ExcludedAccounts, OrganizationConfigRuleName, OrganizationCustomPolicyRuleMetadata, OrganizationCustomRuleMetadata, OrganizationManagedRuleMetadata |
| AWS::Config::OrganizationConformancePack | ConformancePackInputParameters, DeliveryS3Bucket, DeliveryS3KeyPrefix, ExcludedAccounts, OrganizationConformancePackName, TemplateBody, TemplateS3Uri |
| AWS::Config::RemediationConfiguration | Automatic, ConfigRuleName, ExecutionControls, MaximumAutomaticAttempts, Parameters, ResourceType, RetryAttemptSeconds, TargetId, TargetType, TargetVersion |
| AWS::Config::StoredQuery | QueryDescription, QueryExpression, QueryName, Tags |
| AWS::Connect::AgentStatus | Description, DisplayOrder, InstanceArn, Name, ResetOrderNumber, State, Tags, Type |
| AWS::Connect::ApprovedOrigin | InstanceId, Origin |
| AWS::Connect::ContactFlow | Content, Description, InstanceArn, Name, State, Tags, Type |
| AWS::Connect::ContactFlowModule | Content, Description, InstanceArn, Name, State, Tags |
| AWS::Connect::ContactFlowVersion | ContactFlowId, Description |
| AWS::Connect::EmailAddress | Description, DisplayName, EmailAddress, InstanceArn, Tags |
| AWS::Connect::EvaluationForm | AutoEvaluationConfiguration, Description, InstanceArn, Items, ScoringStrategy, Status, Tags, Title |
| AWS::Connect::HoursOfOperation | Config, Description, HoursOfOperationOverrides, InstanceArn, Name, Tags, TimeZone |
| AWS::Connect::Instance | Attributes, DirectoryId, IdentityManagementType, InstanceAlias, Tags |
| AWS::Connect::InstanceStorageConfig | InstanceArn, KinesisFirehoseConfig, KinesisStreamConfig, KinesisVideoStreamConfig, ResourceType, S3Config, StorageType |
| AWS::Connect::IntegrationAssociation | InstanceId, IntegrationArn, IntegrationType |
| AWS::Connect::PhoneNumber | CountryCode, Description, Prefix, SourcePhoneNumberArn, Tags, TargetArn, Type |
| AWS::Connect::PredefinedAttribute | InstanceArn, Name, Values |
| AWS::Connect::Prompt | Description, InstanceArn, Name, S3Uri, Tags |
| AWS::Connect::Queue | Description, HoursOfOperationArn, InstanceArn, MaxContacts, Name, OutboundCallerConfig, OutboundEmailConfig, QuickConnectArns, Status, Tags |
| AWS::Connect::QuickConnect | Description, InstanceArn, Name, QuickConnectConfig, Tags |
| AWS::Connect::RoutingProfile | AgentAvailabilityTimer, DefaultOutboundQueueArn, Description, InstanceArn, MediaConcurrencies, Name, QueueConfigs, Tags |
| AWS::Connect::Rule | Actions, Function, InstanceArn, Name, PublishStatus, Tags, TriggerEventSource |
| AWS::Connect::SecurityKey | InstanceId, Key |
| AWS::Connect::SecurityProfile | AllowedAccessControlHierarchyGroupId, AllowedAccessControlTags, Applications, Description, HierarchyRestrictedResources, InstanceArn, Permissions, SecurityProfileName, TagRestrictedResources, Tags |
| AWS::Connect::TaskTemplate | ClientToken, Constraints, ContactFlowArn, Defaults, Description, Fields, InstanceArn, Name, SelfAssignContactFlowArn, Status, Tags |
| AWS::Connect::TrafficDistributionGroup | Description, InstanceArn, Name, Tags |
| AWS::Connect::User | DirectoryUserId, HierarchyGroupArn, IdentityInfo, InstanceArn, Password, PhoneConfig, RoutingProfileArn, SecurityProfileArns, Tags, UserProficiencies, Username |
| AWS::Connect::UserHierarchyGroup | InstanceArn, Name, ParentGroupArn, Tags |
| AWS::Connect::UserHierarchyStructure | InstanceArn, UserHierarchyStructure |
| AWS::Connect::View | Actions, Description, InstanceArn, Name, Tags, Template |
| AWS::Connect::ViewVersion | VersionDescription, ViewArn, ViewContentSha256 |
| AWS::ConnectCampaigns::Campaign | ConnectInstanceArn, DialerConfig, Name, OutboundCallConfig, Tags |
| AWS::ConnectCampaignsV2::Campaign | ChannelSubtypeConfig, CommunicationLimitsOverride, CommunicationTimeConfig, ConnectCampaignFlowArn, ConnectInstanceId, Name, Schedule, Source, Tags |
| AWS::ControlTower::EnabledBaseline | BaselineIdentifier, BaselineVersion, Parameters, Tags, TargetIdentifier |
| AWS::ControlTower::EnabledControl | ControlIdentifier, Parameters, Tags, TargetIdentifier |
| AWS::ControlTower::LandingZone | Manifest, Tags, Version |
| AWS::CustomerProfiles::CalculatedAttributeDefinition | AttributeDetails, CalculatedAttributeName, Conditions, Description, DisplayName, DomainName, Statistic, Tags, UseHistoricalData |
| AWS::CustomerProfiles::Domain | DeadLetterQueueUrl, DefaultEncryptionKey, DefaultExpirationDays, DomainName, Matching, RuleBasedMatching, Tags |
| AWS::CustomerProfiles::EventStream | DomainName, EventStreamName, Tags, Uri |
| AWS::CustomerProfiles::EventTrigger | Description, DomainName, EventTriggerConditions, EventTriggerLimits, EventTriggerName, ObjectTypeName, SegmentFilter, Tags |
| AWS::CustomerProfiles::Integration | DomainName, EventTriggerNames, FlowDefinition, ObjectTypeName, ObjectTypeNames, Tags, Uri |
| AWS::CustomerProfiles::ObjectType | AllowProfileCreation, Description, DomainName, EncryptionKey, ExpirationDays, Fields, Keys, MaxProfileObjectCount, ObjectTypeName, SourceLastUpdatedTimestampFormat, Tags, TemplateId |
| AWS::CustomerProfiles::SegmentDefinition | Description, DisplayName, DomainName, SegmentDefinitionName, SegmentGroups, Tags |
| AWS::DAX::Cluster | AvailabilityZones, ClusterEndpointEncryptionType, ClusterName, Description, IAMRoleARN, NetworkType, NodeType, NotificationTopicARN, ParameterGroupName, PreferredMaintenanceWindow, ReplicationFactor, SSESpecification, SecurityGroupIds, SubnetGroupName, Tags |
| AWS::DAX::ParameterGroup | Description, ParameterGroupName, ParameterNameValues |
| AWS::DAX::SubnetGroup | Description, SubnetGroupName, SubnetIds |
| AWS::DLM::LifecyclePolicy | CopyTags, CreateInterval, CrossRegionCopyTargets, DefaultPolicy, Description, Exclusions, ExecutionRoleArn, ExtendDeletion, PolicyDetails, RetainInterval, State, Tags |
| AWS::DMS::Certificate | CertificateIdentifier, CertificatePem, CertificateWallet |
| AWS::DMS::DataMigration | DataMigrationIdentifier, DataMigrationName, DataMigrationSettings, DataMigrationType, MigrationProjectIdentifier, ServiceAccessRoleArn, SourceDataSettings, Tags |
| AWS::DMS::DataProvider | DataProviderIdentifier, DataProviderName, Description, Engine, ExactSettings, Settings, Tags |
| AWS::DMS::Endpoint | CertificateArn, DatabaseName, DocDbSettings, DynamoDbSettings, ElasticsearchSettings, EndpointIdentifier, EndpointType, EngineName, ExtraConnectionAttributes, GcpMySQLSettings, IbmDb2Settings, KafkaSettings, KinesisSettings, KmsKeyId, MicrosoftSqlServerSettings, MongoDbSettings, MySqlSettings, NeptuneSettings, OracleSettings, Password, Port, PostgreSqlSettings, RedisSettings, RedshiftSettings, ResourceIdentifier, S3Settings, ServerName, SslMode, SybaseSettings, Tags, Username |
| AWS::DMS::EventSubscription | Enabled, EventCategories, SnsTopicArn, SourceIds, SourceType, SubscriptionName, Tags |
| AWS::DMS::InstanceProfile | AvailabilityZone, Description, InstanceProfileIdentifier, InstanceProfileName, KmsKeyArn, NetworkType, PubliclyAccessible, SubnetGroupIdentifier, Tags, VpcSecurityGroups |
| AWS::DMS::MigrationProject | Description, InstanceProfileArn, InstanceProfileIdentifier, InstanceProfileName, MigrationProjectIdentifier, MigrationProjectName, SchemaConversionApplicationAttributes, SourceDataProviderDescriptors, Tags, TargetDataProviderDescriptors, TransformationRules |
| AWS::DMS::ReplicationConfig | ComputeConfig, ReplicationConfigIdentifier, ReplicationSettings, ReplicationType, ResourceIdentifier, SourceEndpointArn, SupplementalSettings, TableMappings, Tags, TargetEndpointArn |
| AWS::DMS::ReplicationInstance | AllocatedStorage, AllowMajorVersionUpgrade, AutoMinorVersionUpgrade, AvailabilityZone, DnsNameServers, EngineVersion, KmsKeyId, MultiAZ, NetworkType, PreferredMaintenanceWindow, PubliclyAccessible, ReplicationInstanceClass, ReplicationInstanceIdentifier, ReplicationSubnetGroupIdentifier, ResourceIdentifier, Tags, VpcSecurityGroupIds |
| AWS::DMS::ReplicationSubnetGroup | ReplicationSubnetGroupDescription, ReplicationSubnetGroupIdentifier, SubnetIds, Tags |
| AWS::DMS::ReplicationTask | CdcStartPosition, CdcStartTime, CdcStopPosition, MigrationType, ReplicationInstanceArn, ReplicationTaskIdentifier, ReplicationTaskSettings, ResourceIdentifier, SourceEndpointArn, TableMappings, Tags, TargetEndpointArn, TaskData |
| AWS::DSQL::Cluster | DeletionProtectionEnabled, KmsEncryptionKey, MultiRegionProperties, Tags |
| AWS::DataBrew::Dataset | Format, FormatOptions, Input, Name, PathOptions, Source, Tags |
| AWS::DataBrew::Job | DataCatalogOutputs, DatabaseOutputs, DatasetName, EncryptionKeyArn, EncryptionMode, JobSample, LogSubscription, MaxCapacity, MaxRetries, Name, OutputLocation, Outputs, ProfileConfiguration, ProjectName, Recipe, RoleArn, Tags, Timeout, Type, ValidationConfigurations |
| AWS::DataBrew::Project | DatasetName, Name, RecipeName, RoleArn, Sample, Tags |
| AWS::DataBrew::Recipe | Description, Name, Steps, Tags |
| AWS::DataBrew::Ruleset | Description, Name, Rules, Tags, TargetArn |
| AWS::DataBrew::Schedule | CronExpression, JobNames, Name, Tags |
| AWS::DataPipeline::Pipeline | Activate, Description, Name, ParameterObjects, ParameterValues, PipelineObjects, PipelineTags |
| AWS::DataSync::Agent | ActivationKey, AgentName, SecurityGroupArns, SubnetArns, Tags, VpcEndpointId |
| AWS::DataSync::LocationAzureBlob | AgentArns, AzureAccessTier, AzureBlobAuthenticationType, AzureBlobContainerUrl, AzureBlobSasConfiguration, AzureBlobType, CmkSecretConfig, CustomSecretConfig, Subdirectory, Tags |
| AWS::DataSync::LocationEFS | AccessPointArn, Ec2Config, EfsFilesystemArn, FileSystemAccessRoleArn, InTransitEncryption, Subdirectory, Tags |
| AWS::DataSync::LocationFSxLustre | FsxFilesystemArn, SecurityGroupArns, Subdirectory, Tags |
| AWS::DataSync::LocationFSxONTAP | Protocol, SecurityGroupArns, StorageVirtualMachineArn, Subdirectory, Tags |
| AWS::DataSync::LocationFSxOpenZFS | FsxFilesystemArn, Protocol, SecurityGroupArns, Subdirectory, Tags |
| AWS::DataSync::LocationFSxWindows | Domain, FsxFilesystemArn, Password, SecurityGroupArns, Subdirectory, Tags, User |
| AWS::DataSync::LocationHDFS | AgentArns, AuthenticationType, BlockSize, KerberosKeytab, KerberosKrb5Conf, KerberosPrincipal, KmsKeyProviderUri, NameNodes, QopConfiguration, ReplicationFactor, SimpleUser, Subdirectory, Tags |
| AWS::DataSync::LocationNFS | MountOptions, OnPremConfig, ServerHostname, Subdirectory, Tags |
| AWS::DataSync::LocationObjectStorage | AccessKey, AgentArns, BucketName, CmkSecretConfig, CustomSecretConfig, SecretKey, ServerCertificate, ServerHostname, ServerPort, ServerProtocol, Subdirectory, Tags |
| AWS::DataSync::LocationS3 | S3BucketArn, S3Config, S3StorageClass, Subdirectory, Tags |
| AWS::DataSync::LocationSMB | AgentArns, AuthenticationType, DnsIpAddresses, Domain, KerberosKeytab, KerberosKrb5Conf, KerberosPrincipal, MountOptions, Password, ServerHostname, Subdirectory, Tags, User |
| AWS::DataSync::Task | CloudWatchLogGroupArn, DestinationLocationArn, Excludes, Includes, ManifestConfig, Name, Options, Schedule, SourceLocationArn, Tags, TaskMode, TaskReportConfig |
| AWS::DataZone::Connection | AwsLocation, Description, DomainIdentifier, EnvironmentIdentifier, Name, Props |
| AWS::DataZone::DataSource | AssetFormsInput, Configuration, ConnectionIdentifier, Description, DomainIdentifier, EnableSetting, EnvironmentIdentifier, Name, ProjectIdentifier, PublishOnImport, Recommendation, Schedule, Type |
| AWS::DataZone::Domain | Description, DomainExecutionRole, DomainVersion, KmsKeyIdentifier, Name, ServiceRole, SingleSignOn, Tags |
| AWS::DataZone::DomainUnit | Description, DomainIdentifier, Name, ParentDomainUnitIdentifier |
| AWS::DataZone::Environment | Description, DomainIdentifier, EnvironmentAccountIdentifier, EnvironmentAccountRegion, EnvironmentProfileIdentifier, EnvironmentRoleArn, GlossaryTerms, Name, ProjectIdentifier, UserParameters |
| AWS::DataZone::EnvironmentActions | Description, DomainIdentifier, EnvironmentIdentifier, Identifier, Name, Parameters |
| AWS::DataZone::EnvironmentBlueprintConfiguration | DomainIdentifier, EnabledRegions, EnvironmentBlueprintIdentifier, EnvironmentRolePermissionBoundary, ManageAccessRoleArn, ProvisioningConfigurations, ProvisioningRoleArn, RegionalParameters |
| AWS::DataZone::EnvironmentProfile | AwsAccountId, AwsAccountRegion, Description, DomainIdentifier, EnvironmentBlueprintIdentifier, Name, ProjectIdentifier, UserParameters |
| AWS::DataZone::GroupProfile | DomainIdentifier, GroupIdentifier, Status |
| AWS::DataZone::Owner | DomainIdentifier, EntityIdentifier, EntityType, Owner |
| AWS::DataZone::Project | Description, DomainIdentifier, DomainUnitId, GlossaryTerms, Name, ProjectProfileId, ProjectProfileVersion, UserParameters |
| AWS::DataZone::ProjectMembership | Designation, DomainIdentifier, Member, ProjectIdentifier |
| AWS::DataZone::ProjectProfile | Description, DomainIdentifier, DomainUnitIdentifier, EnvironmentConfigurations, Name, Status |
| AWS::DataZone::SubscriptionTarget | ApplicableAssetTypes, AuthorizedPrincipals, DomainIdentifier, EnvironmentIdentifier, ManageAccessRole, Name, Provider, SubscriptionTargetConfig, Type |
| AWS::DataZone::UserProfile | DomainIdentifier, Status, UserIdentifier, UserType |
| AWS::Deadline::Farm | Description, DisplayName, KmsKeyArn, Tags |
| AWS::Deadline::Fleet | Configuration, Description, DisplayName, FarmId, HostConfiguration, MaxWorkerCount, MinWorkerCount, RoleArn, Tags |
| AWS::Deadline::LicenseEndpoint | SecurityGroupIds, SubnetIds, Tags, VpcId |
| AWS::Deadline::Limit | AmountRequirementName, Description, DisplayName, FarmId, MaxCount |
| AWS::Deadline::MeteredProduct | LicenseEndpointId, ProductId |
| AWS::Deadline::Monitor | DisplayName, IdentityCenterInstanceArn, RoleArn, Subdomain, Tags |
| AWS::Deadline::Queue | AllowedStorageProfileIds, DefaultBudgetAction, Description, DisplayName, FarmId, JobAttachmentSettings, JobRunAsUser, RequiredFileSystemLocationNames, RoleArn, Tags |
| AWS::Deadline::QueueEnvironment | FarmId, Priority, QueueId, Template, TemplateType |
| AWS::Deadline::QueueFleetAssociation | FarmId, FleetId, QueueId |
| AWS::Deadline::QueueLimitAssociation | FarmId, LimitId, QueueId |
| AWS::Deadline::StorageProfile | DisplayName, FarmId, FileSystemLocations, OsFamily |
| AWS::Detective::Graph | AutoEnableMembers, Tags |
| AWS::Detective::MemberInvitation | DisableEmailNotification, GraphArn, MemberEmailAddress, MemberId, Message |
| AWS::Detective::OrganizationAdmin | AccountId |
| AWS::DevOpsGuru::LogAnomalyDetectionIntegration | |
| AWS::DevOpsGuru::NotificationChannel | Config |
| AWS::DevOpsGuru::ResourceCollection | ResourceCollectionFilter |
| AWS::DirectoryService::MicrosoftAD | CreateAlias, Edition, EnableSso, Name, Password, ShortName, VpcSettings |
| AWS::DirectoryService::SimpleAD | CreateAlias, Description, EnableSso, Name, Password, ShortName, Size, VpcSettings |
| AWS::DocDB::DBCluster | AvailabilityZones, BackupRetentionPeriod, CopyTagsToSnapshot, DBClusterIdentifier, DBClusterParameterGroupName, DBSubnetGroupName, DeletionProtection, EnableCloudwatchLogsExports, EngineVersion, GlobalClusterIdentifier, KmsKeyId, ManageMasterUserPassword, MasterUserPassword, MasterUserSecretKmsKeyId, MasterUsername, NetworkType, Port, PreferredBackupWindow, PreferredMaintenanceWindow, RestoreToTime, RestoreType, RotateMasterUserPassword, ServerlessV2ScalingConfiguration, SnapshotIdentifier, SourceDBClusterIdentifier, StorageEncrypted, StorageType, Tags, UseLatestRestorableTime, VpcSecurityGroupIds |
| AWS::DocDB::DBClusterParameterGroup | Description, Family, Name, Parameters, Tags |
| AWS::DocDB::DBInstance | AutoMinorVersionUpgrade, AvailabilityZone, CACertificateIdentifier, CertificateRotationRestart, DBClusterIdentifier, DBInstanceClass, DBInstanceIdentifier, EnablePerformanceInsights, PreferredMaintenanceWindow, Tags |
| AWS::DocDB::DBSubnetGroup | DBSubnetGroupDescription, DBSubnetGroupName, SubnetIds, Tags |
| AWS::DocDB::EventSubscription | Enabled, EventCategories, SnsTopicArn, SourceIds, SourceType, SubscriptionName |
| AWS::DocDBElastic::Cluster | AdminUserName, AdminUserPassword, AuthType, BackupRetentionPeriod, ClusterName, KmsKeyId, PreferredBackupWindow, PreferredMaintenanceWindow, ShardCapacity, ShardCount, ShardInstanceCount, SubnetIds, Tags, VpcSecurityGroupIds |
| AWS::DynamoDB::GlobalTable | AttributeDefinitions, BillingMode, GlobalSecondaryIndexes, GlobalTableWitnesses, KeySchema, LocalSecondaryIndexes, MultiRegionConsistency, Replicas, SSESpecification, StreamSpecification, TableName, TimeToLiveSpecification, WarmThroughput, WriteOnDemandThroughputSettings, WriteProvisionedThroughputSettings |
| AWS::DynamoDB::Table | AttributeDefinitions, BillingMode, ContributorInsightsSpecification, DeletionProtectionEnabled, GlobalSecondaryIndexes, ImportSourceSpecification, KeySchema, KinesisStreamSpecification, LocalSecondaryIndexes, OnDemandThroughput, PointInTimeRecoverySpecification, ProvisionedThroughput, ResourcePolicy, SSESpecification, StreamSpecification, TableClass, TableName, Tags, TimeToLiveSpecification, WarmThroughput |
| AWS::EC2::CapacityReservation | AvailabilityZone, AvailabilityZoneId, EbsOptimized, EndDate, EndDateType, EphemeralStorage, InstanceCount, InstanceMatchCriteria, InstancePlatform, InstanceType, OutPostArn, PlacementGroupArn, TagSpecifications, Tenancy, UnusedReservationBillingOwnerId |
| AWS::EC2::CapacityReservationFleet | AllocationStrategy, EndDate, InstanceMatchCriteria, InstanceTypeSpecifications, NoRemoveEndDate, RemoveEndDate, TagSpecifications, Tenancy, TotalTargetCapacity |
| AWS::EC2::CarrierGateway | Tags, VpcId |
| AWS::EC2::ClientVpnAuthorizationRule | AccessGroupId, AuthorizeAllGroups, ClientVpnEndpointId, Description, TargetNetworkCidr |
| AWS::EC2::ClientVpnEndpoint | AuthenticationOptions, ClientCidrBlock, ClientConnectOptions, ClientLoginBannerOptions, ClientRouteEnforcementOptions, ConnectionLogOptions, Description, DisconnectOnSessionTimeout, DnsServers, SecurityGroupIds, SelfServicePortal, ServerCertificateArn, SessionTimeoutHours, SplitTunnel, TagSpecifications, TransportProtocol, VpcId, VpnPort |
| AWS::EC2::ClientVpnRoute | ClientVpnEndpointId, Description, DestinationCidrBlock, TargetVpcSubnetId |
| AWS::EC2::ClientVpnTargetNetworkAssociation | ClientVpnEndpointId, SubnetId |
| AWS::EC2::CustomerGateway | BgpAsn, BgpAsnExtended, CertificateArn, DeviceName, IpAddress, Tags, Type |
| AWS::EC2::DHCPOptions | DomainName, DomainNameServers, Ipv6AddressPreferredLeaseTime, NetbiosNameServers, NetbiosNodeType, NtpServers, Tags |
| AWS::EC2::EC2Fleet | Context, ExcessCapacityTerminationPolicy, LaunchTemplateConfigs, OnDemandOptions, ReplaceUnhealthyInstances, SpotOptions, TagSpecifications, TargetCapacitySpecification, TerminateInstancesWithExpiration, Type, ValidFrom, ValidUntil |
| AWS::EC2::EIP | Address, Domain, InstanceId, IpamPoolId, NetworkBorderGroup, PublicIpv4Pool, Tags, TransferAddress |
| AWS::EC2::EIPAssociation | AllocationId, InstanceId, NetworkInterfaceId, PrivateIpAddress |
| AWS::EC2::EgressOnlyInternetGateway | Tags, VpcId |
| AWS::EC2::EnclaveCertificateIamRoleAssociation | CertificateArn, RoleArn |
| AWS::EC2::FlowLog | DeliverCrossAccountRole, DeliverLogsPermissionArn, DestinationOptions, LogDestination, LogDestinationType, LogFormat, LogGroupName, MaxAggregationInterval, ResourceId, ResourceType, Tags, TrafficType |
| AWS::EC2::GatewayRouteTableAssociation | GatewayId, RouteTableId |
| AWS::EC2::Host | AssetId, AutoPlacement, AvailabilityZone, HostMaintenance, HostRecovery, InstanceFamily, InstanceType, OutpostArn, Tags |
| AWS::EC2::IPAM | DefaultResourceDiscoveryOrganizationalUnitExclusions, Description, EnablePrivateGua, MeteredAccount, OperatingRegions, Tags, Tier |
| AWS::EC2::IPAMAllocation | Cidr, Description, IpamPoolId, NetmaskLength |
| AWS::EC2::IPAMPool | AddressFamily, AllocationDefaultNetmaskLength, AllocationMaxNetmaskLength, AllocationMinNetmaskLength, AllocationResourceTags, AutoImport, AwsService, Description, IpamScopeId, Locale, ProvisionedCidrs, PublicIpSource, PubliclyAdvertisable, SourceIpamPoolId, SourceResource, Tags |
| AWS::EC2::IPAMPoolCidr | Cidr, IpamPoolId, NetmaskLength |
| AWS::EC2::IPAMResourceDiscovery | Description, OperatingRegions, OrganizationalUnitExclusions, Tags |
| AWS::EC2::IPAMResourceDiscoveryAssociation | IpamId, IpamResourceDiscoveryId, Tags |
| AWS::EC2::IPAMScope | Description, IpamId, Tags |
| AWS::EC2::Instance | AdditionalInfo, Affinity, AvailabilityZone, BlockDeviceMappings, CpuOptions, CreditSpecification, DisableApiTermination, EbsOptimized, ElasticGpuSpecifications, ElasticInferenceAccelerators, EnclaveOptions, HibernationOptions, HostId, HostResourceGroupArn, IamInstanceProfile, ImageId, InstanceInitiatedShutdownBehavior, InstanceType, Ipv6AddressCount, Ipv6Addresses, KernelId, KeyName, LaunchTemplate, LicenseSpecifications, MetadataOptions, Monitoring, NetworkInterfaces, PlacementGroupName, PrivateDnsNameOptions, PrivateIpAddress, PropagateTagsToVolumeOnCreation, RamdiskId, SecurityGroupIds, SecurityGroups, SourceDestCheck, SsmAssociations, SubnetId, Tags, Tenancy, UserData, Volumes |
| AWS::EC2::InstanceConnectEndpoint | ClientToken, PreserveClientIp, SecurityGroupIds, SubnetId, Tags |
| AWS::EC2::InternetGateway | Tags |
| AWS::EC2::IpPoolRouteTableAssociation | PublicIpv4Pool, RouteTableId |
| AWS::EC2::KeyPair | KeyFormat, KeyName, KeyType, PublicKeyMaterial, Tags |
| AWS::EC2::LaunchTemplate | LaunchTemplateData, LaunchTemplateName, TagSpecifications, VersionDescription |
| AWS::EC2::LocalGatewayRoute | DestinationCidrBlock, LocalGatewayRouteTableId, LocalGatewayVirtualInterfaceGroupId, NetworkInterfaceId |
| AWS::EC2::LocalGatewayRouteTable | LocalGatewayId, Mode, Tags |
| AWS::EC2::LocalGatewayRouteTableVPCAssociation | LocalGatewayRouteTableId, Tags, VpcId |
| AWS::EC2::NatGateway | AllocationId, ConnectivityType, MaxDrainDurationSeconds, PrivateIpAddress, SecondaryAllocationIds, SecondaryPrivateIpAddressCount, SecondaryPrivateIpAddresses, SubnetId, Tags |
| AWS::EC2::NetworkAcl | Tags, VpcId |
| AWS::EC2::NetworkAclEntry | CidrBlock, Egress, Icmp, Ipv6CidrBlock, NetworkAclId, PortRange, Protocol, RuleAction, RuleNumber |
| AWS::EC2::NetworkInsightsAccessScope | ExcludePaths, MatchPaths, Tags |
| AWS::EC2::NetworkInsightsAccessScopeAnalysis | NetworkInsightsAccessScopeId, Tags |
| AWS::EC2::NetworkInsightsAnalysis | AdditionalAccounts, FilterInArns, FilterOutArns, NetworkInsightsPathId, Tags |
| AWS::EC2::NetworkInsightsPath | Destination, DestinationIp, DestinationPort, FilterAtDestination, FilterAtSource, Protocol, Source, SourceIp, Tags |
| AWS::EC2::NetworkInterface | ConnectionTrackingSpecification, Description, GroupSet, InterfaceType, Ipv4PrefixCount, Ipv4Prefixes, Ipv6AddressCount, Ipv6Addresses, Ipv6PrefixCount, Ipv6Prefixes, PrivateIpAddress, PrivateIpAddresses, SecondaryPrivateIpAddressCount, SourceDestCheck, SubnetId, Tags |
| AWS::EC2::NetworkInterfaceAttachment | DeleteOnTermination, DeviceIndex, EnaSrdSpecification, InstanceId, NetworkInterfaceId |
| AWS::EC2::NetworkInterfacePermission | AwsAccountId, NetworkInterfaceId, Permission |
| AWS::EC2::NetworkPerformanceMetricSubscription | Destination, Metric, Source, Statistic |
| AWS::EC2::PlacementGroup | PartitionCount, SpreadLevel, Strategy, Tags |
| AWS::EC2::PrefixList | AddressFamily, Entries, MaxEntries, PrefixListName, Tags |
| AWS::EC2::Route | CarrierGatewayId, CoreNetworkArn, DestinationCidrBlock, DestinationIpv6CidrBlock, DestinationPrefixListId, EgressOnlyInternetGatewayId, GatewayId, InstanceId, LocalGatewayId, NatGatewayId, NetworkInterfaceId, RouteTableId, TransitGatewayId, VpcEndpointId, VpcPeeringConnectionId |
| AWS::EC2::RouteServer | AmazonSideAsn, PersistRoutes, PersistRoutesDuration, SnsNotificationsEnabled, Tags |
| AWS::EC2::RouteServerAssociation | RouteServerId, VpcId |
| AWS::EC2::RouteServerEndpoint | RouteServerId, SubnetId, Tags |
| AWS::EC2::RouteServerPeer | BgpOptions, PeerAddress, RouteServerEndpointId, Tags |
| AWS::EC2::RouteServerPropagation | RouteServerId, RouteTableId |
| AWS::EC2::RouteTable | Tags, VpcId |
| AWS::EC2::SecurityGroup | GroupDescription, GroupName, SecurityGroupEgress, SecurityGroupIngress, Tags, VpcId |
| AWS::EC2::SecurityGroupEgress | CidrIp, CidrIpv6, Description, DestinationPrefixListId, DestinationSecurityGroupId, FromPort, GroupId, IpProtocol, ToPort |
| AWS::EC2::SecurityGroupIngress | CidrIp, CidrIpv6, Description, FromPort, GroupId, GroupName, IpProtocol, SourcePrefixListId, SourceSecurityGroupId, SourceSecurityGroupName, SourceSecurityGroupOwnerId, ToPort |
| AWS::EC2::SecurityGroupVpcAssociation | GroupId, VpcId |
| AWS::EC2::SnapshotBlockPublicAccess | State |
| AWS::EC2::SpotFleet | SpotFleetRequestConfigData |
| AWS::EC2::Subnet | AssignIpv6AddressOnCreation, AvailabilityZone, AvailabilityZoneId, CidrBlock, EnableDns64, EnableLniAtDeviceIndex, Ipv4IpamPoolId, Ipv4NetmaskLength, Ipv6CidrBlock, Ipv6IpamPoolId, Ipv6Native, Ipv6NetmaskLength, MapPublicIpOnLaunch, OutpostArn, PrivateDnsNameOptionsOnLaunch, Tags, VpcId |
| AWS::EC2::SubnetCidrBlock | Ipv6CidrBlock, Ipv6IpamPoolId, Ipv6NetmaskLength, SubnetId |
| AWS::EC2::SubnetNetworkAclAssociation | NetworkAclId, SubnetId |
| AWS::EC2::SubnetRouteTableAssociation | RouteTableId, SubnetId |
| AWS::EC2::TrafficMirrorFilter | Description, NetworkServices, Tags |
| AWS::EC2::TrafficMirrorFilterRule | Description, DestinationCidrBlock, DestinationPortRange, Protocol, RuleAction, RuleNumber, SourceCidrBlock, SourcePortRange, Tags, TrafficDirection, TrafficMirrorFilterId |
| AWS::EC2::TrafficMirrorSession | Description, NetworkInterfaceId, OwnerId, PacketLength, SessionNumber, Tags, TrafficMirrorFilterId, TrafficMirrorTargetId, VirtualNetworkId |
| AWS::EC2::TrafficMirrorTarget | Description, GatewayLoadBalancerEndpointId, NetworkInterfaceId, NetworkLoadBalancerArn, Tags |
| AWS::EC2::TransitGateway | AmazonSideAsn, AssociationDefaultRouteTableId, AutoAcceptSharedAttachments, DefaultRouteTableAssociation, DefaultRouteTablePropagation, Description, DnsSupport, MulticastSupport, PropagationDefaultRouteTableId, SecurityGroupReferencingSupport, Tags, TransitGatewayCidrBlocks, VpnEcmpSupport |
| AWS::EC2::TransitGatewayAttachment | Options, SubnetIds, Tags, TransitGatewayId, VpcId |
| AWS::EC2::TransitGatewayConnect | Options, Tags, TransportTransitGatewayAttachmentId |
| AWS::EC2::TransitGatewayConnectPeer | ConnectPeerConfiguration, Tags, TransitGatewayAttachmentId |
| AWS::EC2::TransitGatewayMulticastDomain | Options, Tags, TransitGatewayId |
| AWS::EC2::TransitGatewayMulticastDomainAssociation | SubnetId, TransitGatewayAttachmentId, TransitGatewayMulticastDomainId |
| AWS::EC2::TransitGatewayMulticastGroupMember | GroupIpAddress, NetworkInterfaceId, TransitGatewayMulticastDomainId |
| AWS::EC2::TransitGatewayMulticastGroupSource | GroupIpAddress, NetworkInterfaceId, TransitGatewayMulticastDomainId |
| AWS::EC2::TransitGatewayPeeringAttachment | PeerAccountId, PeerRegion, PeerTransitGatewayId, Tags, TransitGatewayId |
| AWS::EC2::TransitGatewayRoute | Blackhole, DestinationCidrBlock, TransitGatewayAttachmentId, TransitGatewayRouteTableId |
| AWS::EC2::TransitGatewayRouteTable | Tags, TransitGatewayId |
| AWS::EC2::TransitGatewayRouteTableAssociation | TransitGatewayAttachmentId, TransitGatewayRouteTableId |
| AWS::EC2::TransitGatewayRouteTablePropagation | TransitGatewayAttachmentId, TransitGatewayRouteTableId |
| AWS::EC2::TransitGatewayVpcAttachment | AddSubnetIds, Options, RemoveSubnetIds, SubnetIds, Tags, TransitGatewayId, VpcId |
| AWS::EC2::VPC | CidrBlock, EnableDnsHostnames, EnableDnsSupport, InstanceTenancy, Ipv4IpamPoolId, Ipv4NetmaskLength, Tags |
| AWS::EC2::VPCBlockPublicAccessExclusion | InternetGatewayExclusionMode, SubnetId, Tags, VpcId |
| AWS::EC2::VPCBlockPublicAccessOptions | InternetGatewayBlockMode |
| AWS::EC2::VPCCidrBlock | AmazonProvidedIpv6CidrBlock, CidrBlock, Ipv4IpamPoolId, Ipv4NetmaskLength, Ipv6CidrBlock, Ipv6CidrBlockNetworkBorderGroup, Ipv6IpamPoolId, Ipv6NetmaskLength, Ipv6Pool, VpcId |
| AWS::EC2::VPCDHCPOptionsAssociation | DhcpOptionsId, VpcId |
| AWS::EC2::VPCEndpoint | DnsOptions, IpAddressType, PolicyDocument, PrivateDnsEnabled, ResourceConfigurationArn, RouteTableIds, SecurityGroupIds, ServiceName, ServiceNetworkArn, ServiceRegion, SubnetIds, Tags, VpcEndpointType, VpcId |
| AWS::EC2::VPCEndpointConnectionNotification | ConnectionEvents, ConnectionNotificationArn, ServiceId, VPCEndpointId |
| AWS::EC2::VPCEndpointService | AcceptanceRequired, ContributorInsightsEnabled, GatewayLoadBalancerArns, NetworkLoadBalancerArns, PayerResponsibility, SupportedIpAddressTypes, SupportedRegions, Tags |
| AWS::EC2::VPCEndpointServicePermissions | AllowedPrincipals, ServiceId |
| AWS::EC2::VPCGatewayAttachment | InternetGatewayId, VpcId, VpnGatewayId |
| AWS::EC2::VPCPeeringConnection | PeerOwnerId, PeerRegion, PeerRoleArn, PeerVpcId, Tags, VpcId |
| AWS::EC2::VPNConnection | CustomerGatewayId, EnableAcceleration, LocalIpv4NetworkCidr, LocalIpv6NetworkCidr, OutsideIpAddressType, RemoteIpv4NetworkCidr, RemoteIpv6NetworkCidr, StaticRoutesOnly, Tags, TransitGatewayId, TransportTransitGatewayAttachmentId, TunnelInsideIpVersion, Type, VpnGatewayId, VpnTunnelOptionsSpecifications |
| AWS::EC2::VPNConnectionRoute | DestinationCidrBlock, VpnConnectionId |
| AWS::EC2::VPNGateway | AmazonSideAsn, Tags, Type |
| AWS::EC2::VPNGatewayRoutePropagation | RouteTableIds, VpnGatewayId |
| AWS::EC2::VerifiedAccessEndpoint | ApplicationDomain, AttachmentType, CidrOptions, Description, DomainCertificateArn, EndpointDomainPrefix, EndpointType, LoadBalancerOptions, NetworkInterfaceOptions, PolicyDocument, PolicyEnabled, RdsOptions, SecurityGroupIds, SseSpecification, Tags, VerifiedAccessGroupId |
| AWS::EC2::VerifiedAccessGroup | Description, PolicyDocument, PolicyEnabled, SseSpecification, Tags, VerifiedAccessInstanceId |
| AWS::EC2::VerifiedAccessInstance | CidrEndpointsCustomSubDomain, Description, FipsEnabled, LoggingConfigurations, Tags, VerifiedAccessTrustProviderIds, VerifiedAccessTrustProviders |
| AWS::EC2::VerifiedAccessTrustProvider | Description, DeviceOptions, DeviceTrustProviderType, NativeApplicationOidcOptions, OidcOptions, PolicyReferenceName, SseSpecification, Tags, TrustProviderType, UserTrustProviderType |
| AWS::EC2::Volume | AutoEnableIO, AvailabilityZone, Encrypted, Iops, KmsKeyId, MultiAttachEnabled, OutpostArn, Size, SnapshotId, Tags, Throughput, VolumeInitializationRate, VolumeType |
| AWS::EC2::VolumeAttachment | Device, InstanceId, VolumeId |
| AWS::ECR::PublicRepository | RepositoryCatalogData, RepositoryName, RepositoryPolicyText, Tags |
| AWS::ECR::PullThroughCacheRule | CredentialArn, CustomRoleArn, EcrRepositoryPrefix, UpstreamRegistry, UpstreamRegistryUrl, UpstreamRepositoryPrefix |
| AWS::ECR::RegistryPolicy | PolicyText |
| AWS::ECR::RegistryScanningConfiguration | Rules, ScanType |
| AWS::ECR::ReplicationConfiguration | ReplicationConfiguration |
| AWS::ECR::Repository | EmptyOnDelete, EncryptionConfiguration, ImageScanningConfiguration, ImageTagMutability, ImageTagMutabilityExclusionFilters, LifecyclePolicy, RepositoryName, RepositoryPolicyText, Tags |
| AWS::ECR::RepositoryCreationTemplate | AppliedFor, CustomRoleArn, Description, EncryptionConfiguration, ImageTagMutability, ImageTagMutabilityExclusionFilters, LifecyclePolicy, Prefix, RepositoryPolicy, ResourceTags |
| AWS::ECS::CapacityProvider | AutoScalingGroupProvider, Name, Tags |
| AWS::ECS::Cluster | CapacityProviders, ClusterName, ClusterSettings, Configuration, DefaultCapacityProviderStrategy, ServiceConnectDefaults, Tags |
| AWS::ECS::ClusterCapacityProviderAssociations | CapacityProviders, Cluster, DefaultCapacityProviderStrategy |
| AWS::ECS::PrimaryTaskSet | Cluster, Service, TaskSetId |
| AWS::ECS::Service | AvailabilityZoneRebalancing, CapacityProviderStrategy, Cluster, DeploymentConfiguration, DeploymentController, DesiredCount, EnableECSManagedTags, EnableExecuteCommand, HealthCheckGracePeriodSeconds, LaunchType, LoadBalancers, NetworkConfiguration, PlacementConstraints, PlacementStrategies, PlatformVersion, PropagateTags, Role, SchedulingStrategy, ServiceConnectConfiguration, ServiceName, ServiceRegistries, Tags, TaskDefinition, VolumeConfigurations, VpcLatticeConfigurations |
| AWS::ECS::TaskDefinition | ContainerDefinitions, Cpu, EnableFaultInjection, EphemeralStorage, ExecutionRoleArn, Family, IpcMode, Memory, NetworkMode, PidMode, PlacementConstraints, ProxyConfiguration, RequiresCompatibilities, RuntimePlatform, Tags, TaskRoleArn, Volumes |
| AWS::ECS::TaskSet | CapacityProviderStrategy, Cluster, ExternalId, LaunchType, LoadBalancers, NetworkConfiguration, PlatformVersion, Scale, Service, ServiceRegistries, Tags, TaskDefinition |
| AWS::EFS::AccessPoint | AccessPointTags, ClientToken, FileSystemId, PosixUser, RootDirectory |
| AWS::EFS::FileSystem | AvailabilityZoneName, BackupPolicy, BypassPolicyLockoutSafetyCheck, Encrypted, FileSystemPolicy, FileSystemProtection, FileSystemTags, KmsKeyId, LifecyclePolicies, PerformanceMode, ProvisionedThroughputInMibps, ReplicationConfiguration, ThroughputMode |
| AWS::EFS::MountTarget | FileSystemId, IpAddress, IpAddressType, Ipv6Address, SecurityGroups, SubnetId |
| AWS::EKS::AccessEntry | AccessPolicies, ClusterName, KubernetesGroups, PrincipalArn, Tags, Type, Username |
| AWS::EKS::Addon | AddonName, AddonVersion, ClusterName, ConfigurationValues, PodIdentityAssociations, PreserveOnDelete, ResolveConflicts, ServiceAccountRoleArn, Tags |
| AWS::EKS::Cluster | AccessConfig, BootstrapSelfManagedAddons, ComputeConfig, DeletionProtection, EncryptionConfig, Force, KubernetesNetworkConfig, Logging, Name, OutpostConfig, RemoteNetworkConfig, ResourcesVpcConfig, RoleArn, StorageConfig, Tags, UpgradePolicy, Version, ZonalShiftConfig |
| AWS::EKS::FargateProfile | ClusterName, FargateProfileName, PodExecutionRoleArn, Selectors, Subnets, Tags |
| AWS::EKS::IdentityProviderConfig | ClusterName, IdentityProviderConfigName, Oidc, Tags, Type |
| AWS::EKS::Nodegroup | AmiType, CapacityType, ClusterName, DiskSize, ForceUpdateEnabled, InstanceTypes, Labels, LaunchTemplate, NodeRepairConfig, NodeRole, NodegroupName, ReleaseVersion, RemoteAccess, ScalingConfig, Subnets, Tags, Taints, UpdateConfig, Version |
| AWS::EKS::PodIdentityAssociation | ClusterName, DisableSessionTags, Namespace, RoleArn, ServiceAccount, Tags, TargetRoleArn |
| AWS::EMR::Cluster | AdditionalInfo, Applications, AutoScalingRole, AutoTerminationPolicy, BootstrapActions, Configurations, CustomAmiId, EbsRootVolumeIops, EbsRootVolumeSize, EbsRootVolumeThroughput, Instances, JobFlowRole, KerberosAttributes, LogEncryptionKmsKeyId, LogUri, ManagedScalingPolicy, Name, OSReleaseLabel, PlacementGroupConfigs, ReleaseLabel, ScaleDownBehavior, SecurityConfiguration, ServiceRole, StepConcurrencyLevel, Steps, Tags, VisibleToAllUsers |
| AWS::EMR::InstanceFleetConfig | ClusterId, InstanceFleetType, InstanceTypeConfigs, LaunchSpecifications, Name, ResizeSpecifications, TargetOnDemandCapacity, TargetSpotCapacity |
| AWS::EMR::InstanceGroupConfig | AutoScalingPolicy, BidPrice, Configurations, CustomAmiId, EbsConfiguration, InstanceCount, InstanceRole, InstanceType, JobFlowId, Market, Name |
| AWS::EMR::SecurityConfiguration | Name, SecurityConfiguration |
| AWS::EMR::Step | ActionOnFailure, HadoopJarStep, JobFlowId, Name |
| AWS::EMR::Studio | AuthMode, DefaultS3Location, Description, EncryptionKeyArn, EngineSecurityGroupId, IdcInstanceArn, IdcUserAssignment, IdpAuthUrl, IdpRelayStateParameterName, Name, ServiceRole, SubnetIds, Tags, TrustedIdentityPropagationEnabled, UserRole, VpcId, WorkspaceSecurityGroupId |
| AWS::EMR::StudioSessionMapping | IdentityName, IdentityType, SessionPolicyArn, StudioId |
| AWS::EMR::WALWorkspace | Tags, WALWorkspaceName |
| AWS::EMRContainers::VirtualCluster | ContainerProvider, Name, SecurityConfigurationId, Tags |
| AWS::EMRServerless::Application | Architecture, AutoStartConfiguration, AutoStopConfiguration, IdentityCenterConfiguration, ImageConfiguration, InitialCapacity, InteractiveConfiguration, MaximumCapacity, MonitoringConfiguration, Name, NetworkConfiguration, ReleaseLabel, RuntimeConfiguration, SchedulerConfiguration, Tags, Type, WorkerTypeSpecifications |
| AWS::EVS::Environment | ConnectivityInfo, EnvironmentName, Hosts, InitialVlans, KmsKeyId, LicenseInfo, ServiceAccessSecurityGroups, ServiceAccessSubnetId, SiteId, Tags, TermsAccepted, VcfHostnames, VcfVersion, VpcId |
| AWS::ElastiCache::CacheCluster | AZMode, AutoMinorVersionUpgrade, CacheNodeType, CacheParameterGroupName, CacheSecurityGroupNames, CacheSubnetGroupName, ClusterName, Engine, EngineVersion, IpDiscovery, LogDeliveryConfigurations, NetworkType, NotificationTopicArn, NumCacheNodes, Port, PreferredAvailabilityZone, PreferredAvailabilityZones, PreferredMaintenanceWindow, SnapshotArns, SnapshotName, SnapshotRetentionLimit, SnapshotWindow, Tags, TransitEncryptionEnabled, VpcSecurityGroupIds |
| AWS::ElastiCache::GlobalReplicationGroup | AutomaticFailoverEnabled, CacheNodeType, CacheParameterGroupName, Engine, EngineVersion, GlobalNodeGroupCount, GlobalReplicationGroupDescription, GlobalReplicationGroupIdSuffix, Members, RegionalConfigurations |
| AWS::ElastiCache::ParameterGroup | CacheParameterGroupFamily, Description, Properties, Tags |
| AWS::ElastiCache::ReplicationGroup | AtRestEncryptionEnabled, AuthToken, AutoMinorVersionUpgrade, AutomaticFailoverEnabled, CacheNodeType, CacheParameterGroupName, CacheSecurityGroupNames, CacheSubnetGroupName, ClusterMode, DataTieringEnabled, Engine, EngineVersion, GlobalReplicationGroupId, IpDiscovery, KmsKeyId, LogDeliveryConfigurations, MultiAZEnabled, NetworkType, NodeGroupConfiguration, NotificationTopicArn, NumCacheClusters, NumNodeGroups, Port, PreferredCacheClusterAZs, PreferredMaintenanceWindow, PrimaryClusterId, ReplicasPerNodeGroup, ReplicationGroupDescription, ReplicationGroupId, SecurityGroupIds, SnapshotArns, SnapshotName, SnapshotRetentionLimit, SnapshotWindow, SnapshottingClusterId, Tags, TransitEncryptionEnabled, TransitEncryptionMode, UserGroupIds |
| AWS::ElastiCache::SecurityGroup | Description, Tags |
| AWS::ElastiCache::SecurityGroupIngress | CacheSecurityGroupName, EC2SecurityGroupName, EC2SecurityGroupOwnerId |
| AWS::ElastiCache::ServerlessCache | CacheUsageLimits, DailySnapshotTime, Description, Endpoint, Engine, FinalSnapshotName, KmsKeyId, MajorEngineVersion, ReaderEndpoint, SecurityGroupIds, ServerlessCacheName, SnapshotArnsToRestore, SnapshotRetentionLimit, SubnetIds, Tags, UserGroupId |
| AWS::ElastiCache::SubnetGroup | CacheSubnetGroupName, Description, SubnetIds, Tags |
| AWS::ElastiCache::User | AccessString, AuthenticationMode, Engine, NoPasswordRequired, Passwords, Tags, UserId, UserName |
| AWS::ElastiCache::UserGroup | Engine, Tags, UserGroupId, UserIds |
| AWS::ElasticBeanstalk::Application | ApplicationName, Description, ResourceLifecycleConfig |
| AWS::ElasticBeanstalk::ApplicationVersion | ApplicationName, Description, SourceBundle |
| AWS::ElasticBeanstalk::ConfigurationTemplate | ApplicationName, Description, EnvironmentId, OptionSettings, PlatformArn, SolutionStackName, SourceConfiguration |
| AWS::ElasticBeanstalk::Environment | ApplicationName, CNAMEPrefix, Description, EnvironmentName, OperationsRole, OptionSettings, PlatformArn, SolutionStackName, Tags, TemplateName, Tier, VersionLabel |
| AWS::ElasticLoadBalancing::LoadBalancer | AccessLoggingPolicy, AppCookieStickinessPolicy, AvailabilityZones, ConnectionDrainingPolicy, ConnectionSettings, CrossZone, HealthCheck, Instances, LBCookieStickinessPolicy, Listeners, LoadBalancerName, Policies, Scheme, SecurityGroups, Subnets, Tags |
| AWS::ElasticLoadBalancingV2::Listener | AlpnPolicy, Certificates, DefaultActions, ListenerAttributes, LoadBalancerArn, MutualAuthentication, Port, Protocol, SslPolicy |
| AWS::ElasticLoadBalancingV2::ListenerCertificate | Certificates, ListenerArn |
| AWS::ElasticLoadBalancingV2::ListenerRule | Actions, Conditions, ListenerArn, Priority |
| AWS::ElasticLoadBalancingV2::LoadBalancer | EnablePrefixForIpv6SourceNat, EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic, IpAddressType, Ipv4IpamPoolId, LoadBalancerAttributes, MinimumLoadBalancerCapacity, Name, Scheme, SecurityGroups, SubnetMappings, Subnets, Tags, Type |
| AWS::ElasticLoadBalancingV2::TargetGroup | HealthCheckEnabled, HealthCheckIntervalSeconds, HealthCheckPath, HealthCheckPort, HealthCheckProtocol, HealthCheckTimeoutSeconds, HealthyThresholdCount, IpAddressType, Matcher, Name, Port, Protocol, ProtocolVersion, Tags, TargetGroupAttributes, TargetType, Targets, UnhealthyThresholdCount, VpcId |
| AWS::ElasticLoadBalancingV2::TrustStore | CaCertificatesBundleS3Bucket, CaCertificatesBundleS3Key, CaCertificatesBundleS3ObjectVersion, Name, Tags |
| AWS::ElasticLoadBalancingV2::TrustStoreRevocation | RevocationContents, TrustStoreArn |
| AWS::Elasticsearch::Domain | AccessPolicies, AdvancedOptions, AdvancedSecurityOptions, CognitoOptions, DomainEndpointOptions, DomainName, EBSOptions, ElasticsearchClusterConfig, ElasticsearchVersion, EncryptionAtRestOptions, LogPublishingOptions, NodeToNodeEncryptionOptions, SnapshotOptions, Tags, VPCOptions |
| AWS::EntityResolution::IdMappingWorkflow | Description, IdMappingTechniques, InputSourceConfig, OutputSourceConfig, RoleArn, Tags, WorkflowName |
| AWS::EntityResolution::IdNamespace | Description, IdMappingWorkflowProperties, IdNamespaceName, InputSourceConfig, RoleArn, Tags, Type |
| AWS::EntityResolution::MatchingWorkflow | Description, IncrementalRunConfig, InputSourceConfig, OutputSourceConfig, ResolutionTechniques, RoleArn, Tags, WorkflowName |
| AWS::EntityResolution::PolicyStatement | Action, Arn, Condition, Effect, Principal, StatementId |
| AWS::EntityResolution::SchemaMapping | Description, MappedInputFields, SchemaName, Tags |
| AWS::EventSchemas::Discoverer | CrossAccount, Description, SourceArn, Tags |
| AWS::EventSchemas::Registry | Description, RegistryName, Tags |
| AWS::EventSchemas::RegistryPolicy | Policy, RegistryName, RevisionId |
| AWS::EventSchemas::Schema | Content, Description, RegistryName, SchemaName, Tags, Type |
| AWS::Events::ApiDestination | ConnectionArn, Description, HttpMethod, InvocationEndpoint, InvocationRateLimitPerSecond, Name |
| AWS::Events::Archive | ArchiveName, Description, EventPattern, KmsKeyIdentifier, RetentionDays, SourceArn |
| AWS::Events::Connection | AuthParameters, AuthorizationType, Description, InvocationConnectivityParameters, KmsKeyIdentifier, Name |
| AWS::Events::Endpoint | Description, EventBuses, Name, ReplicationConfig, RoleArn, RoutingConfig |
| AWS::Events::EventBus | DeadLetterConfig, Description, EventSourceName, KmsKeyIdentifier, LogConfig, Name, Policy, Tags |
| AWS::Events::EventBusPolicy | Action, Condition, EventBusName, Principal, Statement, StatementId |
| AWS::Events::Rule | Description, EventBusName, EventPattern, Name, RoleArn, ScheduleExpression, State, Targets |
| AWS::Evidently::Experiment | Description, MetricGoals, Name, OnlineAbConfig, Project, RandomizationSalt, RemoveSegment, RunningStatus, SamplingRate, Segment, Tags, Treatments |
| AWS::Evidently::Feature | DefaultVariation, Description, EntityOverrides, EvaluationStrategy, Name, Project, Tags, Variations |
| AWS::Evidently::Launch | Description, ExecutionStatus, Groups, MetricMonitors, Name, Project, RandomizationSalt, ScheduledSplitsConfig, Tags |
| AWS::Evidently::Project | AppConfigResource, DataDelivery, Description, Name, Tags |
| AWS::Evidently::Segment | Description, Name, Pattern, Tags |
| AWS::FIS::ExperimentTemplate | Actions, Description, ExperimentOptions, ExperimentReportConfiguration, LogConfiguration, RoleArn, StopConditions, Tags, Targets |
| AWS::FIS::TargetAccountConfiguration | AccountId, Description, ExperimentTemplateId, RoleArn |
| AWS::FMS::NotificationChannel | SnsRoleName, SnsTopicArn |
| AWS::FMS::Policy | DeleteAllPolicyResources, ExcludeMap, ExcludeResourceTags, IncludeMap, PolicyDescription, PolicyName, RemediationEnabled, ResourceSetIds, ResourceTagLogicalOperator, ResourceTags, ResourceType, ResourceTypeList, ResourcesCleanUp, SecurityServicePolicyData, Tags |
| AWS::FMS::ResourceSet | Description, Name, ResourceTypeList, Resources, Tags |
| AWS::FSx::DataRepositoryAssociation | BatchImportMetaDataOnCreate, DataRepositoryPath, FileSystemId, FileSystemPath, ImportedFileChunkSize, S3, Tags |
| AWS::FSx::FileSystem | BackupId, FileSystemType, FileSystemTypeVersion, KmsKeyId, LustreConfiguration, NetworkType, OntapConfiguration, OpenZFSConfiguration, SecurityGroupIds, StorageCapacity, StorageType, SubnetIds, Tags, WindowsConfiguration |
| AWS::FSx::S3AccessPointAttachment | Name, OpenZFSConfiguration, S3AccessPoint, Type |
| AWS::FSx::Snapshot | Name, Tags, VolumeId |
| AWS::FSx::StorageVirtualMachine | ActiveDirectoryConfiguration, FileSystemId, Name, RootVolumeSecurityStyle, SvmAdminPassword, Tags |
| AWS::FSx::Volume | BackupId, Name, OntapConfiguration, OpenZFSConfiguration, Tags, VolumeType |
| AWS::FinSpace::Environment | Description, FederationMode, FederationParameters, KmsKeyId, Name, SuperuserParameters, Tags |
| AWS::Forecast::Dataset | DataFrequency, DatasetName, DatasetType, Domain, EncryptionConfig, Schema, Tags |
| AWS::Forecast::DatasetGroup | DatasetArns, DatasetGroupName, Domain, Tags |
| AWS::FraudDetector::Detector | AssociatedModels, Description, DetectorId, DetectorVersionStatus, EventType, RuleExecutionMode, Rules, Tags |
| AWS::FraudDetector::EntityType | Description, Name, Tags |
| AWS::FraudDetector::EventType | Description, EntityTypes, EventVariables, Labels, Name, Tags |
| AWS::FraudDetector::Label | Description, Name, Tags |
| AWS::FraudDetector::List | Description, Elements, Name, Tags, VariableType |
| AWS::FraudDetector::Outcome | Description, Name, Tags |
| AWS::FraudDetector::Variable | DataSource, DataType, DefaultValue, Description, Name, Tags, VariableType |
| AWS::GameLift::Alias | Description, Name, RoutingStrategy, Tags |
| AWS::GameLift::Build | Name, OperatingSystem, ServerSdkVersion, StorageLocation, Tags, Version |
| AWS::GameLift::ContainerFleet | BillingType, DeploymentConfiguration, Description, FleetRoleArn, GameServerContainerGroupDefinitionName, GameServerContainerGroupsPerInstance, GameSessionCreationLimitPolicy, InstanceConnectionPortRange, InstanceInboundPermissions, InstanceType, Locations, LogConfiguration, MetricGroups, NewGameSessionProtectionPolicy, PerInstanceContainerGroupDefinitionName, ScalingPolicies, Tags |
| AWS::GameLift::ContainerGroupDefinition | ContainerGroupType, GameServerContainerDefinition, Name, OperatingSystem, SourceVersionNumber, SupportContainerDefinitions, Tags, TotalMemoryLimitMebibytes, TotalVcpuLimit, VersionDescription |
| AWS::GameLift::Fleet | AnywhereConfiguration, ApplyCapacity, BuildId, CertificateConfiguration, ComputeType, Description, EC2InboundPermissions, EC2InstanceType, FleetType, InstanceRoleARN, InstanceRoleCredentialsProvider, Locations, MetricGroups, Name, NewGameSessionProtectionPolicy, PeerVpcAwsAccountId, PeerVpcId, ResourceCreationLimitPolicy, RuntimeConfiguration, ScalingPolicies, ScriptId, Tags |
| AWS::GameLift::GameServerGroup | AutoScalingPolicy, BalancingStrategy, DeleteOption, GameServerGroupName, GameServerProtectionPolicy, InstanceDefinitions, LaunchTemplate, MaxSize, MinSize, RoleArn, Tags, VpcSubnets |
| AWS::GameLift::GameSessionQueue | CustomEventData, Destinations, FilterConfiguration, Name, NotificationTarget, PlayerLatencyPolicies, PriorityConfiguration, Tags, TimeoutInSeconds |
| AWS::GameLift::Location | LocationName, Tags |
| AWS::GameLift::MatchmakingConfiguration | AcceptanceRequired, AcceptanceTimeoutSeconds, AdditionalPlayerCount, BackfillMode, CreationTime, CustomEventData, Description, FlexMatchMode, GameProperties, GameSessionData, GameSessionQueueArns, Name, NotificationTarget, RequestTimeoutSeconds, RuleSetArn, RuleSetName, Tags |
| AWS::GameLift::MatchmakingRuleSet | Name, RuleSetBody, Tags |
| AWS::GameLift::Script | Name, StorageLocation, Tags, Version |
| AWS::GlobalAccelerator::Accelerator | Enabled, IpAddressType, IpAddresses, Name, Tags |
| AWS::GlobalAccelerator::CrossAccountAttachment | Name, Principals, Resources, Tags |
| AWS::GlobalAccelerator::EndpointGroup | EndpointConfigurations, EndpointGroupRegion, HealthCheckIntervalSeconds, HealthCheckPath, HealthCheckPort, HealthCheckProtocol, ListenerArn, PortOverrides, ThresholdCount, TrafficDialPercentage |
| AWS::GlobalAccelerator::Listener | AcceleratorArn, ClientAffinity, PortRanges, Protocol |
| AWS::Glue::Classifier | CsvClassifier, GrokClassifier, JsonClassifier, XMLClassifier |
| AWS::Glue::Connection | CatalogId, ConnectionInput |
| AWS::Glue::Crawler | Classifiers, Configuration, CrawlerSecurityConfiguration, DatabaseName, Description, LakeFormationConfiguration, Name, RecrawlPolicy, Role, Schedule, SchemaChangePolicy, TablePrefix, Tags, Targets |
| AWS::Glue::CustomEntityType | ContextWords, Name, RegexString, Tags |
| AWS::Glue::DataCatalogEncryptionSettings | CatalogId, DataCatalogEncryptionSettings |
| AWS::Glue::DataQualityRuleset | ClientToken, Description, Name, Ruleset, Tags, TargetTable |
| AWS::Glue::Database | CatalogId, DatabaseInput, DatabaseName |
| AWS::Glue::DevEndpoint | Arguments, EndpointName, ExtraJarsS3Path, ExtraPythonLibsS3Path, GlueVersion, NumberOfNodes, NumberOfWorkers, PublicKey, PublicKeys, RoleArn, SecurityConfiguration, SecurityGroupIds, SubnetId, Tags, WorkerType |
| AWS::Glue::Job | AllocatedCapacity, Command, Connections, DefaultArguments, Description, ExecutionClass, ExecutionProperty, GlueVersion, JobMode, JobRunQueuingEnabled, LogUri, MaintenanceWindow, MaxCapacity, MaxRetries, Name, NonOverridableArguments, NotificationProperty, NumberOfWorkers, Role, SecurityConfiguration, Tags, Timeout, WorkerType |
| AWS::Glue::MLTransform | Description, GlueVersion, InputRecordTables, MaxCapacity, MaxRetries, Name, NumberOfWorkers, Role, Tags, Timeout, TransformEncryption, TransformParameters, WorkerType |
| AWS::Glue::Partition | CatalogId, DatabaseName, PartitionInput, TableName |
| AWS::Glue::Registry | Description, Name, Tags |
| AWS::Glue::Schema | CheckpointVersion, Compatibility, DataFormat, Description, Name, Registry, SchemaDefinition, Tags |
| AWS::Glue::SchemaVersion | Schema, SchemaDefinition |
| AWS::Glue::SchemaVersionMetadata | Key, SchemaVersionId, Value |
| AWS::Glue::SecurityConfiguration | EncryptionConfiguration, Name |
| AWS::Glue::Table | CatalogId, DatabaseName, OpenTableFormatInput, TableInput |
| AWS::Glue::TableOptimizer | CatalogId, DatabaseName, TableName, TableOptimizerConfiguration, Type |
| AWS::Glue::Trigger | Actions, Description, EventBatchingCondition, Name, Predicate, Schedule, StartOnCreation, Tags, Type, WorkflowName |
| AWS::Glue::UsageProfile | Configuration, Description, Name, Tags |
| AWS::Glue::Workflow | DefaultRunProperties, Description, MaxConcurrentRuns, Name, Tags |
| AWS::Grafana::Workspace | AccountAccessType, AuthenticationProviders, ClientToken, DataSources, Description, GrafanaVersion, Name, NetworkAccessControl, NotificationDestinations, OrganizationRoleName, OrganizationalUnits, PermissionType, PluginAdminEnabled, RoleArn, SamlConfiguration, StackSetName, VpcConfiguration |
| AWS::Greengrass::ConnectorDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::ConnectorDefinitionVersion | ConnectorDefinitionId, Connectors |
| AWS::Greengrass::CoreDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::CoreDefinitionVersion | CoreDefinitionId, Cores |
| AWS::Greengrass::DeviceDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::DeviceDefinitionVersion | DeviceDefinitionId, Devices |
| AWS::Greengrass::FunctionDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::FunctionDefinitionVersion | DefaultConfig, FunctionDefinitionId, Functions |
| AWS::Greengrass::Group | InitialVersion, Name, RoleArn, Tags |
| AWS::Greengrass::GroupVersion | ConnectorDefinitionVersionArn, CoreDefinitionVersionArn, DeviceDefinitionVersionArn, FunctionDefinitionVersionArn, GroupId, LoggerDefinitionVersionArn, ResourceDefinitionVersionArn, SubscriptionDefinitionVersionArn |
| AWS::Greengrass::LoggerDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::LoggerDefinitionVersion | LoggerDefinitionId, Loggers |
| AWS::Greengrass::ResourceDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::ResourceDefinitionVersion | ResourceDefinitionId, Resources |
| AWS::Greengrass::SubscriptionDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::SubscriptionDefinitionVersion | SubscriptionDefinitionId, Subscriptions |
| AWS::GreengrassV2::ComponentVersion | InlineRecipe, LambdaFunction, Tags |
| AWS::GreengrassV2::Deployment | Components, DeploymentName, DeploymentPolicies, IotJobConfiguration, ParentTargetArn, Tags, TargetArn |
| AWS::GroundStation::Config | ConfigData, Name, Tags |
| AWS::GroundStation::DataflowEndpointGroup | ContactPostPassDurationSeconds, ContactPrePassDurationSeconds, EndpointDetails, Tags |
| AWS::GroundStation::MissionProfile | ContactPostPassDurationSeconds, ContactPrePassDurationSeconds, DataflowEdges, MinimumViableContactDurationSeconds, Name, StreamsKmsKey, StreamsKmsRole, Tags, TrackingConfigArn |
| AWS::GuardDuty::Detector | DataSources, Enable, Features, FindingPublishingFrequency, Tags |
| AWS::GuardDuty::Filter | Action, Description, DetectorId, FindingCriteria, Name, Rank, Tags |
| AWS::GuardDuty::IPSet | Activate, DetectorId, ExpectedBucketOwner, Format, Location, Name, Tags |
| AWS::GuardDuty::MalwareProtectionPlan | Actions, ProtectedResource, Role, Tags |
| AWS::GuardDuty::Master | DetectorId, InvitationId, MasterId |
| AWS::GuardDuty::Member | DetectorId, DisableEmailNotification, Email, MemberId, Message, Status |
| AWS::GuardDuty::PublishingDestination | DestinationProperties, DestinationType, DetectorId, Tags |
| AWS::GuardDuty::ThreatIntelSet | Activate, DetectorId, ExpectedBucketOwner, Format, Location, Name, Tags |
| AWS::HealthImaging::Datastore | DatastoreName, KmsKeyArn, Tags |
| AWS::HealthLake::FHIRDatastore | DatastoreName, DatastoreTypeVersion, IdentityProviderConfiguration, PreloadDataConfig, SseConfiguration, Tags |
| AWS::IAM::AccessKey | Serial, Status, UserName |
| AWS::IAM::Group | GroupName, ManagedPolicyArns, Path, Policies |
| AWS::IAM::GroupPolicy | GroupName, PolicyDocument, PolicyName |
| AWS::IAM::InstanceProfile | InstanceProfileName, Path, Roles |
| AWS::IAM::ManagedPolicy | Description, Groups, ManagedPolicyName, Path, PolicyDocument, Roles, Users |
| AWS::IAM::OIDCProvider | ClientIdList, Tags, ThumbprintList, Url |
| AWS::IAM::Policy | Groups, PolicyDocument, PolicyName, Roles, Users |
| AWS::IAM::Role | AssumeRolePolicyDocument, Description, ManagedPolicyArns, MaxSessionDuration, Path, PermissionsBoundary, Policies, RoleName, Tags |
| AWS::IAM::RolePolicy | PolicyDocument, PolicyName, RoleName |
| AWS::IAM::SAMLProvider | AddPrivateKey, AssertionEncryptionMode, Name, PrivateKeyList, RemovePrivateKey, SamlMetadataDocument, Tags |
| AWS::IAM::ServerCertificate | CertificateBody, CertificateChain, Path, PrivateKey, ServerCertificateName, Tags |
| AWS::IAM::ServiceLinkedRole | AWSServiceName, CustomSuffix, Description |
| AWS::IAM::User | Groups, LoginProfile, ManagedPolicyArns, Path, PermissionsBoundary, Policies, Tags, UserName |
| AWS::IAM::UserPolicy | PolicyDocument, PolicyName, UserName |
| AWS::IAM::UserToGroupAddition | GroupName, Users |
| AWS::IAM::VirtualMFADevice | Path, Tags, Users, VirtualMfaDeviceName |
| AWS::IVS::Channel | Authorized, ContainerFormat, InsecureIngest, LatencyMode, MultitrackInputConfiguration, Name, Preset, RecordingConfigurationArn, Tags, Type |
| AWS::IVS::EncoderConfiguration | Name, Tags, Video |
| AWS::IVS::IngestConfiguration | IngestProtocol, InsecureIngest, Name, StageArn, Tags, UserId |
| AWS::IVS::PlaybackKeyPair | Name, PublicKeyMaterial, Tags |
| AWS::IVS::PlaybackRestrictionPolicy | AllowedCountries, AllowedOrigins, EnableStrictOriginEnforcement, Name, Tags |
| AWS::IVS::PublicKey | Name, PublicKeyMaterial, Tags |
| AWS::IVS::RecordingConfiguration | DestinationConfiguration, Name, RecordingReconnectWindowSeconds, RenditionConfiguration, Tags, ThumbnailConfiguration |
| AWS::IVS::Stage | AutoParticipantRecordingConfiguration, Name, Tags |
| AWS::IVS::StorageConfiguration | Name, S3, Tags |
| AWS::IVS::StreamKey | ChannelArn, Tags |
| AWS::IVSChat::LoggingConfiguration | DestinationConfiguration, Name, Tags |
| AWS::IVSChat::Room | LoggingConfigurationIdentifiers, MaximumMessageLength, MaximumMessageRatePerSecond, MessageReviewHandler, Name, Tags |
| AWS::IdentityStore::Group | Description, DisplayName, IdentityStoreId |
| AWS::IdentityStore::GroupMembership | GroupId, IdentityStoreId, MemberId |
| AWS::ImageBuilder::Component | ChangeDescription, Data, Description, KmsKeyId, Name, Platform, SupportedOsVersions, Tags, Uri, Version |
| AWS::ImageBuilder::ContainerRecipe | Components, ContainerType, Description, DockerfileTemplateData, DockerfileTemplateUri, ImageOsVersionOverride, InstanceConfiguration, KmsKeyId, Name, ParentImage, PlatformOverride, Tags, TargetRepository, Version, WorkingDirectory |
| AWS::ImageBuilder::DistributionConfiguration | Description, Distributions, Name, Tags |
| AWS::ImageBuilder::Image | ContainerRecipeArn, DistributionConfigurationArn, EnhancedImageMetadataEnabled, ExecutionRole, ImageRecipeArn, ImageScanningConfiguration, ImageTestsConfiguration, InfrastructureConfigurationArn, Tags, Workflows |
| AWS::ImageBuilder::ImagePipeline | ContainerRecipeArn, Description, DistributionConfigurationArn, EnhancedImageMetadataEnabled, ExecutionRole, ImageRecipeArn, ImageScanningConfiguration, ImageTestsConfiguration, InfrastructureConfigurationArn, Name, Schedule, Status, Tags, Workflows |
| AWS::ImageBuilder::ImageRecipe | AdditionalInstanceConfiguration, BlockDeviceMappings, Components, Description, Name, ParentImage, Tags, Version, WorkingDirectory |
| AWS::ImageBuilder::InfrastructureConfiguration | Description, InstanceMetadataOptions, InstanceProfileName, InstanceTypes, KeyPair, Logging, Name, Placement, ResourceTags, SecurityGroupIds, SnsTopicArn, SubnetId, Tags, TerminateInstanceOnFailure |
| AWS::ImageBuilder::LifecyclePolicy | Description, ExecutionRole, Name, PolicyDetails, ResourceSelection, ResourceType, Status, Tags |
| AWS::ImageBuilder::Workflow | ChangeDescription, Data, Description, KmsKeyId, Name, Tags, Type, Uri, Version |
| AWS::Inspector::AssessmentTarget | AssessmentTargetName, ResourceGroupArn |
| AWS::Inspector::AssessmentTemplate | AssessmentTargetArn, AssessmentTemplateName, DurationInSeconds, RulesPackageArns, UserAttributesForFindings |
| AWS::Inspector::ResourceGroup | ResourceGroupTags |
| AWS::InspectorV2::CisScanConfiguration | ScanName, Schedule, SecurityLevel, Tags, Targets |
| AWS::InspectorV2::CodeSecurityIntegration | CreateIntegrationDetails, Name, Tags, Type, UpdateIntegrationDetails |
| AWS::InspectorV2::CodeSecurityScanConfiguration | Configuration, Level, Name, ScopeSettings, Tags |
| AWS::InspectorV2::Filter | Description, FilterAction, FilterCriteria, Name, Tags |
| AWS::InternetMonitor::Monitor | HealthEventsConfig, IncludeLinkedAccounts, InternetMeasurementsLogDelivery, LinkedAccountId, MaxCityNetworksToMonitor, MonitorName, Resources, ResourcesToAdd, ResourcesToRemove, Status, Tags, TrafficPercentageToMonitor |
| AWS::Invoicing::InvoiceUnit | Description, InvoiceReceiver, Name, ResourceTags, Rule, TaxInheritanceDisabled |
| AWS::IoT::AccountAuditConfiguration | AccountId, AuditCheckConfigurations, AuditNotificationTargetConfigurations, RoleArn |
| AWS::IoT::Authorizer | AuthorizerFunctionArn, AuthorizerName, EnableCachingForHttp, SigningDisabled, Status, Tags, TokenKeyName, TokenSigningPublicKeys |
| AWS::IoT::BillingGroup | BillingGroupName, BillingGroupProperties, Tags |
| AWS::IoT::CACertificate | AutoRegistrationStatus, CACertificatePem, CertificateMode, RegistrationConfig, RemoveAutoRegistration, Status, Tags, VerificationCertificatePem |
| AWS::IoT::Certificate | CACertificatePem, CertificateMode, CertificatePem, CertificateSigningRequest, Status |
| AWS::IoT::CertificateProvider | AccountDefaultForOperations, CertificateProviderName, LambdaFunctionArn, Tags |
| AWS::IoT::Command | CommandId, CreatedAt, Deprecated, Description, DisplayName, LastUpdatedAt, MandatoryParameters, Namespace, Payload, PendingDeletion, RoleArn, Tags |
| AWS::IoT::CustomMetric | DisplayName, MetricName, MetricType, Tags |
| AWS::IoT::Dimension | Name, StringValues, Tags, Type |
| AWS::IoT::DomainConfiguration | ApplicationProtocol, AuthenticationType, AuthorizerConfig, ClientCertificateConfig, DomainConfigurationName, DomainConfigurationStatus, DomainName, ServerCertificateArns, ServerCertificateConfig, ServiceType, Tags, TlsConfig, ValidationCertificateArn |
| AWS::IoT::FleetMetric | AggregationField, AggregationType, Description, IndexName, MetricName, Period, QueryString, QueryVersion, Tags, Unit |
| AWS::IoT::JobTemplate | AbortConfig, Description, DestinationPackageVersions, Document, DocumentSource, JobArn, JobExecutionsRetryConfig, JobExecutionsRolloutConfig, JobTemplateId, MaintenanceWindows, PresignedUrlConfig, Tags, TimeoutConfig |
| AWS::IoT::Logging | AccountId, DefaultLogLevel, RoleArn |
| AWS::IoT::MitigationAction | ActionName, ActionParams, RoleArn, Tags |
| AWS::IoT::Policy | PolicyDocument, PolicyName, Tags |
| AWS::IoT::PolicyPrincipalAttachment | PolicyName, Principal |
| AWS::IoT::ProvisioningTemplate | Description, Enabled, PreProvisioningHook, ProvisioningRoleArn, Tags, TemplateBody, TemplateName, TemplateType |
| AWS::IoT::ResourceSpecificLogging | LogLevel, TargetName, TargetType |
| AWS::IoT::RoleAlias | CredentialDurationSeconds, RoleAlias, RoleArn, Tags |
| AWS::IoT::ScheduledAudit | DayOfMonth, DayOfWeek, Frequency, ScheduledAuditName, Tags, TargetCheckNames |
| AWS::IoT::SecurityProfile | AdditionalMetricsToRetainV2, AlertTargets, Behaviors, MetricsExportConfig, SecurityProfileDescription, SecurityProfileName, Tags, TargetArns |
| AWS::IoT::SoftwarePackage | Description, PackageName, Tags |
| AWS::IoT::SoftwarePackageVersion | Artifact, Attributes, Description, PackageName, Recipe, Sbom, Tags, VersionName |
| AWS::IoT::Thing | AttributePayload, ThingName |
| AWS::IoT::ThingGroup | ParentGroupName, QueryString, Tags, ThingGroupName, ThingGroupProperties |
| AWS::IoT::ThingPrincipalAttachment | Principal, ThingName, ThingPrincipalType |
| AWS::IoT::ThingType | DeprecateThingType, Tags, ThingTypeName, ThingTypeProperties |
| AWS::IoT::TopicRule | RuleName, Tags, TopicRulePayload |
| AWS::IoT::TopicRuleDestination | HttpUrlProperties, Status, VpcProperties |
| AWS::IoTAnalytics::Channel | ChannelName, ChannelStorage, RetentionPeriod, Tags |
| AWS::IoTAnalytics::Dataset | Actions, ContentDeliveryRules, DatasetName, LateDataRules, RetentionPeriod, Tags, Triggers, VersioningConfiguration |
| AWS::IoTAnalytics::Datastore | DatastoreName, DatastorePartitions, DatastoreStorage, FileFormatConfiguration, RetentionPeriod, Tags |
| AWS::IoTAnalytics::Pipeline | PipelineActivities, PipelineName, Tags |
| AWS::IoTCoreDeviceAdvisor::SuiteDefinition | SuiteDefinitionConfiguration, Tags |
| AWS::IoTEvents::AlarmModel | AlarmCapabilities, AlarmEventActions, AlarmModelDescription, AlarmModelName, AlarmRule, Key, RoleArn, Severity, Tags |
| AWS::IoTEvents::DetectorModel | DetectorModelDefinition, DetectorModelDescription, DetectorModelName, EvaluationMethod, Key, RoleArn, Tags |
| AWS::IoTEvents::Input | InputDefinition, InputDescription, InputName, Tags |
| AWS::IoTFleetHub::Application | ApplicationDescription, ApplicationName, RoleArn, Tags |
| AWS::IoTFleetWise::Campaign | Action, CollectionScheme, Compression, DataDestinationConfigs, DataExtraDimensions, DataPartitions, Description, DiagnosticsMode, ExpiryTime, Name, PostTriggerCollectionDuration, Priority, SignalCatalogArn, SignalsToCollect, SignalsToFetch, SpoolingMode, StartTime, Tags, TargetArn |
| AWS::IoTFleetWise::DecoderManifest | DefaultForUnmappedSignals, Description, ModelManifestArn, Name, NetworkInterfaces, SignalDecoders, Status, Tags |
| AWS::IoTFleetWise::Fleet | Description, Id, SignalCatalogArn, Tags |
| AWS::IoTFleetWise::ModelManifest | Description, Name, Nodes, SignalCatalogArn, Status, Tags |
| AWS::IoTFleetWise::SignalCatalog | Description, Name, NodeCounts, Nodes, Tags |
| AWS::IoTFleetWise::StateTemplate | DataExtraDimensions, Description, MetadataExtraDimensions, Name, SignalCatalogArn, StateTemplateProperties, Tags |
| AWS::IoTFleetWise::Vehicle | AssociationBehavior, Attributes, DecoderManifestArn, ModelManifestArn, Name, StateTemplates, Tags |
| AWS::IoTSiteWise::AccessPolicy | AccessPolicyIdentity, AccessPolicyPermission, AccessPolicyResource |
| AWS::IoTSiteWise::Asset | AssetDescription, AssetExternalId, AssetHierarchies, AssetModelId, AssetName, AssetProperties, Tags |
| AWS::IoTSiteWise::AssetModel | AssetModelCompositeModels, AssetModelDescription, AssetModelExternalId, AssetModelHierarchies, AssetModelName, AssetModelProperties, AssetModelType, EnforcedAssetModelInterfaceRelationships, Tags |
| AWS::IoTSiteWise::ComputationModel | ComputationModelConfiguration, ComputationModelDataBinding, ComputationModelDescription, ComputationModelName, Tags |
| AWS::IoTSiteWise::Dashboard | DashboardDefinition, DashboardDescription, DashboardName, ProjectId, Tags |
| AWS::IoTSiteWise::Dataset | DatasetDescription, DatasetName, DatasetSource, Tags |
| AWS::IoTSiteWise::Gateway | GatewayCapabilitySummaries, GatewayName, GatewayPlatform, GatewayVersion, Tags |
| AWS::IoTSiteWise::Portal | Alarms, NotificationSenderEmail, PortalAuthMode, PortalContactEmail, PortalDescription, PortalName, PortalType, PortalTypeConfiguration, RoleArn, Tags |
| AWS::IoTSiteWise::Project | AssetIds, PortalId, ProjectDescription, ProjectName, Tags |
| AWS::IoTThingsGraph::FlowTemplate | CompatibleNamespaceVersion, Definition |
| AWS::IoTTwinMaker::ComponentType | ComponentTypeId, CompositeComponentTypes, Description, ExtendsFrom, Functions, IsSingleton, PropertyDefinitions, PropertyGroups, Tags, WorkspaceId |
| AWS::IoTTwinMaker::Entity | Components, CompositeComponents, Description, EntityId, EntityName, ParentEntityId, Tags, WorkspaceId |
| AWS::IoTTwinMaker::Scene | Capabilities, ContentLocation, Description, SceneId, SceneMetadata, Tags, WorkspaceId |
| AWS::IoTTwinMaker::SyncJob | SyncRole, SyncSource, Tags, WorkspaceId |
| AWS::IoTTwinMaker::Workspace | Description, Role, S3Location, Tags, WorkspaceId |
| AWS::IoTWireless::Destination | Description, Expression, ExpressionType, Name, RoleArn, Tags |
| AWS::IoTWireless::DeviceProfile | LoRaWAN, Name, Tags |
| AWS::IoTWireless::FuotaTask | AssociateMulticastGroup, AssociateWirelessDevice, Description, DisassociateMulticastGroup, DisassociateWirelessDevice, FirmwareUpdateImage, FirmwareUpdateRole, LoRaWAN, Name, Tags |
| AWS::IoTWireless::MulticastGroup | AssociateWirelessDevice, Description, DisassociateWirelessDevice, LoRaWAN, Name, Tags |
| AWS::IoTWireless::NetworkAnalyzerConfiguration | Description, Name, Tags, TraceContent, WirelessDevices, WirelessGateways |
| AWS::IoTWireless::PartnerAccount | AccountLinked, PartnerAccountId, PartnerType, Sidewalk, SidewalkResponse, SidewalkUpdate, Tags |
| AWS::IoTWireless::ServiceProfile | LoRaWAN, Name, Tags |
| AWS::IoTWireless::TaskDefinition | AutoCreateTasks, LoRaWANUpdateGatewayTaskEntry, Name, Tags, TaskDefinitionType, Update |
| AWS::IoTWireless::WirelessDevice | Description, DestinationName, LastUplinkReceivedAt, LoRaWAN, Name, Positioning, Tags, ThingArn, Type |
| AWS::IoTWireless::WirelessDeviceImportTask | DestinationName, Sidewalk, Tags |
| AWS::IoTWireless::WirelessGateway | Description, LastUplinkReceivedAt, LoRaWAN, Name, Tags, ThingArn, ThingName |
| AWS::KMS::Alias | AliasName, TargetKeyId |
| AWS::KMS::Key | BypassPolicyLockoutSafetyCheck, Description, EnableKeyRotation, Enabled, KeyPolicy, KeySpec, KeyUsage, MultiRegion, Origin, PendingWindowInDays, RotationPeriodInDays, Tags |
| AWS::KMS::ReplicaKey | Description, Enabled, KeyPolicy, PendingWindowInDays, PrimaryKeyArn, Tags |
| AWS::KafkaConnect::Connector | Capacity, ConnectorConfiguration, ConnectorDescription, ConnectorName, KafkaCluster, KafkaClusterClientAuthentication, KafkaClusterEncryptionInTransit, KafkaConnectVersion, LogDelivery, Plugins, ServiceExecutionRoleArn, Tags, WorkerConfiguration |
| AWS::KafkaConnect::CustomPlugin | ContentType, Description, Location, Name, Tags |
| AWS::KafkaConnect::WorkerConfiguration | Description, Name, PropertiesFileContent, Tags |
| AWS::Kendra::DataSource | CustomDocumentEnrichmentConfiguration, DataSourceConfiguration, Description, IndexId, LanguageCode, Name, RoleArn, Schedule, Tags, Type |
| AWS::Kendra::Faq | Description, FileFormat, IndexId, LanguageCode, Name, RoleArn, S3Path, Tags |
| AWS::Kendra::Index | CapacityUnits, Description, DocumentMetadataConfigurations, Edition, Name, RoleArn, ServerSideEncryptionConfiguration, Tags, UserContextPolicy, UserTokenConfigurations |
| AWS::KendraRanking::ExecutionPlan | CapacityUnits, Description, Name, Tags |
| AWS::Kinesis::ResourcePolicy | ResourceArn, ResourcePolicy |
| AWS::Kinesis::Stream | DesiredShardLevelMetrics, Name, RetentionPeriodHours, ShardCount, StreamEncryption, StreamModeDetails, Tags |
| AWS::Kinesis::StreamConsumer | ConsumerName, StreamARN, Tags |
| AWS::KinesisAnalytics::Application | ApplicationCode, ApplicationDescription, ApplicationName, Inputs |
| AWS::KinesisAnalytics::ApplicationOutput | ApplicationName, Output |
| AWS::KinesisAnalytics::ApplicationReferenceDataSource | ApplicationName, ReferenceDataSource |
| AWS::KinesisAnalyticsV2::Application | ApplicationConfiguration, ApplicationDescription, ApplicationMaintenanceConfiguration, ApplicationMode, ApplicationName, RunConfiguration, RuntimeEnvironment, ServiceExecutionRole, Tags |
| AWS::KinesisAnalyticsV2::ApplicationOutput | ApplicationName, Output |
| AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource | ApplicationName, ReferenceDataSource |
| AWS::KinesisFirehose::DeliveryStream | AmazonOpenSearchServerlessDestinationConfiguration, AmazonopensearchserviceDestinationConfiguration, DatabaseSourceConfiguration, DeliveryStreamEncryptionConfigurationInput, DeliveryStreamName, DeliveryStreamType, DirectPutSourceConfiguration, ElasticsearchDestinationConfiguration, ExtendedS3DestinationConfiguration, HttpEndpointDestinationConfiguration, IcebergDestinationConfiguration, KinesisStreamSourceConfiguration, MSKSourceConfiguration, RedshiftDestinationConfiguration, S3DestinationConfiguration, SnowflakeDestinationConfiguration, SplunkDestinationConfiguration, Tags |
| AWS::KinesisVideo::SignalingChannel | MessageTtlSeconds, Name, Tags, Type |
| AWS::KinesisVideo::Stream | DataRetentionInHours, DeviceName, KmsKeyId, MediaType, Name, Tags |
| AWS::LakeFormation::DataCellsFilter | ColumnNames, ColumnWildcard, DatabaseName, Name, RowFilter, TableCatalogId, TableName |
| AWS::LakeFormation::DataLakeSettings | Admins, AllowExternalDataFiltering, AllowFullTableExternalDataAccess, AuthorizedSessionTagValueList, CreateDatabaseDefaultPermissions, CreateTableDefaultPermissions, ExternalDataFilteringAllowList, MutationType, Parameters, TrustedResourceOwners |
| AWS::LakeFormation::Permissions | DataLakePrincipal, Permissions, PermissionsWithGrantOption, Resource |
| AWS::LakeFormation::PrincipalPermissions | Catalog, Permissions, PermissionsWithGrantOption, Principal, Resource |
| AWS::LakeFormation::Resource | HybridAccessEnabled, ResourceArn, RoleArn, UseServiceLinkedRole, WithFederation |
| AWS::LakeFormation::Tag | CatalogId, TagKey, TagValues |
| AWS::LakeFormation::TagAssociation | LFTags, Resource |
| AWS::Lambda::Alias | Description, FunctionName, FunctionVersion, Name, ProvisionedConcurrencyConfig, RoutingConfig |
| AWS::Lambda::CodeSigningConfig | AllowedPublishers, CodeSigningPolicies, Description, Tags |
| AWS::Lambda::EventInvokeConfig | DestinationConfig, FunctionName, MaximumEventAgeInSeconds, MaximumRetryAttempts, Qualifier |
| AWS::Lambda::EventSourceMapping | AmazonManagedKafkaEventSourceConfig, BatchSize, BisectBatchOnFunctionError, DestinationConfig, DocumentDBEventSourceConfig, Enabled, EventSourceArn, FilterCriteria, FunctionName, FunctionResponseTypes, KmsKeyArn, MaximumBatchingWindowInSeconds, MaximumRecordAgeInSeconds, MaximumRetryAttempts, MetricsConfig, ParallelizationFactor, ProvisionedPollerConfig, Queues, ScalingConfig, SelfManagedEventSource, SelfManagedKafkaEventSourceConfig, SourceAccessConfigurations, StartingPosition, StartingPositionTimestamp, Tags, Topics, TumblingWindowInSeconds |
| AWS::Lambda::Function | Architectures, Code, CodeSigningConfigArn, DeadLetterConfig, Description, Environment, EphemeralStorage, FileSystemConfigs, FunctionName, Handler, ImageConfig, KmsKeyArn, Layers, LoggingConfig, MemorySize, PackageType, RecursiveLoop, ReservedConcurrentExecutions, Role, Runtime, RuntimeManagementConfig, SnapStart, Tags, Timeout, TracingConfig, VpcConfig |
| AWS::Lambda::LayerVersion | CompatibleArchitectures, CompatibleRuntimes, Content, Description, LayerName, LicenseInfo |
| AWS::Lambda::LayerVersionPermission | Action, LayerVersionArn, OrganizationId, Principal |
| AWS::Lambda::Permission | Action, EventSourceToken, FunctionName, FunctionUrlAuthType, Principal, PrincipalOrgID, SourceAccount, SourceArn |
| AWS::Lambda::Url | AuthType, Cors, InvokeMode, Qualifier, TargetFunctionArn |
| AWS::Lambda::Version | CodeSha256, Description, FunctionName, ProvisionedConcurrencyConfig, RuntimePolicy |
| AWS::LaunchWizard::Deployment | DeploymentPatternName, Name, Specifications, Tags, WorkloadName |
| AWS::Lex::Bot | AutoBuildBotLocales, BotFileS3Location, BotLocales, BotTags, DataPrivacy, Description, IdleSessionTTLInSeconds, Name, Replication, RoleArn, TestBotAliasSettings, TestBotAliasTags |
| AWS::Lex::BotAlias | BotAliasLocaleSettings, BotAliasName, BotAliasTags, BotId, BotVersion, ConversationLogSettings, Description, SentimentAnalysisSettings |
| AWS::Lex::BotVersion | BotId, BotVersionLocaleSpecification, Description |
| AWS::Lex::ResourcePolicy | Policy, ResourceArn |
| AWS::LicenseManager::Grant | AllowedOperations, GrantName, HomeRegion, LicenseArn, Principals, Status |
| AWS::LicenseManager::License | Beneficiary, ConsumptionConfiguration, Entitlements, HomeRegion, Issuer, LicenseMetadata, LicenseName, ProductName, ProductSKU, Status, Validity |
| AWS::Lightsail::Alarm | AlarmName, ComparisonOperator, ContactProtocols, DatapointsToAlarm, EvaluationPeriods, MetricName, MonitoredResourceName, NotificationEnabled, NotificationTriggers, Threshold, TreatMissingData |
| AWS::Lightsail::Bucket | AccessRules, BucketName, BundleId, ObjectVersioning, ReadOnlyAccessAccounts, ResourcesReceivingAccess, Tags |
| AWS::Lightsail::Certificate | CertificateName, DomainName, SubjectAlternativeNames, Tags |
| AWS::Lightsail::Container | ContainerServiceDeployment, IsDisabled, Power, PrivateRegistryAccess, PublicDomainNames, Scale, ServiceName, Tags |
| AWS::Lightsail::Database | AvailabilityZone, BackupRetention, CaCertificateIdentifier, MasterDatabaseName, MasterUserPassword, MasterUsername, PreferredBackupWindow, PreferredMaintenanceWindow, PubliclyAccessible, RelationalDatabaseBlueprintId, RelationalDatabaseBundleId, RelationalDatabaseName, RelationalDatabaseParameters, RotateMasterUserPassword, Tags |
| AWS::Lightsail::Disk | AddOns, AvailabilityZone, DiskName, Location, SizeInGb, Tags |
| AWS::Lightsail::Distribution | BundleId, CacheBehaviorSettings, CacheBehaviors, CertificateName, DefaultCacheBehavior, DistributionName, IpAddressType, IsEnabled, Origin, Tags |
| AWS::Lightsail::Domain | DomainEntries, DomainName, Tags |
| AWS::Lightsail::Instance | AddOns, AvailabilityZone, BlueprintId, BundleId, Hardware, InstanceName, KeyPairName, Location, Networking, State, Tags, UserData |
| AWS::Lightsail::InstanceSnapshot | InstanceName, InstanceSnapshotName, Tags |
| AWS::Lightsail::LoadBalancer | AttachedInstances, HealthCheckPath, InstancePort, IpAddressType, LoadBalancerName, SessionStickinessEnabled, SessionStickinessLBCookieDurationSeconds, Tags, TlsPolicyName |
| AWS::Lightsail::LoadBalancerTlsCertificate | CertificateAlternativeNames, CertificateDomainName, CertificateName, HttpsRedirectionEnabled, IsAttached, LoadBalancerName |
| AWS::Lightsail::StaticIp | AttachedTo, StaticIpName |
| AWS::Location::APIKey | Description, ExpireTime, ForceDelete, ForceUpdate, KeyName, NoExpiry, Restrictions, Tags |
| AWS::Location::GeofenceCollection | CollectionName, Description, KmsKeyId, Tags |
| AWS::Location::Map | Configuration, Description, MapName, PricingPlan, Tags |
| AWS::Location::PlaceIndex | DataSource, DataSourceConfiguration, Description, IndexName, PricingPlan, Tags |
| AWS::Location::RouteCalculator | CalculatorName, DataSource, Description, PricingPlan, Tags |
| AWS::Location::Tracker | Description, EventBridgeEnabled, KmsKeyEnableGeospatialQueries, KmsKeyId, PositionFiltering, Tags, TrackerName |
| AWS::Location::TrackerConsumer | ConsumerArn, TrackerName |
| AWS::Logs::AccountPolicy | PolicyDocument, PolicyName, PolicyType, Scope, SelectionCriteria |
| AWS::Logs::Delivery | DeliveryDestinationArn, DeliverySourceName, FieldDelimiter, RecordFields, S3EnableHiveCompatiblePath, S3SuffixPath, Tags |
| AWS::Logs::DeliveryDestination | DeliveryDestinationPolicy, DestinationResourceArn, Name, OutputFormat, Tags |
| AWS::Logs::DeliverySource | LogType, Name, ResourceArn, Tags |
| AWS::Logs::Destination | DestinationName, DestinationPolicy, RoleArn, Tags, TargetArn |
| AWS::Logs::Integration | IntegrationName, IntegrationType, ResourceConfig |
| AWS::Logs::LogAnomalyDetector | AccountId, AnomalyVisibilityTime, DetectorName, EvaluationFrequency, FilterPattern, KmsKeyId, LogGroupArnList |
| AWS::Logs::LogGroup | DataProtectionPolicy, FieldIndexPolicies, KmsKeyId, LogGroupClass, LogGroupName, ResourcePolicyDocument, RetentionInDays, Tags |
| AWS::Logs::LogStream | LogGroupName, LogStreamName |
| AWS::Logs::MetricFilter | ApplyOnTransformedLogs, FilterName, FilterPattern, LogGroupName, MetricTransformations |
| AWS::Logs::QueryDefinition | LogGroupNames, Name, QueryLanguage, QueryString |
| AWS::Logs::ResourcePolicy | PolicyDocument, PolicyName |
| AWS::Logs::SubscriptionFilter | ApplyOnTransformedLogs, DestinationArn, Distribution, FilterName, FilterPattern, LogGroupName, RoleArn |
| AWS::Logs::Transformer | LogGroupIdentifier, TransformerConfig |
| AWS::LookoutEquipment::InferenceScheduler | DataDelayOffsetInMinutes, DataInputConfiguration, DataOutputConfiguration, DataUploadFrequency, InferenceSchedulerName, ModelName, RoleArn, ServerSideKmsKeyId, Tags |
| AWS::LookoutMetrics::Alert | Action, AlertDescription, AlertName, AlertSensitivityThreshold, AnomalyDetectorArn |
| AWS::LookoutMetrics::AnomalyDetector | AnomalyDetectorConfig, AnomalyDetectorDescription, AnomalyDetectorName, KmsKeyArn, MetricSetList |
| AWS::LookoutVision::Project | ProjectName |
| AWS::M2::Application | Definition, Description, EngineType, KmsKeyId, Name, RoleArn, Tags |
| AWS::M2::Deployment | ApplicationId, ApplicationVersion, EnvironmentId |
| AWS::M2::Environment | Description, EngineType, EngineVersion, HighAvailabilityConfig, InstanceType, KmsKeyId, Name, NetworkType, PreferredMaintenanceWindow, PubliclyAccessible, SecurityGroupIds, StorageConfigurations, SubnetIds, Tags |
| AWS::MPA::ApprovalTeam | ApprovalStrategy, Approvers, Description, Name, Policies, Tags |
| AWS::MPA::IdentitySource | IdentitySourceParameters, Tags |
| AWS::MSK::BatchScramSecret | ClusterArn, SecretArnList |
| AWS::MSK::Cluster | BrokerNodeGroupInfo, ClientAuthentication, ClusterName, ConfigurationInfo, CurrentVersion, EncryptionInfo, EnhancedMonitoring, KafkaVersion, LoggingInfo, NumberOfBrokerNodes, OpenMonitoring, StorageMode, Tags |
| AWS::MSK::ClusterPolicy | ClusterArn, Policy |
| AWS::MSK::Configuration | Description, KafkaVersionsList, LatestRevision, Name, ServerProperties |
| AWS::MSK::Replicator | Description, KafkaClusters, ReplicationInfoList, ReplicatorName, ServiceExecutionRoleArn, Tags |
| AWS::MSK::ServerlessCluster | ClientAuthentication, ClusterName, Tags, VpcConfigs |
| AWS::MSK::VpcConnection | Authentication, ClientSubnets, SecurityGroups, Tags, TargetClusterArn, VpcId |
| AWS::Macie::AllowList | Criteria, Description, Name, Tags |
| AWS::Macie::CustomDataIdentifier | Description, IgnoreWords, Keywords, MaximumMatchDistance, Name, Regex, Tags |
| AWS::Macie::FindingsFilter | Action, Description, FindingCriteria, Name, Position, Tags |
| AWS::Macie::Session | FindingPublishingFrequency, Status |
| AWS::ManagedBlockchain::Accessor | AccessorType, NetworkType, Tags |
| AWS::ManagedBlockchain::Member | InvitationId, MemberConfiguration, NetworkConfiguration, NetworkId |
| AWS::ManagedBlockchain::Node | MemberId, NetworkId, NodeConfiguration |
| AWS::MediaConnect::Bridge | EgressGatewayBridge, IngressGatewayBridge, Name, Outputs, PlacementArn, SourceFailoverConfig, Sources |
| AWS::MediaConnect::BridgeOutput | BridgeArn, Name, NetworkOutput |
| AWS::MediaConnect::BridgeSource | BridgeArn, FlowSource, Name, NetworkSource |
| AWS::MediaConnect::Flow | AvailabilityZone, FlowSize, Maintenance, MediaStreams, Name, NdiConfig, Source, SourceFailoverConfig, SourceMonitoringConfig, VpcInterfaces |
| AWS::MediaConnect::FlowEntitlement | DataTransferSubscriberFeePercent, Description, Encryption, EntitlementStatus, FlowArn, Name, Subscribers |
| AWS::MediaConnect::FlowOutput | CidrAllowList, Description, Destination, Encryption, FlowArn, MaxLatency, MediaStreamOutputConfigurations, MinLatency, Name, NdiProgramName, NdiSpeedHqQuality, OutputStatus, Port, Protocol, RemoteId, SmoothingLatency, StreamId, VpcInterfaceAttachment |
| AWS::MediaConnect::FlowSource | Decryption, Description, EntitlementArn, FlowArn, GatewayBridgeSource, IngestPort, MaxBitrate, MaxLatency, MinLatency, Name, Protocol, SenderControlPort, SenderIpAddress, SourceListenerAddress, SourceListenerPort, StreamId, VpcInterfaceName, WhitelistCidr |
| AWS::MediaConnect::FlowVpcInterface | FlowArn, Name, RoleArn, SecurityGroupIds, SubnetId |
| AWS::MediaConnect::Gateway | EgressCidrBlocks, Name, Networks |
| AWS::MediaConvert::JobTemplate | AccelerationSettings, Category, Description, HopDestinations, Name, Priority, Queue, SettingsJson, StatusUpdateInterval, Tags |
| AWS::MediaConvert::Preset | Category, Description, Name, SettingsJson, Tags |
| AWS::MediaConvert::Queue | ConcurrentJobs, Description, Name, PricingPlan, Status, Tags |
| AWS::MediaLive::Channel | AnywhereSettings, CdiInputSpecification, ChannelClass, ChannelEngineVersion, Destinations, DryRun, EncoderSettings, InputAttachments, InputSpecification, LogLevel, Maintenance, Name, RoleArn, Tags, Vpc |
| AWS::MediaLive::ChannelPlacementGroup | ClusterId, Name, Nodes, Tags |
| AWS::MediaLive::CloudWatchAlarmTemplate | ComparisonOperator, DatapointsToAlarm, Description, EvaluationPeriods, GroupIdentifier, MetricName, Name, Period, Statistic, Tags, TargetResourceType, Threshold, TreatMissingData |
| AWS::MediaLive::CloudWatchAlarmTemplateGroup | Description, Name, Tags |
| AWS::MediaLive::Cluster | ClusterType, InstanceRoleArn, Name, NetworkSettings, Tags |
| AWS::MediaLive::EventBridgeRuleTemplate | Description, EventTargets, EventType, GroupIdentifier, Name, Tags |
| AWS::MediaLive::EventBridgeRuleTemplateGroup | Description, Name, Tags |
| AWS::MediaLive::Input | Destinations, InputDevices, InputNetworkLocation, InputSecurityGroups, MediaConnectFlows, MulticastSettings, Name, RoleArn, SdiSources, Smpte2110ReceiverGroupSettings, Sources, SrtSettings, Tags, Type, Vpc |
| AWS::MediaLive::InputSecurityGroup | Tags, WhitelistRules |
| AWS::MediaLive::Multiplex | AvailabilityZones, Destinations, MultiplexSettings, Name, Tags |
| AWS::MediaLive::Multiplexprogram | MultiplexId, MultiplexProgramSettings, PacketIdentifiersMap, PipelineDetails, PreferredChannelPipeline, ProgramName |
| AWS::MediaLive::Network | IpPools, Name, Routes, Tags |
| AWS::MediaLive::SdiSource | Mode, Name, Tags, Type |
| AWS::MediaLive::SignalMap | CloudWatchAlarmTemplateGroupIdentifiers, Description, DiscoveryEntryPointArn, EventBridgeRuleTemplateGroupIdentifiers, ForceRediscovery, Name, Tags |
| AWS::MediaPackage::Asset | EgressEndpoints, Id, PackagingGroupId, ResourceId, SourceArn, SourceRoleArn, Tags |
| AWS::MediaPackage::Channel | Description, EgressAccessLogs, HlsIngest, Id, IngressAccessLogs, Tags |
| AWS::MediaPackage::OriginEndpoint | Authorization, ChannelId, CmafPackage, DashPackage, Description, HlsPackage, Id, ManifestName, MssPackage, Origination, StartoverWindowSeconds, Tags, TimeDelaySeconds, Whitelist |
| AWS::MediaPackage::PackagingConfiguration | CmafPackage, DashPackage, HlsPackage, Id, MssPackage, PackagingGroupId, Tags |
| AWS::MediaPackage::PackagingGroup | Authorization, EgressAccessLogs, Id, Tags |
| AWS::MediaPackageV2::Channel | ChannelGroupName, ChannelName, Description, InputSwitchConfiguration, InputType, OutputHeaderConfiguration, Tags |
| AWS::MediaPackageV2::ChannelGroup | ChannelGroupName, Description, Tags |
| AWS::MediaPackageV2::ChannelPolicy | ChannelGroupName, ChannelName, Policy |
| AWS::MediaPackageV2::OriginEndpoint | ChannelGroupName, ChannelName, ContainerType, DashManifests, Description, ForceEndpointErrorConfiguration, HlsManifests, LowLatencyHlsManifests, OriginEndpointName, Segment, StartoverWindowSeconds, Tags |
| AWS::MediaPackageV2::OriginEndpointPolicy | CdnAuthConfiguration, ChannelGroupName, ChannelName, OriginEndpointName, Policy |
| AWS::MediaStore::Container | AccessLoggingEnabled, ContainerName, CorsPolicy, LifecyclePolicy, MetricPolicy, Policy, Tags |
| AWS::MediaTailor::Channel | Audiences, ChannelName, FillerSlate, LogConfiguration, Outputs, PlaybackMode, Tags, Tier, TimeShiftConfiguration |
| AWS::MediaTailor::ChannelPolicy | ChannelName, Policy |
| AWS::MediaTailor::LiveSource | HttpPackageConfigurations, LiveSourceName, SourceLocationName, Tags |
| AWS::MediaTailor::PlaybackConfiguration | AdConditioningConfiguration, AdDecisionServerUrl, AvailSuppression, Bumper, CdnConfiguration, ConfigurationAliases, DashConfiguration, HlsConfiguration, InsertionMode, LivePreRollConfiguration, LogConfiguration, ManifestProcessingRules, Name, PersonalizationThresholdSeconds, SlateAdUrl, Tags, TranscodeProfileName, VideoContentSourceUrl |
| AWS::MediaTailor::SourceLocation | AccessConfiguration, DefaultSegmentDeliveryConfiguration, HttpConfiguration, SegmentDeliveryConfigurations, SourceLocationName, Tags |
| AWS::MediaTailor::VodSource | HttpPackageConfigurations, SourceLocationName, Tags, VodSourceName |
| AWS::MemoryDB::ACL | ACLName, Tags, UserNames |
| AWS::MemoryDB::Cluster | ACLName, AutoMinorVersionUpgrade, ClusterEndpoint, ClusterName, DataTiering, Description, Engine, EngineVersion, FinalSnapshotName, IpDiscovery, KmsKeyId, MaintenanceWindow, MultiRegionClusterName, NetworkType, NodeType, NumReplicasPerShard, NumShards, ParameterGroupName, Port, SecurityGroupIds, SnapshotArns, SnapshotName, SnapshotRetentionLimit, SnapshotWindow, SnsTopicArn, SnsTopicStatus, SubnetGroupName, TLSEnabled, Tags |
| AWS::MemoryDB::MultiRegionCluster | Description, Engine, EngineVersion, MultiRegionClusterNameSuffix, MultiRegionParameterGroupName, NodeType, NumShards, TLSEnabled, Tags, UpdateStrategy |
| AWS::MemoryDB::ParameterGroup | Description, Family, ParameterGroupName, Parameters, Tags |
| AWS::MemoryDB::SubnetGroup | Description, SubnetGroupName, SubnetIds, Tags |
| AWS::MemoryDB::User | AccessString, AuthenticationMode, Tags, UserName |
| AWS::Neptune::DBCluster | AssociatedRoles, AvailabilityZones, BackupRetentionPeriod, CopyTagsToSnapshot, DBClusterIdentifier, DBClusterParameterGroupName, DBInstanceParameterGroupName, DBPort, DBSubnetGroupName, DeletionProtection, EnableCloudwatchLogsExports, EngineVersion, IamAuthEnabled, KmsKeyId, PreferredBackupWindow, PreferredMaintenanceWindow, RestoreToTime, RestoreType, ServerlessScalingConfiguration, SnapshotIdentifier, SourceDBClusterIdentifier, StorageEncrypted, Tags, UseLatestRestorableTime, VpcSecurityGroupIds |
| AWS::Neptune::DBClusterParameterGroup | Description, Family, Name, Parameters, Tags |
| AWS::Neptune::DBInstance | AllowMajorVersionUpgrade, AutoMinorVersionUpgrade, AvailabilityZone, DBClusterIdentifier, DBInstanceClass, DBInstanceIdentifier, DBParameterGroupName, DBSubnetGroupName, PreferredMaintenanceWindow, Tags |
| AWS::Neptune::DBParameterGroup | Description, Family, Name, Parameters, Tags |
| AWS::Neptune::DBSubnetGroup | DBSubnetGroupDescription, DBSubnetGroupName, SubnetIds, Tags |
| AWS::Neptune::EventSubscription | Enabled, EventCategories, SnsTopicArn, SourceIds, SourceType |
| AWS::NeptuneGraph::Graph | DeletionProtection, GraphName, ProvisionedMemory, PublicConnectivity, ReplicaCount, Tags, VectorSearchConfiguration |
| AWS::NeptuneGraph::PrivateGraphEndpoint | GraphIdentifier, SecurityGroupIds, SubnetIds, VpcId |
| AWS::NetworkFirewall::Firewall | AvailabilityZoneChangeProtection, AvailabilityZoneMappings, DeleteProtection, Description, EnabledAnalysisTypes, FirewallName, FirewallPolicyArn, FirewallPolicyChangeProtection, SubnetChangeProtection, SubnetMappings, Tags, TransitGatewayId, VpcId |
| AWS::NetworkFirewall::FirewallPolicy | Description, FirewallPolicy, FirewallPolicyName, Tags |
| AWS::NetworkFirewall::LoggingConfiguration | EnableMonitoringDashboard, FirewallArn, FirewallName, LoggingConfiguration |
| AWS::NetworkFirewall::RuleGroup | Capacity, Description, RuleGroup, RuleGroupName, SummaryConfiguration, Tags, Type |
| AWS::NetworkFirewall::TLSInspectionConfiguration | Description, TLSInspectionConfiguration, TLSInspectionConfigurationName, Tags |
| AWS::NetworkFirewall::VpcEndpointAssociation | Description, FirewallArn, SubnetMapping, Tags, VpcId |
| AWS::NetworkManager::ConnectAttachment | CoreNetworkId, EdgeLocation, NetworkFunctionGroupName, Options, ProposedNetworkFunctionGroupChange, ProposedSegmentChange, Tags, TransportAttachmentId |
| AWS::NetworkManager::ConnectPeer | BgpOptions, ConnectAttachmentId, CoreNetworkAddress, InsideCidrBlocks, PeerAddress, SubnetArn, Tags |
| AWS::NetworkManager::CoreNetwork | Description, GlobalNetworkId, PolicyDocument, Tags |
| AWS::NetworkManager::CustomerGatewayAssociation | CustomerGatewayArn, DeviceId, GlobalNetworkId, LinkId |
| AWS::NetworkManager::Device | AWSLocation, Description, GlobalNetworkId, Location, Model, SerialNumber, SiteId, Tags, Type, Vendor |
| AWS::NetworkManager::DirectConnectGatewayAttachment | CoreNetworkId, DirectConnectGatewayArn, EdgeLocations, ProposedNetworkFunctionGroupChange, ProposedSegmentChange, Tags |
| AWS::NetworkManager::GlobalNetwork | CreatedAt, Description, State, Tags |
| AWS::NetworkManager::Link | Bandwidth, Description, GlobalNetworkId, Provider, SiteId, Tags, Type |
| AWS::NetworkManager::LinkAssociation | DeviceId, GlobalNetworkId, LinkId |
| AWS::NetworkManager::Site | Description, GlobalNetworkId, Location, Tags |
| AWS::NetworkManager::SiteToSiteVpnAttachment | CoreNetworkId, NetworkFunctionGroupName, ProposedNetworkFunctionGroupChange, ProposedSegmentChange, Tags, VpnConnectionArn |
| AWS::NetworkManager::TransitGatewayPeering | CoreNetworkId, Tags, TransitGatewayArn |
| AWS::NetworkManager::TransitGatewayRegistration | GlobalNetworkId, TransitGatewayArn |
| AWS::NetworkManager::TransitGatewayRouteTableAttachment | NetworkFunctionGroupName, PeeringId, ProposedNetworkFunctionGroupChange, ProposedSegmentChange, Tags, TransitGatewayRouteTableArn |
| AWS::NetworkManager::VpcAttachment | CoreNetworkId, Options, ProposedNetworkFunctionGroupChange, ProposedSegmentChange, SubnetArns, Tags, VpcArn |
| AWS::Notifications::ChannelAssociation | Arn, NotificationConfigurationArn |
| AWS::Notifications::EventRule | EventPattern, EventType, NotificationConfigurationArn, Regions, Source |
| AWS::Notifications::NotificationConfiguration | AggregationDuration, Description, Name, Tags |
| AWS::Notifications::NotificationHub | Region |
| AWS::NotificationsContacts::EmailContact | EmailAddress, Name, Tags |
| AWS::ODB::CloudAutonomousVmCluster | AutonomousDataStorageSizeInTBs, CloudExadataInfrastructureId, CpuCoreCountPerNode, DbServers, Description, DisplayName, IsMtlsEnabledVmCluster, LicenseModel, MaintenanceWindow, MemoryPerOracleComputeUnitInGBs, OdbNetworkId, ScanListenerPortNonTls, ScanListenerPortTls, Tags, TimeZone, TotalContainerDatabases |
| AWS::ODB::CloudExadataInfrastructure | AvailabilityZone, AvailabilityZoneId, ComputeCount, CustomerContactsToSendToOCI, DatabaseServerType, DisplayName, Shape, StorageCount, StorageServerType, Tags |
| AWS::ODB::CloudVmCluster | CloudExadataInfrastructureId, ClusterName, CpuCoreCount, DataCollectionOptions, DataStorageSizeInTBs, DbNodeStorageSizeInGBs, DbServers, DisplayName, GiVersion, Hostname, IsLocalBackupEnabled, IsSparseDiskgroupEnabled, LicenseModel, MemorySizeInGBs, OdbNetworkId, ScanListenerPortTcp, SshPublicKeys, SystemVersion, Tags, TimeZone |
| AWS::ODB::OdbNetwork | AvailabilityZone, AvailabilityZoneId, BackupSubnetCidr, ClientSubnetCidr, DefaultDnsPrefix, DeleteAssociatedResources, DisplayName, Tags |
| AWS::OSIS::Pipeline | BufferOptions, EncryptionAtRestOptions, LogPublishingOptions, MaxUnits, MinUnits, PipelineConfigurationBody, PipelineName, Tags, VpcOptions |
| AWS::Oam::Link | LabelTemplate, LinkConfiguration, ResourceTypes, SinkIdentifier, Tags |
| AWS::Oam::Sink | Name, Policy, Tags |
| AWS::ObservabilityAdmin::OrganizationTelemetryRule | Rule, RuleName, Tags |
| AWS::ObservabilityAdmin::TelemetryRule | Rule, RuleName, Tags |
| AWS::Omics::AnnotationStore | Description, Name, Reference, SseConfig, StoreFormat, StoreOptions, Tags |
| AWS::Omics::ReferenceStore | Description, Name, SseConfig, Tags |
| AWS::Omics::RunGroup | MaxCpus, MaxDuration, MaxGpus, MaxRuns, Name, Tags |
| AWS::Omics::SequenceStore | AccessLogLocation, Description, ETagAlgorithmFamily, FallbackLocation, Name, PropagatedSetLevelTags, S3AccessPolicy, SseConfig, Tags |
| AWS::Omics::VariantStore | Description, Name, Reference, SseConfig, Tags |
| AWS::Omics::Workflow | Accelerators, DefinitionUri, Description, Engine, Main, Name, ParameterTemplate, StorageCapacity, StorageType, Tags |
| AWS::Omics::WorkflowVersion | Accelerators, DefinitionUri, Description, Engine, Main, ParameterTemplate, StorageCapacity, StorageType, Tags, VersionName, WorkflowBucketOwnerId, WorkflowId |
| AWS::OpenSearchServerless::AccessPolicy | Description, Name, Policy, Type |
| AWS::OpenSearchServerless::Collection | Description, Name, StandbyReplicas, Tags, Type |
| AWS::OpenSearchServerless::Index | CollectionEndpoint, IndexName, Mappings, Settings |
| AWS::OpenSearchServerless::LifecyclePolicy | Description, Name, Policy, Type |
| AWS::OpenSearchServerless::SecurityConfig | Description, IamIdentityCenterOptions, Name, SamlOptions, Type |
| AWS::OpenSearchServerless::SecurityPolicy | Description, Name, Policy, Type |
| AWS::OpenSearchServerless::VpcEndpoint | Name, SecurityGroupIds, SubnetIds, VpcId |
| AWS::OpenSearchService::Application | AppConfigs, DataSources, Endpoint, IamIdentityCenterOptions, Name, Tags |
| AWS::OpenSearchService::Domain | AccessPolicies, AdvancedOptions, AdvancedSecurityOptions, ClusterConfig, CognitoOptions, DomainEndpointOptions, DomainName, EBSOptions, EncryptionAtRestOptions, EngineVersion, IPAddressType, IdentityCenterOptions, LogPublishingOptions, NodeToNodeEncryptionOptions, OffPeakWindowOptions, SkipShardMigrationWait, SnapshotOptions, SoftwareUpdateOptions, Tags, VPCOptions |
| AWS::OpsWorks::App | AppSource, Attributes, DataSources, Description, Domains, EnableSsl, Environment, Name, Shortname, SslConfiguration, StackId, Type |
| AWS::OpsWorks::ElasticLoadBalancerAttachment | ElasticLoadBalancerName, LayerId |
| AWS::OpsWorks::Instance | AgentVersion, AmiId, Architecture, AutoScalingType, AvailabilityZone, BlockDeviceMappings, EbsOptimized, ElasticIps, Hostname, InstallUpdatesOnBoot, InstanceType, LayerIds, Os, RootDeviceType, SshKeyName, StackId, SubnetId, Tenancy, TimeBasedAutoScaling, VirtualizationType, Volumes |
| AWS::OpsWorks::Layer | Attributes, AutoAssignElasticIps, AutoAssignPublicIps, CustomInstanceProfileArn, CustomJson, CustomRecipes, CustomSecurityGroupIds, EnableAutoHealing, InstallUpdatesOnBoot, LifecycleEventConfiguration, LoadBasedAutoScaling, Name, Packages, Shortname, StackId, Tags, Type, UseEbsOptimizedInstances, VolumeConfigurations |
| AWS::OpsWorks::Stack | AgentVersion, Attributes, ChefConfiguration, CloneAppIds, ClonePermissions, ConfigurationManager, CustomCookbooksSource, CustomJson, DefaultAvailabilityZone, DefaultInstanceProfileArn, DefaultOs, DefaultRootDeviceType, DefaultSshKeyName, DefaultSubnetId, EcsClusterArn, ElasticIps, HostnameTheme, Name, RdsDbInstances, ServiceRoleArn, SourceStackId, Tags, UseCustomCookbooks, UseOpsworksSecurityGroups, VpcId |
| AWS::OpsWorks::UserProfile | AllowSelfManagement, IamUserArn, SshPublicKey, SshUsername |
| AWS::OpsWorks::Volume | Ec2VolumeId, MountPoint, Name, StackId |
| AWS::OpsWorksCM::Server | AssociatePublicIpAddress, BackupId, BackupRetentionCount, CustomCertificate, CustomDomain, CustomPrivateKey, DisableAutomatedBackup, Engine, EngineAttributes, EngineModel, EngineVersion, InstanceProfileArn, InstanceType, KeyPair, PreferredBackupWindow, PreferredMaintenanceWindow, SecurityGroupIds, ServerName, ServiceRoleArn, SubnetIds, Tags |
| AWS::Organizations::Account | AccountName, Email, ParentIds, RoleName, Tags |
| AWS::Organizations::Organization | FeatureSet |
| AWS::Organizations::OrganizationalUnit | Name, ParentId, Tags |
| AWS::Organizations::Policy | Content, Description, Name, Tags, TargetIds, Type |
| AWS::Organizations::ResourcePolicy | Content, Tags |
| AWS::PCAConnectorAD::Connector | CertificateAuthorityArn, DirectoryId, Tags, VpcInformation |
| AWS::PCAConnectorAD::DirectoryRegistration | DirectoryId, Tags |
| AWS::PCAConnectorAD::ServicePrincipalName | ConnectorArn, DirectoryRegistrationArn |
| AWS::PCAConnectorAD::Template | ConnectorArn, Definition, Name, ReenrollAllCertificateHolders, Tags |
| AWS::PCAConnectorAD::TemplateGroupAccessControlEntry | AccessRights, GroupDisplayName, GroupSecurityIdentifier, TemplateArn |
| AWS::PCAConnectorSCEP::Challenge | ConnectorArn, Tags |
| AWS::PCAConnectorSCEP::Connector | CertificateAuthorityArn, MobileDeviceManagement, Tags |
| AWS::PCS::Cluster | Name, Networking, Scheduler, Size, SlurmConfiguration, Tags |
| AWS::PCS::ComputeNodeGroup | AmiId, ClusterId, CustomLaunchTemplate, IamInstanceProfileArn, InstanceConfigs, Name, PurchaseOption, ScalingConfiguration, SlurmConfiguration, SpotOptions, SubnetIds, Tags |
| AWS::PCS::Queue | ClusterId, ComputeNodeGroupConfigurations, Name, Tags |
| AWS::Panorama::ApplicationInstance | ApplicationInstanceIdToReplace, DefaultRuntimeContextDevice, Description, ManifestOverridesPayload, ManifestPayload, Name, RuntimeRoleArn, Tags |
| AWS::Panorama::Package | PackageName, StorageLocation, Tags |
| AWS::Panorama::PackageVersion | MarkLatest, OwnerAccount, PackageId, PackageVersion, PatchVersion, UpdatedLatestPatchVersion |
| AWS::PaymentCryptography::Alias | AliasName, KeyArn |
| AWS::PaymentCryptography::Key | DeriveKeyUsage, Enabled, Exportable, KeyAttributes, KeyCheckValueAlgorithm, Tags |
| AWS::Personalize::Dataset | DatasetGroupArn, DatasetImportJob, DatasetType, Name, SchemaArn |
| AWS::Personalize::DatasetGroup | Domain, KmsKeyArn, Name, RoleArn |
| AWS::Personalize::Schema | Domain, Name, Schema |
| AWS::Personalize::Solution | DatasetGroupArn, EventType, Name, PerformAutoML, PerformHPO, RecipeArn, SolutionConfig |
| AWS::Pinpoint::ADMChannel | ApplicationId, ClientId, ClientSecret, Enabled |
| AWS::Pinpoint::APNSChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::APNSSandboxChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::APNSVoipChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::APNSVoipSandboxChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::App | Name, Tags |
| AWS::Pinpoint::ApplicationSettings | ApplicationId, CampaignHook, CloudWatchMetricsEnabled, Limits, QuietTime |
| AWS::Pinpoint::BaiduChannel | ApiKey, ApplicationId, Enabled, SecretKey |
| AWS::Pinpoint::Campaign | AdditionalTreatments, ApplicationId, CampaignHook, CustomDeliveryConfiguration, Description, HoldoutPercent, IsPaused, Limits, MessageConfiguration, Name, Priority, Schedule, SegmentId, SegmentVersion, Tags, TemplateConfiguration, TreatmentDescription, TreatmentName |
| AWS::Pinpoint::EmailChannel | ApplicationId, ConfigurationSet, Enabled, FromAddress, Identity, OrchestrationSendingRoleArn, RoleArn |
| AWS::Pinpoint::EmailTemplate | DefaultSubstitutions, HtmlPart, Subject, Tags, TemplateDescription, TemplateName, TextPart |
| AWS::Pinpoint::EventStream | ApplicationId, DestinationStreamArn, RoleArn |
| AWS::Pinpoint::GCMChannel | ApiKey, ApplicationId, DefaultAuthenticationMethod, Enabled, ServiceJson |
| AWS::Pinpoint::InAppTemplate | Content, CustomConfig, Layout, Tags, TemplateDescription, TemplateName |
| AWS::Pinpoint::PushTemplate | ADM, APNS, Baidu, Default, DefaultSubstitutions, GCM, Tags, TemplateDescription, TemplateName |
| AWS::Pinpoint::SMSChannel | ApplicationId, Enabled, SenderId, ShortCode |
| AWS::Pinpoint::Segment | ApplicationId, Dimensions, Name, SegmentGroups, Tags |
| AWS::Pinpoint::SmsTemplate | Body, DefaultSubstitutions, Tags, TemplateDescription, TemplateName |
| AWS::Pinpoint::VoiceChannel | ApplicationId, Enabled |
| AWS::PinpointEmail::ConfigurationSet | DeliveryOptions, Name, ReputationOptions, SendingOptions, Tags, TrackingOptions |
| AWS::PinpointEmail::ConfigurationSetEventDestination | ConfigurationSetName, EventDestination, EventDestinationName |
| AWS::PinpointEmail::DedicatedIpPool | PoolName, Tags |
| AWS::PinpointEmail::Identity | DkimSigningEnabled, FeedbackForwardingEnabled, MailFromAttributes, Name, Tags |
| AWS::Pipes::Pipe | Description, DesiredState, Enrichment, EnrichmentParameters, KmsKeyIdentifier, LogConfiguration, Name, RoleArn, Source, SourceParameters, Tags, Target, TargetParameters |
| AWS::Proton::EnvironmentAccountConnection | CodebuildRoleArn, ComponentRoleArn, EnvironmentAccountId, EnvironmentName, ManagementAccountId, RoleArn, Tags |
| AWS::Proton::EnvironmentTemplate | Description, DisplayName, EncryptionKey, Name, Provisioning, Tags |
| AWS::Proton::ServiceTemplate | Description, DisplayName, EncryptionKey, Name, PipelineProvisioning, Tags |
| AWS::QBusiness::Application | AttachmentsConfiguration, AutoSubscriptionConfiguration, ClientIdsForOIDC, Description, DisplayName, EncryptionConfiguration, IamIdentityProviderArn, IdentityCenterInstanceArn, IdentityType, PersonalizationConfiguration, QAppsConfiguration, QuickSightConfiguration, RoleArn, Tags |
| AWS::QBusiness::DataAccessor | ActionConfigurations, ApplicationId, AuthenticationDetail, DisplayName, Principal, Tags |
| AWS::QBusiness::DataSource | ApplicationId, Configuration, Description, DisplayName, DocumentEnrichmentConfiguration, IndexId, MediaExtractionConfiguration, RoleArn, SyncSchedule, Tags, VpcConfiguration |
| AWS::QBusiness::Index | ApplicationId, CapacityConfiguration, Description, DisplayName, DocumentAttributeConfigurations, Tags, Type |
| AWS::QBusiness::Permission | Actions, ApplicationId, Conditions, Principal, StatementId |
| AWS::QBusiness::Plugin | ApplicationId, AuthConfiguration, CustomPluginConfiguration, DisplayName, ServerUrl, State, Tags, Type |
| AWS::QBusiness::Retriever | ApplicationId, Configuration, DisplayName, RoleArn, Tags, Type |
| AWS::QBusiness::WebExperience | ApplicationId, BrowserExtensionConfiguration, CustomizationConfiguration, IdentityProviderConfiguration, Origins, RoleArn, SamplePromptsControlMode, Subtitle, Tags, Title, WelcomeMessage |
| AWS::QLDB::Ledger | DeletionProtection, KmsKey, Name, PermissionsMode, Tags |
| AWS::QLDB::Stream | ExclusiveEndTime, InclusiveStartTime, KinesisConfiguration, LedgerName, RoleArn, StreamName, Tags |
| AWS::QuickSight::Analysis | AnalysisId, AwsAccountId, Definition, Errors, FolderArns, Name, Parameters, Permissions, Sheets, SourceEntity, Status, Tags, ThemeArn, ValidationStrategy |
| AWS::QuickSight::CustomPermissions | AwsAccountId, Capabilities, CustomPermissionsName, Tags |
| AWS::QuickSight::Dashboard | AwsAccountId, DashboardId, DashboardPublishOptions, Definition, FolderArns, LinkEntities, LinkSharingConfiguration, Name, Parameters, Permissions, SourceEntity, Tags, ThemeArn, ValidationStrategy, VersionDescription |
| AWS::QuickSight::DataSet | AwsAccountId, ColumnGroups, ColumnLevelPermissionRules, DataSetId, DataSetRefreshProperties, DataSetUsageConfiguration, DatasetParameters, FieldFolders, FolderArns, ImportMode, IngestionWaitPolicy, LogicalTableMap, Name, PerformanceConfiguration, Permissions, PhysicalTableMap, RowLevelPermissionDataSet, RowLevelPermissionTagConfiguration, Tags, UseAs |
| AWS::QuickSight::DataSource | AlternateDataSourceParameters, AwsAccountId, Credentials, DataSourceId, DataSourceParameters, ErrorInfo, FolderArns, Name, Permissions, SslProperties, Tags, Type, VpcConnectionProperties |
| AWS::QuickSight::Folder | AwsAccountId, FolderId, FolderType, Name, ParentFolderArn, Permissions, SharingModel, Tags |
| AWS::QuickSight::RefreshSchedule | AwsAccountId, DataSetId, Schedule |
| AWS::QuickSight::Template | AwsAccountId, Definition, Name, Permissions, SourceEntity, Tags, TemplateId, ValidationStrategy, VersionDescription |
| AWS::QuickSight::Theme | AwsAccountId, BaseThemeId, Configuration, Name, Permissions, Tags, ThemeId, VersionDescription |
| AWS::QuickSight::Topic | AwsAccountId, ConfigOptions, CustomInstructions, DataSets, Description, FolderArns, Name, Tags, TopicId, UserExperienceVersion |
| AWS::QuickSight::VPCConnection | AvailabilityStatus, AwsAccountId, DnsResolvers, Name, RoleArn, SecurityGroupIds, SubnetIds, Tags, VPCConnectionId |
| AWS::RAM::Permission | Name, PolicyTemplate, ResourceType, Tags |
| AWS::RAM::ResourceShare | AllowExternalPrincipals, Name, PermissionArns, Principals, ResourceArns, Sources, Tags |
| AWS::RDS::CustomDBEngineVersion | DatabaseInstallationFilesS3BucketName, DatabaseInstallationFilesS3Prefix, Description, Engine, EngineVersion, ImageId, KMSKeyId, Manifest, SourceCustomDbEngineVersionIdentifier, Status, Tags, UseAwsProvidedLatestImage |
| AWS::RDS::DBCluster | AllocatedStorage, AssociatedRoles, AutoMinorVersionUpgrade, AvailabilityZones, BacktrackWindow, BackupRetentionPeriod, ClusterScalabilityType, CopyTagsToSnapshot, DBClusterIdentifier, DBClusterInstanceClass, DBClusterParameterGroupName, DBInstanceParameterGroupName, DBSubnetGroupName, DBSystemId, DatabaseInsightsMode, DatabaseName, DeleteAutomatedBackups, DeletionProtection, Domain, DomainIAMRoleName, EnableCloudwatchLogsExports, EnableGlobalWriteForwarding, EnableHttpEndpoint, EnableIAMDatabaseAuthentication, EnableLocalWriteForwarding, Engine, EngineLifecycleSupport, EngineMode, EngineVersion, GlobalClusterIdentifier, Iops, KmsKeyId, ManageMasterUserPassword, MasterUserPassword, MasterUserSecret, MasterUsername, MonitoringInterval, MonitoringRoleArn, NetworkType, PerformanceInsightsEnabled, PerformanceInsightsKmsKeyId, PerformanceInsightsRetentionPeriod, Port, PreferredBackupWindow, PreferredMaintenanceWindow, PubliclyAccessible, ReplicationSourceIdentifier, RestoreToTime, RestoreType, ScalingConfiguration, ServerlessV2ScalingConfiguration, SnapshotIdentifier, SourceDBClusterIdentifier, SourceDbClusterResourceId, SourceRegion, StorageEncrypted, StorageType, Tags, UseLatestRestorableTime, VpcSecurityGroupIds |
| AWS::RDS::DBClusterParameterGroup | DBClusterParameterGroupName, Description, Family, Parameters, Tags |
| AWS::RDS::DBInstance | AllocatedStorage, AllowMajorVersionUpgrade, ApplyImmediately, AssociatedRoles, AutoMinorVersionUpgrade, AutomaticBackupReplicationKmsKeyId, AutomaticBackupReplicationRegion, AutomaticBackupReplicationRetentionPeriod, AvailabilityZone, BackupRetentionPeriod, BackupTarget, CACertificateIdentifier, CertificateRotationRestart, CharacterSetName, CopyTagsToSnapshot, CustomIAMInstanceProfile, DBClusterIdentifier, DBClusterSnapshotIdentifier, DBInstanceClass, DBInstanceIdentifier, DBName, DBParameterGroupName, DBSecurityGroups, DBSnapshotIdentifier, DBSubnetGroupName, DBSystemId, DatabaseInsightsMode, DedicatedLogVolume, DeleteAutomatedBackups, DeletionProtection, Domain, DomainAuthSecretArn, DomainDnsIps, DomainFqdn, DomainIAMRoleName, DomainOu, EnableCloudwatchLogsExports, EnableIAMDatabaseAuthentication, EnablePerformanceInsights, Engine, EngineLifecycleSupport, EngineVersion, Iops, KmsKeyId, LicenseModel, ManageMasterUserPassword, MasterUserPassword, MasterUserSecret, MasterUsername, MaxAllocatedStorage, MonitoringInterval, MonitoringRoleArn, MultiAZ, NcharCharacterSetName, NetworkType, OptionGroupName, PerformanceInsightsKMSKeyId, PerformanceInsightsRetentionPeriod, Port, PreferredBackupWindow, PreferredMaintenanceWindow, ProcessorFeatures, PromotionTier, PubliclyAccessible, ReplicaMode, RestoreTime, SourceDBClusterIdentifier, SourceDBInstanceAutomatedBackupsArn, SourceDBInstanceIdentifier, SourceDbiResourceId, SourceRegion, StorageEncrypted, StorageThroughput, StorageType, Tags, Timezone, UseDefaultProcessorFeatures, UseLatestRestorableTime, VPCSecurityGroups |
| AWS::RDS::DBParameterGroup | DBParameterGroupName, Description, Family, Parameters, Tags |
| AWS::RDS::DBProxy | Auth, DBProxyName, DebugLogging, EngineFamily, IdleClientTimeout, RequireTLS, RoleArn, Tags, VpcSecurityGroupIds, VpcSubnetIds |
| AWS::RDS::DBProxyEndpoint | DBProxyEndpointName, DBProxyName, Tags, TargetRole, VpcSecurityGroupIds, VpcSubnetIds |
| AWS::RDS::DBProxyTargetGroup | ConnectionPoolConfigurationInfo, DBClusterIdentifiers, DBInstanceIdentifiers, DBProxyName, TargetGroupName |
| AWS::RDS::DBSecurityGroup | DBSecurityGroupIngress, EC2VpcId, GroupDescription, Tags |
| AWS::RDS::DBSecurityGroupIngress | CIDRIP, DBSecurityGroupName, EC2SecurityGroupId, EC2SecurityGroupName, EC2SecurityGroupOwnerId |
| AWS::RDS::DBShardGroup | ComputeRedundancy, DBClusterIdentifier, DBShardGroupIdentifier, MaxACU, MinACU, PubliclyAccessible, Tags |
| AWS::RDS::DBSubnetGroup | DBSubnetGroupDescription, DBSubnetGroupName, SubnetIds, Tags |
| AWS::RDS::EventSubscription | Enabled, EventCategories, SnsTopicArn, SourceIds, SourceType, SubscriptionName, Tags |
| AWS::RDS::GlobalCluster | DeletionProtection, Engine, EngineLifecycleSupport, EngineVersion, GlobalClusterIdentifier, SourceDBClusterIdentifier, StorageEncrypted, Tags |
| AWS::RDS::Integration | AdditionalEncryptionContext, DataFilter, Description, IntegrationName, KMSKeyId, SourceArn, Tags, TargetArn |
| AWS::RDS::OptionGroup | EngineName, MajorEngineVersion, OptionConfigurations, OptionGroupDescription, OptionGroupName, Tags |
| AWS::RUM::AppMonitor | AppMonitorConfiguration, CustomEvents, CwLogEnabled, DeobfuscationConfiguration, Domain, DomainList, Name, ResourcePolicy, Tags |
| AWS::Rbin::Rule | Description, ExcludeResourceTags, LockConfiguration, ResourceTags, ResourceType, RetentionPeriod, Status, Tags |
| AWS::Redshift::Cluster | AllowVersionUpgrade, AquaConfigurationStatus, AutomatedSnapshotRetentionPeriod, AvailabilityZone, AvailabilityZoneRelocation, AvailabilityZoneRelocationStatus, Classic, ClusterIdentifier, ClusterParameterGroupName, ClusterSecurityGroups, ClusterSubnetGroupName, ClusterType, ClusterVersion, DBName, DeferMaintenance, DeferMaintenanceDuration, DeferMaintenanceEndTime, DeferMaintenanceStartTime, DestinationRegion, ElasticIp, Encrypted, Endpoint, EnhancedVpcRouting, HsmClientCertificateIdentifier, HsmConfigurationIdentifier, IamRoles, KmsKeyId, LoggingProperties, MaintenanceTrackName, ManageMasterPassword, ManualSnapshotRetentionPeriod, MasterPasswordSecretKmsKeyId, MasterUserPassword, MasterUsername, MultiAZ, NamespaceResourcePolicy, NodeType, NumberOfNodes, OwnerAccount, Port, PreferredMaintenanceWindow, PubliclyAccessible, ResourceAction, RevisionTarget, RotateEncryptionKey, SnapshotClusterIdentifier, SnapshotCopyGrantName, SnapshotCopyManual, SnapshotCopyRetentionPeriod, SnapshotIdentifier, Tags, VpcSecurityGroupIds |
| AWS::Redshift::ClusterParameterGroup | Description, ParameterGroupFamily, ParameterGroupName, Parameters, Tags |
| AWS::Redshift::ClusterSecurityGroup | Description, Tags |
| AWS::Redshift::ClusterSecurityGroupIngress | CIDRIP, ClusterSecurityGroupName, EC2SecurityGroupName, EC2SecurityGroupOwnerId |
| AWS::Redshift::ClusterSubnetGroup | Description, SubnetIds, Tags |
| AWS::Redshift::EndpointAccess | ClusterIdentifier, EndpointName, ResourceOwner, SubnetGroupName, VpcSecurityGroupIds |
| AWS::Redshift::EndpointAuthorization | Account, ClusterIdentifier, Force, VpcIds |
| AWS::Redshift::EventSubscription | Enabled, EventCategories, Severity, SnsTopicArn, SourceIds, SourceType, SubscriptionName, Tags |
| AWS::Redshift::Integration | AdditionalEncryptionContext, IntegrationName, KMSKeyId, SourceArn, Tags, TargetArn |
| AWS::Redshift::ScheduledAction | Enable, EndTime, IamRole, Schedule, ScheduledActionDescription, ScheduledActionName, StartTime, TargetAction |
| AWS::RedshiftServerless::Namespace | AdminPasswordSecretKmsKeyId, AdminUserPassword, AdminUsername, DbName, DefaultIamRoleArn, FinalSnapshotName, FinalSnapshotRetentionPeriod, IamRoles, KmsKeyId, LogExports, ManageAdminPassword, NamespaceName, NamespaceResourcePolicy, RedshiftIdcApplicationArn, SnapshotCopyConfigurations, Tags |
| AWS::RedshiftServerless::Snapshot | NamespaceName, RetentionPeriod, SnapshotName, Tags |
| AWS::RedshiftServerless::Workgroup | BaseCapacity, ConfigParameters, EnhancedVpcRouting, MaxCapacity, NamespaceName, Port, PricePerformanceTarget, PubliclyAccessible, RecoveryPointId, SecurityGroupIds, SnapshotArn, SnapshotName, SnapshotOwnerAccount, SubnetIds, Tags, TrackName, Workgroup, WorkgroupName |
| AWS::RefactorSpaces::Application | ApiGatewayProxy, EnvironmentIdentifier, Name, ProxyType, Tags, VpcId |
| AWS::RefactorSpaces::Environment | Description, Name, NetworkFabricType, Tags |
| AWS::RefactorSpaces::Route | ApplicationIdentifier, DefaultRoute, EnvironmentIdentifier, RouteType, ServiceIdentifier, Tags, UriPathRoute |
| AWS::RefactorSpaces::Service | ApplicationIdentifier, Description, EndpointType, EnvironmentIdentifier, LambdaEndpoint, Name, Tags, UrlEndpoint, VpcId |
| AWS::Rekognition::Collection | CollectionId, Tags |
| AWS::Rekognition::Project | ProjectName |
| AWS::Rekognition::StreamProcessor | BoundingBoxRegionsOfInterest, ConnectedHomeSettings, DataSharingPreference, FaceSearchSettings, KinesisDataStream, KinesisVideoStream, KmsKeyId, Name, NotificationChannel, PolygonRegionsOfInterest, RoleArn, S3Destination, Tags |
| AWS::ResilienceHub::App | AppAssessmentSchedule, AppTemplateBody, Description, EventSubscriptions, Name, PermissionModel, ResiliencyPolicyArn, ResourceMappings, Tags |
| AWS::ResilienceHub::ResiliencyPolicy | DataLocationConstraint, Policy, PolicyDescription, PolicyName, Tags, Tier |
| AWS::ResourceExplorer2::DefaultViewAssociation | ViewArn |
| AWS::ResourceExplorer2::Index | Tags, Type |
| AWS::ResourceExplorer2::View | Filters, IncludedProperties, Scope, Tags, ViewName |
| AWS::ResourceGroups::Group | Configuration, Description, Name, ResourceQuery, Resources, Tags |
| AWS::ResourceGroups::TagSyncTask | Group, RoleArn, TagKey, TagValue |
| AWS::RoboMaker::Fleet | Name, Tags |
| AWS::RoboMaker::Robot | Architecture, Fleet, GreengrassGroupId, Name, Tags |
| AWS::RoboMaker::RobotApplication | CurrentRevisionId, Environment, Name, RobotSoftwareSuite, Sources, Tags |
| AWS::RoboMaker::RobotApplicationVersion | Application, CurrentRevisionId |
| AWS::RoboMaker::SimulationApplication | CurrentRevisionId, Environment, Name, RenderingEngine, RobotSoftwareSuite, SimulationSoftwareSuite, Sources, Tags |
| AWS::RoboMaker::SimulationApplicationVersion | Application, CurrentRevisionId |
| AWS::RolesAnywhere::CRL | CrlData, Enabled, Name, Tags, TrustAnchorArn |
| AWS::RolesAnywhere::Profile | AcceptRoleSessionName, AttributeMappings, DurationSeconds, Enabled, ManagedPolicyArns, Name, RequireInstanceProperties, RoleArns, SessionPolicy, Tags |
| AWS::RolesAnywhere::TrustAnchor | Enabled, Name, NotificationSettings, Source, Tags |
| AWS::Route53::CidrCollection | Locations, Name |
| AWS::Route53::DNSSEC | HostedZoneId |
| AWS::Route53::HealthCheck | HealthCheckConfig, HealthCheckTags |
| AWS::Route53::HostedZone | HostedZoneConfig, HostedZoneTags, Name, QueryLoggingConfig, VPCs |
| AWS::Route53::KeySigningKey | HostedZoneId, KeyManagementServiceArn, Name, Status |
| AWS::Route53::RecordSet | AliasTarget, CidrRoutingConfig, Comment, Failover, GeoLocation, GeoProximityLocation, HealthCheckId, HostedZoneId, HostedZoneName, MultiValueAnswer, Name, Region, ResourceRecords, SetIdentifier, TTL, Type, Weight |
| AWS::Route53::RecordSetGroup | Comment, HostedZoneId, HostedZoneName, RecordSets |
| AWS::Route53Profiles::Profile | Name, Tags |
| AWS::Route53Profiles::ProfileAssociation | Arn, Name, ProfileId, ResourceId, Tags |
| AWS::Route53Profiles::ProfileResourceAssociation | Name, ProfileId, ResourceArn, ResourceProperties |
| AWS::Route53RecoveryControl::Cluster | Name, NetworkType, Tags |
| AWS::Route53RecoveryControl::ControlPanel | ClusterArn, Name, Tags |
| AWS::Route53RecoveryControl::RoutingControl | ClusterArn, ControlPanelArn, Name |
| AWS::Route53RecoveryControl::SafetyRule | AssertionRule, ControlPanelArn, GatingRule, Name, RuleConfig, Tags |
| AWS::Route53RecoveryReadiness::Cell | CellName, Cells, Tags |
| AWS::Route53RecoveryReadiness::ReadinessCheck | ReadinessCheckName, ResourceSetName, Tags |
| AWS::Route53RecoveryReadiness::RecoveryGroup | Cells, RecoveryGroupName, Tags |
| AWS::Route53RecoveryReadiness::ResourceSet | ResourceSetName, ResourceSetType, Resources, Tags |
| AWS::Route53Resolver::FirewallDomainList | DomainFileUrl, Domains, Name, Tags |
| AWS::Route53Resolver::FirewallRuleGroup | FirewallRules, Name, Tags |
| AWS::Route53Resolver::FirewallRuleGroupAssociation | FirewallRuleGroupId, MutationProtection, Name, Priority, Tags, VpcId |
| AWS::Route53Resolver::OutpostResolver | InstanceCount, Name, OutpostArn, PreferredInstanceType, Tags |
| AWS::Route53Resolver::ResolverConfig | AutodefinedReverseFlag, ResourceId |
| AWS::Route53Resolver::ResolverDNSSECConfig | ResourceId |
| AWS::Route53Resolver::ResolverEndpoint | Direction, IpAddresses, Name, OutpostArn, PreferredInstanceType, Protocols, ResolverEndpointType, SecurityGroupIds, Tags |
| AWS::Route53Resolver::ResolverQueryLoggingConfig | DestinationArn, Name, Tags |
| AWS::Route53Resolver::ResolverRule | DelegationRecord, DomainName, Name, ResolverEndpointId, RuleType, Tags, TargetIps |
| AWS::Route53Resolver::ResolverRuleAssociation | Name, ResolverRuleId, VPCId |
| AWS::S3::AccessGrant | AccessGrantsLocationConfiguration, AccessGrantsLocationId, ApplicationArn, Grantee, Permission, S3PrefixType, Tags |
| AWS::S3::AccessGrantsInstance | IdentityCenterArn, Tags |
| AWS::S3::AccessGrantsLocation | IamRoleArn, LocationScope, Tags |
| AWS::S3::AccessPoint | Bucket, BucketAccountId, Name, Policy, PublicAccessBlockConfiguration, Tags, VpcConfiguration |
| AWS::S3::Bucket | AccelerateConfiguration, AccessControl, AnalyticsConfigurations, BucketEncryption, BucketName, CorsConfiguration, IntelligentTieringConfigurations, InventoryConfigurations, LifecycleConfiguration, LoggingConfiguration, MetadataConfiguration, MetadataTableConfiguration, MetricsConfigurations, NotificationConfiguration, ObjectLockConfiguration, ObjectLockEnabled, OwnershipControls, PublicAccessBlockConfiguration, ReplicationConfiguration, Tags, VersioningConfiguration, WebsiteConfiguration |
| AWS::S3::BucketPolicy | Bucket, PolicyDocument |
| AWS::S3::MultiRegionAccessPoint | Name, PublicAccessBlockConfiguration, Regions |
| AWS::S3::MultiRegionAccessPointPolicy | MrapName, Policy |
| AWS::S3::StorageLens | StorageLensConfiguration, Tags |
| AWS::S3::StorageLensGroup | Filter, Name, Tags |
| AWS::S3Express::AccessPoint | Bucket, BucketAccountId, Name, Policy, PublicAccessBlockConfiguration, Scope, Tags, VpcConfiguration |
| AWS::S3Express::BucketPolicy | Bucket, PolicyDocument |
| AWS::S3Express::DirectoryBucket | BucketEncryption, BucketName, DataRedundancy, LifecycleConfiguration, LocationName, Tags |
| AWS::S3ObjectLambda::AccessPoint | Name, ObjectLambdaConfiguration |
| AWS::S3ObjectLambda::AccessPointPolicy | ObjectLambdaAccessPoint, PolicyDocument |
| AWS::S3Outposts::AccessPoint | Bucket, Name, Policy, VpcConfiguration |
| AWS::S3Outposts::Bucket | BucketName, LifecycleConfiguration, OutpostId, Tags |
| AWS::S3Outposts::BucketPolicy | Bucket, PolicyDocument |
| AWS::S3Outposts::Endpoint | AccessType, CustomerOwnedIpv4Pool, FailedReason, OutpostId, SecurityGroupId, SubnetId |
| AWS::S3Tables::Namespace | Namespace, TableBucketARN |
| AWS::S3Tables::Table | Compaction, IcebergMetadata, Namespace, OpenTableFormat, SnapshotManagement, TableBucketARN, TableName, WithoutMetadata |
| AWS::S3Tables::TableBucket | EncryptionConfiguration, TableBucketName, UnreferencedFileRemoval |
| AWS::S3Tables::TableBucketPolicy | ResourcePolicy, TableBucketARN |
| AWS::S3Tables::TablePolicy | ResourcePolicy, TableARN |
| AWS::SDB::Domain | Description |
| AWS::SES::ConfigurationSet | DeliveryOptions, Name, ReputationOptions, SendingOptions, SuppressionOptions, Tags, TrackingOptions, VdmOptions |
| AWS::SES::ConfigurationSetEventDestination | ConfigurationSetName, EventDestination |
| AWS::SES::ContactList | ContactListName, Description, Tags, Topics |
| AWS::SES::DedicatedIpPool | PoolName, ScalingMode, Tags |
| AWS::SES::EmailIdentity | ConfigurationSetAttributes, DkimAttributes, DkimSigningAttributes, EmailIdentity, FeedbackAttributes, MailFromAttributes, Tags |
| AWS::SES::MailManagerAddonInstance | AddonSubscriptionId, Tags |
| AWS::SES::MailManagerAddonSubscription | AddonName, Tags |
| AWS::SES::MailManagerAddressList | AddressListName, Tags |
| AWS::SES::MailManagerArchive | ArchiveName, KmsKeyArn, Retention, Tags |
| AWS::SES::MailManagerIngressPoint | IngressPointConfiguration, IngressPointName, NetworkConfiguration, RuleSetId, StatusToUpdate, Tags, TrafficPolicyId, Type |
| AWS::SES::MailManagerRelay | Authentication, RelayName, ServerName, ServerPort, Tags |
| AWS::SES::MailManagerRuleSet | RuleSetName, Rules, Tags |
| AWS::SES::MailManagerTrafficPolicy | DefaultAction, MaxMessageSizeBytes, PolicyStatements, Tags, TrafficPolicyName |
| AWS::SES::ReceiptFilter | Filter |
| AWS::SES::ReceiptRule | After, Rule, RuleSetName |
| AWS::SES::ReceiptRuleSet | RuleSetName |
| AWS::SES::Template | Template |
| AWS::SES::VdmAttributes | DashboardAttributes, GuardianAttributes |
| AWS::SNS::Subscription | DeliveryPolicy, Endpoint, FilterPolicy, FilterPolicyScope, Protocol, RawMessageDelivery, RedrivePolicy, Region, ReplayPolicy, SubscriptionRoleArn, TopicArn |
| AWS::SNS::Topic | ArchivePolicy, ContentBasedDeduplication, DataProtectionPolicy, DeliveryStatusLogging, DisplayName, FifoThroughputScope, FifoTopic, KmsMasterKeyId, SignatureVersion, Subscription, Tags, TopicName, TracingConfig |
| AWS::SNS::TopicInlinePolicy | PolicyDocument, TopicArn |
| AWS::SNS::TopicPolicy | PolicyDocument, Topics |
| AWS::SQS::Queue | ContentBasedDeduplication, DeduplicationScope, DelaySeconds, FifoQueue, FifoThroughputLimit, KmsDataKeyReusePeriodSeconds, KmsMasterKeyId, MaximumMessageSize, MessageRetentionPeriod, QueueName, ReceiveMessageWaitTimeSeconds, RedriveAllowPolicy, RedrivePolicy, SqsManagedSseEnabled, Tags, VisibilityTimeout |
| AWS::SQS::QueueInlinePolicy | PolicyDocument, Queue |
| AWS::SQS::QueuePolicy | PolicyDocument, Queues |
| AWS::SSM::Association | ApplyOnlyAtCronInterval, AssociationName, AutomationTargetParameterName, CalendarNames, ComplianceSeverity, DocumentVersion, InstanceId, MaxConcurrency, MaxErrors, Name, OutputLocation, Parameters, ScheduleExpression, ScheduleOffset, SyncCompliance, Targets, WaitForSuccessTimeoutSeconds |
| AWS::SSM::Document | Attachments, Content, DocumentFormat, DocumentType, Name, Requires, Tags, TargetType, UpdateMethod, VersionName |
| AWS::SSM::MaintenanceWindow | AllowUnassociatedTargets, Cutoff, Description, Duration, EndDate, Name, Schedule, ScheduleOffset, ScheduleTimezone, StartDate, Tags |
| AWS::SSM::MaintenanceWindowTarget | Description, Name, OwnerInformation, ResourceType, Targets, WindowId |
| AWS::SSM::MaintenanceWindowTask | CutoffBehavior, Description, LoggingInfo, MaxConcurrency, MaxErrors, Name, Priority, ServiceRoleArn, Targets, TaskArn, TaskInvocationParameters, TaskParameters, TaskType, WindowId |
| AWS::SSM::Parameter | AllowedPattern, DataType, Description, Name, Policies, Tags, Tier, Type, Value |
| AWS::SSM::PatchBaseline | ApprovalRules, ApprovedPatches, ApprovedPatchesComplianceLevel, ApprovedPatchesEnableNonSecurity, AvailableSecurityUpdatesComplianceStatus, DefaultBaseline, Description, GlobalFilters, Name, OperatingSystem, PatchGroups, RejectedPatches, RejectedPatchesAction, Sources, Tags |
| AWS::SSM::ResourceDataSync | BucketName, BucketPrefix, BucketRegion, KMSKeyArn, S3Destination, SyncFormat, SyncName, SyncSource, SyncType |
| AWS::SSM::ResourcePolicy | Policy, ResourceArn |
| AWS::SSMContacts::Contact | Alias, DisplayName, Plan, Tags, Type |
| AWS::SSMContacts::ContactChannel | ChannelAddress, ChannelName, ChannelType, ContactId, DeferActivation |
| AWS::SSMContacts::Plan | ContactId, RotationIds, Stages |
| AWS::SSMContacts::Rotation | ContactIds, Name, Recurrence, StartTime, Tags, TimeZoneId |
| AWS::SSMGuiConnect::Preferences | ConnectionRecordingPreferences |
| AWS::SSMIncidents::ReplicationSet | DeletionProtected, Regions, Tags |
| AWS::SSMIncidents::ResponsePlan | Actions, ChatChannel, DisplayName, Engagements, IncidentTemplate, Integrations, Name, Tags |
| AWS::SSMQuickSetup::ConfigurationManager | ConfigurationDefinitions, Description, Name, Tags |
| AWS::SSO::Application | ApplicationProviderArn, Description, InstanceArn, Name, PortalOptions, Status, Tags |
| AWS::SSO::ApplicationAssignment | ApplicationArn, PrincipalId, PrincipalType |
| AWS::SSO::Assignment | InstanceArn, PermissionSetArn, PrincipalId, PrincipalType, TargetId, TargetType |
| AWS::SSO::Instance | Name, Tags |
| AWS::SSO::InstanceAccessControlAttributeConfiguration | AccessControlAttributes, InstanceArn |
| AWS::SSO::PermissionSet | CustomerManagedPolicyReferences, Description, InlinePolicy, InstanceArn, ManagedPolicies, Name, PermissionsBoundary, RelayStateType, SessionDuration, Tags |
| AWS::SageMaker::App | AppName, AppType, DomainId, RecoveryMode, ResourceSpec, Tags, UserProfileName |
| AWS::SageMaker::AppImageConfig | AppImageConfigName, CodeEditorAppImageConfig, JupyterLabAppImageConfig, KernelGatewayImageConfig, Tags |
| AWS::SageMaker::Cluster | ClusterName, InstanceGroups, NodeProvisioningMode, NodeRecovery, Orchestrator, RestrictedInstanceGroups, Tags, VpcConfig |
| AWS::SageMaker::CodeRepository | CodeRepositoryName, GitConfig, Tags |
| AWS::SageMaker::DataQualityJobDefinition | DataQualityAppSpecification, DataQualityBaselineConfig, DataQualityJobInput, DataQualityJobOutputConfig, EndpointName, JobDefinitionName, JobResources, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::Device | Device, DeviceFleetName, Tags |
| AWS::SageMaker::DeviceFleet | Description, DeviceFleetName, OutputConfig, RoleArn, Tags |
| AWS::SageMaker::Domain | AppNetworkAccessType, AppSecurityGroupManagement, AuthMode, DefaultSpaceSettings, DefaultUserSettings, DomainName, DomainSettings, KmsKeyId, SubnetIds, TagPropagation, Tags, VpcId |
| AWS::SageMaker::Endpoint | DeploymentConfig, EndpointConfigName, EndpointName, ExcludeRetainedVariantProperties, RetainAllVariantProperties, RetainDeploymentConfig, Tags |
| AWS::SageMaker::EndpointConfig | AsyncInferenceConfig, DataCaptureConfig, EnableNetworkIsolation, EndpointConfigName, ExecutionRoleArn, ExplainerConfig, KmsKeyId, ProductionVariants, ShadowProductionVariants, Tags, VpcConfig |
| AWS::SageMaker::FeatureGroup | Description, EventTimeFeatureName, FeatureDefinitions, FeatureGroupName, OfflineStoreConfig, OnlineStoreConfig, RecordIdentifierFeatureName, RoleArn, Tags, ThroughputConfig |
| AWS::SageMaker::Image | ImageDescription, ImageDisplayName, ImageName, ImageRoleArn, Tags |
| AWS::SageMaker::ImageVersion | Alias, Aliases, BaseImage, Horovod, ImageName, JobType, MLFramework, Processor, ProgrammingLang, ReleaseNotes, VendorGuidance |
| AWS::SageMaker::InferenceComponent | DeploymentConfig, EndpointArn, EndpointName, InferenceComponentName, RuntimeConfig, Specification, Tags, VariantName |
| AWS::SageMaker::InferenceExperiment | DataStorageConfig, Description, DesiredState, EndpointName, KmsKey, ModelVariants, Name, RoleArn, Schedule, ShadowModeConfig, StatusReason, Tags, Type |
| AWS::SageMaker::MlflowTrackingServer | ArtifactStoreUri, AutomaticModelRegistration, MlflowVersion, RoleArn, Tags, TrackingServerName, TrackingServerSize, WeeklyMaintenanceWindowStart |
| AWS::SageMaker::Model | Containers, EnableNetworkIsolation, ExecutionRoleArn, InferenceExecutionConfig, ModelName, PrimaryContainer, Tags, VpcConfig |
| AWS::SageMaker::ModelBiasJobDefinition | EndpointName, JobDefinitionName, JobResources, ModelBiasAppSpecification, ModelBiasBaselineConfig, ModelBiasJobInput, ModelBiasJobOutputConfig, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::ModelCard | Content, CreatedBy, LastModifiedBy, ModelCardName, ModelCardStatus, SecurityConfig, Tags |
| AWS::SageMaker::ModelExplainabilityJobDefinition | EndpointName, JobDefinitionName, JobResources, ModelExplainabilityAppSpecification, ModelExplainabilityBaselineConfig, ModelExplainabilityJobInput, ModelExplainabilityJobOutputConfig, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::ModelPackage | AdditionalInferenceSpecifications, AdditionalInferenceSpecificationsToAdd, ApprovalDescription, CertifyForMarketplace, ClientToken, CustomerMetadataProperties, Domain, DriftCheckBaselines, InferenceSpecification, LastModifiedTime, MetadataProperties, ModelApprovalStatus, ModelCard, ModelMetrics, ModelPackageDescription, ModelPackageGroupName, ModelPackageName, ModelPackageStatusDetails, ModelPackageVersion, SamplePayloadUrl, SecurityConfig, SkipModelValidation, SourceAlgorithmSpecification, SourceUri, Tags, Task, ValidationSpecification |
| AWS::SageMaker::ModelPackageGroup | ModelPackageGroupDescription, ModelPackageGroupName, ModelPackageGroupPolicy, Tags |
| AWS::SageMaker::ModelQualityJobDefinition | EndpointName, JobDefinitionName, JobResources, ModelQualityAppSpecification, ModelQualityBaselineConfig, ModelQualityJobInput, ModelQualityJobOutputConfig, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::MonitoringSchedule | EndpointName, FailureReason, LastMonitoringExecutionSummary, MonitoringScheduleConfig, MonitoringScheduleName, MonitoringScheduleStatus, Tags |
| AWS::SageMaker::NotebookInstance | AcceleratorTypes, AdditionalCodeRepositories, DefaultCodeRepository, DirectInternetAccess, InstanceMetadataServiceConfiguration, InstanceType, KmsKeyId, LifecycleConfigName, NotebookInstanceName, PlatformIdentifier, RoleArn, RootAccess, SecurityGroupIds, SubnetId, Tags, VolumeSizeInGB |
| AWS::SageMaker::NotebookInstanceLifecycleConfig | NotebookInstanceLifecycleConfigName, OnCreate, OnStart |
| AWS::SageMaker::PartnerApp | ApplicationConfig, AuthType, EnableIamSessionBasedIdentity, ExecutionRoleArn, KmsKeyId, MaintenanceConfig, Name, Tags, Tier, Type |
| AWS::SageMaker::Pipeline | ParallelismConfiguration, PipelineDefinition, PipelineDescription, PipelineDisplayName, PipelineName, RoleArn, Tags |
| AWS::SageMaker::ProcessingJob | AppSpecification, Environment, ExperimentConfig, NetworkConfig, ProcessingInputs, ProcessingJobName, ProcessingOutputConfig, ProcessingResources, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::Project | ProjectDescription, ProjectName, ServiceCatalogProvisionedProductDetails, ServiceCatalogProvisioningDetails, Tags, TemplateProviderDetails |
| AWS::SageMaker::Space | DomainId, OwnershipSettings, SpaceDisplayName, SpaceName, SpaceSettings, SpaceSharingSettings, Tags |
| AWS::SageMaker::StudioLifecycleConfig | StudioLifecycleConfigAppType, StudioLifecycleConfigContent, StudioLifecycleConfigName, Tags |
| AWS::SageMaker::UserProfile | DomainId, SingleSignOnUserIdentifier, SingleSignOnUserValue, Tags, UserProfileName, UserSettings |
| AWS::SageMaker::Workteam | Description, MemberDefinitions, NotificationConfiguration, Tags, WorkforceName, WorkteamName |
| AWS::Scheduler::Schedule | Description, EndDate, FlexibleTimeWindow, GroupName, KmsKeyArn, Name, ScheduleExpression, ScheduleExpressionTimezone, StartDate, State, Target |
| AWS::Scheduler::ScheduleGroup | Name, Tags |
| AWS::SecretsManager::ResourcePolicy | BlockPublicPolicy, ResourcePolicy, SecretId |
| AWS::SecretsManager::RotationSchedule | HostedRotationLambda, RotateImmediatelyOnUpdate, RotationLambdaARN, RotationRules, SecretId |
| AWS::SecretsManager::Secret | Description, GenerateSecretString, KmsKeyId, Name, ReplicaRegions, SecretString, Tags |
| AWS::SecretsManager::SecretTargetAttachment | SecretId, TargetId, TargetType |
| AWS::SecurityHub::AggregatorV2 | LinkedRegions, RegionLinkingMode, Tags |
| AWS::SecurityHub::AutomationRule | Actions, Criteria, Description, IsTerminal, RuleName, RuleOrder, RuleStatus, Tags |
| AWS::SecurityHub::AutomationRuleV2 | Actions, Criteria, Description, RuleName, RuleOrder, RuleStatus, Tags |
| AWS::SecurityHub::ConfigurationPolicy | ConfigurationPolicy, Description, Name, Tags |
| AWS::SecurityHub::DelegatedAdmin | AdminAccountId |
| AWS::SecurityHub::FindingAggregator | RegionLinkingMode, Regions |
| AWS::SecurityHub::Hub | AutoEnableControls, ControlFindingGenerator, EnableDefaultStandards, Tags |
| AWS::SecurityHub::HubV2 | Tags |
| AWS::SecurityHub::Insight | Filters, GroupByAttribute, Name |
| AWS::SecurityHub::OrganizationConfiguration | AutoEnable, AutoEnableStandards, ConfigurationType |
| AWS::SecurityHub::PolicyAssociation | ConfigurationPolicyId, TargetId, TargetType |
| AWS::SecurityHub::ProductSubscription | ProductArn |
| AWS::SecurityHub::SecurityControl | LastUpdateReason, Parameters, SecurityControlArn, SecurityControlId |
| AWS::SecurityHub::Standard | DisabledStandardsControls, StandardsArn |
| AWS::SecurityLake::AwsLogSource | Accounts, DataLakeArn, SourceName, SourceVersion |
| AWS::SecurityLake::DataLake | EncryptionConfiguration, LifecycleConfiguration, MetaStoreManagerRoleArn, ReplicationConfiguration, Tags |
| AWS::SecurityLake::Subscriber | AccessTypes, DataLakeArn, Sources, SubscriberDescription, SubscriberIdentity, SubscriberName, Tags |
| AWS::SecurityLake::SubscriberNotification | NotificationConfiguration, SubscriberArn |
| AWS::ServiceCatalog::AcceptedPortfolioShare | AcceptLanguage, PortfolioId |
| AWS::ServiceCatalog::CloudFormationProduct | AcceptLanguage, Description, Distributor, Name, Owner, ProductType, ProvisioningArtifactParameters, ReplaceProvisioningArtifacts, SourceConnection, SupportDescription, SupportEmail, SupportUrl, Tags |
| AWS::ServiceCatalog::CloudFormationProvisionedProduct | AcceptLanguage, NotificationArns, PathId, PathName, ProductId, ProductName, ProvisionedProductName, ProvisioningArtifactId, ProvisioningArtifactName, ProvisioningParameters, ProvisioningPreferences, Tags |
| AWS::ServiceCatalog::LaunchNotificationConstraint | AcceptLanguage, Description, NotificationArns, PortfolioId, ProductId |
| AWS::ServiceCatalog::LaunchRoleConstraint | AcceptLanguage, Description, LocalRoleName, PortfolioId, ProductId, RoleArn |
| AWS::ServiceCatalog::LaunchTemplateConstraint | AcceptLanguage, Description, PortfolioId, ProductId, Rules |
| AWS::ServiceCatalog::Portfolio | AcceptLanguage, Description, DisplayName, ProviderName, Tags |
| AWS::ServiceCatalog::PortfolioPrincipalAssociation | AcceptLanguage, PortfolioId, PrincipalARN, PrincipalType |
| AWS::ServiceCatalog::PortfolioProductAssociation | AcceptLanguage, PortfolioId, ProductId, SourcePortfolioId |
| AWS::ServiceCatalog::PortfolioShare | AcceptLanguage, AccountId, PortfolioId, ShareTagOptions |
| AWS::ServiceCatalog::ResourceUpdateConstraint | AcceptLanguage, Description, PortfolioId, ProductId, TagUpdateOnProvisionedProduct |
| AWS::ServiceCatalog::ServiceAction | AcceptLanguage, Definition, DefinitionType, Description, Name |
| AWS::ServiceCatalog::ServiceActionAssociation | ProductId, ProvisioningArtifactId, ServiceActionId |
| AWS::ServiceCatalog::StackSetConstraint | AcceptLanguage, AccountList, AdminRole, Description, ExecutionRole, PortfolioId, ProductId, RegionList, StackInstanceControl |
| AWS::ServiceCatalog::TagOption | Active, Key, Value |
| AWS::ServiceCatalog::TagOptionAssociation | ResourceId, TagOptionId |
| AWS::ServiceCatalogAppRegistry::Application | Description, Name, Tags |
| AWS::ServiceCatalogAppRegistry::AttributeGroup | Attributes, Description, Name, Tags |
| AWS::ServiceCatalogAppRegistry::ResourceAssociation | Application, Resource, ResourceType |
| AWS::ServiceDiscovery::HttpNamespace | Description, Name, Tags |
| AWS::ServiceDiscovery::Instance | InstanceAttributes, InstanceId, ServiceId |
| AWS::ServiceDiscovery::PrivateDnsNamespace | Description, Name, Properties, Tags, Vpc |
| AWS::ServiceDiscovery::PublicDnsNamespace | Description, Name, Properties, Tags |
| AWS::ServiceDiscovery::Service | Description, DnsConfig, HealthCheckConfig, HealthCheckCustomConfig, Name, NamespaceId, ServiceAttributes, Tags, Type |
| AWS::Shield::DRTAccess | LogBucketList, RoleArn |
| AWS::Shield::ProactiveEngagement | EmergencyContactList, ProactiveEngagementStatus |
| AWS::Shield::Protection | ApplicationLayerAutomaticResponseConfiguration, HealthCheckArns, Name, ResourceArn, Tags |
| AWS::Shield::ProtectionGroup | Aggregation, Members, Pattern, ProtectionGroupId, ResourceType, Tags |
| AWS::Signer::ProfilePermission | Action, Principal, ProfileName, ProfileVersion, StatementId |
| AWS::Signer::SigningProfile | PlatformId, SignatureValidityPeriod, Tags |
| AWS::SimSpaceWeaver::Simulation | MaximumDuration, Name, RoleArn, SchemaS3Location, SnapshotS3Location |
| AWS::StepFunctions::Activity | EncryptionConfiguration, Name, Tags |
| AWS::StepFunctions::StateMachine | Definition, DefinitionS3Location, DefinitionString, DefinitionSubstitutions, EncryptionConfiguration, LoggingConfiguration, RoleArn, StateMachineName, StateMachineType, Tags, TracingConfiguration |
| AWS::StepFunctions::StateMachineAlias | DeploymentPreference, Description, Name, RoutingConfiguration |
| AWS::StepFunctions::StateMachineVersion | Description, StateMachineArn, StateMachineRevisionId |
| AWS::SupportApp::AccountAlias | AccountAlias |
| AWS::SupportApp::SlackChannelConfiguration | ChannelId, ChannelName, ChannelRoleArn, NotifyOnAddCorrespondenceToCase, NotifyOnCaseSeverity, NotifyOnCreateOrReopenCase, NotifyOnResolveCase, TeamId |
| AWS::SupportApp::SlackWorkspaceConfiguration | TeamId, VersionId |
| AWS::Synthetics::Canary | ArtifactConfig, ArtifactS3Location, Code, DryRunAndUpdate, ExecutionRoleArn, FailureRetentionPeriod, Name, ProvisionedResourceCleanup, ResourcesToReplicateTags, RunConfig, RuntimeVersion, Schedule, StartCanaryAfterCreation, SuccessRetentionPeriod, Tags, VPCConfig, VisualReference |
| AWS::Synthetics::Group | Name, ResourceArns, Tags |
| AWS::SystemsManagerSAP::Application | ApplicationId, ApplicationType, ComponentsInfo, Credentials, DatabaseArn, Instances, SapInstanceNumber, Sid, Tags |
| AWS::Timestream::Database | DatabaseName, KmsKeyId, Tags |
| AWS::Timestream::InfluxDBInstance | AllocatedStorage, Bucket, DbInstanceType, DbParameterGroupIdentifier, DbStorageType, DeploymentType, LogDeliveryConfiguration, Name, NetworkType, Organization, Password, Port, PubliclyAccessible, Tags, Username, VpcSecurityGroupIds, VpcSubnetIds |
| AWS::Timestream::ScheduledQuery | ClientToken, ErrorReportConfiguration, KmsKeyId, NotificationConfiguration, QueryString, ScheduleConfiguration, ScheduledQueryExecutionRoleArn, ScheduledQueryName, Tags, TargetConfiguration |
| AWS::Timestream::Table | DatabaseName, MagneticStoreWriteProperties, RetentionProperties, Schema, TableName, Tags |
| AWS::Transfer::Agreement | AccessRole, BaseDirectory, CustomDirectories, Description, EnforceMessageSigning, LocalProfileId, PartnerProfileId, PreserveFilename, ServerId, Status, Tags |
| AWS::Transfer::Certificate | ActiveDate, Certificate, CertificateChain, Description, InactiveDate, PrivateKey, Tags, Usage |
| AWS::Transfer::Connector | AccessRole, As2Config, LoggingRole, SecurityPolicyName, SftpConfig, Tags, Url |
| AWS::Transfer::Profile | As2Id, CertificateIds, ProfileType, Tags |
| AWS::Transfer::Server | Certificate, Domain, EndpointDetails, EndpointType, IdentityProviderDetails, IdentityProviderType, IpAddressType, LoggingRole, PostAuthenticationLoginBanner, PreAuthenticationLoginBanner, ProtocolDetails, Protocols, S3StorageOptions, SecurityPolicyName, StructuredLogDestinations, Tags, WorkflowDetails |
| AWS::Transfer::User | HomeDirectory, HomeDirectoryMappings, HomeDirectoryType, Policy, PosixProfile, Role, ServerId, SshPublicKeys, Tags, UserName |
| AWS::Transfer::WebApp | AccessEndpoint, IdentityProviderDetails, Tags, WebAppCustomization, WebAppEndpointPolicy, WebAppUnits |
| AWS::Transfer::Workflow | Description, OnExceptionSteps, Steps, Tags |
| AWS::VerifiedPermissions::IdentitySource | Configuration, PolicyStoreId, PrincipalEntityType |
| AWS::VerifiedPermissions::Policy | Definition, PolicyStoreId |
| AWS::VerifiedPermissions::PolicyStore | DeletionProtection, Description, Schema, Tags, ValidationSettings |
| AWS::VerifiedPermissions::PolicyTemplate | Description, PolicyStoreId, Statement |
| AWS::VoiceID::Domain | Description, Name, ServerSideEncryptionConfiguration, Tags |
| AWS::VpcLattice::AccessLogSubscription | DestinationArn, ResourceIdentifier, ServiceNetworkLogType, Tags |
| AWS::VpcLattice::AuthPolicy | Policy, ResourceIdentifier |
| AWS::VpcLattice::Listener | DefaultAction, Name, Port, Protocol, ServiceIdentifier, Tags |
| AWS::VpcLattice::ResourceConfiguration | AllowAssociationToSharableServiceNetwork, Name, PortRanges, ProtocolType, ResourceConfigurationAuthType, ResourceConfigurationDefinition, ResourceConfigurationGroupId, ResourceConfigurationType, ResourceGatewayId, Tags |
| AWS::VpcLattice::ResourceGateway | IpAddressType, Name, SecurityGroupIds, SubnetIds, Tags, VpcIdentifier |
| AWS::VpcLattice::ResourcePolicy | Policy, ResourceArn |
| AWS::VpcLattice::Rule | Action, ListenerIdentifier, Match, Name, Priority, ServiceIdentifier, Tags |
| AWS::VpcLattice::Service | AuthType, CertificateArn, CustomDomainName, DnsEntry, Name, Tags |
| AWS::VpcLattice::ServiceNetwork | AuthType, Name, SharingConfig, Tags |
| AWS::VpcLattice::ServiceNetworkResourceAssociation | ResourceConfigurationId, ServiceNetworkId, Tags |
| AWS::VpcLattice::ServiceNetworkServiceAssociation | DnsEntry, ServiceIdentifier, ServiceNetworkIdentifier, Tags |
| AWS::VpcLattice::ServiceNetworkVpcAssociation | SecurityGroupIds, ServiceNetworkIdentifier, Tags, VpcIdentifier |
| AWS::VpcLattice::TargetGroup | Config, Name, Tags, Targets, Type |
| AWS::WAF::ByteMatchSet | ByteMatchTuples, Name |
| AWS::WAF::IPSet | IPSetDescriptors, Name |
| AWS::WAF::Rule | MetricName, Name, Predicates |
| AWS::WAF::SizeConstraintSet | Name, SizeConstraints |
| AWS::WAF::SqlInjectionMatchSet | Name, SqlInjectionMatchTuples |
| AWS::WAF::WebACL | DefaultAction, MetricName, Name, Rules |
| AWS::WAF::XssMatchSet | Name, XssMatchTuples |
| AWS::WAFRegional::ByteMatchSet | ByteMatchTuples, Name |
| AWS::WAFRegional::GeoMatchSet | GeoMatchConstraints, Name |
| AWS::WAFRegional::IPSet | IPSetDescriptors, Name |
| AWS::WAFRegional::RateBasedRule | MatchPredicates, MetricName, Name, RateKey, RateLimit |
| AWS::WAFRegional::RegexPatternSet | Name, RegexPatternStrings |
| AWS::WAFRegional::Rule | MetricName, Name, Predicates |
| AWS::WAFRegional::SizeConstraintSet | Name, SizeConstraints |
| AWS::WAFRegional::SqlInjectionMatchSet | Name, SqlInjectionMatchTuples |
| AWS::WAFRegional::WebACL | DefaultAction, MetricName, Name, Rules |
| AWS::WAFRegional::WebACLAssociation | ResourceArn, WebACLId |
| AWS::WAFRegional::XssMatchSet | Name, XssMatchTuples |
| AWS::WAFv2::IPSet | Addresses, Description, IPAddressVersion, Name, Scope, Tags |
| AWS::WAFv2::LoggingConfiguration | LogDestinationConfigs, LoggingFilter, RedactedFields, ResourceArn |
| AWS::WAFv2::RegexPatternSet | Description, Name, RegularExpressionList, Scope, Tags |
| AWS::WAFv2::RuleGroup | AvailableLabels, Capacity, ConsumedLabels, CustomResponseBodies, Description, Name, Rules, Scope, Tags, VisibilityConfig |
| AWS::WAFv2::WebACL | AssociationConfig, CaptchaConfig, ChallengeConfig, CustomResponseBodies, DataProtectionConfig, DefaultAction, Description, Name, OnSourceDDoSProtectionConfig, Rules, Scope, Tags, TokenDomains, VisibilityConfig |
| AWS::WAFv2::WebACLAssociation | ResourceArn, WebACLArn |
| AWS::Wisdom::AIAgent | AssistantId, Configuration, Description, Name, Tags, Type |
| AWS::Wisdom::AIAgentVersion | AIAgentId, AssistantId, ModifiedTimeSeconds |
| AWS::Wisdom::AIGuardrail | AssistantId, BlockedInputMessaging, BlockedOutputsMessaging, ContentPolicyConfig, ContextualGroundingPolicyConfig, Description, Name, SensitiveInformationPolicyConfig, Tags, TopicPolicyConfig, WordPolicyConfig |
| AWS::Wisdom::AIGuardrailVersion | AIGuardrailId, AssistantId, ModifiedTimeSeconds |
| AWS::Wisdom::AIPrompt | ApiFormat, AssistantId, Description, ModelId, Name, Tags, TemplateConfiguration, TemplateType, Type |
| AWS::Wisdom::AIPromptVersion | AIPromptId, AssistantId, ModifiedTimeSeconds |
| AWS::Wisdom::Assistant | Description, Name, ServerSideEncryptionConfiguration, Tags, Type |
| AWS::Wisdom::AssistantAssociation | AssistantId, Association, AssociationType, Tags |
| AWS::Wisdom::KnowledgeBase | Description, KnowledgeBaseType, Name, RenderingConfiguration, ServerSideEncryptionConfiguration, SourceConfiguration, Tags, VectorIngestionConfiguration |
| AWS::Wisdom::MessageTemplate | ChannelSubtype, Content, DefaultAttributes, Description, GroupingConfiguration, KnowledgeBaseArn, Language, MessageTemplateAttachments, Name, Tags |
| AWS::Wisdom::MessageTemplateVersion | MessageTemplateArn, MessageTemplateContentSha256 |
| AWS::Wisdom::QuickResponse | Channels, Content, ContentType, Description, GroupingConfiguration, IsActive, KnowledgeBaseArn, Language, Name, ShortcutKey, Tags |
| AWS::WorkSpaces::ConnectionAlias | ConnectionString, Tags |
| AWS::WorkSpaces::Workspace | BundleId, DirectoryId, RootVolumeEncryptionEnabled, Tags, UserName, UserVolumeEncryptionEnabled, VolumeEncryptionKey, WorkspaceProperties |
| AWS::WorkSpaces::WorkspacesPool | ApplicationSettings, BundleId, Capacity, Description, DirectoryId, PoolName, RunningMode, TimeoutSettings |
| AWS::WorkSpacesThinClient::Environment | DesiredSoftwareSetId, DesktopArn, DesktopEndpoint, DeviceCreationTags, KmsKeyArn, MaintenanceWindow, Name, SoftwareSetUpdateMode, SoftwareSetUpdateSchedule, Tags |
| AWS::WorkSpacesWeb::BrowserSettings | AdditionalEncryptionContext, BrowserPolicy, CustomerManagedKey, Tags |
| AWS::WorkSpacesWeb::DataProtectionSettings | AdditionalEncryptionContext, CustomerManagedKey, Description, DisplayName, InlineRedactionConfiguration, Tags |
| AWS::WorkSpacesWeb::IdentityProvider | IdentityProviderDetails, IdentityProviderName, IdentityProviderType, PortalArn, Tags |
| AWS::WorkSpacesWeb::IpAccessSettings | AdditionalEncryptionContext, CustomerManagedKey, Description, DisplayName, IpRules, Tags |
| AWS::WorkSpacesWeb::NetworkSettings | SecurityGroupIds, SubnetIds, Tags, VpcId |
| AWS::WorkSpacesWeb::Portal | AdditionalEncryptionContext, AuthenticationType, BrowserSettingsArn, CustomerManagedKey, DataProtectionSettingsArn, DisplayName, InstanceType, IpAccessSettingsArn, MaxConcurrentSessions, NetworkSettingsArn, SessionLoggerArn, Tags, TrustStoreArn, UserAccessLoggingSettingsArn, UserSettingsArn |
| AWS::WorkSpacesWeb::SessionLogger | AdditionalEncryptionContext, CustomerManagedKey, DisplayName, EventFilter, LogConfiguration, Tags |
| AWS::WorkSpacesWeb::TrustStore | CertificateList, Tags |
| AWS::WorkSpacesWeb::UserAccessLoggingSettings | KinesisStreamArn, Tags |
| AWS::WorkSpacesWeb::UserSettings | AdditionalEncryptionContext, CookieSynchronizationConfiguration, CopyAllowed, CustomerManagedKey, DeepLinkAllowed, DisconnectTimeoutInMinutes, DownloadAllowed, IdleDisconnectTimeoutInMinutes, PasteAllowed, PrintAllowed, Tags, ToolbarConfiguration, UploadAllowed |
| AWS::WorkspacesInstances::Volume | AvailabilityZone, Encrypted, Iops, KmsKeyId, SizeInGB, SnapshotId, TagSpecifications, Throughput, VolumeType |
| AWS::WorkspacesInstances::VolumeAssociation | Device, DisassociateMode, VolumeId, WorkspaceInstanceId |
| AWS::WorkspacesInstances::WorkspaceInstance | ManagedInstance, Tags |
| AWS::XRay::Group | FilterExpression, GroupName, InsightsConfiguration, Tags |
| AWS::XRay::ResourcePolicy | BypassPolicyLockoutCheck, PolicyDocument, PolicyName |
| AWS::XRay::SamplingRule | SamplingRule, Tags |
| AWS::XRay::TransactionSearchConfig | IndexingPercentage |
| Alexa::ASK::Skill | AuthenticationConfiguration, SkillPackage, VendorId |
Note: The data was automatically fetched from the official AWS CloudFormation resource specification and got parsed in this markdown table using a custom python script.
More useful CloudFormation tools
I made another cheat sheet called AWS CloudFormation Resource Type properties that shows a single table overview of all available (1430+) AWS resource types including their available attributes
If you like this AWS CloudFormation Attributes cheat sheet, then you might also like the CloudFormation Snippets VSCode extension that I published on the Visual Studio Code Marketplace.