AWS CloudFormation Resource Type properties Cheat Sheet
This cheat sheet shows a single table overview of all available (900+) AWS resource types including their available properties. Bookmark this page so use you can use it to look up CloudFormation properties quickly.
To ease your life and help you be more productive, I’ve modified the resource type into a hyperlink. That means that if you click on the resource type name e.g. AWS::Amplify::App, then you get redirected immediately to the official AWS CloudFormation documentation of that specific resource type.
I made another cheat sheet called AWS CloudFormation Attributes (GetAtt) that shows a single table overview of all available (900+) AWS resource types including their available attributes.
If you like this AWS CloudFormation Attributes cheat sheet, then you might also like the CloudFormation Snippets VSCode extension that I published on the Visual Studio Code Marketplace.
| Resource type | Properties |
|---|---|
| AWS::ACMPCA::Certificate | ApiPassthrough, CertificateAuthorityArn, CertificateSigningRequest, SigningAlgorithm, TemplateArn, Validity, ValidityNotBefore |
| AWS::ACMPCA::CertificateAuthority | CsrExtensions, KeyAlgorithm, KeyStorageSecurityStandard, RevocationConfiguration, SigningAlgorithm, Subject, Tags, Type |
| AWS::ACMPCA::CertificateAuthorityActivation | Certificate, CertificateAuthorityArn, CertificateChain, Status |
| AWS::ACMPCA::Permission | Actions, CertificateAuthorityArn, Principal, SourceAccount |
| AWS::APS::RuleGroupsNamespace | Data, Name, Tags, Workspace |
| AWS::APS::Workspace | AlertManagerDefinition, Alias, Tags |
| AWS::AccessAnalyzer::Analyzer | AnalyzerName, ArchiveRules, Tags, Type |
| AWS::AmazonMQ::Broker | AuthenticationStrategy, AutoMinorVersionUpgrade, BrokerName, Configuration, DeploymentMode, EncryptionOptions, EngineType, EngineVersion, HostInstanceType, LdapServerMetadata, Logs, MaintenanceWindowStartTime, PubliclyAccessible, SecurityGroups, StorageType, SubnetIds, Tags, Users |
| AWS::AmazonMQ::Configuration | AuthenticationStrategy, Data, Description, EngineType, EngineVersion, Name, Tags |
| AWS::AmazonMQ::ConfigurationAssociation | Broker, Configuration |
| AWS::Amplify::App | AccessToken, AutoBranchCreationConfig, BasicAuthConfig, BuildSpec, CustomHeaders, CustomRules, Description, EnableBranchAutoDeletion, EnvironmentVariables, IAMServiceRole, Name, OauthToken, Repository, Tags |
| AWS::Amplify::Branch | AppId, BasicAuthConfig, BranchName, BuildSpec, Description, EnableAutoBuild, EnablePerformanceMode, EnablePullRequestPreview, EnvironmentVariables, PullRequestEnvironmentName, Stage, Tags |
| AWS::Amplify::Domain | AppId, AutoSubDomainCreationPatterns, AutoSubDomainIAMRole, DomainName, EnableAutoSubDomain, SubDomainSettings |
| AWS::AmplifyUIBuilder::Component | BindingProperties, Children, CollectionProperties, ComponentType, Events, Name, Overrides, Properties, SchemaVersion, SourceId, Tags, Variants |
| AWS::AmplifyUIBuilder::Theme | Name, Overrides, Tags, Values |
| AWS::ApiGateway::Account | CloudWatchRoleArn |
| AWS::ApiGateway::ApiKey | CustomerId, Description, Enabled, GenerateDistinctId, Name, StageKeys, Tags, Value |
| AWS::ApiGateway::Authorizer | AuthType, AuthorizerCredentials, AuthorizerResultTtlInSeconds, AuthorizerUri, IdentitySource, IdentityValidationExpression, Name, ProviderARNs, RestApiId, Type |
| AWS::ApiGateway::BasePathMapping | BasePath, DomainName, Id, RestApiId, Stage |
| AWS::ApiGateway::ClientCertificate | Description, Tags |
| AWS::ApiGateway::Deployment | DeploymentCanarySettings, Description, RestApiId, StageDescription, StageName |
| AWS::ApiGateway::DocumentationPart | Location, Properties, RestApiId |
| AWS::ApiGateway::DocumentationVersion | Description, DocumentationVersion, RestApiId |
| AWS::ApiGateway::DomainName | CertificateArn, DomainName, EndpointConfiguration, MutualTlsAuthentication, OwnershipVerificationCertificateArn, RegionalCertificateArn, SecurityPolicy, Tags |
| AWS::ApiGateway::GatewayResponse | ResponseParameters, ResponseTemplates, ResponseType, RestApiId, StatusCode |
| AWS::ApiGateway::Method | ApiKeyRequired, AuthorizationScopes, AuthorizationType, AuthorizerId, HttpMethod, Integration, MethodResponses, OperationName, RequestModels, RequestParameters, RequestValidatorId, ResourceId, RestApiId |
| AWS::ApiGateway::Model | ContentType, Description, Name, RestApiId, Schema |
| AWS::ApiGateway::RequestValidator | Name, RestApiId, ValidateRequestBody, ValidateRequestParameters |
| AWS::ApiGateway::Resource | ParentId, PathPart, RestApiId |
| AWS::ApiGateway::RestApi | ApiKeySourceType, BinaryMediaTypes, Body, BodyS3Location, CloneFrom, Description, DisableExecuteApiEndpoint, EndpointConfiguration, FailOnWarnings, MinimumCompressionSize, Mode, Name, Parameters, Policy, Tags |
| AWS::ApiGateway::Stage | AccessLogSetting, CacheClusterEnabled, CacheClusterSize, CanarySetting, ClientCertificateId, DeploymentId, Description, DocumentationVersion, MethodSettings, RestApiId, StageName, Tags, TracingEnabled, Variables |
| AWS::ApiGateway::UsagePlan | ApiStages, Description, Quota, Tags, Throttle, UsagePlanName |
| AWS::ApiGateway::UsagePlanKey | KeyId, KeyType, UsagePlanId |
| AWS::ApiGateway::VpcLink | Description, Name, Tags, TargetArns |
| AWS::ApiGatewayV2::Api | ApiKeySelectionExpression, BasePath, Body, BodyS3Location, CorsConfiguration, CredentialsArn, Description, DisableExecuteApiEndpoint, DisableSchemaValidation, FailOnWarnings, Name, ProtocolType, RouteKey, RouteSelectionExpression, Tags, Target, Version |
| AWS::ApiGatewayV2::ApiGatewayManagedOverrides | ApiId, Integration, Route, Stage |
| AWS::ApiGatewayV2::ApiMapping | ApiId, ApiMappingKey, DomainName, Stage |
| AWS::ApiGatewayV2::Authorizer | ApiId, AuthorizerCredentialsArn, AuthorizerPayloadFormatVersion, AuthorizerResultTtlInSeconds, AuthorizerType, AuthorizerUri, EnableSimpleResponses, IdentitySource, IdentityValidationExpression, JwtConfiguration, Name |
| AWS::ApiGatewayV2::Deployment | ApiId, Description, StageName |
| AWS::ApiGatewayV2::DomainName | DomainName, DomainNameConfigurations, MutualTlsAuthentication, Tags |
| AWS::ApiGatewayV2::Integration | ApiId, ConnectionId, ConnectionType, ContentHandlingStrategy, CredentialsArn, Description, IntegrationMethod, IntegrationSubtype, IntegrationType, IntegrationUri, PassthroughBehavior, PayloadFormatVersion, RequestParameters, RequestTemplates, ResponseParameters, TemplateSelectionExpression, TimeoutInMillis, TlsConfig |
| AWS::ApiGatewayV2::IntegrationResponse | ApiId, ContentHandlingStrategy, IntegrationId, IntegrationResponseKey, ResponseParameters, ResponseTemplates, TemplateSelectionExpression |
| AWS::ApiGatewayV2::Model | ApiId, ContentType, Description, Name, Schema |
| AWS::ApiGatewayV2::Route | ApiId, ApiKeyRequired, AuthorizationScopes, AuthorizationType, AuthorizerId, ModelSelectionExpression, OperationName, RequestModels, RequestParameters, RouteKey, RouteResponseSelectionExpression, Target |
| AWS::ApiGatewayV2::RouteResponse | ApiId, ModelSelectionExpression, ResponseModels, ResponseParameters, RouteId, RouteResponseKey |
| AWS::ApiGatewayV2::Stage | AccessLogSettings, AccessPolicyId, ApiId, AutoDeploy, ClientCertificateId, DefaultRouteSettings, DeploymentId, Description, RouteSettings, StageName, StageVariables, Tags |
| AWS::ApiGatewayV2::VpcLink | Name, SecurityGroupIds, SubnetIds, Tags |
| AWS::AppConfig::Application | Description, Name, Tags |
| AWS::AppConfig::ConfigurationProfile | ApplicationId, Description, LocationUri, Name, RetrievalRoleArn, Tags, Type, Validators |
| AWS::AppConfig::Deployment | ApplicationId, ConfigurationProfileId, ConfigurationVersion, DeploymentStrategyId, Description, EnvironmentId, Tags |
| AWS::AppConfig::DeploymentStrategy | DeploymentDurationInMinutes, Description, FinalBakeTimeInMinutes, GrowthFactor, GrowthType, Name, ReplicateTo, Tags |
| AWS::AppConfig::Environment | ApplicationId, Description, Monitors, Name, Tags |
| AWS::AppConfig::HostedConfigurationVersion | ApplicationId, ConfigurationProfileId, Content, ContentType, Description, LatestVersionNumber |
| AWS::AppFlow::ConnectorProfile | ConnectionMode, ConnectorProfileConfig, ConnectorProfileName, ConnectorType, KMSArn |
| AWS::AppFlow::Flow | Description, DestinationFlowConfigList, FlowName, KMSArn, SourceFlowConfig, Tags, Tasks, TriggerConfig |
| AWS::AppIntegrations::DataIntegration | Description, KmsKey, Name, ScheduleConfig, SourceURI, Tags |
| AWS::AppIntegrations::EventIntegration | Description, EventBridgeBus, EventFilter, Name, Tags |
| AWS::AppMesh::GatewayRoute | GatewayRouteName, MeshName, MeshOwner, Spec, Tags, VirtualGatewayName |
| AWS::AppMesh::Mesh | MeshName, Spec, Tags |
| AWS::AppMesh::Route | MeshName, MeshOwner, RouteName, Spec, Tags, VirtualRouterName |
| AWS::AppMesh::VirtualGateway | MeshName, MeshOwner, Spec, Tags, VirtualGatewayName |
| AWS::AppMesh::VirtualNode | MeshName, MeshOwner, Spec, Tags, VirtualNodeName |
| AWS::AppMesh::VirtualRouter | MeshName, MeshOwner, Spec, Tags, VirtualRouterName |
| AWS::AppMesh::VirtualService | MeshName, MeshOwner, Spec, Tags, VirtualServiceName |
| AWS::AppRunner::ObservabilityConfiguration | ObservabilityConfigurationName, Tags, TraceConfiguration |
| AWS::AppRunner::Service | AutoScalingConfigurationArn, EncryptionConfiguration, HealthCheckConfiguration, InstanceConfiguration, NetworkConfiguration, ObservabilityConfiguration, ServiceName, SourceConfiguration, Tags |
| AWS::AppRunner::VpcConnector | SecurityGroups, Subnets, Tags, VpcConnectorName |
| AWS::AppStream::AppBlock | Description, DisplayName, Name, SetupScriptDetails, SourceS3Location, Tags |
| AWS::AppStream::Application | AppBlockArn, AttributesToDelete, Description, DisplayName, IconS3Location, InstanceFamilies, LaunchParameters, LaunchPath, Name, Platforms, Tags, WorkingDirectory |
| AWS::AppStream::ApplicationEntitlementAssociation | ApplicationIdentifier, EntitlementName, StackName |
| AWS::AppStream::ApplicationFleetAssociation | ApplicationArn, FleetName |
| AWS::AppStream::DirectoryConfig | DirectoryName, OrganizationalUnitDistinguishedNames, ServiceAccountCredentials |
| AWS::AppStream::Entitlement | AppVisibility, Attributes, Description, Name, StackName |
| AWS::AppStream::Fleet | ComputeCapacity, Description, DisconnectTimeoutInSeconds, DisplayName, DomainJoinInfo, EnableDefaultInternetAccess, FleetType, IamRoleArn, IdleDisconnectTimeoutInSeconds, ImageArn, ImageName, InstanceType, MaxConcurrentSessions, MaxUserDurationInSeconds, Name, Platform, SessionScriptS3Location, StreamView, Tags, UsbDeviceFilterStrings, VpcConfig |
| AWS::AppStream::ImageBuilder | AccessEndpoints, AppstreamAgentVersion, Description, DisplayName, DomainJoinInfo, EnableDefaultInternetAccess, IamRoleArn, ImageArn, ImageName, InstanceType, Name, Tags, VpcConfig |
| AWS::AppStream::Stack | AccessEndpoints, ApplicationSettings, AttributesToDelete, DeleteStorageConnectors, Description, DisplayName, EmbedHostDomains, FeedbackURL, Name, RedirectURL, StorageConnectors, Tags, UserSettings |
| AWS::AppStream::StackFleetAssociation | FleetName, StackName |
| AWS::AppStream::StackUserAssociation | AuthenticationType, SendEmailNotification, StackName, UserName |
| AWS::AppStream::User | AuthenticationType, FirstName, LastName, MessageAction, UserName |
| AWS::AppSync::ApiCache | ApiCachingBehavior, ApiId, AtRestEncryptionEnabled, TransitEncryptionEnabled, Ttl, Type |
| AWS::AppSync::ApiKey | ApiId, ApiKeyId, Description, Expires |
| AWS::AppSync::DataSource | ApiId, Description, DynamoDBConfig, ElasticsearchConfig, HttpConfig, LambdaConfig, Name, OpenSearchServiceConfig, RelationalDatabaseConfig, ServiceRoleArn, Type |
| AWS::AppSync::DomainName | CertificateArn, Description, DomainName |
| AWS::AppSync::DomainNameApiAssociation | ApiId, DomainName |
| AWS::AppSync::FunctionConfiguration | ApiId, DataSourceName, Description, FunctionVersion, MaxBatchSize, Name, RequestMappingTemplate, RequestMappingTemplateS3Location, ResponseMappingTemplate, ResponseMappingTemplateS3Location, SyncConfig |
| AWS::AppSync::GraphQLApi | AdditionalAuthenticationProviders, AuthenticationType, LambdaAuthorizerConfig, LogConfig, Name, OpenIDConnectConfig, Tags, UserPoolConfig, XrayEnabled |
| AWS::AppSync::GraphQLSchema | ApiId, Definition, DefinitionS3Location |
| AWS::AppSync::Resolver | ApiId, CachingConfig, DataSourceName, FieldName, Kind, MaxBatchSize, PipelineConfig, RequestMappingTemplate, RequestMappingTemplateS3Location, ResponseMappingTemplate, ResponseMappingTemplateS3Location, SyncConfig, TypeName |
| AWS::ApplicationAutoScaling::ScalableTarget | MaxCapacity, MinCapacity, ResourceId, RoleARN, ScalableDimension, ScheduledActions, ServiceNamespace, SuspendedState |
| AWS::ApplicationAutoScaling::ScalingPolicy | PolicyName, PolicyType, ResourceId, ScalableDimension, ScalingTargetId, ServiceNamespace, StepScalingPolicyConfiguration, TargetTrackingScalingPolicyConfiguration |
| AWS::ApplicationInsights::Application | AutoConfigurationEnabled, CWEMonitorEnabled, ComponentMonitoringSettings, CustomComponents, LogPatternSets, OpsCenterEnabled, OpsItemSNSTopicArn, ResourceGroupName, Tags |
| AWS::Athena::DataCatalog | Description, Name, Parameters, Tags, Type |
| AWS::Athena::NamedQuery | Database, Description, Name, QueryString, WorkGroup |
| AWS::Athena::PreparedStatement | Description, QueryStatement, StatementName, WorkGroup |
| AWS::Athena::WorkGroup | Description, Name, RecursiveDeleteOption, State, Tags, WorkGroupConfiguration |
| AWS::AuditManager::Assessment | AssessmentReportsDestination, AwsAccount, Description, FrameworkId, Name, Roles, Scope, Status, Tags |
| AWS::AutoScaling::AutoScalingGroup | AutoScalingGroupName, AvailabilityZones, CapacityRebalance, Context, Cooldown, DesiredCapacity, DesiredCapacityType, HealthCheckGracePeriod, HealthCheckType, InstanceId, LaunchConfigurationName, LaunchTemplate, LifecycleHookSpecificationList, LoadBalancerNames, MaxInstanceLifetime, MaxSize, MetricsCollection, MinSize, MixedInstancesPolicy, NewInstancesProtectedFromScaleIn, NotificationConfigurations, PlacementGroup, ServiceLinkedRoleARN, Tags, TargetGroupARNs, TerminationPolicies, VPCZoneIdentifier |
| AWS::AutoScaling::LaunchConfiguration | AssociatePublicIpAddress, BlockDeviceMappings, ClassicLinkVPCId, ClassicLinkVPCSecurityGroups, EbsOptimized, IamInstanceProfile, ImageId, InstanceId, InstanceMonitoring, InstanceType, KernelId, KeyName, LaunchConfigurationName, MetadataOptions, PlacementTenancy, RamDiskId, SecurityGroups, SpotPrice, UserData |
| AWS::AutoScaling::LifecycleHook | AutoScalingGroupName, DefaultResult, HeartbeatTimeout, LifecycleHookName, LifecycleTransition, NotificationMetadata, NotificationTargetARN, RoleARN |
| AWS::AutoScaling::ScalingPolicy | AdjustmentType, AutoScalingGroupName, Cooldown, EstimatedInstanceWarmup, MetricAggregationType, MinAdjustmentMagnitude, PolicyType, PredictiveScalingConfiguration, ScalingAdjustment, StepAdjustments, TargetTrackingConfiguration |
| AWS::AutoScaling::ScheduledAction | AutoScalingGroupName, DesiredCapacity, EndTime, MaxSize, MinSize, Recurrence, StartTime, TimeZone |
| AWS::AutoScaling::WarmPool | AutoScalingGroupName, InstanceReusePolicy, MaxGroupPreparedCapacity, MinSize, PoolState |
| AWS::AutoScalingPlans::ScalingPlan | ApplicationSource, ScalingInstructions |
| AWS::Backup::BackupPlan | BackupPlan, BackupPlanTags |
| AWS::Backup::BackupSelection | BackupPlanId, BackupSelection |
| AWS::Backup::BackupVault | AccessPolicy, BackupVaultName, BackupVaultTags, EncryptionKeyArn, LockConfiguration, Notifications |
| AWS::Backup::Framework | FrameworkControls, FrameworkDescription, FrameworkName, FrameworkTags |
| AWS::Backup::ReportPlan | ReportDeliveryChannel, ReportPlanDescription, ReportPlanName, ReportPlanTags, ReportSetting |
| AWS::Batch::ComputeEnvironment | ComputeEnvironmentName, ComputeResources, ReplaceComputeEnvironment, ServiceRole, State, Tags, Type, UnmanagedvCpus, UpdatePolicy |
| AWS::Batch::JobDefinition | ContainerProperties, JobDefinitionName, NodeProperties, Parameters, PlatformCapabilities, PropagateTags, RetryStrategy, SchedulingPriority, Tags, Timeout, Type |
| AWS::Batch::JobQueue | ComputeEnvironmentOrder, JobQueueName, Priority, SchedulingPolicyArn, State, Tags |
| AWS::Batch::SchedulingPolicy | FairsharePolicy, Name, Tags |
| AWS::BillingConductor::BillingGroup | AccountGrouping, ComputationPreference, Description, Name, PrimaryAccountId, Tags |
| AWS::BillingConductor::CustomLineItem | BillingGroupArn, BillingPeriodRange, CustomLineItemChargeDetails, Description, Name, Tags |
| AWS::BillingConductor::PricingPlan | Description, Name, PricingRuleArns, Tags |
| AWS::BillingConductor::PricingRule | Description, ModifierPercentage, Name, Scope, Service, Tags, Type |
| AWS::Budgets::Budget | Budget, NotificationsWithSubscribers |
| AWS::Budgets::BudgetsAction | ActionThreshold, ActionType, ApprovalModel, BudgetName, Definition, ExecutionRoleArn, NotificationType, Subscribers |
| AWS::CE::AnomalyMonitor | MonitorDimension, MonitorName, MonitorSpecification, MonitorType, ResourceTags |
| AWS::CE::AnomalySubscription | Frequency, MonitorArnList, ResourceTags, Subscribers, SubscriptionName, Threshold |
| AWS::CE::CostCategory | DefaultValue, Name, RuleVersion, Rules, SplitChargeRules |
| AWS::CUR::ReportDefinition | AdditionalArtifacts, AdditionalSchemaElements, BillingViewArn, Compression, Format, RefreshClosedReports, ReportName, ReportVersioning, S3Bucket, S3Prefix, S3Region, TimeUnit |
| AWS::Cassandra::Keyspace | KeyspaceName, Tags |
| AWS::Cassandra::Table | BillingMode, ClusteringKeyColumns, DefaultTimeToLive, EncryptionSpecification, KeyspaceName, PartitionKeyColumns, PointInTimeRecoveryEnabled, RegularColumns, TableName, Tags |
| AWS::CertificateManager::Account | ExpiryEventsConfiguration |
| AWS::CertificateManager::Certificate | CertificateAuthorityArn, CertificateTransparencyLoggingPreference, DomainName, DomainValidationOptions, SubjectAlternativeNames, Tags, ValidationMethod |
| AWS::Chatbot::SlackChannelConfiguration | ConfigurationName, GuardrailPolicies, IamRoleArn, LoggingLevel, SlackChannelId, SlackWorkspaceId, SnsTopicArns, UserRoleRequired |
| AWS::Cloud9::EnvironmentEC2 | AutomaticStopTimeMinutes, ConnectionType, Description, ImageId, InstanceType, Name, OwnerArn, Repositories, SubnetId, Tags |
| AWS::CloudFormation::CustomResource | ServiceToken |
| AWS::CloudFormation::HookDefaultVersion | TypeName, TypeVersionArn, VersionId |
| AWS::CloudFormation::HookTypeConfig | Configuration, ConfigurationAlias, TypeArn, TypeName |
| AWS::CloudFormation::HookVersion | ExecutionRoleArn, LoggingConfig, SchemaHandlerPackage, TypeName |
| AWS::CloudFormation::Macro | Description, FunctionName, LogGroupName, LogRoleARN, Name |
| AWS::CloudFormation::ModuleDefaultVersion | Arn, ModuleName, VersionId |
| AWS::CloudFormation::ModuleVersion | ModuleName, ModulePackage |
| AWS::CloudFormation::PublicTypeVersion | Arn, LogDeliveryBucket, PublicVersionNumber, Type, TypeName |
| AWS::CloudFormation::Publisher | AcceptTermsAndConditions, ConnectionArn |
| AWS::CloudFormation::ResourceDefaultVersion | TypeName, TypeVersionArn, VersionId |
| AWS::CloudFormation::ResourceVersion | ExecutionRoleArn, LoggingConfig, SchemaHandlerPackage, TypeName |
| AWS::CloudFormation::Stack | NotificationARNs, Parameters, Tags, TemplateURL, TimeoutInMinutes |
| AWS::CloudFormation::StackSet | AdministrationRoleARN, AutoDeployment, CallAs, Capabilities, Description, ExecutionRoleName, ManagedExecution, OperationPreferences, Parameters, PermissionModel, StackInstancesGroup, StackSetName, Tags, TemplateBody, TemplateURL |
| AWS::CloudFormation::TypeActivation | AutoUpdate, ExecutionRoleArn, LoggingConfig, MajorVersion, PublicTypeArn, PublisherId, Type, TypeName, TypeNameAlias, VersionBump |
| AWS::CloudFormation::WaitCondition | Count, Handle, Timeout |
| AWS::CloudFormation::WaitConditionHandle | |
| AWS::CloudFront::CachePolicy | CachePolicyConfig |
| AWS::CloudFront::CloudFrontOriginAccessIdentity | CloudFrontOriginAccessIdentityConfig |
| AWS::CloudFront::Distribution | DistributionConfig, Tags |
| AWS::CloudFront::Function | AutoPublish, FunctionCode, FunctionConfig, Name |
| AWS::CloudFront::KeyGroup | KeyGroupConfig |
| AWS::CloudFront::OriginRequestPolicy | OriginRequestPolicyConfig |
| AWS::CloudFront::PublicKey | PublicKeyConfig |
| AWS::CloudFront::RealtimeLogConfig | EndPoints, Fields, Name, SamplingRate |
| AWS::CloudFront::ResponseHeadersPolicy | ResponseHeadersPolicyConfig |
| AWS::CloudFront::StreamingDistribution | StreamingDistributionConfig, Tags |
| AWS::CloudTrail::Trail | CloudWatchLogsLogGroupArn, CloudWatchLogsRoleArn, EnableLogFileValidation, EventSelectors, IncludeGlobalServiceEvents, InsightSelectors, IsLogging, IsMultiRegionTrail, IsOrganizationTrail, KMSKeyId, S3BucketName, S3KeyPrefix, SnsTopicName, Tags, TrailName |
| AWS::CloudWatch::Alarm | ActionsEnabled, AlarmActions, AlarmDescription, AlarmName, ComparisonOperator, DatapointsToAlarm, Dimensions, EvaluateLowSampleCountPercentile, EvaluationPeriods, ExtendedStatistic, InsufficientDataActions, MetricName, Metrics, Namespace, OKActions, Period, Statistic, Threshold, ThresholdMetricId, TreatMissingData, Unit |
| AWS::CloudWatch::AnomalyDetector | Configuration, Dimensions, MetricMathAnomalyDetector, MetricName, Namespace, SingleMetricAnomalyDetector, Stat |
| AWS::CloudWatch::CompositeAlarm | ActionsEnabled, AlarmActions, AlarmDescription, AlarmName, AlarmRule, InsufficientDataActions, OKActions |
| AWS::CloudWatch::Dashboard | DashboardBody, DashboardName |
| AWS::CloudWatch::InsightRule | RuleBody, RuleName, RuleState, Tags |
| AWS::CloudWatch::MetricStream | ExcludeFilters, FirehoseArn, IncludeFilters, Name, OutputFormat, RoleArn, StatisticsConfigurations, Tags |
| AWS::CodeArtifact::Domain | DomainName, EncryptionKey, PermissionsPolicyDocument, Tags |
| AWS::CodeArtifact::Repository | Description, DomainName, DomainOwner, ExternalConnections, PermissionsPolicyDocument, RepositoryName, Tags, Upstreams |
| AWS::CodeBuild::Project | Artifacts, BadgeEnabled, BuildBatchConfig, Cache, ConcurrentBuildLimit, Description, EncryptionKey, Environment, FileSystemLocations, LogsConfig, Name, QueuedTimeoutInMinutes, ResourceAccessRole, SecondaryArtifacts, SecondarySourceVersions, SecondarySources, ServiceRole, Source, SourceVersion, Tags, TimeoutInMinutes, Triggers, Visibility, VpcConfig |
| AWS::CodeBuild::ReportGroup | DeleteReports, ExportConfig, Name, Tags, Type |
| AWS::CodeBuild::SourceCredential | AuthType, ServerType, Token, Username |
| AWS::CodeCommit::Repository | Code, RepositoryDescription, RepositoryName, Tags, Triggers |
| AWS::CodeDeploy::Application | ApplicationName, ComputePlatform, Tags |
| AWS::CodeDeploy::DeploymentConfig | ComputePlatform, DeploymentConfigName, MinimumHealthyHosts, TrafficRoutingConfig |
| AWS::CodeDeploy::DeploymentGroup | AlarmConfiguration, ApplicationName, AutoRollbackConfiguration, AutoScalingGroups, BlueGreenDeploymentConfiguration, Deployment, DeploymentConfigName, DeploymentGroupName, DeploymentStyle, ECSServices, Ec2TagFilters, Ec2TagSet, LoadBalancerInfo, OnPremisesInstanceTagFilters, OnPremisesTagSet, OutdatedInstancesStrategy, ServiceRoleArn, Tags, TriggerConfigurations |
| AWS::CodeGuruProfiler::ProfilingGroup | AgentPermissions, AnomalyDetectionNotificationConfiguration, ComputePlatform, ProfilingGroupName, Tags |
| AWS::CodeGuruReviewer::RepositoryAssociation | BucketName, ConnectionArn, Name, Owner, Tags, Type |
| AWS::CodePipeline::CustomActionType | Category, ConfigurationProperties, InputArtifactDetails, OutputArtifactDetails, Provider, Settings, Tags, Version |
| AWS::CodePipeline::Pipeline | ArtifactStore, ArtifactStores, DisableInboundStageTransitions, Name, RestartExecutionOnUpdate, RoleArn, Stages, Tags |
| AWS::CodePipeline::Webhook | Authentication, AuthenticationConfiguration, Filters, Name, RegisterWithThirdParty, TargetAction, TargetPipeline, TargetPipelineVersion |
| AWS::CodeStar::GitHubRepository | Code, ConnectionArn, EnableIssues, IsPrivate, RepositoryAccessToken, RepositoryDescription, RepositoryName, RepositoryOwner |
| AWS::CodeStarConnections::Connection | ConnectionName, HostArn, ProviderType, Tags |
| AWS::CodeStarNotifications::NotificationRule | CreatedBy, DetailType, EventTypeId, EventTypeIds, Name, Resource, Status, Tags, TargetAddress, Targets |
| AWS::Cognito::IdentityPool | AllowClassicFlow, AllowUnauthenticatedIdentities, CognitoEvents, CognitoIdentityProviders, CognitoStreams, DeveloperProviderName, IdentityPoolName, OpenIdConnectProviderARNs, PushSync, SamlProviderARNs, SupportedLoginProviders |
| AWS::Cognito::IdentityPoolRoleAttachment | IdentityPoolId, RoleMappings, Roles |
| AWS::Cognito::UserPool | AccountRecoverySetting, AdminCreateUserConfig, AliasAttributes, AutoVerifiedAttributes, DeviceConfiguration, EmailConfiguration, EmailVerificationMessage, EmailVerificationSubject, EnabledMfas, LambdaConfig, MfaConfiguration, Policies, Schema, SmsAuthenticationMessage, SmsConfiguration, SmsVerificationMessage, UserPoolAddOns, UserPoolName, UserPoolTags, UsernameAttributes, UsernameConfiguration, VerificationMessageTemplate |
| AWS::Cognito::UserPoolClient | AccessTokenValidity, AllowedOAuthFlows, AllowedOAuthFlowsUserPoolClient, AllowedOAuthScopes, AnalyticsConfiguration, CallbackURLs, ClientName, DefaultRedirectURI, EnableTokenRevocation, ExplicitAuthFlows, GenerateSecret, IdTokenValidity, LogoutURLs, PreventUserExistenceErrors, ReadAttributes, RefreshTokenValidity, SupportedIdentityProviders, TokenValidityUnits, UserPoolId, WriteAttributes |
| AWS::Cognito::UserPoolDomain | CustomDomainConfig, Domain, UserPoolId |
| AWS::Cognito::UserPoolGroup | Description, GroupName, Precedence, RoleArn, UserPoolId |
| AWS::Cognito::UserPoolIdentityProvider | AttributeMapping, IdpIdentifiers, ProviderDetails, ProviderName, ProviderType, UserPoolId |
| AWS::Cognito::UserPoolResourceServer | Identifier, Name, Scopes, UserPoolId |
| AWS::Cognito::UserPoolRiskConfigurationAttachment | AccountTakeoverRiskConfiguration, ClientId, CompromisedCredentialsRiskConfiguration, RiskExceptionConfiguration, UserPoolId |
| AWS::Cognito::UserPoolUICustomizationAttachment | CSS, ClientId, UserPoolId |
| AWS::Cognito::UserPoolUser | ClientMetadata, DesiredDeliveryMediums, ForceAliasCreation, MessageAction, UserAttributes, UserPoolId, Username, ValidationData |
| AWS::Cognito::UserPoolUserToGroupAttachment | GroupName, UserPoolId, Username |
| AWS::Config::AggregationAuthorization | AuthorizedAccountId, AuthorizedAwsRegion, Tags |
| AWS::Config::ConfigRule | ConfigRuleName, Description, InputParameters, MaximumExecutionFrequency, Scope, Source |
| AWS::Config::ConfigurationAggregator | AccountAggregationSources, ConfigurationAggregatorName, OrganizationAggregationSource, Tags |
| AWS::Config::ConfigurationRecorder | Name, RecordingGroup, RoleARN |
| AWS::Config::ConformancePack | ConformancePackInputParameters, ConformancePackName, DeliveryS3Bucket, DeliveryS3KeyPrefix, TemplateBody, TemplateS3Uri |
| AWS::Config::DeliveryChannel | ConfigSnapshotDeliveryProperties, Name, S3BucketName, S3KeyPrefix, S3KmsKeyArn, SnsTopicARN |
| AWS::Config::OrganizationConfigRule | ExcludedAccounts, OrganizationConfigRuleName, OrganizationCustomCodeRuleMetadata, OrganizationCustomRuleMetadata, OrganizationManagedRuleMetadata |
| AWS::Config::OrganizationConformancePack | ConformancePackInputParameters, DeliveryS3Bucket, DeliveryS3KeyPrefix, ExcludedAccounts, OrganizationConformancePackName, TemplateBody, TemplateS3Uri |
| AWS::Config::RemediationConfiguration | Automatic, ConfigRuleName, ExecutionControls, MaximumAutomaticAttempts, Parameters, ResourceType, RetryAttemptSeconds, TargetId, TargetType, TargetVersion |
| AWS::Config::StoredQuery | QueryDescription, QueryExpression, QueryName, Tags |
| AWS::Connect::ContactFlow | Content, Description, InstanceArn, Name, State, Tags, Type |
| AWS::Connect::ContactFlowModule | Content, Description, InstanceArn, Name, State, Tags |
| AWS::Connect::HoursOfOperation | Config, Description, InstanceArn, Name, Tags, TimeZone |
| AWS::Connect::PhoneNumber | CountryCode, Description, Prefix, Tags, TargetArn, Type |
| AWS::Connect::QuickConnect | Description, InstanceArn, Name, QuickConnectConfig, Tags |
| AWS::Connect::User | DirectoryUserId, HierarchyGroupArn, IdentityInfo, InstanceArn, Password, PhoneConfig, RoutingProfileArn, SecurityProfileArns, Tags, Username |
| AWS::Connect::UserHierarchyGroup | InstanceArn, Name, ParentGroupArn |
| AWS::CustomerProfiles::Domain | DeadLetterQueueUrl, DefaultEncryptionKey, DefaultExpirationDays, DomainName, Tags |
| AWS::CustomerProfiles::Integration | DomainName, FlowDefinition, ObjectTypeName, ObjectTypeNames, Tags, Uri |
| AWS::CustomerProfiles::ObjectType | AllowProfileCreation, Description, DomainName, EncryptionKey, ExpirationDays, Fields, Keys, ObjectTypeName, Tags, TemplateId |
| AWS::DAX::Cluster | AvailabilityZones, ClusterEndpointEncryptionType, ClusterName, Description, IAMRoleARN, NodeType, NotificationTopicARN, ParameterGroupName, PreferredMaintenanceWindow, ReplicationFactor, SSESpecification, SecurityGroupIds, SubnetGroupName, Tags |
| AWS::DAX::ParameterGroup | Description, ParameterGroupName, ParameterNameValues |
| AWS::DAX::SubnetGroup | Description, SubnetGroupName, SubnetIds |
| AWS::DLM::LifecyclePolicy | Description, ExecutionRoleArn, PolicyDetails, State, Tags |
| AWS::DMS::Certificate | CertificateIdentifier, CertificatePem, CertificateWallet |
| AWS::DMS::Endpoint | CertificateArn, DatabaseName, DocDbSettings, DynamoDbSettings, ElasticsearchSettings, EndpointIdentifier, EndpointType, EngineName, ExtraConnectionAttributes, GcpMySQLSettings, IbmDb2Settings, KafkaSettings, KinesisSettings, KmsKeyId, MicrosoftSqlServerSettings, MongoDbSettings, MySqlSettings, NeptuneSettings, OracleSettings, Password, Port, PostgreSqlSettings, RedisSettings, RedshiftSettings, ResourceIdentifier, S3Settings, ServerName, SslMode, SybaseSettings, Tags, Username |
| AWS::DMS::EventSubscription | Enabled, EventCategories, SnsTopicArn, SourceIds, SourceType, SubscriptionName, Tags |
| AWS::DMS::ReplicationInstance | AllocatedStorage, AllowMajorVersionUpgrade, AutoMinorVersionUpgrade, AvailabilityZone, EngineVersion, KmsKeyId, MultiAZ, PreferredMaintenanceWindow, PubliclyAccessible, ReplicationInstanceClass, ReplicationInstanceIdentifier, ReplicationSubnetGroupIdentifier, ResourceIdentifier, Tags, VpcSecurityGroupIds |
| AWS::DMS::ReplicationSubnetGroup | ReplicationSubnetGroupDescription, ReplicationSubnetGroupIdentifier, SubnetIds, Tags |
| AWS::DMS::ReplicationTask | CdcStartPosition, CdcStartTime, CdcStopPosition, MigrationType, ReplicationInstanceArn, ReplicationTaskIdentifier, ReplicationTaskSettings, ResourceIdentifier, SourceEndpointArn, TableMappings, Tags, TargetEndpointArn, TaskData |
| AWS::DataBrew::Dataset | Format, FormatOptions, Input, Name, PathOptions, Tags |
| AWS::DataBrew::Job | DataCatalogOutputs, DatabaseOutputs, DatasetName, EncryptionKeyArn, EncryptionMode, JobSample, LogSubscription, MaxCapacity, MaxRetries, Name, OutputLocation, Outputs, ProfileConfiguration, ProjectName, Recipe, RoleArn, Tags, Timeout, Type, ValidationConfigurations |
| AWS::DataBrew::Project | DatasetName, Name, RecipeName, RoleArn, Sample, Tags |
| AWS::DataBrew::Recipe | Description, Name, Steps, Tags |
| AWS::DataBrew::Ruleset | Description, Name, Rules, Tags, TargetArn |
| AWS::DataBrew::Schedule | CronExpression, JobNames, Name, Tags |
| AWS::DataPipeline::Pipeline | Activate, Description, Name, ParameterObjects, ParameterValues, PipelineObjects, PipelineTags |
| AWS::DataSync::Agent | ActivationKey, AgentName, SecurityGroupArns, SubnetArns, Tags, VpcEndpointId |
| AWS::DataSync::LocationEFS | Ec2Config, EfsFilesystemArn, Subdirectory, Tags |
| AWS::DataSync::LocationFSxLustre | FsxFilesystemArn, SecurityGroupArns, Subdirectory, Tags |
| AWS::DataSync::LocationFSxOpenZFS | FsxFilesystemArn, Protocol, SecurityGroupArns, Subdirectory, Tags |
| AWS::DataSync::LocationFSxWindows | Domain, FsxFilesystemArn, Password, SecurityGroupArns, Subdirectory, Tags, User |
| AWS::DataSync::LocationHDFS | AgentArns, AuthenticationType, BlockSize, KerberosKeytab, KerberosKrb5Conf, KerberosPrincipal, KmsKeyProviderUri, NameNodes, QopConfiguration, ReplicationFactor, SimpleUser, Subdirectory, Tags |
| AWS::DataSync::LocationNFS | MountOptions, OnPremConfig, ServerHostname, Subdirectory, Tags |
| AWS::DataSync::LocationObjectStorage | AccessKey, AgentArns, BucketName, SecretKey, ServerHostname, ServerPort, ServerProtocol, Subdirectory, Tags |
| AWS::DataSync::LocationS3 | S3BucketArn, S3Config, S3StorageClass, Subdirectory, Tags |
| AWS::DataSync::LocationSMB | AgentArns, Domain, MountOptions, Password, ServerHostname, Subdirectory, Tags, User |
| AWS::DataSync::Task | CloudWatchLogGroupArn, DestinationLocationArn, Excludes, Includes, Name, Options, Schedule, SourceLocationArn, Tags |
| AWS::Detective::Graph | Tags |
| AWS::Detective::MemberInvitation | DisableEmailNotification, GraphArn, MemberEmailAddress, MemberId, Message |
| AWS::DevOpsGuru::NotificationChannel | Config |
| AWS::DevOpsGuru::ResourceCollection | ResourceCollectionFilter |
| AWS::DirectoryService::MicrosoftAD | CreateAlias, Edition, EnableSso, Name, Password, ShortName, VpcSettings |
| AWS::DirectoryService::SimpleAD | CreateAlias, Description, EnableSso, Name, Password, ShortName, Size, VpcSettings |
| AWS::DocDB::DBCluster | AvailabilityZones, BackupRetentionPeriod, CopyTagsToSnapshot, DBClusterIdentifier, DBClusterParameterGroupName, DBSubnetGroupName, DeletionProtection, EnableCloudwatchLogsExports, EngineVersion, KmsKeyId, MasterUserPassword, MasterUsername, Port, PreferredBackupWindow, PreferredMaintenanceWindow, SnapshotIdentifier, StorageEncrypted, Tags, VpcSecurityGroupIds |
| AWS::DocDB::DBClusterParameterGroup | Description, Family, Name, Parameters, Tags |
| AWS::DocDB::DBInstance | AutoMinorVersionUpgrade, AvailabilityZone, DBClusterIdentifier, DBInstanceClass, DBInstanceIdentifier, EnablePerformanceInsights, PreferredMaintenanceWindow, Tags |
| AWS::DocDB::DBSubnetGroup | DBSubnetGroupDescription, DBSubnetGroupName, SubnetIds, Tags |
| AWS::DynamoDB::GlobalTable | AttributeDefinitions, BillingMode, GlobalSecondaryIndexes, KeySchema, LocalSecondaryIndexes, Replicas, SSESpecification, StreamSpecification, TableName, TimeToLiveSpecification, WriteProvisionedThroughputSettings |
| AWS::DynamoDB::Table | AttributeDefinitions, BillingMode, ContributorInsightsSpecification, GlobalSecondaryIndexes, KeySchema, KinesisStreamSpecification, LocalSecondaryIndexes, PointInTimeRecoverySpecification, ProvisionedThroughput, SSESpecification, StreamSpecification, TableClass, TableName, Tags, TimeToLiveSpecification |
| AWS::EC2::CapacityReservation | AvailabilityZone, EbsOptimized, EndDate, EndDateType, EphemeralStorage, InstanceCount, InstanceMatchCriteria, InstancePlatform, InstanceType, OutPostArn, PlacementGroupArn, TagSpecifications, Tenancy |
| AWS::EC2::CapacityReservationFleet | AllocationStrategy, EndDate, InstanceMatchCriteria, InstanceTypeSpecifications, NoRemoveEndDate, RemoveEndDate, TagSpecifications, Tenancy, TotalTargetCapacity |
| AWS::EC2::CarrierGateway | Tags, VpcId |
| AWS::EC2::ClientVpnAuthorizationRule | AccessGroupId, AuthorizeAllGroups, ClientVpnEndpointId, Description, TargetNetworkCidr |
| AWS::EC2::ClientVpnEndpoint | AuthenticationOptions, ClientCidrBlock, ClientConnectOptions, ClientLoginBannerOptions, ConnectionLogOptions, Description, DnsServers, SecurityGroupIds, SelfServicePortal, ServerCertificateArn, SessionTimeoutHours, SplitTunnel, TagSpecifications, TransportProtocol, VpcId, VpnPort |
| AWS::EC2::ClientVpnRoute | ClientVpnEndpointId, Description, DestinationCidrBlock, TargetVpcSubnetId |
| AWS::EC2::ClientVpnTargetNetworkAssociation | ClientVpnEndpointId, SubnetId |
| AWS::EC2::CustomerGateway | BgpAsn, IpAddress, Tags, Type |
| AWS::EC2::DHCPOptions | DomainName, DomainNameServers, NetbiosNameServers, NetbiosNodeType, NtpServers, Tags |
| AWS::EC2::EC2Fleet | Context, ExcessCapacityTerminationPolicy, LaunchTemplateConfigs, OnDemandOptions, ReplaceUnhealthyInstances, SpotOptions, TagSpecifications, TargetCapacitySpecification, TerminateInstancesWithExpiration, Type, ValidFrom, ValidUntil |
| AWS::EC2::EIP | Domain, InstanceId, PublicIpv4Pool, Tags |
| AWS::EC2::EIPAssociation | AllocationId, EIP, InstanceId, NetworkInterfaceId, PrivateIpAddress |
| AWS::EC2::EgressOnlyInternetGateway | VpcId |
| AWS::EC2::EnclaveCertificateIamRoleAssociation | CertificateArn, RoleArn |
| AWS::EC2::FlowLog | DeliverLogsPermissionArn, DestinationOptions, LogDestination, LogDestinationType, LogFormat, LogGroupName, MaxAggregationInterval, ResourceId, ResourceType, Tags, TrafficType |
| AWS::EC2::GatewayRouteTableAssociation | GatewayId, RouteTableId |
| AWS::EC2::Host | AutoPlacement, AvailabilityZone, HostRecovery, InstanceType |
| AWS::EC2::IPAM | Description, OperatingRegions, Tags |
| AWS::EC2::IPAMAllocation | Cidr, Description, IpamPoolId, NetmaskLength |
| AWS::EC2::IPAMPool | AddressFamily, AllocationDefaultNetmaskLength, AllocationMaxNetmaskLength, AllocationMinNetmaskLength, AllocationResourceTags, AutoImport, Description, IpamScopeId, Locale, ProvisionedCidrs, PubliclyAdvertisable, SourceIpamPoolId, Tags |
| AWS::EC2::IPAMScope | Description, IpamId, Tags |
| AWS::EC2::Instance | AdditionalInfo, Affinity, AvailabilityZone, BlockDeviceMappings, CpuOptions, CreditSpecification, DisableApiTermination, EbsOptimized, ElasticGpuSpecifications, ElasticInferenceAccelerators, EnclaveOptions, HibernationOptions, HostId, HostResourceGroupArn, IamInstanceProfile, ImageId, InstanceInitiatedShutdownBehavior, InstanceType, Ipv6AddressCount, Ipv6Addresses, KernelId, KeyName, LaunchTemplate, LicenseSpecifications, Monitoring, NetworkInterfaces, PlacementGroupName, PrivateDnsNameOptions, PrivateIpAddress, PropagateTagsToVolumeOnCreation, RamdiskId, SecurityGroupIds, SecurityGroups, SourceDestCheck, SsmAssociations, SubnetId, Tags, Tenancy, UserData, Volumes |
| AWS::EC2::InternetGateway | Tags |
| AWS::EC2::KeyPair | KeyName, KeyType, PublicKeyMaterial, Tags |
| AWS::EC2::LaunchTemplate | LaunchTemplateData, LaunchTemplateName, TagSpecifications |
| AWS::EC2::LocalGatewayRoute | DestinationCidrBlock, LocalGatewayRouteTableId, LocalGatewayVirtualInterfaceGroupId |
| AWS::EC2::LocalGatewayRouteTableVPCAssociation | LocalGatewayRouteTableId, Tags, VpcId |
| AWS::EC2::NatGateway | AllocationId, ConnectivityType, SubnetId, Tags |
| AWS::EC2::NetworkAcl | Tags, VpcId |
| AWS::EC2::NetworkAclEntry | CidrBlock, Egress, Icmp, Ipv6CidrBlock, NetworkAclId, PortRange, Protocol, RuleAction, RuleNumber |
| AWS::EC2::NetworkInsightsAccessScope | ExcludePaths, MatchPaths, Tags |
| AWS::EC2::NetworkInsightsAccessScopeAnalysis | NetworkInsightsAccessScopeId, Tags |
| AWS::EC2::NetworkInsightsAnalysis | FilterInArns, NetworkInsightsPathId, Tags |
| AWS::EC2::NetworkInsightsPath | Destination, DestinationIp, DestinationPort, Protocol, Source, SourceIp, Tags |
| AWS::EC2::NetworkInterface | Description, GroupSet, InterfaceType, Ipv6AddressCount, Ipv6Addresses, PrivateIpAddress, PrivateIpAddresses, SecondaryPrivateIpAddressCount, SourceDestCheck, SubnetId, Tags |
| AWS::EC2::NetworkInterfaceAttachment | DeleteOnTermination, DeviceIndex, InstanceId, NetworkInterfaceId |
| AWS::EC2::NetworkInterfacePermission | AwsAccountId, NetworkInterfaceId, Permission |
| AWS::EC2::PlacementGroup | Strategy |
| AWS::EC2::PrefixList | AddressFamily, Entries, MaxEntries, PrefixListName, Tags |
| AWS::EC2::Route | CarrierGatewayId, DestinationCidrBlock, DestinationIpv6CidrBlock, EgressOnlyInternetGatewayId, GatewayId, InstanceId, LocalGatewayId, NatGatewayId, NetworkInterfaceId, RouteTableId, TransitGatewayId, VpcEndpointId, VpcPeeringConnectionId |
| AWS::EC2::RouteTable | Tags, VpcId |
| AWS::EC2::SecurityGroup | GroupDescription, GroupName, SecurityGroupEgress, SecurityGroupIngress, Tags, VpcId |
| AWS::EC2::SecurityGroupEgress | CidrIp, CidrIpv6, Description, DestinationPrefixListId, DestinationSecurityGroupId, FromPort, GroupId, IpProtocol, ToPort |
| AWS::EC2::SecurityGroupIngress | CidrIp, CidrIpv6, Description, FromPort, GroupId, GroupName, IpProtocol, SourcePrefixListId, SourceSecurityGroupId, SourceSecurityGroupName, SourceSecurityGroupOwnerId, ToPort |
| AWS::EC2::SpotFleet | SpotFleetRequestConfigData |
| AWS::EC2::Subnet | AssignIpv6AddressOnCreation, AvailabilityZone, AvailabilityZoneId, CidrBlock, EnableDns64, Ipv6CidrBlock, Ipv6Native, MapPublicIpOnLaunch, OutpostArn, PrivateDnsNameOptionsOnLaunch, Tags, VpcId |
| AWS::EC2::SubnetCidrBlock | Ipv6CidrBlock, SubnetId |
| AWS::EC2::SubnetNetworkAclAssociation | NetworkAclId, SubnetId |
| AWS::EC2::SubnetRouteTableAssociation | RouteTableId, SubnetId |
| AWS::EC2::TrafficMirrorFilter | Description, NetworkServices, Tags |
| AWS::EC2::TrafficMirrorFilterRule | Description, DestinationCidrBlock, DestinationPortRange, Protocol, RuleAction, RuleNumber, SourceCidrBlock, SourcePortRange, TrafficDirection, TrafficMirrorFilterId |
| AWS::EC2::TrafficMirrorSession | Description, NetworkInterfaceId, PacketLength, SessionNumber, Tags, TrafficMirrorFilterId, TrafficMirrorTargetId, VirtualNetworkId |
| AWS::EC2::TrafficMirrorTarget | Description, NetworkInterfaceId, NetworkLoadBalancerArn, Tags |
| AWS::EC2::TransitGateway | AmazonSideAsn, AssociationDefaultRouteTableId, AutoAcceptSharedAttachments, DefaultRouteTableAssociation, DefaultRouteTablePropagation, Description, DnsSupport, MulticastSupport, PropagationDefaultRouteTableId, Tags, TransitGatewayCidrBlocks, VpnEcmpSupport |
| AWS::EC2::TransitGatewayAttachment | SubnetIds, Tags, TransitGatewayId, VpcId |
| AWS::EC2::TransitGatewayConnect | Options, Tags, TransportTransitGatewayAttachmentId |
| AWS::EC2::TransitGatewayMulticastDomain | Options, Tags, TransitGatewayId |
| AWS::EC2::TransitGatewayMulticastDomainAssociation | SubnetId, TransitGatewayAttachmentId, TransitGatewayMulticastDomainId |
| AWS::EC2::TransitGatewayMulticastGroupMember | GroupIpAddress, NetworkInterfaceId, TransitGatewayMulticastDomainId |
| AWS::EC2::TransitGatewayMulticastGroupSource | GroupIpAddress, NetworkInterfaceId, TransitGatewayMulticastDomainId |
| AWS::EC2::TransitGatewayPeeringAttachment | PeerAccountId, PeerRegion, PeerTransitGatewayId, Tags, TransitGatewayId |
| AWS::EC2::TransitGatewayRoute | Blackhole, DestinationCidrBlock, TransitGatewayAttachmentId, TransitGatewayRouteTableId |
| AWS::EC2::TransitGatewayRouteTable | Tags, TransitGatewayId |
| AWS::EC2::TransitGatewayRouteTableAssociation | TransitGatewayAttachmentId, TransitGatewayRouteTableId |
| AWS::EC2::TransitGatewayRouteTablePropagation | TransitGatewayAttachmentId, TransitGatewayRouteTableId |
| AWS::EC2::TransitGatewayVpcAttachment | AddSubnetIds, Options, RemoveSubnetIds, SubnetIds, Tags, TransitGatewayId, VpcId |
| AWS::EC2::VPC | CidrBlock, EnableDnsHostnames, EnableDnsSupport, InstanceTenancy, Ipv4IpamPoolId, Ipv4NetmaskLength, Tags |
| AWS::EC2::VPCCidrBlock | AmazonProvidedIpv6CidrBlock, CidrBlock, Ipv4IpamPoolId, Ipv4NetmaskLength, Ipv6CidrBlock, Ipv6IpamPoolId, Ipv6NetmaskLength, Ipv6Pool, VpcId |
| AWS::EC2::VPCDHCPOptionsAssociation | DhcpOptionsId, VpcId |
| AWS::EC2::VPCEndpoint | PolicyDocument, PrivateDnsEnabled, RouteTableIds, SecurityGroupIds, ServiceName, SubnetIds, VpcEndpointType, VpcId |
| AWS::EC2::VPCEndpointConnectionNotification | ConnectionEvents, ConnectionNotificationArn, ServiceId, VPCEndpointId |
| AWS::EC2::VPCEndpointService | AcceptanceRequired, GatewayLoadBalancerArns, NetworkLoadBalancerArns, PayerResponsibility |
| AWS::EC2::VPCEndpointServicePermissions | AllowedPrincipals, ServiceId |
| AWS::EC2::VPCGatewayAttachment | InternetGatewayId, VpcId, VpnGatewayId |
| AWS::EC2::VPCPeeringConnection | PeerOwnerId, PeerRegion, PeerRoleArn, PeerVpcId, Tags, VpcId |
| AWS::EC2::VPNConnection | CustomerGatewayId, StaticRoutesOnly, Tags, TransitGatewayId, Type, VpnGatewayId, VpnTunnelOptionsSpecifications |
| AWS::EC2::VPNConnectionRoute | DestinationCidrBlock, VpnConnectionId |
| AWS::EC2::VPNGateway | AmazonSideAsn, Tags, Type |
| AWS::EC2::VPNGatewayRoutePropagation | RouteTableIds, VpnGatewayId |
| AWS::EC2::Volume | AutoEnableIO, AvailabilityZone, Encrypted, Iops, KmsKeyId, MultiAttachEnabled, OutpostArn, Size, SnapshotId, Tags, Throughput, VolumeType |
| AWS::EC2::VolumeAttachment | Device, InstanceId, VolumeId |
| AWS::ECR::PublicRepository | RepositoryCatalogData, RepositoryName, RepositoryPolicyText, Tags |
| AWS::ECR::PullThroughCacheRule | EcrRepositoryPrefix, UpstreamRegistryUrl |
| AWS::ECR::RegistryPolicy | PolicyText |
| AWS::ECR::ReplicationConfiguration | ReplicationConfiguration |
| AWS::ECR::Repository | EncryptionConfiguration, ImageScanningConfiguration, ImageTagMutability, LifecyclePolicy, RepositoryName, RepositoryPolicyText, Tags |
| AWS::ECS::CapacityProvider | AutoScalingGroupProvider, Name, Tags |
| AWS::ECS::Cluster | CapacityProviders, ClusterName, ClusterSettings, Configuration, DefaultCapacityProviderStrategy, Tags |
| AWS::ECS::ClusterCapacityProviderAssociations | CapacityProviders, Cluster, DefaultCapacityProviderStrategy |
| AWS::ECS::PrimaryTaskSet | Cluster, Service, TaskSetId |
| AWS::ECS::Service | CapacityProviderStrategy, Cluster, DeploymentConfiguration, DeploymentController, DesiredCount, EnableECSManagedTags, EnableExecuteCommand, HealthCheckGracePeriodSeconds, LaunchType, LoadBalancers, NetworkConfiguration, PlacementConstraints, PlacementStrategies, PlatformVersion, PropagateTags, Role, SchedulingStrategy, ServiceName, ServiceRegistries, Tags, TaskDefinition |
| AWS::ECS::TaskDefinition | ContainerDefinitions, Cpu, EphemeralStorage, ExecutionRoleArn, Family, InferenceAccelerators, IpcMode, Memory, NetworkMode, PidMode, PlacementConstraints, ProxyConfiguration, RequiresCompatibilities, RuntimePlatform, Tags, TaskRoleArn, Volumes |
| AWS::ECS::TaskSet | Cluster, ExternalId, LaunchType, LoadBalancers, NetworkConfiguration, PlatformVersion, Scale, Service, ServiceRegistries, TaskDefinition |
| AWS::EFS::AccessPoint | AccessPointTags, ClientToken, FileSystemId, PosixUser, RootDirectory |
| AWS::EFS::FileSystem | AvailabilityZoneName, BackupPolicy, BypassPolicyLockoutSafetyCheck, Encrypted, FileSystemPolicy, FileSystemTags, KmsKeyId, LifecyclePolicies, PerformanceMode, ProvisionedThroughputInMibps, ThroughputMode |
| AWS::EFS::MountTarget | FileSystemId, IpAddress, SecurityGroups, SubnetId |
| AWS::EKS::Addon | AddonName, AddonVersion, ClusterName, ResolveConflicts, ServiceAccountRoleArn, Tags |
| AWS::EKS::Cluster | EncryptionConfig, KubernetesNetworkConfig, Logging, Name, ResourcesVpcConfig, RoleArn, Tags, Version |
| AWS::EKS::FargateProfile | ClusterName, FargateProfileName, PodExecutionRoleArn, Selectors, Subnets, Tags |
| AWS::EKS::IdentityProviderConfig | ClusterName, IdentityProviderConfigName, Oidc, Tags, Type |
| AWS::EKS::Nodegroup | AmiType, CapacityType, ClusterName, DiskSize, ForceUpdateEnabled, InstanceTypes, Labels, LaunchTemplate, NodeRole, NodegroupName, ReleaseVersion, RemoteAccess, ScalingConfig, Subnets, Tags, Taints, UpdateConfig, Version |
| AWS::EMR::Cluster | AdditionalInfo, Applications, AutoScalingRole, BootstrapActions, Configurations, CustomAmiId, EbsRootVolumeSize, Instances, JobFlowRole, KerberosAttributes, LogEncryptionKmsKeyId, LogUri, ManagedScalingPolicy, Name, ReleaseLabel, ScaleDownBehavior, SecurityConfiguration, ServiceRole, StepConcurrencyLevel, Steps, Tags, VisibleToAllUsers |
| AWS::EMR::InstanceFleetConfig | ClusterId, InstanceFleetType, InstanceTypeConfigs, LaunchSpecifications, Name, TargetOnDemandCapacity, TargetSpotCapacity |
| AWS::EMR::InstanceGroupConfig | AutoScalingPolicy, BidPrice, Configurations, CustomAmiId, EbsConfiguration, InstanceCount, InstanceRole, InstanceType, JobFlowId, Market, Name |
| AWS::EMR::SecurityConfiguration | Name, SecurityConfiguration |
| AWS::EMR::Step | ActionOnFailure, HadoopJarStep, JobFlowId, Name |
| AWS::EMR::Studio | AuthMode, DefaultS3Location, Description, EngineSecurityGroupId, IdpAuthUrl, IdpRelayStateParameterName, Name, ServiceRole, SubnetIds, Tags, UserRole, VpcId, WorkspaceSecurityGroupId |
| AWS::EMR::StudioSessionMapping | IdentityName, IdentityType, SessionPolicyArn, StudioId |
| AWS::EMRContainers::VirtualCluster | ContainerProvider, Name, Tags |
| AWS::ElastiCache::CacheCluster | AZMode, AutoMinorVersionUpgrade, CacheNodeType, CacheParameterGroupName, CacheSecurityGroupNames, CacheSubnetGroupName, ClusterName, Engine, EngineVersion, LogDeliveryConfigurations, NotificationTopicArn, NumCacheNodes, Port, PreferredAvailabilityZone, PreferredAvailabilityZones, PreferredMaintenanceWindow, SnapshotArns, SnapshotName, SnapshotRetentionLimit, SnapshotWindow, Tags, VpcSecurityGroupIds |
| AWS::ElastiCache::GlobalReplicationGroup | AutomaticFailoverEnabled, CacheNodeType, CacheParameterGroupName, EngineVersion, GlobalNodeGroupCount, GlobalReplicationGroupDescription, GlobalReplicationGroupIdSuffix, Members, RegionalConfigurations |
| AWS::ElastiCache::ParameterGroup | CacheParameterGroupFamily, Description, Properties, Tags |
| AWS::ElastiCache::ReplicationGroup | AtRestEncryptionEnabled, AuthToken, AutoMinorVersionUpgrade, AutomaticFailoverEnabled, CacheNodeType, CacheParameterGroupName, CacheSecurityGroupNames, CacheSubnetGroupName, DataTieringEnabled, Engine, EngineVersion, GlobalReplicationGroupId, KmsKeyId, LogDeliveryConfigurations, MultiAZEnabled, NodeGroupConfiguration, NotificationTopicArn, NumCacheClusters, NumNodeGroups, Port, PreferredCacheClusterAZs, PreferredMaintenanceWindow, PrimaryClusterId, ReplicasPerNodeGroup, ReplicationGroupDescription, ReplicationGroupId, SecurityGroupIds, SnapshotArns, SnapshotName, SnapshotRetentionLimit, SnapshotWindow, SnapshottingClusterId, Tags, TransitEncryptionEnabled, UserGroupIds |
| AWS::ElastiCache::SecurityGroup | Description, Tags |
| AWS::ElastiCache::SecurityGroupIngress | CacheSecurityGroupName, EC2SecurityGroupName, EC2SecurityGroupOwnerId |
| AWS::ElastiCache::SubnetGroup | CacheSubnetGroupName, Description, SubnetIds, Tags |
| AWS::ElastiCache::User | AccessString, Engine, NoPasswordRequired, Passwords, UserId, UserName |
| AWS::ElastiCache::UserGroup | Engine, UserGroupId, UserIds |
| AWS::ElasticBeanstalk::Application | ApplicationName, Description, ResourceLifecycleConfig |
| AWS::ElasticBeanstalk::ApplicationVersion | ApplicationName, Description, SourceBundle |
| AWS::ElasticBeanstalk::ConfigurationTemplate | ApplicationName, Description, EnvironmentId, OptionSettings, PlatformArn, SolutionStackName, SourceConfiguration |
| AWS::ElasticBeanstalk::Environment | ApplicationName, CNAMEPrefix, Description, EnvironmentName, OperationsRole, OptionSettings, PlatformArn, SolutionStackName, Tags, TemplateName, Tier, VersionLabel |
| AWS::ElasticLoadBalancing::LoadBalancer | AccessLoggingPolicy, AppCookieStickinessPolicy, AvailabilityZones, ConnectionDrainingPolicy, ConnectionSettings, CrossZone, HealthCheck, Instances, LBCookieStickinessPolicy, Listeners, LoadBalancerName, Policies, Scheme, SecurityGroups, Subnets, Tags |
| AWS::ElasticLoadBalancingV2::Listener | AlpnPolicy, Certificates, DefaultActions, LoadBalancerArn, Port, Protocol, SslPolicy |
| AWS::ElasticLoadBalancingV2::ListenerCertificate | Certificates, ListenerArn |
| AWS::ElasticLoadBalancingV2::ListenerRule | Actions, Conditions, ListenerArn, Priority |
| AWS::ElasticLoadBalancingV2::LoadBalancer | IpAddressType, LoadBalancerAttributes, Name, Scheme, SecurityGroups, SubnetMappings, Subnets, Tags, Type |
| AWS::ElasticLoadBalancingV2::TargetGroup | HealthCheckEnabled, HealthCheckIntervalSeconds, HealthCheckPath, HealthCheckPort, HealthCheckProtocol, HealthCheckTimeoutSeconds, HealthyThresholdCount, IpAddressType, Matcher, Name, Port, Protocol, ProtocolVersion, Tags, TargetGroupAttributes, TargetType, Targets, UnhealthyThresholdCount, VpcId |
| AWS::Elasticsearch::Domain | AccessPolicies, AdvancedOptions, AdvancedSecurityOptions, CognitoOptions, DomainEndpointOptions, DomainName, EBSOptions, ElasticsearchClusterConfig, ElasticsearchVersion, EncryptionAtRestOptions, LogPublishingOptions, NodeToNodeEncryptionOptions, SnapshotOptions, Tags, VPCOptions |
| AWS::EventSchemas::Discoverer | CrossAccount, Description, SourceArn, Tags |
| AWS::EventSchemas::Registry | Description, RegistryName, Tags |
| AWS::EventSchemas::RegistryPolicy | Policy, RegistryName, RevisionId |
| AWS::EventSchemas::Schema | Content, Description, RegistryName, SchemaName, Tags, Type |
| AWS::Events::ApiDestination | ConnectionArn, Description, HttpMethod, InvocationEndpoint, InvocationRateLimitPerSecond, Name |
| AWS::Events::Archive | ArchiveName, Description, EventPattern, RetentionDays, SourceArn |
| AWS::Events::Connection | AuthParameters, AuthorizationType, Description, Name |
| AWS::Events::Endpoint | Description, EventBuses, Name, ReplicationConfig, RoleArn, RoutingConfig |
| AWS::Events::EventBus | EventSourceName, Name, Tags |
| AWS::Events::EventBusPolicy | Action, Condition, EventBusName, Principal, Statement, StatementId |
| AWS::Events::Rule | Description, EventBusName, EventPattern, Name, RoleArn, ScheduleExpression, State, Targets |
| AWS::Evidently::Experiment | Description, MetricGoals, Name, OnlineAbConfig, Project, RandomizationSalt, RunningStatus, SamplingRate, Tags, Treatments |
| AWS::Evidently::Feature | DefaultVariation, Description, EntityOverrides, EvaluationStrategy, Name, Project, Tags, Variations |
| AWS::Evidently::Launch | Description, ExecutionStatus, Groups, MetricMonitors, Name, Project, RandomizationSalt, ScheduledSplitsConfig, Tags |
| AWS::Evidently::Project | DataDelivery, Description, Name, Tags |
| AWS::FIS::ExperimentTemplate | Actions, Description, LogConfiguration, RoleArn, StopConditions, Tags, Targets |
| AWS::FMS::NotificationChannel | SnsRoleName, SnsTopicArn |
| AWS::FMS::Policy | DeleteAllPolicyResources, ExcludeMap, ExcludeResourceTags, IncludeMap, PolicyName, RemediationEnabled, ResourceTags, ResourceType, ResourceTypeList, ResourcesCleanUp, SecurityServicePolicyData, Tags |
| AWS::FSx::FileSystem | BackupId, FileSystemType, FileSystemTypeVersion, KmsKeyId, LustreConfiguration, OntapConfiguration, OpenZFSConfiguration, SecurityGroupIds, StorageCapacity, StorageType, SubnetIds, Tags, WindowsConfiguration |
| AWS::FSx::Snapshot | Name, Tags, VolumeId |
| AWS::FSx::StorageVirtualMachine | ActiveDirectoryConfiguration, FileSystemId, Name, RootVolumeSecurityStyle, SvmAdminPassword, Tags |
| AWS::FSx::Volume | BackupId, Name, OntapConfiguration, OpenZFSConfiguration, Tags, VolumeType |
| AWS::FinSpace::Environment | DataBundles, Description, FederationMode, FederationParameters, KmsKeyId, Name, SuperuserParameters |
| AWS::Forecast::Dataset | DataFrequency, DatasetName, DatasetType, Domain, EncryptionConfig, Schema, Tags |
| AWS::Forecast::DatasetGroup | DatasetArns, DatasetGroupName, Domain, Tags |
| AWS::FraudDetector::Detector | AssociatedModels, Description, DetectorId, DetectorVersionStatus, EventType, RuleExecutionMode, Rules, Tags |
| AWS::FraudDetector::EntityType | Description, Name, Tags |
| AWS::FraudDetector::EventType | Description, EntityTypes, EventVariables, Labels, Name, Tags |
| AWS::FraudDetector::Label | Description, Name, Tags |
| AWS::FraudDetector::Outcome | Description, Name, Tags |
| AWS::FraudDetector::Variable | DataSource, DataType, DefaultValue, Description, Name, Tags, VariableType |
| AWS::GameLift::Alias | Description, Name, RoutingStrategy |
| AWS::GameLift::Build | Name, OperatingSystem, StorageLocation, Version |
| AWS::GameLift::Fleet | BuildId, CertificateConfiguration, Description, DesiredEC2Instances, EC2InboundPermissions, EC2InstanceType, FleetType, InstanceRoleARN, Locations, MaxSize, MetricGroups, MinSize, Name, NewGameSessionProtectionPolicy, PeerVpcAwsAccountId, PeerVpcId, ResourceCreationLimitPolicy, RuntimeConfiguration, ScriptId |
| AWS::GameLift::GameServerGroup | AutoScalingPolicy, BalancingStrategy, DeleteOption, GameServerGroupName, GameServerProtectionPolicy, InstanceDefinitions, LaunchTemplate, MaxSize, MinSize, RoleArn, Tags, VpcSubnets |
| AWS::GameLift::GameSessionQueue | CustomEventData, Destinations, FilterConfiguration, Name, NotificationTarget, PlayerLatencyPolicies, PriorityConfiguration, Tags, TimeoutInSeconds |
| AWS::GameLift::MatchmakingConfiguration | AcceptanceRequired, AcceptanceTimeoutSeconds, AdditionalPlayerCount, BackfillMode, CustomEventData, Description, FlexMatchMode, GameProperties, GameSessionData, GameSessionQueueArns, Name, NotificationTarget, RequestTimeoutSeconds, RuleSetName, Tags |
| AWS::GameLift::MatchmakingRuleSet | Name, RuleSetBody, Tags |
| AWS::GameLift::Script | Name, StorageLocation, Tags, Version |
| AWS::GlobalAccelerator::Accelerator | Enabled, IpAddressType, IpAddresses, Name, Tags |
| AWS::GlobalAccelerator::EndpointGroup | EndpointConfigurations, EndpointGroupRegion, HealthCheckIntervalSeconds, HealthCheckPath, HealthCheckPort, HealthCheckProtocol, ListenerArn, PortOverrides, ThresholdCount, TrafficDialPercentage |
| AWS::GlobalAccelerator::Listener | AcceleratorArn, ClientAffinity, PortRanges, Protocol |
| AWS::Glue::Classifier | CsvClassifier, GrokClassifier, JsonClassifier, XMLClassifier |
| AWS::Glue::Connection | CatalogId, ConnectionInput |
| AWS::Glue::Crawler | Classifiers, Configuration, CrawlerSecurityConfiguration, DatabaseName, Description, Name, RecrawlPolicy, Role, Schedule, SchemaChangePolicy, TablePrefix, Tags, Targets |
| AWS::Glue::DataCatalogEncryptionSettings | CatalogId, DataCatalogEncryptionSettings |
| AWS::Glue::Database | CatalogId, DatabaseInput |
| AWS::Glue::DevEndpoint | Arguments, EndpointName, ExtraJarsS3Path, ExtraPythonLibsS3Path, GlueVersion, NumberOfNodes, NumberOfWorkers, PublicKey, PublicKeys, RoleArn, SecurityConfiguration, SecurityGroupIds, SubnetId, Tags, WorkerType |
| AWS::Glue::Job | AllocatedCapacity, Command, Connections, DefaultArguments, Description, ExecutionProperty, GlueVersion, LogUri, MaxCapacity, MaxRetries, Name, NotificationProperty, NumberOfWorkers, Role, SecurityConfiguration, Tags, Timeout, WorkerType |
| AWS::Glue::MLTransform | Description, GlueVersion, InputRecordTables, MaxCapacity, MaxRetries, Name, NumberOfWorkers, Role, Tags, Timeout, TransformEncryption, TransformParameters, WorkerType |
| AWS::Glue::Partition | CatalogId, DatabaseName, PartitionInput, TableName |
| AWS::Glue::Registry | Description, Name, Tags |
| AWS::Glue::Schema | CheckpointVersion, Compatibility, DataFormat, Description, Name, Registry, SchemaDefinition, Tags |
| AWS::Glue::SchemaVersion | Schema, SchemaDefinition |
| AWS::Glue::SchemaVersionMetadata | Key, SchemaVersionId, Value |
| AWS::Glue::SecurityConfiguration | EncryptionConfiguration, Name |
| AWS::Glue::Table | CatalogId, DatabaseName, TableInput |
| AWS::Glue::Trigger | Actions, Description, Name, Predicate, Schedule, StartOnCreation, Tags, Type, WorkflowName |
| AWS::Glue::Workflow | DefaultRunProperties, Description, Name, Tags |
| AWS::Greengrass::ConnectorDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::ConnectorDefinitionVersion | ConnectorDefinitionId, Connectors |
| AWS::Greengrass::CoreDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::CoreDefinitionVersion | CoreDefinitionId, Cores |
| AWS::Greengrass::DeviceDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::DeviceDefinitionVersion | DeviceDefinitionId, Devices |
| AWS::Greengrass::FunctionDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::FunctionDefinitionVersion | DefaultConfig, FunctionDefinitionId, Functions |
| AWS::Greengrass::Group | InitialVersion, Name, RoleArn, Tags |
| AWS::Greengrass::GroupVersion | ConnectorDefinitionVersionArn, CoreDefinitionVersionArn, DeviceDefinitionVersionArn, FunctionDefinitionVersionArn, GroupId, LoggerDefinitionVersionArn, ResourceDefinitionVersionArn, SubscriptionDefinitionVersionArn |
| AWS::Greengrass::LoggerDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::LoggerDefinitionVersion | LoggerDefinitionId, Loggers |
| AWS::Greengrass::ResourceDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::ResourceDefinitionVersion | ResourceDefinitionId, Resources |
| AWS::Greengrass::SubscriptionDefinition | InitialVersion, Name, Tags |
| AWS::Greengrass::SubscriptionDefinitionVersion | SubscriptionDefinitionId, Subscriptions |
| AWS::GreengrassV2::ComponentVersion | InlineRecipe, LambdaFunction, Tags |
| AWS::GroundStation::Config | ConfigData, Name, Tags |
| AWS::GroundStation::DataflowEndpointGroup | EndpointDetails, Tags |
| AWS::GroundStation::MissionProfile | ContactPostPassDurationSeconds, ContactPrePassDurationSeconds, DataflowEdges, MinimumViableContactDurationSeconds, Name, Tags, TrackingConfigArn |
| AWS::GuardDuty::Detector | DataSources, Enable, FindingPublishingFrequency |
| AWS::GuardDuty::Filter | Action, Description, DetectorId, FindingCriteria, Name, Rank |
| AWS::GuardDuty::IPSet | Activate, DetectorId, Format, Location, Name |
| AWS::GuardDuty::Master | DetectorId, InvitationId, MasterId |
| AWS::GuardDuty::Member | DetectorId, DisableEmailNotification, Email, MemberId, Message, Status |
| AWS::GuardDuty::ThreatIntelSet | Activate, DetectorId, Format, Location, Name |
| AWS::HealthLake::FHIRDatastore | DatastoreName, DatastoreTypeVersion, PreloadDataConfig, SseConfiguration, Tags |
| AWS::IAM::AccessKey | Serial, Status, UserName |
| AWS::IAM::Group | GroupName, ManagedPolicyArns, Path, Policies |
| AWS::IAM::InstanceProfile | InstanceProfileName, Path, Roles |
| AWS::IAM::ManagedPolicy | Description, Groups, ManagedPolicyName, Path, PolicyDocument, Roles, Users |
| AWS::IAM::OIDCProvider | ClientIdList, Tags, ThumbprintList, Url |
| AWS::IAM::Policy | Groups, PolicyDocument, PolicyName, Roles, Users |
| AWS::IAM::Role | AssumeRolePolicyDocument, Description, ManagedPolicyArns, MaxSessionDuration, Path, PermissionsBoundary, Policies, RoleName, Tags |
| AWS::IAM::SAMLProvider | Name, SamlMetadataDocument, Tags |
| AWS::IAM::ServerCertificate | CertificateBody, CertificateChain, Path, PrivateKey, ServerCertificateName, Tags |
| AWS::IAM::ServiceLinkedRole | AWSServiceName, CustomSuffix, Description |
| AWS::IAM::User | Groups, LoginProfile, ManagedPolicyArns, Path, PermissionsBoundary, Policies, Tags, UserName |
| AWS::IAM::UserToGroupAddition | GroupName, Users |
| AWS::IAM::VirtualMFADevice | Path, Tags, Users, VirtualMfaDeviceName |
| AWS::IVS::Channel | Authorized, LatencyMode, Name, RecordingConfigurationArn, Tags, Type |
| AWS::IVS::PlaybackKeyPair | Name, PublicKeyMaterial, Tags |
| AWS::IVS::RecordingConfiguration | DestinationConfiguration, Name, Tags, ThumbnailConfiguration |
| AWS::IVS::StreamKey | ChannelArn, Tags |
| AWS::ImageBuilder::Component | ChangeDescription, Data, Description, KmsKeyId, Name, Platform, SupportedOsVersions, Tags, Uri, Version |
| AWS::ImageBuilder::ContainerRecipe | Components, ContainerType, Description, DockerfileTemplateData, DockerfileTemplateUri, ImageOsVersionOverride, InstanceConfiguration, KmsKeyId, Name, ParentImage, PlatformOverride, Tags, TargetRepository, Version, WorkingDirectory |
| AWS::ImageBuilder::DistributionConfiguration | Description, Distributions, Name, Tags |
| AWS::ImageBuilder::Image | ContainerRecipeArn, DistributionConfigurationArn, EnhancedImageMetadataEnabled, ImageRecipeArn, ImageTestsConfiguration, InfrastructureConfigurationArn, Tags |
| AWS::ImageBuilder::ImagePipeline | ContainerRecipeArn, Description, DistributionConfigurationArn, EnhancedImageMetadataEnabled, ImageRecipeArn, ImageTestsConfiguration, InfrastructureConfigurationArn, Name, Schedule, Status, Tags |
| AWS::ImageBuilder::ImageRecipe | AdditionalInstanceConfiguration, BlockDeviceMappings, Components, Description, Name, ParentImage, Tags, Version, WorkingDirectory |
| AWS::ImageBuilder::InfrastructureConfiguration | Description, InstanceMetadataOptions, InstanceProfileName, InstanceTypes, KeyPair, Logging, Name, ResourceTags, SecurityGroupIds, SnsTopicArn, SubnetId, Tags, TerminateInstanceOnFailure |
| AWS::Inspector::AssessmentTarget | AssessmentTargetName, ResourceGroupArn |
| AWS::Inspector::AssessmentTemplate | AssessmentTargetArn, AssessmentTemplateName, DurationInSeconds, RulesPackageArns, UserAttributesForFindings |
| AWS::Inspector::ResourceGroup | ResourceGroupTags |
| AWS::InspectorV2::Filter | Description, FilterAction, FilterCriteria, Name |
| AWS::IoT1Click::Device | DeviceId, Enabled |
| AWS::IoT1Click::Placement | AssociatedDevices, Attributes, PlacementName, ProjectName |
| AWS::IoT1Click::Project | Description, PlacementTemplate, ProjectName |
| AWS::IoT::AccountAuditConfiguration | AccountId, AuditCheckConfigurations, AuditNotificationTargetConfigurations, RoleArn |
| AWS::IoT::Authorizer | AuthorizerFunctionArn, AuthorizerName, EnableCachingForHttp, SigningDisabled, Status, Tags, TokenKeyName, TokenSigningPublicKeys |
| AWS::IoT::Certificate | CACertificatePem, CertificateMode, CertificatePem, CertificateSigningRequest, Status |
| AWS::IoT::CustomMetric | DisplayName, MetricName, MetricType, Tags |
| AWS::IoT::Dimension | Name, StringValues, Tags, Type |
| AWS::IoT::DomainConfiguration | AuthorizerConfig, DomainConfigurationName, DomainConfigurationStatus, DomainName, ServerCertificateArns, ServiceType, Tags, ValidationCertificateArn |
| AWS::IoT::FleetMetric | AggregationField, AggregationType, Description, IndexName, MetricName, Period, QueryString, QueryVersion, Tags, Unit |
| AWS::IoT::JobTemplate | AbortConfig, Description, Document, DocumentSource, JobArn, JobExecutionsRetryConfig, JobExecutionsRolloutConfig, JobTemplateId, PresignedUrlConfig, Tags, TimeoutConfig |
| AWS::IoT::Logging | AccountId, DefaultLogLevel, RoleArn |
| AWS::IoT::MitigationAction | ActionName, ActionParams, RoleArn, Tags |
| AWS::IoT::Policy | PolicyDocument, PolicyName |
| AWS::IoT::PolicyPrincipalAttachment | PolicyName, Principal |
| AWS::IoT::ProvisioningTemplate | Description, Enabled, PreProvisioningHook, ProvisioningRoleArn, Tags, TemplateBody, TemplateName |
| AWS::IoT::ResourceSpecificLogging | LogLevel, TargetName, TargetType |
| AWS::IoT::ScheduledAudit | DayOfMonth, DayOfWeek, Frequency, ScheduledAuditName, Tags, TargetCheckNames |
| AWS::IoT::SecurityProfile | AdditionalMetricsToRetainV2, AlertTargets, Behaviors, SecurityProfileDescription, SecurityProfileName, Tags, TargetArns |
| AWS::IoT::Thing | AttributePayload, ThingName |
| AWS::IoT::ThingPrincipalAttachment | Principal, ThingName |
| AWS::IoT::TopicRule | RuleName, Tags, TopicRulePayload |
| AWS::IoT::TopicRuleDestination | HttpUrlProperties, Status, VpcProperties |
| AWS::IoTAnalytics::Channel | ChannelName, ChannelStorage, RetentionPeriod, Tags |
| AWS::IoTAnalytics::Dataset | Actions, ContentDeliveryRules, DatasetName, LateDataRules, RetentionPeriod, Tags, Triggers, VersioningConfiguration |
| AWS::IoTAnalytics::Datastore | DatastoreName, DatastorePartitions, DatastoreStorage, FileFormatConfiguration, RetentionPeriod, Tags |
| AWS::IoTAnalytics::Pipeline | PipelineActivities, PipelineName, Tags |
| AWS::IoTCoreDeviceAdvisor::SuiteDefinition | SuiteDefinitionConfiguration, Tags |
| AWS::IoTEvents::AlarmModel | AlarmCapabilities, AlarmEventActions, AlarmModelDescription, AlarmModelName, AlarmRule, Key, RoleArn, Severity, Tags |
| AWS::IoTEvents::DetectorModel | DetectorModelDefinition, DetectorModelDescription, DetectorModelName, EvaluationMethod, Key, RoleArn, Tags |
| AWS::IoTEvents::Input | InputDefinition, InputDescription, InputName, Tags |
| AWS::IoTFleetHub::Application | ApplicationDescription, ApplicationName, RoleArn, Tags |
| AWS::IoTSiteWise::AccessPolicy | AccessPolicyIdentity, AccessPolicyPermission, AccessPolicyResource |
| AWS::IoTSiteWise::Asset | AssetHierarchies, AssetModelId, AssetName, AssetProperties, Tags |
| AWS::IoTSiteWise::AssetModel | AssetModelCompositeModels, AssetModelDescription, AssetModelHierarchies, AssetModelName, AssetModelProperties, Tags |
| AWS::IoTSiteWise::Dashboard | DashboardDefinition, DashboardDescription, DashboardName, ProjectId, Tags |
| AWS::IoTSiteWise::Gateway | GatewayCapabilitySummaries, GatewayName, GatewayPlatform, Tags |
| AWS::IoTSiteWise::Portal | Alarms, NotificationSenderEmail, PortalAuthMode, PortalContactEmail, PortalDescription, PortalName, RoleArn, Tags |
| AWS::IoTSiteWise::Project | AssetIds, PortalId, ProjectDescription, ProjectName, Tags |
| AWS::IoTThingsGraph::FlowTemplate | CompatibleNamespaceVersion, Definition |
| AWS::IoTTwinMaker::ComponentType | ComponentTypeId, Description, ExtendsFrom, Functions, IsSingleton, PropertyDefinitions, Tags, WorkspaceId |
| AWS::IoTTwinMaker::Entity | Components, Description, EntityId, EntityName, ParentEntityId, Tags, WorkspaceId |
| AWS::IoTTwinMaker::Scene | Capabilities, ContentLocation, Description, SceneId, Tags, WorkspaceId |
| AWS::IoTTwinMaker::Workspace | Description, Role, S3Location, Tags, WorkspaceId |
| AWS::IoTWireless::Destination | Description, Expression, ExpressionType, Name, RoleArn, Tags |
| AWS::IoTWireless::DeviceProfile | LoRaWAN, Name, Tags |
| AWS::IoTWireless::FuotaTask | AssociateMulticastGroup, AssociateWirelessDevice, Description, DisassociateMulticastGroup, DisassociateWirelessDevice, FirmwareUpdateImage, FirmwareUpdateRole, LoRaWAN, Name, Tags |
| AWS::IoTWireless::MulticastGroup | AssociateWirelessDevice, Description, DisassociateWirelessDevice, LoRaWAN, Name, Tags |
| AWS::IoTWireless::PartnerAccount | AccountLinked, Fingerprint, PartnerAccountId, PartnerType, Sidewalk, SidewalkUpdate, Tags |
| AWS::IoTWireless::ServiceProfile | LoRaWAN, Name, Tags |
| AWS::IoTWireless::TaskDefinition | AutoCreateTasks, LoRaWANUpdateGatewayTaskEntry, Name, Tags, TaskDefinitionType, Update |
| AWS::IoTWireless::WirelessDevice | Description, DestinationName, LastUplinkReceivedAt, LoRaWAN, Name, Tags, ThingArn, Type |
| AWS::IoTWireless::WirelessGateway | Description, LastUplinkReceivedAt, LoRaWAN, Name, Tags, ThingArn |
| AWS::KMS::Alias | AliasName, TargetKeyId |
| AWS::KMS::Key | Description, EnableKeyRotation, Enabled, KeyPolicy, KeySpec, KeyUsage, MultiRegion, PendingWindowInDays, Tags |
| AWS::KMS::ReplicaKey | Description, Enabled, KeyPolicy, PendingWindowInDays, PrimaryKeyArn, Tags |
| AWS::KafkaConnect::Connector | Capacity, ConnectorConfiguration, ConnectorDescription, ConnectorName, KafkaCluster, KafkaClusterClientAuthentication, KafkaClusterEncryptionInTransit, KafkaConnectVersion, LogDelivery, Plugins, ServiceExecutionRoleArn, WorkerConfiguration |
| AWS::Kendra::DataSource | CustomDocumentEnrichmentConfiguration, DataSourceConfiguration, Description, IndexId, Name, RoleArn, Schedule, Tags, Type |
| AWS::Kendra::Faq | Description, FileFormat, IndexId, Name, RoleArn, S3Path, Tags |
| AWS::Kendra::Index | CapacityUnits, Description, DocumentMetadataConfigurations, Edition, Name, RoleArn, ServerSideEncryptionConfiguration, Tags, UserContextPolicy, UserTokenConfigurations |
| AWS::Kinesis::Stream | Name, RetentionPeriodHours, ShardCount, StreamEncryption, StreamModeDetails, Tags |
| AWS::Kinesis::StreamConsumer | ConsumerName, StreamARN |
| AWS::KinesisAnalytics::Application | ApplicationCode, ApplicationDescription, ApplicationName, Inputs |
| AWS::KinesisAnalytics::ApplicationOutput | ApplicationName, Output |
| AWS::KinesisAnalytics::ApplicationReferenceDataSource | ApplicationName, ReferenceDataSource |
| AWS::KinesisAnalyticsV2::Application | ApplicationConfiguration, ApplicationDescription, ApplicationMode, ApplicationName, RuntimeEnvironment, ServiceExecutionRole, Tags |
| AWS::KinesisAnalyticsV2::ApplicationOutput | ApplicationName, Output |
| AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource | ApplicationName, ReferenceDataSource |
| AWS::KinesisFirehose::DeliveryStream | AmazonopensearchserviceDestinationConfiguration, DeliveryStreamEncryptionConfigurationInput, DeliveryStreamName, DeliveryStreamType, ElasticsearchDestinationConfiguration, ExtendedS3DestinationConfiguration, HttpEndpointDestinationConfiguration, KinesisStreamSourceConfiguration, RedshiftDestinationConfiguration, S3DestinationConfiguration, SplunkDestinationConfiguration, Tags |
| AWS::KinesisVideo::SignalingChannel | MessageTtlSeconds, Name, Tags, Type |
| AWS::KinesisVideo::Stream | DataRetentionInHours, DeviceName, KmsKeyId, MediaType, Name, Tags |
| AWS::LakeFormation::DataLakeSettings | Admins, TrustedResourceOwners |
| AWS::LakeFormation::Permissions | DataLakePrincipal, Permissions, PermissionsWithGrantOption, Resource |
| AWS::LakeFormation::Resource | ResourceArn, RoleArn, UseServiceLinkedRole |
| AWS::Lambda::Alias | Description, FunctionName, FunctionVersion, Name, ProvisionedConcurrencyConfig, RoutingConfig |
| AWS::Lambda::CodeSigningConfig | AllowedPublishers, CodeSigningPolicies, Description |
| AWS::Lambda::EventInvokeConfig | DestinationConfig, FunctionName, MaximumEventAgeInSeconds, MaximumRetryAttempts, Qualifier |
| AWS::Lambda::EventSourceMapping | BatchSize, BisectBatchOnFunctionError, DestinationConfig, Enabled, EventSourceArn, FilterCriteria, FunctionName, FunctionResponseTypes, MaximumBatchingWindowInSeconds, MaximumRecordAgeInSeconds, MaximumRetryAttempts, ParallelizationFactor, Queues, SelfManagedEventSource, SourceAccessConfigurations, StartingPosition, StartingPositionTimestamp, Topics, TumblingWindowInSeconds |
| AWS::Lambda::Function | Architectures, Code, CodeSigningConfigArn, DeadLetterConfig, Description, Environment, EphemeralStorage, FileSystemConfigs, FunctionName, Handler, ImageConfig, KmsKeyArn, Layers, MemorySize, PackageType, ReservedConcurrentExecutions, Role, Runtime, Tags, Timeout, TracingConfig, VpcConfig |
| AWS::Lambda::LayerVersion | CompatibleArchitectures, CompatibleRuntimes, Content, Description, LayerName, LicenseInfo |
| AWS::Lambda::LayerVersionPermission | Action, LayerVersionArn, OrganizationId, Principal |
| AWS::Lambda::Permission | Action, EventSourceToken, FunctionName, FunctionUrlAuthType, Principal, PrincipalOrgID, SourceAccount, SourceArn |
| AWS::Lambda::Url | AuthType, Cors, Qualifier, TargetFunctionArn |
| AWS::Lambda::Version | CodeSha256, Description, FunctionName, ProvisionedConcurrencyConfig |
| AWS::Lex::Bot | AutoBuildBotLocales, BotFileS3Location, BotLocales, BotTags, DataPrivacy, Description, IdleSessionTTLInSeconds, Name, RoleArn, TestBotAliasSettings, TestBotAliasTags |
| AWS::Lex::BotAlias | BotAliasLocaleSettings, BotAliasName, BotAliasTags, BotId, BotVersion, ConversationLogSettings, Description, SentimentAnalysisSettings |
| AWS::Lex::BotVersion | BotId, BotVersionLocaleSpecification, Description |
| AWS::Lex::ResourcePolicy | Policy, ResourceArn |
| AWS::LicenseManager::Grant | AllowedOperations, GrantName, HomeRegion, LicenseArn, Principals, Status |
| AWS::LicenseManager::License | Beneficiary, ConsumptionConfiguration, Entitlements, HomeRegion, Issuer, LicenseMetadata, LicenseName, ProductName, ProductSKU, Status, Validity |
| AWS::Lightsail::Alarm | AlarmName, ComparisonOperator, ContactProtocols, DatapointsToAlarm, EvaluationPeriods, MetricName, MonitoredResourceName, NotificationEnabled, NotificationTriggers, Threshold, TreatMissingData |
| AWS::Lightsail::Bucket | AccessRules, BucketName, BundleId, ObjectVersioning, ReadOnlyAccessAccounts, ResourcesReceivingAccess, Tags |
| AWS::Lightsail::Certificate | CertificateName, DomainName, SubjectAlternativeNames, Tags |
| AWS::Lightsail::Container | ContainerServiceDeployment, IsDisabled, Power, PublicDomainNames, Scale, ServiceName, Tags |
| AWS::Lightsail::Database | AvailabilityZone, BackupRetention, CaCertificateIdentifier, MasterDatabaseName, MasterUserPassword, MasterUsername, PreferredBackupWindow, PreferredMaintenanceWindow, PubliclyAccessible, RelationalDatabaseBlueprintId, RelationalDatabaseBundleId, RelationalDatabaseName, RelationalDatabaseParameters, RotateMasterUserPassword, Tags |
| AWS::Lightsail::Disk | AddOns, AvailabilityZone, DiskName, SizeInGb, Tags |
| AWS::Lightsail::Distribution | BundleId, CacheBehaviorSettings, CacheBehaviors, CertificateName, DefaultCacheBehavior, DistributionName, IpAddressType, IsEnabled, Origin, Tags |
| AWS::Lightsail::Instance | AddOns, AvailabilityZone, BlueprintId, BundleId, Hardware, InstanceName, KeyPairName, Networking, Tags, UserData |
| AWS::Lightsail::LoadBalancer | AttachedInstances, HealthCheckPath, InstancePort, IpAddressType, LoadBalancerName, SessionStickinessEnabled, SessionStickinessLBCookieDurationSeconds, Tags |
| AWS::Lightsail::LoadBalancerTlsCertificate | CertificateAlternativeNames, CertificateDomainName, CertificateName, IsAttached, LoadBalancerName |
| AWS::Lightsail::StaticIp | AttachedTo, StaticIpName |
| AWS::Location::GeofenceCollection | CollectionName, Description, KmsKeyId, PricingPlan, PricingPlanDataSource |
| AWS::Location::Map | Configuration, Description, MapName, PricingPlan |
| AWS::Location::PlaceIndex | DataSource, DataSourceConfiguration, Description, IndexName, PricingPlan |
| AWS::Location::RouteCalculator | CalculatorName, DataSource, Description, PricingPlan |
| AWS::Location::Tracker | Description, KmsKeyId, PositionFiltering, PricingPlan, PricingPlanDataSource, TrackerName |
| AWS::Location::TrackerConsumer | ConsumerArn, TrackerName |
| AWS::Logs::Destination | DestinationName, DestinationPolicy, RoleArn, TargetArn |
| AWS::Logs::LogGroup | KmsKeyId, LogGroupName, RetentionInDays, Tags |
| AWS::Logs::LogStream | LogGroupName, LogStreamName |
| AWS::Logs::MetricFilter | FilterPattern, LogGroupName, MetricTransformations |
| AWS::Logs::QueryDefinition | LogGroupNames, Name, QueryString |
| AWS::Logs::ResourcePolicy | PolicyDocument, PolicyName |
| AWS::Logs::SubscriptionFilter | DestinationArn, FilterPattern, LogGroupName, RoleArn |
| AWS::LookoutEquipment::InferenceScheduler | DataDelayOffsetInMinutes, DataInputConfiguration, DataOutputConfiguration, DataUploadFrequency, InferenceSchedulerName, ModelName, RoleArn, ServerSideKmsKeyId, Tags |
| AWS::LookoutMetrics::Alert | Action, AlertDescription, AlertName, AlertSensitivityThreshold, AnomalyDetectorArn |
| AWS::LookoutMetrics::AnomalyDetector | AnomalyDetectorConfig, AnomalyDetectorDescription, AnomalyDetectorName, KmsKeyArn, MetricSetList |
| AWS::LookoutVision::Project | ProjectName |
| AWS::MSK::BatchScramSecret | ClusterArn, SecretArnList |
| AWS::MSK::Cluster | BrokerNodeGroupInfo, ClientAuthentication, ClusterName, ConfigurationInfo, CurrentVersion, EncryptionInfo, EnhancedMonitoring, KafkaVersion, LoggingInfo, NumberOfBrokerNodes, OpenMonitoring, Tags |
| AWS::MSK::Configuration | Description, KafkaVersionsList, Name, ServerProperties |
| AWS::MWAA::Environment | AirflowConfigurationOptions, AirflowVersion, DagS3Path, EnvironmentClass, ExecutionRoleArn, KmsKey, LoggingConfiguration, MaxWorkers, MinWorkers, Name, NetworkConfiguration, PluginsS3ObjectVersion, PluginsS3Path, RequirementsS3ObjectVersion, RequirementsS3Path, Schedulers, SourceBucketArn, Tags, WebserverAccessMode, WeeklyMaintenanceWindowStart |
| AWS::Macie::CustomDataIdentifier | Description, IgnoreWords, Keywords, MaximumMatchDistance, Name, Regex |
| AWS::Macie::FindingsFilter | Action, Description, FindingCriteria, Name, Position |
| AWS::Macie::Session | FindingPublishingFrequency, Status |
| AWS::ManagedBlockchain::Member | InvitationId, MemberConfiguration, NetworkConfiguration, NetworkId |
| AWS::ManagedBlockchain::Node | MemberId, NetworkId, NodeConfiguration |
| AWS::MediaConnect::Flow | AvailabilityZone, Name, Source, SourceFailoverConfig |
| AWS::MediaConnect::FlowEntitlement | DataTransferSubscriberFeePercent, Description, Encryption, EntitlementStatus, FlowArn, Name, Subscribers |
| AWS::MediaConnect::FlowOutput | CidrAllowList, Description, Destination, Encryption, FlowArn, MaxLatency, MinLatency, Name, Port, Protocol, RemoteId, SmoothingLatency, StreamId, VpcInterfaceAttachment |
| AWS::MediaConnect::FlowSource | Decryption, Description, EntitlementArn, FlowArn, IngestPort, MaxBitrate, MaxLatency, Name, Protocol, StreamId, VpcInterfaceName, WhitelistCidr |
| AWS::MediaConnect::FlowVpcInterface | FlowArn, Name, RoleArn, SecurityGroupIds, SubnetId |
| AWS::MediaConvert::JobTemplate | AccelerationSettings, Category, Description, HopDestinations, Name, Priority, Queue, SettingsJson, StatusUpdateInterval, Tags |
| AWS::MediaConvert::Preset | Category, Description, Name, SettingsJson, Tags |
| AWS::MediaConvert::Queue | Description, Name, PricingPlan, Status, Tags |
| AWS::MediaLive::Channel | CdiInputSpecification, ChannelClass, Destinations, EncoderSettings, InputAttachments, InputSpecification, LogLevel, Name, RoleArn, Tags, Vpc |
| AWS::MediaLive::Input | Destinations, InputDevices, InputSecurityGroups, MediaConnectFlows, Name, RoleArn, Sources, Tags, Type, Vpc |
| AWS::MediaLive::InputSecurityGroup | Tags, WhitelistRules |
| AWS::MediaPackage::Asset | Id, PackagingGroupId, ResourceId, SourceArn, SourceRoleArn, Tags |
| AWS::MediaPackage::Channel | Description, EgressAccessLogs, Id, IngressAccessLogs, Tags |
| AWS::MediaPackage::OriginEndpoint | Authorization, ChannelId, CmafPackage, DashPackage, Description, HlsPackage, Id, ManifestName, MssPackage, Origination, StartoverWindowSeconds, Tags, TimeDelaySeconds, Whitelist |
| AWS::MediaPackage::PackagingConfiguration | CmafPackage, DashPackage, HlsPackage, Id, MssPackage, PackagingGroupId, Tags |
| AWS::MediaPackage::PackagingGroup | Authorization, EgressAccessLogs, Id, Tags |
| AWS::MediaStore::Container | AccessLoggingEnabled, ContainerName, CorsPolicy, LifecyclePolicy, MetricPolicy, Policy, Tags |
| AWS::MediaTailor::PlaybackConfiguration | AdDecisionServerUrl, AvailSuppression, Bumper, CdnConfiguration, ConfigurationAliases, DashConfiguration, LivePreRollConfiguration, ManifestProcessingRules, Name, PersonalizationThresholdSeconds, SessionInitializationEndpointPrefix, SlateAdUrl, Tags, TranscodeProfileName, VideoContentSourceUrl |
| AWS::MemoryDB::ACL | ACLName, Tags, UserNames |
| AWS::MemoryDB::Cluster | ACLName, AutoMinorVersionUpgrade, ClusterName, Description, EngineVersion, FinalSnapshotName, KmsKeyId, MaintenanceWindow, NodeType, NumReplicasPerShard, NumShards, ParameterGroupName, Port, SecurityGroupIds, SnapshotArns, SnapshotName, SnapshotRetentionLimit, SnapshotWindow, SnsTopicArn, SnsTopicStatus, SubnetGroupName, TLSEnabled, Tags |
| AWS::MemoryDB::ParameterGroup | Description, Family, ParameterGroupName, Parameters, Tags |
| AWS::MemoryDB::SubnetGroup | Description, SubnetGroupName, SubnetIds, Tags |
| AWS::MemoryDB::User | AccessString, AuthenticationMode, Tags, UserName |
| AWS::Neptune::DBCluster | AssociatedRoles, AvailabilityZones, BackupRetentionPeriod, DBClusterIdentifier, DBClusterParameterGroupName, DBSubnetGroupName, DeletionProtection, EnableCloudwatchLogsExports, EngineVersion, IamAuthEnabled, KmsKeyId, Port, PreferredBackupWindow, PreferredMaintenanceWindow, RestoreToTime, RestoreType, SnapshotIdentifier, SourceDBClusterIdentifier, StorageEncrypted, Tags, UseLatestRestorableTime, VpcSecurityGroupIds |
| AWS::Neptune::DBClusterParameterGroup | Description, Family, Name, Parameters, Tags |
| AWS::Neptune::DBInstance | AllowMajorVersionUpgrade, AutoMinorVersionUpgrade, AvailabilityZone, DBClusterIdentifier, DBInstanceClass, DBInstanceIdentifier, DBParameterGroupName, DBSnapshotIdentifier, DBSubnetGroupName, PreferredMaintenanceWindow, Tags |
| AWS::Neptune::DBParameterGroup | Description, Family, Name, Parameters, Tags |
| AWS::Neptune::DBSubnetGroup | DBSubnetGroupDescription, DBSubnetGroupName, SubnetIds, Tags |
| AWS::NetworkFirewall::Firewall | DeleteProtection, Description, FirewallName, FirewallPolicyArn, FirewallPolicyChangeProtection, SubnetChangeProtection, SubnetMappings, Tags, VpcId |
| AWS::NetworkFirewall::FirewallPolicy | Description, FirewallPolicy, FirewallPolicyName, Tags |
| AWS::NetworkFirewall::LoggingConfiguration | FirewallArn, FirewallName, LoggingConfiguration |
| AWS::NetworkFirewall::RuleGroup | Capacity, Description, RuleGroup, RuleGroupName, Tags, Type |
| AWS::NetworkManager::CustomerGatewayAssociation | CustomerGatewayArn, DeviceId, GlobalNetworkId, LinkId |
| AWS::NetworkManager::Device | Description, GlobalNetworkId, Location, Model, SerialNumber, SiteId, Tags, Type, Vendor |
| AWS::NetworkManager::GlobalNetwork | Description, Tags |
| AWS::NetworkManager::Link | Bandwidth, Description, GlobalNetworkId, Provider, SiteId, Tags, Type |
| AWS::NetworkManager::LinkAssociation | DeviceId, GlobalNetworkId, LinkId |
| AWS::NetworkManager::Site | Description, GlobalNetworkId, Location, Tags |
| AWS::NetworkManager::TransitGatewayRegistration | GlobalNetworkId, TransitGatewayArn |
| AWS::NimbleStudio::LaunchProfile | Description, Ec2SubnetIds, LaunchProfileProtocolVersions, Name, StreamConfiguration, StudioComponentIds, StudioId, Tags |
| AWS::NimbleStudio::StreamingImage | Description, Ec2ImageId, Name, StudioId, Tags |
| AWS::NimbleStudio::Studio | AdminRoleArn, DisplayName, StudioEncryptionConfiguration, StudioName, Tags, UserRoleArn |
| AWS::NimbleStudio::StudioComponent | Configuration, Description, Ec2SecurityGroupIds, InitializationScripts, Name, ScriptParameters, StudioId, Subtype, Tags, Type |
| AWS::OpenSearchService::Domain | AccessPolicies, AdvancedOptions, AdvancedSecurityOptions, ClusterConfig, CognitoOptions, DomainEndpointOptions, DomainName, EBSOptions, EncryptionAtRestOptions, EngineVersion, LogPublishingOptions, NodeToNodeEncryptionOptions, SnapshotOptions, Tags, VPCOptions |
| AWS::OpsWorks::App | AppSource, Attributes, DataSources, Description, Domains, EnableSsl, Environment, Name, Shortname, SslConfiguration, StackId, Type |
| AWS::OpsWorks::ElasticLoadBalancerAttachment | ElasticLoadBalancerName, LayerId |
| AWS::OpsWorks::Instance | AgentVersion, AmiId, Architecture, AutoScalingType, AvailabilityZone, BlockDeviceMappings, EbsOptimized, ElasticIps, Hostname, InstallUpdatesOnBoot, InstanceType, LayerIds, Os, RootDeviceType, SshKeyName, StackId, SubnetId, Tenancy, TimeBasedAutoScaling, VirtualizationType, Volumes |
| AWS::OpsWorks::Layer | Attributes, AutoAssignElasticIps, AutoAssignPublicIps, CustomInstanceProfileArn, CustomJson, CustomRecipes, CustomSecurityGroupIds, EnableAutoHealing, InstallUpdatesOnBoot, LifecycleEventConfiguration, LoadBasedAutoScaling, Name, Packages, Shortname, StackId, Tags, Type, UseEbsOptimizedInstances, VolumeConfigurations |
| AWS::OpsWorks::Stack | AgentVersion, Attributes, ChefConfiguration, CloneAppIds, ClonePermissions, ConfigurationManager, CustomCookbooksSource, CustomJson, DefaultAvailabilityZone, DefaultInstanceProfileArn, DefaultOs, DefaultRootDeviceType, DefaultSshKeyName, DefaultSubnetId, EcsClusterArn, ElasticIps, HostnameTheme, Name, RdsDbInstances, ServiceRoleArn, SourceStackId, Tags, UseCustomCookbooks, UseOpsworksSecurityGroups, VpcId |
| AWS::OpsWorks::UserProfile | AllowSelfManagement, IamUserArn, SshPublicKey, SshUsername |
| AWS::OpsWorks::Volume | Ec2VolumeId, MountPoint, Name, StackId |
| AWS::OpsWorksCM::Server | AssociatePublicIpAddress, BackupId, BackupRetentionCount, CustomCertificate, CustomDomain, CustomPrivateKey, DisableAutomatedBackup, Engine, EngineAttributes, EngineModel, EngineVersion, InstanceProfileArn, InstanceType, KeyPair, PreferredBackupWindow, PreferredMaintenanceWindow, SecurityGroupIds, ServerName, ServiceRoleArn, SubnetIds, Tags |
| AWS::Panorama::ApplicationInstance | ApplicationInstanceIdToReplace, DefaultRuntimeContextDevice, Description, DeviceId, ManifestOverridesPayload, ManifestPayload, Name, RuntimeRoleArn, StatusFilter, Tags |
| AWS::Panorama::Package | PackageName, Tags |
| AWS::Panorama::PackageVersion | MarkLatest, OwnerAccount, PackageId, PackageVersion, PatchVersion, UpdatedLatestPatchVersion |
| AWS::Personalize::Dataset | DatasetGroupArn, DatasetImportJob, DatasetType, Name, SchemaArn |
| AWS::Personalize::DatasetGroup | Domain, KmsKeyArn, Name, RoleArn |
| AWS::Personalize::Schema | Domain, Name, Schema |
| AWS::Personalize::Solution | DatasetGroupArn, EventType, Name, PerformAutoML, PerformHPO, RecipeArn, SolutionConfig |
| AWS::Pinpoint::ADMChannel | ApplicationId, ClientId, ClientSecret, Enabled |
| AWS::Pinpoint::APNSChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::APNSSandboxChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::APNSVoipChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::APNSVoipSandboxChannel | ApplicationId, BundleId, Certificate, DefaultAuthenticationMethod, Enabled, PrivateKey, TeamId, TokenKey, TokenKeyId |
| AWS::Pinpoint::App | Name, Tags |
| AWS::Pinpoint::ApplicationSettings | ApplicationId, CampaignHook, CloudWatchMetricsEnabled, Limits, QuietTime |
| AWS::Pinpoint::BaiduChannel | ApiKey, ApplicationId, Enabled, SecretKey |
| AWS::Pinpoint::Campaign | AdditionalTreatments, ApplicationId, CampaignHook, Description, HoldoutPercent, IsPaused, Limits, MessageConfiguration, Name, Priority, Schedule, SegmentId, SegmentVersion, Tags, TreatmentDescription, TreatmentName |
| AWS::Pinpoint::EmailChannel | ApplicationId, ConfigurationSet, Enabled, FromAddress, Identity, RoleArn |
| AWS::Pinpoint::EmailTemplate | DefaultSubstitutions, HtmlPart, Subject, Tags, TemplateDescription, TemplateName, TextPart |
| AWS::Pinpoint::EventStream | ApplicationId, DestinationStreamArn, RoleArn |
| AWS::Pinpoint::GCMChannel | ApiKey, ApplicationId, Enabled |
| AWS::Pinpoint::InAppTemplate | Content, CustomConfig, Layout, Tags, TemplateDescription, TemplateName |
| AWS::Pinpoint::PushTemplate | ADM, APNS, Baidu, Default, DefaultSubstitutions, GCM, Tags, TemplateDescription, TemplateName |
| AWS::Pinpoint::SMSChannel | ApplicationId, Enabled, SenderId, ShortCode |
| AWS::Pinpoint::Segment | ApplicationId, Dimensions, Name, SegmentGroups, Tags |
| AWS::Pinpoint::SmsTemplate | Body, DefaultSubstitutions, Tags, TemplateDescription, TemplateName |
| AWS::Pinpoint::VoiceChannel | ApplicationId, Enabled |
| AWS::PinpointEmail::ConfigurationSet | DeliveryOptions, Name, ReputationOptions, SendingOptions, Tags, TrackingOptions |
| AWS::PinpointEmail::ConfigurationSetEventDestination | ConfigurationSetName, EventDestination, EventDestinationName |
| AWS::PinpointEmail::DedicatedIpPool | PoolName, Tags |
| AWS::PinpointEmail::Identity | DkimSigningEnabled, FeedbackForwardingEnabled, MailFromAttributes, Name, Tags |
| AWS::QLDB::Ledger | DeletionProtection, KmsKey, Name, PermissionsMode, Tags |
| AWS::QLDB::Stream | ExclusiveEndTime, InclusiveStartTime, KinesisConfiguration, LedgerName, RoleArn, StreamName, Tags |
| AWS::QuickSight::Analysis | AnalysisId, AwsAccountId, Errors, Name, Parameters, Permissions, SourceEntity, Tags, ThemeArn |
| AWS::QuickSight::Dashboard | AwsAccountId, DashboardId, DashboardPublishOptions, Name, Parameters, Permissions, SourceEntity, Tags, ThemeArn, VersionDescription |
| AWS::QuickSight::DataSet | AwsAccountId, ColumnGroups, ColumnLevelPermissionRules, DataSetId, FieldFolders, ImportMode, IngestionWaitPolicy, LogicalTableMap, Name, Permissions, PhysicalTableMap, RowLevelPermissionDataSet, Tags |
| AWS::QuickSight::DataSource | AlternateDataSourceParameters, AwsAccountId, Credentials, DataSourceId, DataSourceParameters, ErrorInfo, Name, Permissions, SslProperties, Tags, Type, VpcConnectionProperties |
| AWS::QuickSight::Template | AwsAccountId, Name, Permissions, SourceEntity, Tags, TemplateId, VersionDescription |
| AWS::QuickSight::Theme | AwsAccountId, BaseThemeId, Configuration, Name, Permissions, Tags, ThemeId, VersionDescription |
| AWS::RAM::ResourceShare | AllowExternalPrincipals, Name, PermissionArns, Principals, ResourceArns, Tags |
| AWS::RDS::DBCluster | AssociatedRoles, AvailabilityZones, BacktrackWindow, BackupRetentionPeriod, CopyTagsToSnapshot, DBClusterIdentifier, DBClusterParameterGroupName, DBSubnetGroupName, DatabaseName, DeletionProtection, EnableCloudwatchLogsExports, EnableHttpEndpoint, EnableIAMDatabaseAuthentication, Engine, EngineMode, EngineVersion, GlobalClusterIdentifier, KmsKeyId, MasterUserPassword, MasterUsername, Port, PreferredBackupWindow, PreferredMaintenanceWindow, ReplicationSourceIdentifier, RestoreType, ScalingConfiguration, SnapshotIdentifier, SourceDBClusterIdentifier, SourceRegion, StorageEncrypted, Tags, UseLatestRestorableTime, VpcSecurityGroupIds |
| AWS::RDS::DBClusterParameterGroup | Description, Family, Parameters, Tags |
| AWS::RDS::DBInstance | AllocatedStorage, AllowMajorVersionUpgrade, AssociatedRoles, AutoMinorVersionUpgrade, AvailabilityZone, BackupRetentionPeriod, CACertificateIdentifier, CharacterSetName, CopyTagsToSnapshot, DBClusterIdentifier, DBInstanceClass, DBInstanceIdentifier, DBName, DBParameterGroupName, DBSecurityGroups, DBSnapshotIdentifier, DBSubnetGroupName, DeleteAutomatedBackups, DeletionProtection, Domain, DomainIAMRoleName, EnableCloudwatchLogsExports, EnableIAMDatabaseAuthentication, EnablePerformanceInsights, Engine, EngineVersion, Iops, KmsKeyId, LicenseModel, MasterUserPassword, MasterUsername, MaxAllocatedStorage, MonitoringInterval, MonitoringRoleArn, MultiAZ, OptionGroupName, PerformanceInsightsKMSKeyId, PerformanceInsightsRetentionPeriod, Port, PreferredBackupWindow, PreferredMaintenanceWindow, ProcessorFeatures, PromotionTier, PubliclyAccessible, SourceDBInstanceIdentifier, SourceRegion, StorageEncrypted, StorageType, Tags, Timezone, UseDefaultProcessorFeatures, VPCSecurityGroups |
| AWS::RDS::DBParameterGroup | Description, Family, Parameters, Tags |
| AWS::RDS::DBProxy | Auth, DBProxyName, DebugLogging, EngineFamily, IdleClientTimeout, RequireTLS, RoleArn, Tags, VpcSecurityGroupIds, VpcSubnetIds |
| AWS::RDS::DBProxyEndpoint | DBProxyEndpointName, DBProxyName, Tags, TargetRole, VpcSecurityGroupIds, VpcSubnetIds |
| AWS::RDS::DBProxyTargetGroup | ConnectionPoolConfigurationInfo, DBClusterIdentifiers, DBInstanceIdentifiers, DBProxyName, TargetGroupName |
| AWS::RDS::DBSecurityGroup | DBSecurityGroupIngress, EC2VpcId, GroupDescription, Tags |
| AWS::RDS::DBSecurityGroupIngress | CIDRIP, DBSecurityGroupName, EC2SecurityGroupId, EC2SecurityGroupName, EC2SecurityGroupOwnerId |
| AWS::RDS::DBSubnetGroup | DBSubnetGroupDescription, DBSubnetGroupName, SubnetIds, Tags |
| AWS::RDS::EventSubscription | Enabled, EventCategories, SnsTopicArn, SourceIds, SourceType |
| AWS::RDS::GlobalCluster | DeletionProtection, Engine, EngineVersion, GlobalClusterIdentifier, SourceDBClusterIdentifier, StorageEncrypted |
| AWS::RDS::OptionGroup | EngineName, MajorEngineVersion, OptionConfigurations, OptionGroupDescription, Tags |
| AWS::RUM::AppMonitor | AppMonitorConfiguration, CwLogEnabled, Domain, Name, Tags |
| AWS::Redshift::Cluster | AllowVersionUpgrade, AquaConfigurationStatus, AutomatedSnapshotRetentionPeriod, AvailabilityZone, AvailabilityZoneRelocation, AvailabilityZoneRelocationStatus, Classic, ClusterIdentifier, ClusterParameterGroupName, ClusterSecurityGroups, ClusterSubnetGroupName, ClusterType, ClusterVersion, DBName, DeferMaintenance, DeferMaintenanceDuration, DeferMaintenanceEndTime, DeferMaintenanceStartTime, DestinationRegion, ElasticIp, Encrypted, EnhancedVpcRouting, HsmClientCertificateIdentifier, HsmConfigurationIdentifier, IamRoles, KmsKeyId, LoggingProperties, MaintenanceTrackName, ManualSnapshotRetentionPeriod, MasterUserPassword, MasterUsername, NodeType, NumberOfNodes, OwnerAccount, Port, PreferredMaintenanceWindow, PubliclyAccessible, ResourceAction, RevisionTarget, RotateEncryptionKey, SnapshotClusterIdentifier, SnapshotCopyGrantName, SnapshotCopyManual, SnapshotCopyRetentionPeriod, SnapshotIdentifier, Tags, VpcSecurityGroupIds |
| AWS::Redshift::ClusterParameterGroup | Description, ParameterGroupFamily, Parameters, Tags |
| AWS::Redshift::ClusterSecurityGroup | Description, Tags |
| AWS::Redshift::ClusterSecurityGroupIngress | CIDRIP, ClusterSecurityGroupName, EC2SecurityGroupName, EC2SecurityGroupOwnerId |
| AWS::Redshift::ClusterSubnetGroup | Description, SubnetIds, Tags |
| AWS::Redshift::EndpointAccess | ClusterIdentifier, EndpointName, ResourceOwner, SubnetGroupName, VpcSecurityGroupIds |
| AWS::Redshift::EndpointAuthorization | Account, ClusterIdentifier, Force, VpcIds |
| AWS::Redshift::EventSubscription | Enabled, EventCategories, Severity, SnsTopicArn, SourceIds, SourceType, SubscriptionName, Tags |
| AWS::Redshift::ScheduledAction | Enable, EndTime, IamRole, Schedule, ScheduledActionDescription, ScheduledActionName, StartTime, TargetAction |
| AWS::RefactorSpaces::Application | ApiGatewayProxy, EnvironmentIdentifier, Name, ProxyType, Tags, VpcId |
| AWS::RefactorSpaces::Environment | Description, Name, NetworkFabricType, Tags |
| AWS::RefactorSpaces::Route | ApplicationIdentifier, EnvironmentIdentifier, RouteType, ServiceIdentifier, Tags, UriPathRoute |
| AWS::RefactorSpaces::Service | ApplicationIdentifier, Description, EndpointType, EnvironmentIdentifier, LambdaEndpoint, Name, Tags, UrlEndpoint, VpcId |
| AWS::Rekognition::Collection | CollectionId, Tags |
| AWS::Rekognition::Project | ProjectName |
| AWS::Rekognition::StreamProcessor | BoundingBoxRegionsOfInterest, ConnectedHomeSettings, DataSharingPreference, FaceSearchSettings, KinesisDataStream, KinesisVideoStream, KmsKeyId, Name, NotificationChannel, PolygonRegionsOfInterest, RoleArn, S3Destination, Tags |
| AWS::ResilienceHub::App | AppTemplateBody, Description, Name, ResiliencyPolicyArn, ResourceMappings, Tags |
| AWS::ResilienceHub::ResiliencyPolicy | DataLocationConstraint, Policy, PolicyDescription, PolicyName, Tags, Tier |
| AWS::ResourceGroups::Group | Configuration, Description, Name, ResourceQuery, Resources, Tags |
| AWS::RoboMaker::Fleet | Name, Tags |
| AWS::RoboMaker::Robot | Architecture, Fleet, GreengrassGroupId, Name, Tags |
| AWS::RoboMaker::RobotApplication | CurrentRevisionId, Environment, Name, RobotSoftwareSuite, Sources, Tags |
| AWS::RoboMaker::RobotApplicationVersion | Application, CurrentRevisionId |
| AWS::RoboMaker::SimulationApplication | CurrentRevisionId, Environment, Name, RenderingEngine, RobotSoftwareSuite, SimulationSoftwareSuite, Sources, Tags |
| AWS::RoboMaker::SimulationApplicationVersion | Application, CurrentRevisionId |
| AWS::Route53::DNSSEC | HostedZoneId |
| AWS::Route53::HealthCheck | HealthCheckConfig, HealthCheckTags |
| AWS::Route53::HostedZone | HostedZoneConfig, HostedZoneTags, Name, QueryLoggingConfig, VPCs |
| AWS::Route53::KeySigningKey | HostedZoneId, KeyManagementServiceArn, Name, Status |
| AWS::Route53::RecordSet | AliasTarget, Comment, Failover, GeoLocation, HealthCheckId, HostedZoneId, HostedZoneName, MultiValueAnswer, Name, Region, ResourceRecords, SetIdentifier, TTL, Type, Weight |
| AWS::Route53::RecordSetGroup | Comment, HostedZoneId, HostedZoneName, RecordSets |
| AWS::Route53RecoveryControl::Cluster | Name, Tags |
| AWS::Route53RecoveryControl::ControlPanel | ClusterArn, Name, Tags |
| AWS::Route53RecoveryControl::RoutingControl | ClusterArn, ControlPanelArn, Name |
| AWS::Route53RecoveryControl::SafetyRule | AssertionRule, ControlPanelArn, GatingRule, Name, RuleConfig, Tags |
| AWS::Route53RecoveryReadiness::Cell | CellName, Cells, Tags |
| AWS::Route53RecoveryReadiness::ReadinessCheck | ReadinessCheckName, ResourceSetName, Tags |
| AWS::Route53RecoveryReadiness::RecoveryGroup | Cells, RecoveryGroupName, Tags |
| AWS::Route53RecoveryReadiness::ResourceSet | ResourceSetName, ResourceSetType, Resources, Tags |
| AWS::Route53Resolver::FirewallDomainList | DomainFileUrl, Domains, Name, Tags |
| AWS::Route53Resolver::FirewallRuleGroup | FirewallRules, Name, Tags |
| AWS::Route53Resolver::FirewallRuleGroupAssociation | FirewallRuleGroupId, MutationProtection, Name, Priority, Tags, VpcId |
| AWS::Route53Resolver::ResolverConfig | AutodefinedReverseFlag, ResourceId |
| AWS::Route53Resolver::ResolverDNSSECConfig | ResourceId |
| AWS::Route53Resolver::ResolverEndpoint | Direction, IpAddresses, Name, SecurityGroupIds, Tags |
| AWS::Route53Resolver::ResolverQueryLoggingConfig | DestinationArn, Name |
| AWS::Route53Resolver::ResolverRule | DomainName, Name, ResolverEndpointId, RuleType, Tags, TargetIps |
| AWS::Route53Resolver::ResolverRuleAssociation | Name, ResolverRuleId, VPCId |
| AWS::S3::AccessPoint | Bucket, Name, Policy, PolicyStatus, PublicAccessBlockConfiguration, VpcConfiguration |
| AWS::S3::Bucket | AccelerateConfiguration, AccessControl, AnalyticsConfigurations, BucketEncryption, BucketName, CorsConfiguration, IntelligentTieringConfigurations, InventoryConfigurations, LifecycleConfiguration, LoggingConfiguration, MetricsConfigurations, NotificationConfiguration, ObjectLockConfiguration, ObjectLockEnabled, OwnershipControls, PublicAccessBlockConfiguration, ReplicationConfiguration, Tags, VersioningConfiguration, WebsiteConfiguration |
| AWS::S3::BucketPolicy | Bucket, PolicyDocument |
| AWS::S3::MultiRegionAccessPoint | Name, PublicAccessBlockConfiguration, Regions |
| AWS::S3::MultiRegionAccessPointPolicy | MrapName, Policy |
| AWS::S3::StorageLens | StorageLensConfiguration, Tags |
| AWS::S3ObjectLambda::AccessPoint | Name, ObjectLambdaConfiguration |
| AWS::S3ObjectLambda::AccessPointPolicy | ObjectLambdaAccessPoint, PolicyDocument |
| AWS::S3Outposts::AccessPoint | Bucket, Name, Policy, VpcConfiguration |
| AWS::S3Outposts::Bucket | BucketName, LifecycleConfiguration, OutpostId, Tags |
| AWS::S3Outposts::BucketPolicy | Bucket, PolicyDocument |
| AWS::S3Outposts::Endpoint | AccessType, CustomerOwnedIpv4Pool, OutpostId, SecurityGroupId, SubnetId |
| AWS::SDB::Domain | Description |
| AWS::SES::ConfigurationSet | Name |
| AWS::SES::ConfigurationSetEventDestination | ConfigurationSetName, EventDestination |
| AWS::SES::ContactList | ContactListName, Description, Tags, Topics |
| AWS::SES::ReceiptFilter | Filter |
| AWS::SES::ReceiptRule | After, Rule, RuleSetName |
| AWS::SES::ReceiptRuleSet | RuleSetName |
| AWS::SES::Template | Template |
| AWS::SNS::Subscription | DeliveryPolicy, Endpoint, FilterPolicy, Protocol, RawMessageDelivery, RedrivePolicy, Region, SubscriptionRoleArn, TopicArn |
| AWS::SNS::Topic | ContentBasedDeduplication, DisplayName, FifoTopic, KmsMasterKeyId, Subscription, Tags, TopicName |
| AWS::SNS::TopicPolicy | PolicyDocument, Topics |
| AWS::SQS::Queue | ContentBasedDeduplication, DeduplicationScope, DelaySeconds, FifoQueue, FifoThroughputLimit, KmsDataKeyReusePeriodSeconds, KmsMasterKeyId, MaximumMessageSize, MessageRetentionPeriod, QueueName, ReceiveMessageWaitTimeSeconds, RedriveAllowPolicy, RedrivePolicy, SqsManagedSseEnabled, Tags, VisibilityTimeout |
| AWS::SQS::QueuePolicy | PolicyDocument, Queues |
| AWS::SSM::Association | ApplyOnlyAtCronInterval, AssociationName, AutomationTargetParameterName, CalendarNames, ComplianceSeverity, DocumentVersion, InstanceId, MaxConcurrency, MaxErrors, Name, OutputLocation, Parameters, ScheduleExpression, ScheduleOffset, SyncCompliance, Targets, WaitForSuccessTimeoutSeconds |
| AWS::SSM::Document | Attachments, Content, DocumentFormat, DocumentType, Name, Requires, Tags, TargetType, UpdateMethod, VersionName |
| AWS::SSM::MaintenanceWindow | AllowUnassociatedTargets, Cutoff, Description, Duration, EndDate, Name, Schedule, ScheduleOffset, ScheduleTimezone, StartDate, Tags |
| AWS::SSM::MaintenanceWindowTarget | Description, Name, OwnerInformation, ResourceType, Targets, WindowId |
| AWS::SSM::MaintenanceWindowTask | CutoffBehavior, Description, LoggingInfo, MaxConcurrency, MaxErrors, Name, Priority, ServiceRoleArn, Targets, TaskArn, TaskInvocationParameters, TaskParameters, TaskType, WindowId |
| AWS::SSM::Parameter | AllowedPattern, DataType, Description, Name, Policies, Tags, Tier, Type, Value |
| AWS::SSM::PatchBaseline | ApprovalRules, ApprovedPatches, ApprovedPatchesComplianceLevel, ApprovedPatchesEnableNonSecurity, Description, GlobalFilters, Name, OperatingSystem, PatchGroups, RejectedPatches, RejectedPatchesAction, Sources, Tags |
| AWS::SSM::ResourceDataSync | BucketName, BucketPrefix, BucketRegion, KMSKeyArn, S3Destination, SyncFormat, SyncName, SyncSource, SyncType |
| AWS::SSMContacts::Contact | Alias, DisplayName, Plan, Type |
| AWS::SSMContacts::ContactChannel | ChannelAddress, ChannelName, ChannelType, ContactId, DeferActivation |
| AWS::SSMIncidents::ReplicationSet | DeletionProtected, Regions |
| AWS::SSMIncidents::ResponsePlan | Actions, ChatChannel, DisplayName, Engagements, IncidentTemplate, Name, Tags |
| AWS::SSO::Assignment | InstanceArn, PermissionSetArn, PrincipalId, PrincipalType, TargetId, TargetType |
| AWS::SSO::InstanceAccessControlAttributeConfiguration | AccessControlAttributes, InstanceArn |
| AWS::SSO::PermissionSet | Description, InlinePolicy, InstanceArn, ManagedPolicies, Name, RelayStateType, SessionDuration, Tags |
| AWS::SageMaker::App | AppName, AppType, DomainId, ResourceSpec, Tags, UserProfileName |
| AWS::SageMaker::AppImageConfig | AppImageConfigName, KernelGatewayImageConfig, Tags |
| AWS::SageMaker::CodeRepository | CodeRepositoryName, GitConfig, Tags |
| AWS::SageMaker::DataQualityJobDefinition | DataQualityAppSpecification, DataQualityBaselineConfig, DataQualityJobInput, DataQualityJobOutputConfig, JobDefinitionName, JobResources, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::Device | Device, DeviceFleetName, Tags |
| AWS::SageMaker::DeviceFleet | Description, DeviceFleetName, OutputConfig, RoleArn, Tags |
| AWS::SageMaker::Domain | AppNetworkAccessType, AppSecurityGroupManagement, AuthMode, DefaultUserSettings, DomainName, DomainSettings, KmsKeyId, SubnetIds, Tags, VpcId |
| AWS::SageMaker::Endpoint | DeploymentConfig, EndpointConfigName, EndpointName, ExcludeRetainedVariantProperties, RetainAllVariantProperties, RetainDeploymentConfig, Tags |
| AWS::SageMaker::EndpointConfig | AsyncInferenceConfig, DataCaptureConfig, EndpointConfigName, KmsKeyId, ProductionVariants, Tags |
| AWS::SageMaker::FeatureGroup | Description, EventTimeFeatureName, FeatureDefinitions, FeatureGroupName, OfflineStoreConfig, OnlineStoreConfig, RecordIdentifierFeatureName, RoleArn, Tags |
| AWS::SageMaker::Image | ImageDescription, ImageDisplayName, ImageName, ImageRoleArn, Tags |
| AWS::SageMaker::ImageVersion | BaseImage, ImageName |
| AWS::SageMaker::Model | Containers, EnableNetworkIsolation, ExecutionRoleArn, InferenceExecutionConfig, ModelName, PrimaryContainer, Tags, VpcConfig |
| AWS::SageMaker::ModelBiasJobDefinition | JobDefinitionName, JobResources, ModelBiasAppSpecification, ModelBiasBaselineConfig, ModelBiasJobInput, ModelBiasJobOutputConfig, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::ModelExplainabilityJobDefinition | JobDefinitionName, JobResources, ModelExplainabilityAppSpecification, ModelExplainabilityBaselineConfig, ModelExplainabilityJobInput, ModelExplainabilityJobOutputConfig, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::ModelPackageGroup | ModelPackageGroupDescription, ModelPackageGroupName, ModelPackageGroupPolicy, Tags |
| AWS::SageMaker::ModelQualityJobDefinition | JobDefinitionName, JobResources, ModelQualityAppSpecification, ModelQualityBaselineConfig, ModelQualityJobInput, ModelQualityJobOutputConfig, NetworkConfig, RoleArn, StoppingCondition, Tags |
| AWS::SageMaker::MonitoringSchedule | EndpointName, FailureReason, LastMonitoringExecutionSummary, MonitoringScheduleConfig, MonitoringScheduleName, MonitoringScheduleStatus, Tags |
| AWS::SageMaker::NotebookInstance | AcceleratorTypes, AdditionalCodeRepositories, DefaultCodeRepository, DirectInternetAccess, InstanceType, KmsKeyId, LifecycleConfigName, NotebookInstanceName, PlatformIdentifier, RoleArn, RootAccess, SecurityGroupIds, SubnetId, Tags, VolumeSizeInGB |
| AWS::SageMaker::NotebookInstanceLifecycleConfig | NotebookInstanceLifecycleConfigName, OnCreate, OnStart |
| AWS::SageMaker::Pipeline | ParallelismConfiguration, PipelineDefinition, PipelineDescription, PipelineDisplayName, PipelineName, RoleArn, Tags |
| AWS::SageMaker::Project | ProjectDescription, ProjectName, ServiceCatalogProvisioningDetails, Tags |
| AWS::SageMaker::UserProfile | DomainId, SingleSignOnUserIdentifier, SingleSignOnUserValue, Tags, UserProfileName, UserSettings |
| AWS::SageMaker::Workteam | Description, MemberDefinitions, NotificationConfiguration, Tags, WorkteamName |
| AWS::SecretsManager::ResourcePolicy | BlockPublicPolicy, ResourcePolicy, SecretId |
| AWS::SecretsManager::RotationSchedule | HostedRotationLambda, RotateImmediatelyOnUpdate, RotationLambdaARN, RotationRules, SecretId |
| AWS::SecretsManager::Secret | Description, GenerateSecretString, KmsKeyId, Name, ReplicaRegions, SecretString, Tags |
| AWS::SecretsManager::SecretTargetAttachment | SecretId, TargetId, TargetType |
| AWS::SecurityHub::Hub | Tags |
| AWS::ServiceCatalog::AcceptedPortfolioShare | AcceptLanguage, PortfolioId |
| AWS::ServiceCatalog::CloudFormationProduct | AcceptLanguage, Description, Distributor, Name, Owner, ProvisioningArtifactParameters, ReplaceProvisioningArtifacts, SupportDescription, SupportEmail, SupportUrl, Tags |
| AWS::ServiceCatalog::CloudFormationProvisionedProduct | AcceptLanguage, NotificationArns, PathId, PathName, ProductId, ProductName, ProvisionedProductName, ProvisioningArtifactId, ProvisioningArtifactName, ProvisioningParameters, ProvisioningPreferences, Tags |
| AWS::ServiceCatalog::LaunchNotificationConstraint | AcceptLanguage, Description, NotificationArns, PortfolioId, ProductId |
| AWS::ServiceCatalog::LaunchRoleConstraint | AcceptLanguage, Description, LocalRoleName, PortfolioId, ProductId, RoleArn |
| AWS::ServiceCatalog::LaunchTemplateConstraint | AcceptLanguage, Description, PortfolioId, ProductId, Rules |
| AWS::ServiceCatalog::Portfolio | AcceptLanguage, Description, DisplayName, ProviderName, Tags |
| AWS::ServiceCatalog::PortfolioPrincipalAssociation | AcceptLanguage, PortfolioId, PrincipalARN, PrincipalType |
| AWS::ServiceCatalog::PortfolioProductAssociation | AcceptLanguage, PortfolioId, ProductId, SourcePortfolioId |
| AWS::ServiceCatalog::PortfolioShare | AcceptLanguage, AccountId, PortfolioId, ShareTagOptions |
| AWS::ServiceCatalog::ResourceUpdateConstraint | AcceptLanguage, Description, PortfolioId, ProductId, TagUpdateOnProvisionedProduct |
| AWS::ServiceCatalog::ServiceAction | AcceptLanguage, Definition, DefinitionType, Description, Name |
| AWS::ServiceCatalog::ServiceActionAssociation | ProductId, ProvisioningArtifactId, ServiceActionId |
| AWS::ServiceCatalog::StackSetConstraint | AcceptLanguage, AccountList, AdminRole, Description, ExecutionRole, PortfolioId, ProductId, RegionList, StackInstanceControl |
| AWS::ServiceCatalog::TagOption | Active, Key, Value |
| AWS::ServiceCatalog::TagOptionAssociation | ResourceId, TagOptionId |
| AWS::ServiceCatalogAppRegistry::Application | Description, Name, Tags |
| AWS::ServiceCatalogAppRegistry::AttributeGroup | Attributes, Description, Name, Tags |
| AWS::ServiceCatalogAppRegistry::ResourceAssociation | Application, Resource, ResourceType |
| AWS::ServiceDiscovery::HttpNamespace | Description, Name, Tags |
| AWS::ServiceDiscovery::Instance | InstanceAttributes, InstanceId, ServiceId |
| AWS::ServiceDiscovery::PrivateDnsNamespace | Description, Name, Properties, Tags, Vpc |
| AWS::ServiceDiscovery::PublicDnsNamespace | Description, Name, Properties, Tags |
| AWS::ServiceDiscovery::Service | Description, DnsConfig, HealthCheckConfig, HealthCheckCustomConfig, Name, NamespaceId, Tags, Type |
| AWS::Signer::ProfilePermission | Action, Principal, ProfileName, ProfileVersion, StatementId |
| AWS::Signer::SigningProfile | PlatformId, SignatureValidityPeriod, Tags |
| AWS::StepFunctions::Activity | Name, Tags |
| AWS::StepFunctions::StateMachine | Definition, DefinitionS3Location, DefinitionString, DefinitionSubstitutions, LoggingConfiguration, RoleArn, StateMachineName, StateMachineType, Tags, TracingConfiguration |
| AWS::Synthetics::Canary | ArtifactConfig, ArtifactS3Location, Code, ExecutionRoleArn, FailureRetentionPeriod, Name, RunConfig, RuntimeVersion, Schedule, StartCanaryAfterCreation, SuccessRetentionPeriod, Tags, VPCConfig, VisualReference |
| AWS::Timestream::Database | DatabaseName, KmsKeyId, Tags |
| AWS::Timestream::ScheduledQuery | ClientToken, ErrorReportConfiguration, KmsKeyId, NotificationConfiguration, QueryString, ScheduleConfiguration, ScheduledQueryExecutionRoleArn, ScheduledQueryName, Tags, TargetConfiguration |
| AWS::Timestream::Table | DatabaseName, MagneticStoreWriteProperties, RetentionProperties, TableName, Tags |
| AWS::Transfer::Server | Certificate, Domain, EndpointDetails, EndpointType, IdentityProviderDetails, IdentityProviderType, LoggingRole, PostAuthenticationLoginBanner, PreAuthenticationLoginBanner, ProtocolDetails, Protocols, SecurityPolicyName, Tags, WorkflowDetails |
| AWS::Transfer::User | HomeDirectory, HomeDirectoryMappings, HomeDirectoryType, Policy, PosixProfile, Role, ServerId, SshPublicKeys, Tags, UserName |
| AWS::Transfer::Workflow | Description, OnExceptionSteps, Steps, Tags |
| AWS::VoiceID::Domain | Description, Name, ServerSideEncryptionConfiguration, Tags |
| AWS::WAF::ByteMatchSet | ByteMatchTuples, Name |
| AWS::WAF::IPSet | IPSetDescriptors, Name |
| AWS::WAF::Rule | MetricName, Name, Predicates |
| AWS::WAF::SizeConstraintSet | Name, SizeConstraints |
| AWS::WAF::SqlInjectionMatchSet | Name, SqlInjectionMatchTuples |
| AWS::WAF::WebACL | DefaultAction, MetricName, Name, Rules |
| AWS::WAF::XssMatchSet | Name, XssMatchTuples |
| AWS::WAFRegional::ByteMatchSet | ByteMatchTuples, Name |
| AWS::WAFRegional::GeoMatchSet | GeoMatchConstraints, Name |
| AWS::WAFRegional::IPSet | IPSetDescriptors, Name |
| AWS::WAFRegional::RateBasedRule | MatchPredicates, MetricName, Name, RateKey, RateLimit |
| AWS::WAFRegional::RegexPatternSet | Name, RegexPatternStrings |
| AWS::WAFRegional::Rule | MetricName, Name, Predicates |
| AWS::WAFRegional::SizeConstraintSet | Name, SizeConstraints |
| AWS::WAFRegional::SqlInjectionMatchSet | Name, SqlInjectionMatchTuples |
| AWS::WAFRegional::WebACL | DefaultAction, MetricName, Name, Rules |
| AWS::WAFRegional::WebACLAssociation | ResourceArn, WebACLId |
| AWS::WAFRegional::XssMatchSet | Name, XssMatchTuples |
| AWS::WAFv2::IPSet | Addresses, Description, IPAddressVersion, Name, Scope, Tags |
| AWS::WAFv2::LoggingConfiguration | LogDestinationConfigs, LoggingFilter, RedactedFields, ResourceArn |
| AWS::WAFv2::RegexPatternSet | Description, Name, RegularExpressionList, Scope, Tags |
| AWS::WAFv2::RuleGroup | Capacity, CustomResponseBodies, Description, Name, Rules, Scope, Tags, VisibilityConfig |
| AWS::WAFv2::WebACL | CaptchaConfig, CustomResponseBodies, DefaultAction, Description, Name, Rules, Scope, Tags, VisibilityConfig |
| AWS::WAFv2::WebACLAssociation | ResourceArn, WebACLArn |
| AWS::Wisdom::Assistant | Description, Name, ServerSideEncryptionConfiguration, Tags, Type |
| AWS::Wisdom::AssistantAssociation | AssistantId, Association, AssociationType, Tags |
| AWS::Wisdom::KnowledgeBase | Description, KnowledgeBaseType, Name, RenderingConfiguration, ServerSideEncryptionConfiguration, SourceConfiguration, Tags |
| AWS::WorkSpaces::ConnectionAlias | ConnectionString, Tags |
| AWS::WorkSpaces::Workspace | BundleId, DirectoryId, RootVolumeEncryptionEnabled, Tags, UserName, UserVolumeEncryptionEnabled, VolumeEncryptionKey, WorkspaceProperties |
| AWS::XRay::Group | FilterExpression, GroupName, InsightsConfiguration, Tags |
| AWS::XRay::SamplingRule | RuleName, SamplingRule, SamplingRuleRecord, SamplingRuleUpdate, Tags |
| Alexa::ASK::Skill | AuthenticationConfiguration, SkillPackage, VendorId |
Note: The data was automatically fetched from the official AWS CloudFormation resource specification and got parsed in this markdown table using a custom python script.
