CloudFormation GetAtt Cheat Sheet - Complete AWS Resource Attributes Table

Fn::GetAtt is one of the most essential functions in AWS CloudFormation that returns specific attributes from AWS resources in your templates. Whether you're building infrastructure as code or managing complex AWS deployments, this comprehensive cheat sheet provides instant access to all 1430+ AWS resource types and their available attributes.

Why This CloudFormation GetAtt Reference?

When working with CloudFormation templates, you often need to reference attributes from AWS resources, but finding the exact attribute names can be time-consuming. The official AWS documentation is scattered across hundreds of pages, making it inefficient to look up specific resource attributes.

This cheat sheet solves that problem by providing a single, searchable table with every AWS resource type and its available Fn::GetAtt attributes - all in one place.

Quick GetAtt Syntax Examples

# Basic GetAtt syntax
!GetAtt ResourceName.AttributeName
 
# Examples of common patterns
!GetAtt MyS3Bucket.Arn
!GetAtt MyVPC.CidrBlock
!GetAtt MyLambda.Arn
!GetAtt MyRDSInstance.Endpoint.Address

How to Use This CloudFormation Attributes Reference

Search (Ctrl+F) for your AWS resource type (e.g., "AWS::S3::Bucket")
Find the available attributes in the second column
Copy the attribute name into your CloudFormation template
Use with !GetAtt YourResourceName.AttributeName

Legend: ❌ = No attributes available for this resource type

Complete AWS CloudFormation Resource Attributes Table

The table below contains every AWS resource type with their corresponding Fn::GetAtt attributes:

Resource type	Attributes
AWS::ACMPCA::Certificate	Arn, Certificate
AWS::ACMPCA::CertificateAuthority	Arn, CertificateSigningRequest
AWS::ACMPCA::CertificateAuthorityActivation	CompleteCertificateChain
AWS::ACMPCA::Permission	❌
AWS::AIOps::InvestigationGroup	Arn, CreatedAt, CreatedBy, LastModifiedAt, LastModifiedBy
AWS::APS::RuleGroupsNamespace	Arn
AWS::APS::Scraper	Arn, RoleArn, ScraperId
AWS::APS::Workspace	Arn, PrometheusEndpoint, WorkspaceId
AWS::ARCRegionSwitch::Plan	Arn, Owner, Route53HealthChecks, Route53HealthChecks.HealthCheckIds, Route53HealthChecks.HostedZoneIds, Route53HealthChecks.RecordNames, Route53HealthChecks.Regions, Version
AWS::ARCZonalShift::AutoshiftObserverNotificationStatus	AccountId, Region
AWS::ARCZonalShift::ZonalAutoshiftConfiguration	❌
AWS::AccessAnalyzer::Analyzer	Arn
AWS::AmazonMQ::Broker	AmqpEndpoints, Arn, ConfigurationId, ConfigurationRevision, ConsoleURLs, IpAddresses, MqttEndpoints, OpenWireEndpoints, StompEndpoints, WssEndpoints
AWS::AmazonMQ::Configuration	Arn, Id, Revision
AWS::AmazonMQ::ConfigurationAssociation	Id
AWS::Amplify::App	AppId, AppName, Arn, DefaultDomain
AWS::Amplify::Branch	Arn, BranchName
AWS::Amplify::Domain	Arn, AutoSubDomainCreationPatterns, AutoSubDomainIAMRole, Certificate, Certificate.CertificateArn, Certificate.CertificateType, Certificate.CertificateVerificationDNSRecord, CertificateRecord, DomainName, DomainStatus, EnableAutoSubDomain, StatusReason, UpdateStatus
AWS::AmplifyUIBuilder::Component	CreatedAt, Id, ModifiedAt
AWS::AmplifyUIBuilder::Form	Id
AWS::AmplifyUIBuilder::Theme	CreatedAt, Id, ModifiedAt
AWS::ApiGateway::Account	Id
AWS::ApiGateway::ApiKey	APIKeyId
AWS::ApiGateway::Authorizer	AuthorizerId
AWS::ApiGateway::BasePathMapping	❌
AWS::ApiGateway::BasePathMappingV2	BasePathMappingArn
AWS::ApiGateway::ClientCertificate	ClientCertificateId
AWS::ApiGateway::Deployment	DeploymentId
AWS::ApiGateway::DocumentationPart	DocumentationPartId
AWS::ApiGateway::DocumentationVersion	❌
AWS::ApiGateway::DomainName	DistributionDomainName, DistributionHostedZoneId, DomainNameArn, RegionalDomainName, RegionalHostedZoneId
AWS::ApiGateway::DomainNameAccessAssociation	DomainNameAccessAssociationArn
AWS::ApiGateway::DomainNameV2	DomainNameArn, DomainNameId
AWS::ApiGateway::GatewayResponse	Id
AWS::ApiGateway::Method	❌
AWS::ApiGateway::Model	❌
AWS::ApiGateway::RequestValidator	RequestValidatorId
AWS::ApiGateway::Resource	ResourceId
AWS::ApiGateway::RestApi	RestApiId, RootResourceId
AWS::ApiGateway::Stage	❌
AWS::ApiGateway::UsagePlan	Id
AWS::ApiGateway::UsagePlanKey	Id
AWS::ApiGateway::VpcLink	VpcLinkId
AWS::ApiGatewayV2::Api	ApiEndpoint, ApiId
AWS::ApiGatewayV2::ApiGatewayManagedOverrides	❌
AWS::ApiGatewayV2::ApiMapping	ApiMappingId
AWS::ApiGatewayV2::Authorizer	AuthorizerId
AWS::ApiGatewayV2::Deployment	DeploymentId
AWS::ApiGatewayV2::DomainName	DomainNameArn, RegionalDomainName, RegionalHostedZoneId
AWS::ApiGatewayV2::Integration	IntegrationId
AWS::ApiGatewayV2::IntegrationResponse	IntegrationResponseId
AWS::ApiGatewayV2::Model	ModelId
AWS::ApiGatewayV2::Route	RouteId
AWS::ApiGatewayV2::RouteResponse	RouteResponseId
AWS::ApiGatewayV2::RoutingRule	RoutingRuleArn, RoutingRuleId
AWS::ApiGatewayV2::Stage	❌
AWS::ApiGatewayV2::VpcLink	VpcLinkId
AWS::AppConfig::Application	ApplicationId
AWS::AppConfig::ConfigurationProfile	ConfigurationProfileId, KmsKeyArn
AWS::AppConfig::Deployment	DeploymentNumber, State
AWS::AppConfig::DeploymentStrategy	Id
AWS::AppConfig::Environment	EnvironmentId
AWS::AppConfig::Extension	Arn, Id, VersionNumber
AWS::AppConfig::ExtensionAssociation	Arn, ExtensionArn, Id, ResourceArn
AWS::AppConfig::HostedConfigurationVersion	VersionNumber
AWS::AppFlow::Connector	ConnectorArn
AWS::AppFlow::ConnectorProfile	ConnectorProfileArn, CredentialsArn
AWS::AppFlow::Flow	FlowArn
AWS::AppIntegrations::Application	ApplicationArn, Id
AWS::AppIntegrations::DataIntegration	DataIntegrationArn, Id
AWS::AppIntegrations::EventIntegration	EventIntegrationArn
AWS::AppMesh::GatewayRoute	Arn, GatewayRouteName, MeshName, MeshOwner, ResourceOwner, Uid, VirtualGatewayName
AWS::AppMesh::Mesh	Arn, MeshName, MeshOwner, ResourceOwner, Uid
AWS::AppMesh::Route	Arn, MeshName, MeshOwner, ResourceOwner, RouteName, Uid, VirtualRouterName
AWS::AppMesh::VirtualGateway	Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualGatewayName
AWS::AppMesh::VirtualNode	Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualNodeName
AWS::AppMesh::VirtualRouter	Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualRouterName
AWS::AppMesh::VirtualService	Arn, MeshName, MeshOwner, ResourceOwner, Uid, VirtualServiceName
AWS::AppRunner::AutoScalingConfiguration	AutoScalingConfigurationArn, AutoScalingConfigurationRevision, Latest
AWS::AppRunner::ObservabilityConfiguration	Latest, ObservabilityConfigurationArn, ObservabilityConfigurationRevision
AWS::AppRunner::Service	ServiceArn, ServiceId, ServiceUrl, Status
AWS::AppRunner::VpcConnector	VpcConnectorArn, VpcConnectorRevision
AWS::AppRunner::VpcIngressConnection	DomainName, Status, VpcIngressConnectionArn
AWS::AppStream::AppBlock	Arn, CreatedTime
AWS::AppStream::AppBlockBuilder	Arn, CreatedTime
AWS::AppStream::Application	Arn, CreatedTime
AWS::AppStream::ApplicationEntitlementAssociation	❌
AWS::AppStream::ApplicationFleetAssociation	❌
AWS::AppStream::DirectoryConfig	❌
AWS::AppStream::Entitlement	CreatedTime, LastModifiedTime
AWS::AppStream::Fleet	❌
AWS::AppStream::ImageBuilder	StreamingUrl
AWS::AppStream::Stack	❌
AWS::AppStream::StackFleetAssociation	❌
AWS::AppStream::StackUserAssociation	❌
AWS::AppStream::User	❌
AWS::AppSync::Api	ApiArn, ApiId, Dns, Dns.Http, Dns.Realtime
AWS::AppSync::ApiCache	❌
AWS::AppSync::ApiKey	ApiKey, Arn
AWS::AppSync::ChannelNamespace	ChannelNamespaceArn
AWS::AppSync::DataSource	DataSourceArn, Name
AWS::AppSync::DomainName	AppSyncDomainName, DomainName, DomainNameArn, HostedZoneId
AWS::AppSync::DomainNameApiAssociation	ApiAssociationIdentifier
AWS::AppSync::FunctionConfiguration	DataSourceName, FunctionArn, FunctionId, Name
AWS::AppSync::GraphQLApi	ApiId, Arn, GraphQLDns, GraphQLEndpointArn, GraphQLUrl, RealtimeDns, RealtimeUrl
AWS::AppSync::GraphQLSchema	❌
AWS::AppSync::Resolver	FieldName, ResolverArn, TypeName
AWS::AppSync::SourceApiAssociation	AssociationArn, AssociationId, LastSuccessfulMergeDate, MergedApiArn, MergedApiId, SourceApiArn, SourceApiAssociationStatus, SourceApiAssociationStatusDetail, SourceApiId
AWS::AppTest::TestCase	CreationTime, LastUpdateTime, LatestVersion, LatestVersion.Status, LatestVersion.Version, Status, TestCaseArn, TestCaseId, TestCaseVersion
AWS::ApplicationAutoScaling::ScalableTarget	Id
AWS::ApplicationAutoScaling::ScalingPolicy	Arn
AWS::ApplicationInsights::Application	ApplicationARN
AWS::ApplicationSignals::Discovery	AccountId
AWS::ApplicationSignals::ServiceLevelObjective	Arn, CreatedTime, EvaluationType, LastUpdatedTime
AWS::Athena::CapacityReservation	AllocatedDpus, Arn, CreationTime, LastSuccessfulAllocationTime, Status
AWS::Athena::DataCatalog	❌
AWS::Athena::NamedQuery	NamedQueryId
AWS::Athena::PreparedStatement	❌
AWS::Athena::WorkGroup	CreationTime, WorkGroupConfiguration.EngineVersion.EffectiveEngineVersion
AWS::AuditManager::Assessment	Arn, AssessmentId, CreationTime
AWS::AutoScaling::AutoScalingGroup	AutoScalingGroupARN
AWS::AutoScaling::LaunchConfiguration	❌
AWS::AutoScaling::LifecycleHook	❌
AWS::AutoScaling::ScalingPolicy	Arn, PolicyName
AWS::AutoScaling::ScheduledAction	ScheduledActionName
AWS::AutoScaling::WarmPool	❌
AWS::AutoScalingPlans::ScalingPlan	ScalingPlanName, ScalingPlanVersion
AWS::B2BI::Capability	CapabilityArn, CapabilityId, CreatedAt, ModifiedAt
AWS::B2BI::Partnership	CreatedAt, ModifiedAt, PartnershipArn, PartnershipId, TradingPartnerId
AWS::B2BI::Profile	CreatedAt, LogGroupName, ModifiedAt, ProfileArn, ProfileId
AWS::B2BI::Transformer	CreatedAt, ModifiedAt, TransformerArn, TransformerId
AWS::BCMDataExports::Export	ExportArn
AWS::Backup::BackupPlan	BackupPlanArn, BackupPlanId, VersionId
AWS::Backup::BackupSelection	BackupPlanId, Id, SelectionId
AWS::Backup::BackupVault	BackupVaultArn, BackupVaultName
AWS::Backup::Framework	CreationTime, DeploymentStatus, FrameworkArn, FrameworkStatus
AWS::Backup::LogicallyAirGappedBackupVault	BackupVaultArn, EncryptionKeyArn, VaultState, VaultType
AWS::Backup::ReportPlan	ReportPlanArn
AWS::Backup::RestoreTestingPlan	RestoreTestingPlanArn
AWS::Backup::RestoreTestingSelection	❌
AWS::BackupGateway::Hypervisor	HypervisorArn
AWS::Batch::ComputeEnvironment	ComputeEnvironmentArn
AWS::Batch::ConsumableResource	AvailableQuantity, ConsumableResourceArn, CreatedAt, InUseQuantity
AWS::Batch::JobDefinition	JobDefinitionArn
AWS::Batch::JobQueue	JobQueueArn
AWS::Batch::SchedulingPolicy	Arn
AWS::Batch::ServiceEnvironment	ServiceEnvironmentArn
AWS::Bedrock::Agent	AgentArn, AgentId, AgentStatus, AgentVersion, CreatedAt, FailureReasons, PreparedAt, RecommendedActions, UpdatedAt
AWS::Bedrock::AgentAlias	AgentAliasArn, AgentAliasHistoryEvents, AgentAliasId, AgentAliasStatus, CreatedAt, UpdatedAt
AWS::Bedrock::ApplicationInferenceProfile	CreatedAt, InferenceProfileArn, InferenceProfileId, InferenceProfileIdentifier, Models, Status, Type, UpdatedAt
AWS::Bedrock::Blueprint	BlueprintArn, BlueprintStage, CreationTime, LastModifiedTime
AWS::Bedrock::DataAutomationProject	CreationTime, LastModifiedTime, ProjectArn, ProjectStage, Status
AWS::Bedrock::DataSource	CreatedAt, DataSourceConfiguration.WebConfiguration.CrawlerConfiguration.UserAgentHeader, DataSourceId, DataSourceStatus, FailureReasons, UpdatedAt
AWS::Bedrock::Flow	Arn, CreatedAt, Id, Status, UpdatedAt, Validations, Version
AWS::Bedrock::FlowAlias	Arn, CreatedAt, FlowId, Id, UpdatedAt
AWS::Bedrock::FlowVersion	CreatedAt, CustomerEncryptionKeyArn, Definition, Definition.Connections, Definition.Nodes, ExecutionRoleArn, FlowId, Name, Status, Version
AWS::Bedrock::Guardrail	CreatedAt, FailureRecommendations, GuardrailArn, GuardrailId, Status, StatusReasons, UpdatedAt, Version
AWS::Bedrock::GuardrailVersion	GuardrailArn, GuardrailId, Version
AWS::Bedrock::IntelligentPromptRouter	CreatedAt, PromptRouterArn, Status, Type, UpdatedAt
AWS::Bedrock::KnowledgeBase	CreatedAt, FailureReasons, KnowledgeBaseArn, KnowledgeBaseId, Status, UpdatedAt
AWS::Bedrock::Prompt	Arn, CreatedAt, Id, UpdatedAt, Version
AWS::Bedrock::PromptVersion	Arn, CreatedAt, CustomerEncryptionKeyArn, DefaultVariant, Name, PromptId, UpdatedAt, Variants, Version
AWS::Billing::BillingView	Arn, BillingViewType, CreatedAt, OwnerAccountId, UpdatedAt
AWS::BillingConductor::BillingGroup	Arn, CreationTime, LastModifiedTime, Size, Status, StatusReason
AWS::BillingConductor::CustomLineItem	Arn, AssociationSize, CreationTime, CurrencyCode, LastModifiedTime, ProductCode
AWS::BillingConductor::PricingPlan	Arn, CreationTime, LastModifiedTime, Size
AWS::BillingConductor::PricingRule	Arn, AssociatedPricingPlanCount, CreationTime, LastModifiedTime
AWS::Budgets::Budget	❌
AWS::Budgets::BudgetsAction	ActionId
AWS::CE::AnomalyMonitor	CreationDate, DimensionalValueCount, LastEvaluatedDate, LastUpdatedDate, MonitorArn
AWS::CE::AnomalySubscription	AccountId, SubscriptionArn
AWS::CE::CostCategory	Arn, EffectiveStart
AWS::CUR::ReportDefinition	❌
AWS::Cassandra::Keyspace	❌
AWS::Cassandra::Table	❌
AWS::Cassandra::Type	DirectParentTypes, DirectReferringTables, KeyspaceArn, LastModifiedTimestamp, MaxNestingDepth
AWS::CertificateManager::Account	AccountId
AWS::CertificateManager::Certificate	❌
AWS::Chatbot::CustomAction	CustomActionArn
AWS::Chatbot::MicrosoftTeamsChannelConfiguration	Arn
AWS::Chatbot::SlackChannelConfiguration	Arn
AWS::CleanRooms::AnalysisTemplate	AnalysisTemplateIdentifier, Arn, CollaborationArn, CollaborationIdentifier, MembershipArn
AWS::CleanRooms::Collaboration	Arn, CollaborationIdentifier
AWS::CleanRooms::ConfiguredTable	Arn, ConfiguredTableIdentifier
AWS::CleanRooms::ConfiguredTableAssociation	Arn, ConfiguredTableAssociationIdentifier
AWS::CleanRooms::IdMappingTable	Arn, CollaborationArn, CollaborationIdentifier, IdMappingTableIdentifier, InputReferenceProperties, InputReferenceProperties.IdMappingTableInputSource, MembershipArn
AWS::CleanRooms::IdNamespaceAssociation	Arn, CollaborationArn, CollaborationIdentifier, IdNamespaceAssociationIdentifier, InputReferenceProperties, InputReferenceProperties.IdMappingWorkflowsSupported, InputReferenceProperties.IdNamespaceType, MembershipArn
AWS::CleanRooms::Membership	Arn, CollaborationArn, CollaborationCreatorAccountId, MembershipIdentifier
AWS::CleanRooms::PrivacyBudgetTemplate	Arn, CollaborationArn, CollaborationIdentifier, MembershipArn, PrivacyBudgetTemplateIdentifier
AWS::CleanRoomsML::TrainingDataset	Status, TrainingDatasetArn
AWS::Cloud9::EnvironmentEC2	Arn, Name
AWS::CloudFormation::CustomResource	❌
AWS::CloudFormation::GuardHook	HookArn
AWS::CloudFormation::HookDefaultVersion	Arn
AWS::CloudFormation::HookTypeConfig	ConfigurationArn
AWS::CloudFormation::HookVersion	Arn, IsDefaultVersion, TypeArn, VersionId, Visibility
AWS::CloudFormation::LambdaHook	HookArn
AWS::CloudFormation::Macro	❌
AWS::CloudFormation::ModuleDefaultVersion	❌
AWS::CloudFormation::ModuleVersion	Arn, Description, DocumentationUrl, IsDefaultVersion, Schema, TimeCreated, VersionId, Visibility
AWS::CloudFormation::PublicTypeVersion	PublicTypeArn, PublisherId, TypeVersionArn
AWS::CloudFormation::Publisher	IdentityProvider, PublisherId, PublisherProfile, PublisherStatus
AWS::CloudFormation::ResourceDefaultVersion	Arn
AWS::CloudFormation::ResourceVersion	Arn, IsDefaultVersion, ProvisioningType, TypeArn, VersionId, Visibility
AWS::CloudFormation::Stack	❌
AWS::CloudFormation::StackSet	StackSetId
AWS::CloudFormation::TypeActivation	Arn
AWS::CloudFormation::WaitCondition	Data
AWS::CloudFormation::WaitConditionHandle	❌
AWS::CloudFront::AnycastIpList	AnycastIpList, AnycastIpList.AnycastIps, AnycastIpList.Arn, AnycastIpList.Id, AnycastIpList.IpCount, AnycastIpList.LastModifiedTime, AnycastIpList.Name, AnycastIpList.Status, ETag, Id
AWS::CloudFront::CachePolicy	Id, LastModifiedTime
AWS::CloudFront::CloudFrontOriginAccessIdentity	Id, S3CanonicalUserId
AWS::CloudFront::ConnectionGroup	Arn, CreatedTime, ETag, Id, IsDefault, LastModifiedTime, RoutingEndpoint, Status
AWS::CloudFront::ContinuousDeploymentPolicy	Id, LastModifiedTime
AWS::CloudFront::Distribution	DomainName, Id
AWS::CloudFront::DistributionTenant	Arn, CreatedTime, DomainResults, ETag, Id, LastModifiedTime, Status
AWS::CloudFront::Function	FunctionARN, FunctionMetadata.FunctionARN, Stage
AWS::CloudFront::KeyGroup	Id, LastModifiedTime
AWS::CloudFront::KeyValueStore	Arn, Id, Status
AWS::CloudFront::MonitoringSubscription	❌
AWS::CloudFront::OriginAccessControl	Id
AWS::CloudFront::OriginRequestPolicy	Id, LastModifiedTime
AWS::CloudFront::PublicKey	CreatedTime, Id
AWS::CloudFront::RealtimeLogConfig	Arn
AWS::CloudFront::ResponseHeadersPolicy	Id, LastModifiedTime
AWS::CloudFront::StreamingDistribution	DomainName
AWS::CloudFront::VpcOrigin	Arn, CreatedTime, Id, LastModifiedTime, Status
AWS::CloudTrail::Channel	ChannelArn
AWS::CloudTrail::Dashboard	CreatedTimestamp, DashboardArn, Status, Type, UpdatedTimestamp
AWS::CloudTrail::EventDataStore	CreatedTimestamp, EventDataStoreArn, Status, UpdatedTimestamp
AWS::CloudTrail::ResourcePolicy	❌
AWS::CloudTrail::Trail	Arn, SnsTopicArn
AWS::CloudWatch::Alarm	Arn
AWS::CloudWatch::AnomalyDetector	❌
AWS::CloudWatch::CompositeAlarm	Arn
AWS::CloudWatch::Dashboard	❌
AWS::CloudWatch::InsightRule	Arn, RuleName
AWS::CloudWatch::MetricStream	Arn, CreationDate, LastUpdateDate, State
AWS::CodeArtifact::Domain	Arn, EncryptionKey, Name, Owner
AWS::CodeArtifact::PackageGroup	Arn
AWS::CodeArtifact::Repository	Arn, DomainName, DomainOwner, Name
AWS::CodeBuild::Fleet	Arn
AWS::CodeBuild::Project	Arn
AWS::CodeBuild::ReportGroup	Arn
AWS::CodeBuild::SourceCredential	❌
AWS::CodeCommit::Repository	Arn, CloneUrlHttp, CloneUrlSsh, KmsKeyId, Name
AWS::CodeConnections::Connection	ConnectionArn, ConnectionStatus, OwnerAccountId
AWS::CodeDeploy::Application	❌
AWS::CodeDeploy::DeploymentConfig	❌
AWS::CodeDeploy::DeploymentGroup	❌
AWS::CodeGuruProfiler::ProfilingGroup	Arn
AWS::CodeGuruReviewer::RepositoryAssociation	AssociationArn
AWS::CodePipeline::CustomActionType	Id
AWS::CodePipeline::Pipeline	Version
AWS::CodePipeline::Webhook	Url
AWS::CodeStar::GitHubRepository	❌
AWS::CodeStarConnections::Connection	ConnectionArn, ConnectionStatus, OwnerAccountId
AWS::CodeStarConnections::RepositoryLink	ProviderType, RepositoryLinkArn, RepositoryLinkId
AWS::CodeStarConnections::SyncConfiguration	OwnerId, ProviderType, RepositoryName
AWS::CodeStarNotifications::NotificationRule	Arn
AWS::Cognito::IdentityPool	Id, Name
AWS::Cognito::IdentityPoolPrincipalTag	❌
AWS::Cognito::IdentityPoolRoleAttachment	Id
AWS::Cognito::LogDeliveryConfiguration	Id
AWS::Cognito::ManagedLoginBranding	ManagedLoginBrandingId
AWS::Cognito::UserPool	Arn, ProviderName, ProviderURL, UserPoolId
AWS::Cognito::UserPoolClient	ClientId, ClientSecret, Name
AWS::Cognito::UserPoolDomain	CloudFrontDistribution
AWS::Cognito::UserPoolGroup	❌
AWS::Cognito::UserPoolIdentityProvider	❌
AWS::Cognito::UserPoolResourceServer	❌
AWS::Cognito::UserPoolRiskConfigurationAttachment	❌
AWS::Cognito::UserPoolUICustomizationAttachment	❌
AWS::Cognito::UserPoolUser	❌
AWS::Cognito::UserPoolUserToGroupAttachment	❌
AWS::Comprehend::DocumentClassifier	Arn
AWS::Comprehend::Flywheel	Arn
AWS::Config::AggregationAuthorization	AggregationAuthorizationArn
AWS::Config::ConfigRule	Arn, Compliance.Type, ConfigRuleId
AWS::Config::ConfigurationAggregator	ConfigurationAggregatorArn
AWS::Config::ConfigurationRecorder	❌
AWS::Config::ConformancePack	❌
AWS::Config::DeliveryChannel	❌
AWS::Config::OrganizationConfigRule	❌
AWS::Config::OrganizationConformancePack	❌
AWS::Config::RemediationConfiguration	❌
AWS::Config::StoredQuery	QueryArn, QueryId
AWS::Connect::AgentStatus	AgentStatusArn, LastModifiedRegion, LastModifiedTime
AWS::Connect::ApprovedOrigin	❌
AWS::Connect::ContactFlow	ContactFlowArn
AWS::Connect::ContactFlowModule	ContactFlowModuleArn, Status
AWS::Connect::ContactFlowVersion	ContactFlowVersionARN, FlowContentSha256, Version
AWS::Connect::EmailAddress	EmailAddressArn
AWS::Connect::EvaluationForm	EvaluationFormArn
AWS::Connect::HoursOfOperation	HoursOfOperationArn
AWS::Connect::Instance	Arn, CreatedTime, Id, InstanceStatus, ServiceRole
AWS::Connect::InstanceStorageConfig	AssociationId
AWS::Connect::IntegrationAssociation	IntegrationAssociationId
AWS::Connect::PhoneNumber	Address, PhoneNumberArn
AWS::Connect::PredefinedAttribute	LastModifiedRegion, LastModifiedTime
AWS::Connect::Prompt	PromptArn
AWS::Connect::Queue	QueueArn, Type
AWS::Connect::QuickConnect	QuickConnectArn, QuickConnectType
AWS::Connect::RoutingProfile	RoutingProfileArn
AWS::Connect::Rule	RuleArn
AWS::Connect::SecurityKey	AssociationId
AWS::Connect::SecurityProfile	LastModifiedRegion, LastModifiedTime, SecurityProfileArn
AWS::Connect::TaskTemplate	Arn
AWS::Connect::TrafficDistributionGroup	IsDefault, Status, TrafficDistributionGroupArn
AWS::Connect::User	UserArn
AWS::Connect::UserHierarchyGroup	UserHierarchyGroupArn
AWS::Connect::UserHierarchyStructure	UserHierarchyStructureArn
AWS::Connect::View	ViewArn, ViewContentSha256, ViewId
AWS::Connect::ViewVersion	Version, ViewVersionArn
AWS::ConnectCampaigns::Campaign	Arn
AWS::ConnectCampaignsV2::Campaign	Arn
AWS::ControlTower::EnabledBaseline	EnabledBaselineIdentifier
AWS::ControlTower::EnabledControl	❌
AWS::ControlTower::LandingZone	Arn, DriftStatus, LandingZoneIdentifier, LatestAvailableVersion, Status
AWS::CustomerProfiles::CalculatedAttributeDefinition	CreatedAt, LastUpdatedAt, Readiness, Readiness.Message, Readiness.ProgressPercentage, Status
AWS::CustomerProfiles::Domain	CreatedAt, LastUpdatedAt, RuleBasedMatching.Status, Stats, Stats.MeteringProfileCount, Stats.ObjectCount, Stats.ProfileCount, Stats.TotalSize
AWS::CustomerProfiles::EventStream	CreatedAt, DestinationDetails, DestinationDetails.Status, DestinationDetails.Uri, EventStreamArn, State
AWS::CustomerProfiles::EventTrigger	CreatedAt, LastUpdatedAt
AWS::CustomerProfiles::Integration	CreatedAt, LastUpdatedAt
AWS::CustomerProfiles::ObjectType	CreatedAt, LastUpdatedAt, MaxAvailableProfileObjectCount
AWS::CustomerProfiles::SegmentDefinition	CreatedAt, SegmentDefinitionArn
AWS::DAX::Cluster	Arn, ClusterDiscoveryEndpoint, ClusterDiscoveryEndpointURL
AWS::DAX::ParameterGroup	❌
AWS::DAX::SubnetGroup	❌
AWS::DLM::LifecyclePolicy	Arn
AWS::DMS::Certificate	❌
AWS::DMS::DataMigration	DataMigrationArn, DataMigrationCreateTime
AWS::DMS::DataProvider	DataProviderArn, DataProviderCreationTime
AWS::DMS::Endpoint	ExternalId
AWS::DMS::EventSubscription	❌
AWS::DMS::InstanceProfile	InstanceProfileArn, InstanceProfileCreationTime
AWS::DMS::MigrationProject	MigrationProjectArn
AWS::DMS::ReplicationConfig	ReplicationConfigArn
AWS::DMS::ReplicationInstance	ReplicationInstancePrivateIpAddresses, ReplicationInstancePublicIpAddresses
AWS::DMS::ReplicationSubnetGroup	❌
AWS::DMS::ReplicationTask	❌
AWS::DSQL::Cluster	CreationTime, EncryptionDetails, EncryptionDetails.EncryptionStatus, EncryptionDetails.EncryptionType, EncryptionDetails.KmsKeyArn, Identifier, ResourceArn, Status, VpcEndpointServiceName
AWS::DataBrew::Dataset	❌
AWS::DataBrew::Job	❌
AWS::DataBrew::Project	❌
AWS::DataBrew::Recipe	❌
AWS::DataBrew::Ruleset	❌
AWS::DataBrew::Schedule	❌
AWS::DataPipeline::Pipeline	PipelineId
AWS::DataSync::Agent	AgentArn, EndpointType
AWS::DataSync::LocationAzureBlob	CmkSecretConfig.SecretArn, LocationArn, LocationUri, ManagedSecretConfig, ManagedSecretConfig.SecretArn
AWS::DataSync::LocationEFS	LocationArn, LocationUri
AWS::DataSync::LocationFSxLustre	LocationArn, LocationUri
AWS::DataSync::LocationFSxONTAP	FsxFilesystemArn, LocationArn, LocationUri
AWS::DataSync::LocationFSxOpenZFS	LocationArn, LocationUri
AWS::DataSync::LocationFSxWindows	LocationArn, LocationUri
AWS::DataSync::LocationHDFS	LocationArn, LocationUri
AWS::DataSync::LocationNFS	LocationArn, LocationUri
AWS::DataSync::LocationObjectStorage	CmkSecretConfig.SecretArn, LocationArn, LocationUri, ManagedSecretConfig, ManagedSecretConfig.SecretArn
AWS::DataSync::LocationS3	LocationArn, LocationUri
AWS::DataSync::LocationSMB	LocationArn, LocationUri
AWS::DataSync::Task	DestinationNetworkInterfaceArns, SourceNetworkInterfaceArns, Status, TaskArn
AWS::DataZone::Connection	ConnectionId, DomainId, DomainUnitId, EnvironmentId, EnvironmentUserRole, ProjectId, Type
AWS::DataZone::DataSource	ConnectionId, CreatedAt, DomainId, EnvironmentId, Id, LastRunAssetCount, LastRunAt, LastRunStatus, ProjectId, Status, UpdatedAt
AWS::DataZone::Domain	Arn, CreatedAt, Id, LastUpdatedAt, ManagedAccountId, PortalUrl, RootDomainUnitId, Status
AWS::DataZone::DomainUnit	CreatedAt, DomainId, Id, Identifier, LastUpdatedAt, ParentDomainUnitId
AWS::DataZone::Environment	AwsAccountId, AwsAccountRegion, CreatedAt, CreatedBy, DomainId, EnvironmentBlueprintId, EnvironmentProfileId, Id, ProjectId, Provider, Status, UpdatedAt
AWS::DataZone::EnvironmentActions	DomainId, EnvironmentId, Id
AWS::DataZone::EnvironmentBlueprintConfiguration	CreatedAt, DomainId, EnvironmentBlueprintId, UpdatedAt
AWS::DataZone::EnvironmentProfile	CreatedAt, CreatedBy, DomainId, EnvironmentBlueprintId, Id, ProjectId, UpdatedAt
AWS::DataZone::GroupProfile	DomainId, GroupName, Id
AWS::DataZone::Owner	❌
AWS::DataZone::Project	CreatedAt, CreatedBy, DomainId, Id, LastUpdatedAt, ProjectStatus
AWS::DataZone::ProjectMembership	❌
AWS::DataZone::ProjectProfile	CreatedAt, CreatedBy, DomainId, DomainUnitId, Id, Identifier, LastUpdatedAt
AWS::DataZone::SubscriptionTarget	CreatedAt, CreatedBy, DomainId, EnvironmentId, Id, ProjectId, UpdatedAt, UpdatedBy
AWS::DataZone::UserProfile	Details, Details.Iam, Details.Iam.Arn, Details.Sso, Details.Sso.FirstName, Details.Sso.LastName, Details.Sso.Username, DomainId, Id, Type
AWS::Deadline::Farm	Arn, FarmId
AWS::Deadline::Fleet	Arn, Capabilities, Capabilities.Amounts, Capabilities.Attributes, FleetId, Status, WorkerCount
AWS::Deadline::LicenseEndpoint	Arn, DnsName, LicenseEndpointId, Status, StatusMessage
AWS::Deadline::Limit	CurrentCount, LimitId
AWS::Deadline::MeteredProduct	Arn, Family, Port, Vendor
AWS::Deadline::Monitor	Arn, IdentityCenterApplicationArn, MonitorId, Url
AWS::Deadline::Queue	Arn, QueueId
AWS::Deadline::QueueEnvironment	Name, QueueEnvironmentId
AWS::Deadline::QueueFleetAssociation	❌
AWS::Deadline::QueueLimitAssociation	❌
AWS::Deadline::StorageProfile	StorageProfileId
AWS::Detective::Graph	Arn
AWS::Detective::MemberInvitation	❌
AWS::Detective::OrganizationAdmin	GraphArn
AWS::DevOpsGuru::LogAnomalyDetectionIntegration	AccountId
AWS::DevOpsGuru::NotificationChannel	Id
AWS::DevOpsGuru::ResourceCollection	ResourceCollectionType
AWS::DirectoryService::MicrosoftAD	Alias, DnsIpAddresses
AWS::DirectoryService::SimpleAD	Alias, DirectoryId, DnsIpAddresses
AWS::DocDB::DBCluster	ClusterResourceId, Endpoint, Port, ReadEndpoint
AWS::DocDB::DBClusterParameterGroup	❌
AWS::DocDB::DBInstance	Endpoint, Port
AWS::DocDB::DBSubnetGroup	❌
AWS::DocDB::EventSubscription	❌
AWS::DocDBElastic::Cluster	ClusterArn, ClusterEndpoint
AWS::DynamoDB::GlobalTable	Arn, StreamArn, TableId
AWS::DynamoDB::Table	Arn, StreamArn
AWS::EC2::CapacityReservation	AvailabilityZone, AvailableInstanceCount, CapacityAllocationSet, CapacityReservationArn, CapacityReservationFleetId, CommitmentInfo, CommitmentInfo.CommitmentEndDate, CommitmentInfo.CommittedInstanceCount, CreateDate, DeliveryPreference, Id, InstanceType, OwnerId, ReservationType, StartDate, State, Tenancy, TotalInstanceCount
AWS::EC2::CapacityReservationFleet	CapacityReservationFleetId
AWS::EC2::CarrierGateway	CarrierGatewayId, OwnerId, State
AWS::EC2::ClientVpnAuthorizationRule	❌
AWS::EC2::ClientVpnEndpoint	❌
AWS::EC2::ClientVpnRoute	❌
AWS::EC2::ClientVpnTargetNetworkAssociation	❌
AWS::EC2::CustomerGateway	CustomerGatewayId
AWS::EC2::DHCPOptions	DhcpOptionsId
AWS::EC2::EC2Fleet	FleetId
AWS::EC2::EIP	AllocationId, PublicIp
AWS::EC2::EIPAssociation	Id
AWS::EC2::EgressOnlyInternetGateway	Id
AWS::EC2::EnclaveCertificateIamRoleAssociation	CertificateS3BucketName, CertificateS3ObjectKey, EncryptionKmsKeyId
AWS::EC2::FlowLog	Id
AWS::EC2::GatewayRouteTableAssociation	AssociationId
AWS::EC2::Host	HostId
AWS::EC2::IPAM	Arn, DefaultResourceDiscoveryAssociationId, DefaultResourceDiscoveryId, IpamId, PrivateDefaultScopeId, PublicDefaultScopeId, ResourceDiscoveryAssociationCount, ScopeCount
AWS::EC2::IPAMAllocation	IpamPoolAllocationId
AWS::EC2::IPAMPool	Arn, IpamArn, IpamPoolId, IpamScopeArn, IpamScopeType, PoolDepth, State, StateMessage
AWS::EC2::IPAMPoolCidr	IpamPoolCidrId, State
AWS::EC2::IPAMResourceDiscovery	IpamResourceDiscoveryArn, IpamResourceDiscoveryId, IpamResourceDiscoveryRegion, IsDefault, OwnerId, State
AWS::EC2::IPAMResourceDiscoveryAssociation	IpamArn, IpamRegion, IpamResourceDiscoveryAssociationArn, IpamResourceDiscoveryAssociationId, IsDefault, OwnerId, ResourceDiscoveryStatus, State
AWS::EC2::IPAMScope	Arn, IpamArn, IpamScopeId, IpamScopeType, IsDefault, PoolCount
AWS::EC2::Instance	AvailabilityZone, InstanceId, PrivateDnsName, PrivateIp, PublicDnsName, PublicIp, State, State.Code, State.Name, VpcId
AWS::EC2::InstanceConnectEndpoint	Id
AWS::EC2::InternetGateway	InternetGatewayId
AWS::EC2::IpPoolRouteTableAssociation	AssociationId
AWS::EC2::KeyPair	KeyFingerprint, KeyPairId
AWS::EC2::LaunchTemplate	DefaultVersionNumber, LatestVersionNumber, LaunchTemplateId
AWS::EC2::LocalGatewayRoute	State, Type
AWS::EC2::LocalGatewayRouteTable	LocalGatewayRouteTableArn, LocalGatewayRouteTableId, OutpostArn, OwnerId, State
AWS::EC2::LocalGatewayRouteTableVPCAssociation	LocalGatewayId, LocalGatewayRouteTableVpcAssociationId, State
AWS::EC2::NatGateway	NatGatewayId
AWS::EC2::NetworkAcl	Id
AWS::EC2::NetworkAclEntry	Id
AWS::EC2::NetworkInsightsAccessScope	CreatedDate, NetworkInsightsAccessScopeArn, NetworkInsightsAccessScopeId, UpdatedDate
AWS::EC2::NetworkInsightsAccessScopeAnalysis	AnalyzedEniCount, EndDate, FindingsFound, NetworkInsightsAccessScopeAnalysisArn, NetworkInsightsAccessScopeAnalysisId, StartDate, Status, StatusMessage
AWS::EC2::NetworkInsightsAnalysis	AlternatePathHints, Explanations, ForwardPathComponents, NetworkInsightsAnalysisArn, NetworkInsightsAnalysisId, NetworkPathFound, ReturnPathComponents, StartDate, Status, StatusMessage, SuggestedAccounts
AWS::EC2::NetworkInsightsPath	CreatedDate, DestinationArn, NetworkInsightsPathArn, NetworkInsightsPathId, SourceArn
AWS::EC2::NetworkInterface	Id, PrimaryIpv6Address, PrimaryPrivateIpAddress, SecondaryPrivateIpAddresses, VpcId
AWS::EC2::NetworkInterfaceAttachment	AttachmentId
AWS::EC2::NetworkInterfacePermission	❌
AWS::EC2::NetworkPerformanceMetricSubscription	❌
AWS::EC2::PlacementGroup	GroupName
AWS::EC2::PrefixList	Arn, OwnerId, PrefixListId, Version
AWS::EC2::Route	CidrBlock
AWS::EC2::RouteServer	Arn, Id
AWS::EC2::RouteServerAssociation	❌
AWS::EC2::RouteServerEndpoint	Arn, EniAddress, EniId, Id, VpcId
AWS::EC2::RouteServerPeer	Arn, EndpointEniAddress, EndpointEniId, Id, RouteServerId, SubnetId, VpcId
AWS::EC2::RouteServerPropagation	❌
AWS::EC2::RouteTable	RouteTableId
AWS::EC2::SecurityGroup	GroupId, Id, VpcId
AWS::EC2::SecurityGroupEgress	Id
AWS::EC2::SecurityGroupIngress	Id
AWS::EC2::SecurityGroupVpcAssociation	State, StateReason, VpcOwnerId
AWS::EC2::SnapshotBlockPublicAccess	AccountId
AWS::EC2::SpotFleet	Id
AWS::EC2::Subnet	AvailabilityZone, AvailabilityZoneId, BlockPublicAccessStates, BlockPublicAccessStates.InternetGatewayBlockMode, CidrBlock, Ipv6CidrBlocks, NetworkAclAssociationId, OutpostArn, SubnetId, VpcId
AWS::EC2::SubnetCidrBlock	Id, IpSource, Ipv6AddressAttribute
AWS::EC2::SubnetNetworkAclAssociation	AssociationId
AWS::EC2::SubnetRouteTableAssociation	Id
AWS::EC2::TrafficMirrorFilter	Id
AWS::EC2::TrafficMirrorFilterRule	TrafficMirrorFilterRuleId
AWS::EC2::TrafficMirrorSession	Id
AWS::EC2::TrafficMirrorTarget	Id
AWS::EC2::TransitGateway	Id, TransitGatewayArn
AWS::EC2::TransitGatewayAttachment	Id
AWS::EC2::TransitGatewayConnect	CreationTime, State, TransitGatewayAttachmentId, TransitGatewayId
AWS::EC2::TransitGatewayConnectPeer	ConnectPeerConfiguration.BgpConfigurations, ConnectPeerConfiguration.Protocol, CreationTime, State, TransitGatewayConnectPeerId
AWS::EC2::TransitGatewayMulticastDomain	CreationTime, State, TransitGatewayMulticastDomainArn, TransitGatewayMulticastDomainId
AWS::EC2::TransitGatewayMulticastDomainAssociation	ResourceId, ResourceType, State
AWS::EC2::TransitGatewayMulticastGroupMember	GroupMember, GroupSource, MemberType, ResourceId, ResourceType, SubnetId, TransitGatewayAttachmentId
AWS::EC2::TransitGatewayMulticastGroupSource	GroupMember, GroupSource, ResourceId, ResourceType, SourceType, SubnetId, TransitGatewayAttachmentId
AWS::EC2::TransitGatewayPeeringAttachment	CreationTime, State, Status, Status.Code, Status.Message, TransitGatewayAttachmentId
AWS::EC2::TransitGatewayRoute	❌
AWS::EC2::TransitGatewayRouteTable	TransitGatewayRouteTableId
AWS::EC2::TransitGatewayRouteTableAssociation	❌
AWS::EC2::TransitGatewayRouteTablePropagation	❌
AWS::EC2::TransitGatewayVpcAttachment	Id
AWS::EC2::VPC	CidrBlock, CidrBlockAssociations, DefaultNetworkAcl, DefaultSecurityGroup, Ipv6CidrBlocks, VpcId
AWS::EC2::VPCBlockPublicAccessExclusion	ExclusionId
AWS::EC2::VPCBlockPublicAccessOptions	AccountId
AWS::EC2::VPCCidrBlock	Id, IpSource, Ipv6AddressAttribute
AWS::EC2::VPCDHCPOptionsAssociation	❌
AWS::EC2::VPCEndpoint	CreationTimestamp, DnsEntries, Id, NetworkInterfaceIds
AWS::EC2::VPCEndpointConnectionNotification	VPCEndpointConnectionNotificationId
AWS::EC2::VPCEndpointService	ServiceId
AWS::EC2::VPCEndpointServicePermissions	❌
AWS::EC2::VPCGatewayAttachment	AttachmentType
AWS::EC2::VPCPeeringConnection	Id
AWS::EC2::VPNConnection	VpnConnectionId
AWS::EC2::VPNConnectionRoute	❌
AWS::EC2::VPNGateway	VPNGatewayId
AWS::EC2::VPNGatewayRoutePropagation	Id
AWS::EC2::VerifiedAccessEndpoint	CreationTime, DeviceValidationDomain, EndpointDomain, LastUpdatedTime, Status, VerifiedAccessEndpointId, VerifiedAccessInstanceId
AWS::EC2::VerifiedAccessGroup	CreationTime, LastUpdatedTime, Owner, VerifiedAccessGroupArn, VerifiedAccessGroupId
AWS::EC2::VerifiedAccessInstance	CidrEndpointsCustomSubDomainNameServers, CreationTime, LastUpdatedTime, VerifiedAccessInstanceId
AWS::EC2::VerifiedAccessTrustProvider	CreationTime, LastUpdatedTime, VerifiedAccessTrustProviderId
AWS::EC2::Volume	VolumeId
AWS::EC2::VolumeAttachment	❌
AWS::ECR::PublicRepository	Arn
AWS::ECR::PullThroughCacheRule	❌
AWS::ECR::RegistryPolicy	RegistryId
AWS::ECR::RegistryScanningConfiguration	RegistryId
AWS::ECR::ReplicationConfiguration	RegistryId
AWS::ECR::Repository	Arn, RepositoryUri
AWS::ECR::RepositoryCreationTemplate	CreatedAt, UpdatedAt
AWS::ECS::CapacityProvider	❌
AWS::ECS::Cluster	Arn
AWS::ECS::ClusterCapacityProviderAssociations	❌
AWS::ECS::PrimaryTaskSet	❌
AWS::ECS::Service	Name, ServiceArn
AWS::ECS::TaskDefinition	TaskDefinitionArn
AWS::ECS::TaskSet	Id
AWS::EFS::AccessPoint	AccessPointId, Arn
AWS::EFS::FileSystem	Arn, FileSystemId
AWS::EFS::MountTarget	Id, IpAddress
AWS::EKS::AccessEntry	AccessEntryArn
AWS::EKS::Addon	Arn
AWS::EKS::Cluster	Arn, CertificateAuthorityData, ClusterSecurityGroupId, EncryptionConfigKeyArn, Endpoint, Id, KubernetesNetworkConfig.ServiceIpv6Cidr, OpenIdConnectIssuerUrl
AWS::EKS::FargateProfile	Arn
AWS::EKS::IdentityProviderConfig	IdentityProviderConfigArn
AWS::EKS::Nodegroup	Arn, ClusterName, Id, NodegroupName
AWS::EKS::PodIdentityAssociation	AssociationArn, AssociationId, ExternalId
AWS::EMR::Cluster	MasterPublicDNS
AWS::EMR::InstanceFleetConfig	❌
AWS::EMR::InstanceGroupConfig	❌
AWS::EMR::SecurityConfiguration	❌
AWS::EMR::Step	Id
AWS::EMR::Studio	Arn, StudioId, Url
AWS::EMR::StudioSessionMapping	❌
AWS::EMR::WALWorkspace	❌
AWS::EMRContainers::VirtualCluster	Arn, Id
AWS::EMRServerless::Application	ApplicationId, Arn
AWS::EVS::Environment	Checks, CreatedAt, Credentials, EnvironmentArn, EnvironmentId, EnvironmentState, ModifiedAt, StateDetails
AWS::ElastiCache::CacheCluster	ConfigurationEndpoint.Address, ConfigurationEndpoint.Port, RedisEndpoint.Address, RedisEndpoint.Port
AWS::ElastiCache::GlobalReplicationGroup	GlobalReplicationGroupId, Status
AWS::ElastiCache::ParameterGroup	CacheParameterGroupName
AWS::ElastiCache::ReplicationGroup	ConfigurationEndPoint.Address, ConfigurationEndPoint.Port, PrimaryEndPoint.Address, PrimaryEndPoint.Port, ReadEndPoint.Addresses, ReadEndPoint.Addresses.List, ReadEndPoint.Ports, ReadEndPoint.Ports.List, ReaderEndPoint.Address, ReaderEndPoint.Port
AWS::ElastiCache::SecurityGroup	❌
AWS::ElastiCache::SecurityGroupIngress	❌
AWS::ElastiCache::ServerlessCache	ARN, CreateTime, Endpoint.Address, Endpoint.Port, FullEngineVersion, ReaderEndpoint.Address, ReaderEndpoint.Port, Status
AWS::ElastiCache::SubnetGroup	❌
AWS::ElastiCache::User	Arn, Status
AWS::ElastiCache::UserGroup	Arn, Status
AWS::ElasticBeanstalk::Application	❌
AWS::ElasticBeanstalk::ApplicationVersion	Id
AWS::ElasticBeanstalk::ConfigurationTemplate	TemplateName
AWS::ElasticBeanstalk::Environment	EndpointURL
AWS::ElasticLoadBalancing::LoadBalancer	CanonicalHostedZoneName, CanonicalHostedZoneNameID, DNSName, SourceSecurityGroup.GroupName, SourceSecurityGroup.OwnerAlias
AWS::ElasticLoadBalancingV2::Listener	ListenerArn
AWS::ElasticLoadBalancingV2::ListenerCertificate	❌
AWS::ElasticLoadBalancingV2::ListenerRule	IsDefault, RuleArn
AWS::ElasticLoadBalancingV2::LoadBalancer	CanonicalHostedZoneID, DNSName, LoadBalancerArn, LoadBalancerFullName, LoadBalancerName, SecurityGroups
AWS::ElasticLoadBalancingV2::TargetGroup	LoadBalancerArns, TargetGroupArn, TargetGroupFullName, TargetGroupName
AWS::ElasticLoadBalancingV2::TrustStore	NumberOfCaCertificates, Status, TrustStoreArn
AWS::ElasticLoadBalancingV2::TrustStoreRevocation	RevocationId, TrustStoreRevocations
AWS::Elasticsearch::Domain	Arn, DomainArn, DomainEndpoint
AWS::EntityResolution::IdMappingWorkflow	CreatedAt, UpdatedAt, WorkflowArn
AWS::EntityResolution::IdNamespace	CreatedAt, IdNamespaceArn, UpdatedAt
AWS::EntityResolution::MatchingWorkflow	CreatedAt, UpdatedAt, WorkflowArn
AWS::EntityResolution::PolicyStatement	❌
AWS::EntityResolution::SchemaMapping	CreatedAt, HasWorkflows, SchemaArn, UpdatedAt
AWS::EventSchemas::Discoverer	DiscovererArn, DiscovererId, State
AWS::EventSchemas::Registry	RegistryArn, RegistryName
AWS::EventSchemas::RegistryPolicy	Id
AWS::EventSchemas::Schema	LastModified, SchemaArn, SchemaName, SchemaVersion, VersionCreatedDate
AWS::Events::ApiDestination	Arn, ArnForPolicy
AWS::Events::Archive	Arn
AWS::Events::Connection	Arn, ArnForPolicy, AuthParameters.ConnectivityParameters.ResourceParameters.ResourceAssociationArn, InvocationConnectivityParameters.ResourceParameters.ResourceAssociationArn, SecretArn
AWS::Events::Endpoint	Arn, EndpointId, EndpointUrl, State, StateReason
AWS::Events::EventBus	Arn, Name
AWS::Events::EventBusPolicy	❌
AWS::Events::Rule	Arn
AWS::Evidently::Experiment	Arn
AWS::Evidently::Feature	Arn
AWS::Evidently::Launch	Arn
AWS::Evidently::Project	Arn
AWS::Evidently::Segment	Arn
AWS::FIS::ExperimentTemplate	Id
AWS::FIS::TargetAccountConfiguration	❌
AWS::FMS::NotificationChannel	❌
AWS::FMS::Policy	Arn, Id
AWS::FMS::ResourceSet	Id
AWS::FSx::DataRepositoryAssociation	AssociationId, ResourceARN
AWS::FSx::FileSystem	DNSName, LustreMountName, ResourceARN, RootVolumeId
AWS::FSx::S3AccessPointAttachment	S3AccessPoint.Alias, S3AccessPoint.ResourceARN
AWS::FSx::Snapshot	ResourceARN
AWS::FSx::StorageVirtualMachine	ResourceARN, StorageVirtualMachineId, UUID
AWS::FSx::Volume	ResourceARN, UUID, VolumeId
AWS::FinSpace::Environment	AwsAccountId, DedicatedServiceAccountId, EnvironmentArn, EnvironmentId, EnvironmentUrl, SageMakerStudioDomainUrl, Status
AWS::Forecast::Dataset	Arn
AWS::Forecast::DatasetGroup	DatasetGroupArn
AWS::FraudDetector::Detector	Arn, CreatedTime, DetectorVersionId, EventType.Arn, EventType.CreatedTime, EventType.LastUpdatedTime, LastUpdatedTime
AWS::FraudDetector::EntityType	Arn, CreatedTime, LastUpdatedTime
AWS::FraudDetector::EventType	Arn, CreatedTime, LastUpdatedTime
AWS::FraudDetector::Label	Arn, CreatedTime, LastUpdatedTime
AWS::FraudDetector::List	Arn, CreatedTime, LastUpdatedTime
AWS::FraudDetector::Outcome	Arn, CreatedTime, LastUpdatedTime
AWS::FraudDetector::Variable	Arn, CreatedTime, LastUpdatedTime
AWS::GameLift::Alias	AliasArn, AliasId
AWS::GameLift::Build	BuildArn, BuildId
AWS::GameLift::ContainerFleet	CreationTime, DeploymentDetails, DeploymentDetails.LatestDeploymentId, FleetArn, FleetId, GameServerContainerGroupDefinitionArn, MaximumGameServerContainerGroupsPerInstance, PerInstanceContainerGroupDefinitionArn, Status
AWS::GameLift::ContainerGroupDefinition	ContainerGroupDefinitionArn, CreationTime, Status, StatusReason, VersionNumber
AWS::GameLift::Fleet	FleetArn, FleetId
AWS::GameLift::GameServerGroup	AutoScalingGroupArn, GameServerGroupArn
AWS::GameLift::GameSessionQueue	Arn, Name
AWS::GameLift::Location	LocationArn
AWS::GameLift::MatchmakingConfiguration	Arn, Name
AWS::GameLift::MatchmakingRuleSet	Arn, CreationTime, Name
AWS::GameLift::Script	Arn, CreationTime, Id, SizeOnDisk
AWS::GlobalAccelerator::Accelerator	AcceleratorArn, DnsName, DualStackDnsName, Ipv4Addresses, Ipv6Addresses
AWS::GlobalAccelerator::CrossAccountAttachment	AttachmentArn
AWS::GlobalAccelerator::EndpointGroup	EndpointGroupArn
AWS::GlobalAccelerator::Listener	ListenerArn
AWS::Glue::Classifier	❌
AWS::Glue::Connection	❌
AWS::Glue::Crawler	❌
AWS::Glue::CustomEntityType	❌
AWS::Glue::DataCatalogEncryptionSettings	❌
AWS::Glue::DataQualityRuleset	❌
AWS::Glue::Database	❌
AWS::Glue::DevEndpoint	❌
AWS::Glue::Job	❌
AWS::Glue::MLTransform	❌
AWS::Glue::Partition	❌
AWS::Glue::Registry	Arn
AWS::Glue::Schema	Arn, InitialSchemaVersionId
AWS::Glue::SchemaVersion	VersionId
AWS::Glue::SchemaVersionMetadata	❌
AWS::Glue::SecurityConfiguration	❌
AWS::Glue::Table	❌
AWS::Glue::TableOptimizer	❌
AWS::Glue::Trigger	❌
AWS::Glue::UsageProfile	CreatedOn
AWS::Glue::Workflow	❌
AWS::Grafana::Workspace	CreationTimestamp, Endpoint, GrafanaVersion, Id, ModificationTimestamp, SamlConfigurationStatus, SsoClientId, Status
AWS::Greengrass::ConnectorDefinition	Arn, Id, LatestVersionArn, Name
AWS::Greengrass::ConnectorDefinitionVersion	❌
AWS::Greengrass::CoreDefinition	Arn, Id, LatestVersionArn, Name
AWS::Greengrass::CoreDefinitionVersion	❌
AWS::Greengrass::DeviceDefinition	Arn, Id, LatestVersionArn, Name
AWS::Greengrass::DeviceDefinitionVersion	❌
AWS::Greengrass::FunctionDefinition	Arn, Id, LatestVersionArn, Name
AWS::Greengrass::FunctionDefinitionVersion	❌
AWS::Greengrass::Group	Arn, Id, LatestVersionArn, Name, RoleArn, RoleAttachedAt
AWS::Greengrass::GroupVersion	❌
AWS::Greengrass::LoggerDefinition	Arn, Id, LatestVersionArn, Name
AWS::Greengrass::LoggerDefinitionVersion	❌
AWS::Greengrass::ResourceDefinition	Arn, Id, LatestVersionArn, Name
AWS::Greengrass::ResourceDefinitionVersion	❌
AWS::Greengrass::SubscriptionDefinition	Arn, Id, LatestVersionArn, Name
AWS::Greengrass::SubscriptionDefinitionVersion	❌
AWS::GreengrassV2::ComponentVersion	Arn, ComponentName, ComponentVersion
AWS::GreengrassV2::Deployment	DeploymentId
AWS::GroundStation::Config	Arn, Id, Type
AWS::GroundStation::DataflowEndpointGroup	Arn, Id
AWS::GroundStation::MissionProfile	Arn, Id, Region
AWS::GuardDuty::Detector	Id
AWS::GuardDuty::Filter	❌
AWS::GuardDuty::IPSet	Id
AWS::GuardDuty::MalwareProtectionPlan	Arn, CreatedAt, MalwareProtectionPlanId, Status, StatusReasons
AWS::GuardDuty::Master	❌
AWS::GuardDuty::Member	❌
AWS::GuardDuty::PublishingDestination	Id, PublishingFailureStartTimestamp, Status
AWS::GuardDuty::ThreatIntelSet	Id
AWS::HealthImaging::Datastore	CreatedAt, DatastoreArn, DatastoreId, DatastoreStatus, UpdatedAt
AWS::HealthLake::FHIRDatastore	CreatedAt, CreatedAt.Nanos, CreatedAt.Seconds, DatastoreArn, DatastoreEndpoint, DatastoreId, DatastoreStatus
AWS::IAM::AccessKey	SecretAccessKey
AWS::IAM::Group	Arn
AWS::IAM::GroupPolicy	❌
AWS::IAM::InstanceProfile	Arn
AWS::IAM::ManagedPolicy	AttachmentCount, CreateDate, DefaultVersionId, IsAttachable, PermissionsBoundaryUsageCount, PolicyArn, PolicyId, UpdateDate
AWS::IAM::OIDCProvider	Arn
AWS::IAM::Policy	Id
AWS::IAM::Role	Arn, RoleId
AWS::IAM::RolePolicy	❌
AWS::IAM::SAMLProvider	Arn, SamlProviderUUID
AWS::IAM::ServerCertificate	Arn
AWS::IAM::ServiceLinkedRole	RoleName
AWS::IAM::User	Arn
AWS::IAM::UserPolicy	❌
AWS::IAM::UserToGroupAddition	❌
AWS::IAM::VirtualMFADevice	SerialNumber
AWS::IVS::Channel	Arn, IngestEndpoint, PlaybackUrl
AWS::IVS::EncoderConfiguration	Arn
AWS::IVS::IngestConfiguration	Arn, ParticipantId, State, StreamKey
AWS::IVS::PlaybackKeyPair	Arn, Fingerprint
AWS::IVS::PlaybackRestrictionPolicy	Arn
AWS::IVS::PublicKey	Arn, Fingerprint
AWS::IVS::RecordingConfiguration	Arn, State
AWS::IVS::Stage	ActiveSessionId, Arn
AWS::IVS::StorageConfiguration	Arn
AWS::IVS::StreamKey	Arn, Value
AWS::IVSChat::LoggingConfiguration	Arn, Id, State
AWS::IVSChat::Room	Arn, Id
AWS::IdentityStore::Group	GroupId
AWS::IdentityStore::GroupMembership	MembershipId
AWS::ImageBuilder::Component	Arn, Encrypted, Name, Type
AWS::ImageBuilder::ContainerRecipe	Arn, Name
AWS::ImageBuilder::DistributionConfiguration	Arn, Name
AWS::ImageBuilder::Image	Arn, ImageId, ImageUri, Name
AWS::ImageBuilder::ImagePipeline	Arn, Name
AWS::ImageBuilder::ImageRecipe	Arn, Name
AWS::ImageBuilder::InfrastructureConfiguration	Arn, Name
AWS::ImageBuilder::LifecyclePolicy	Arn
AWS::ImageBuilder::Workflow	Arn
AWS::Inspector::AssessmentTarget	Arn
AWS::Inspector::AssessmentTemplate	Arn
AWS::Inspector::ResourceGroup	Arn
AWS::InspectorV2::CisScanConfiguration	Arn
AWS::InspectorV2::CodeSecurityIntegration	Arn, AuthorizationUrl, CreatedAt, LastUpdatedAt, Status, StatusReason
AWS::InspectorV2::CodeSecurityScanConfiguration	Arn
AWS::InspectorV2::Filter	Arn
AWS::InternetMonitor::Monitor	CreatedAt, ModifiedAt, MonitorArn, ProcessingStatus, ProcessingStatusInfo
AWS::Invoicing::InvoiceUnit	InvoiceUnitArn, LastModified
AWS::IoT::AccountAuditConfiguration	❌
AWS::IoT::Authorizer	Arn
AWS::IoT::BillingGroup	Arn, Id
AWS::IoT::CACertificate	Arn, Id
AWS::IoT::Certificate	Arn, Id
AWS::IoT::CertificateProvider	Arn
AWS::IoT::Command	CommandArn
AWS::IoT::CustomMetric	MetricArn
AWS::IoT::Dimension	Arn
AWS::IoT::DomainConfiguration	Arn, DomainType, ServerCertificates
AWS::IoT::FleetMetric	CreationDate, LastModifiedDate, MetricArn, Version
AWS::IoT::JobTemplate	Arn
AWS::IoT::Logging	❌
AWS::IoT::MitigationAction	MitigationActionArn, MitigationActionId
AWS::IoT::Policy	Arn, Id
AWS::IoT::PolicyPrincipalAttachment	❌
AWS::IoT::ProvisioningTemplate	TemplateArn
AWS::IoT::ResourceSpecificLogging	TargetId
AWS::IoT::RoleAlias	RoleAliasArn
AWS::IoT::ScheduledAudit	ScheduledAuditArn
AWS::IoT::SecurityProfile	SecurityProfileArn
AWS::IoT::SoftwarePackage	PackageArn
AWS::IoT::SoftwarePackageVersion	ErrorReason, PackageVersionArn, SbomValidationStatus, Status
AWS::IoT::Thing	Arn, Id
AWS::IoT::ThingGroup	Arn, Id
AWS::IoT::ThingPrincipalAttachment	❌
AWS::IoT::ThingType	Arn, Id
AWS::IoT::TopicRule	Arn
AWS::IoT::TopicRuleDestination	Arn, StatusReason
AWS::IoTAnalytics::Channel	Id
AWS::IoTAnalytics::Dataset	Id
AWS::IoTAnalytics::Datastore	Id
AWS::IoTAnalytics::Pipeline	Id
AWS::IoTCoreDeviceAdvisor::SuiteDefinition	SuiteDefinitionArn, SuiteDefinitionId, SuiteDefinitionVersion
AWS::IoTEvents::AlarmModel	❌
AWS::IoTEvents::DetectorModel	❌
AWS::IoTEvents::Input	❌
AWS::IoTFleetHub::Application	ApplicationArn, ApplicationCreationDate, ApplicationId, ApplicationLastUpdateDate, ApplicationState, ApplicationUrl, ErrorMessage, SsoClientId
AWS::IoTFleetWise::Campaign	Arn, CreationTime, LastModificationTime, Status
AWS::IoTFleetWise::DecoderManifest	Arn, CreationTime, LastModificationTime
AWS::IoTFleetWise::Fleet	Arn, CreationTime, LastModificationTime
AWS::IoTFleetWise::ModelManifest	Arn, CreationTime, LastModificationTime
AWS::IoTFleetWise::SignalCatalog	Arn, CreationTime, LastModificationTime, NodeCounts.TotalActuators, NodeCounts.TotalAttributes, NodeCounts.TotalBranches, NodeCounts.TotalNodes, NodeCounts.TotalSensors
AWS::IoTFleetWise::StateTemplate	Arn, CreationTime, Id, LastModificationTime
AWS::IoTFleetWise::Vehicle	Arn, CreationTime, LastModificationTime
AWS::IoTSiteWise::AccessPolicy	AccessPolicyArn, AccessPolicyId
AWS::IoTSiteWise::Asset	AssetArn, AssetId
AWS::IoTSiteWise::AssetModel	AssetModelArn, AssetModelId
AWS::IoTSiteWise::ComputationModel	ComputationModelArn, ComputationModelId
AWS::IoTSiteWise::Dashboard	DashboardArn, DashboardId
AWS::IoTSiteWise::Dataset	DatasetArn, DatasetId
AWS::IoTSiteWise::Gateway	GatewayId
AWS::IoTSiteWise::Portal	PortalArn, PortalClientId, PortalId, PortalStartUrl
AWS::IoTSiteWise::Project	ProjectArn, ProjectId
AWS::IoTThingsGraph::FlowTemplate	❌
AWS::IoTTwinMaker::ComponentType	Arn, CreationDateTime, IsAbstract, IsSchemaInitialized, Status, Status.Error, Status.Error.Code, Status.Error.Message, Status.State, UpdateDateTime
AWS::IoTTwinMaker::Entity	Arn, CreationDateTime, HasChildEntities, Status, Status.Error, Status.State, UpdateDateTime
AWS::IoTTwinMaker::Scene	Arn, CreationDateTime, GeneratedSceneMetadata, UpdateDateTime
AWS::IoTTwinMaker::SyncJob	Arn, CreationDateTime, State, UpdateDateTime
AWS::IoTTwinMaker::Workspace	Arn, CreationDateTime, UpdateDateTime
AWS::IoTWireless::Destination	Arn
AWS::IoTWireless::DeviceProfile	Arn, Id
AWS::IoTWireless::FuotaTask	Arn, FuotaTaskStatus, Id, LoRaWAN.StartTime
AWS::IoTWireless::MulticastGroup	Arn, Id, LoRaWAN.NumberOfDevicesInGroup, LoRaWAN.NumberOfDevicesRequested, Status
AWS::IoTWireless::NetworkAnalyzerConfiguration	Arn
AWS::IoTWireless::PartnerAccount	Arn, Fingerprint
AWS::IoTWireless::ServiceProfile	Arn, Id, LoRaWAN.ChannelMask, LoRaWAN.DevStatusReqFreq, LoRaWAN.DlBucketSize, LoRaWAN.DlRate, LoRaWAN.DlRatePolicy, LoRaWAN.DrMax, LoRaWAN.DrMin, LoRaWAN.HrAllowed, LoRaWAN.MinGwDiversity, LoRaWAN.NwkGeoLoc, LoRaWAN.ReportDevStatusBattery, LoRaWAN.ReportDevStatusMargin, LoRaWAN.TargetPer, LoRaWAN.UlBucketSize, LoRaWAN.UlRate, LoRaWAN.UlRatePolicy
AWS::IoTWireless::TaskDefinition	Arn, Id
AWS::IoTWireless::WirelessDevice	Arn, Id, ThingName
AWS::IoTWireless::WirelessDeviceImportTask	Arn, CreationDate, FailedImportedDevicesCount, Id, InitializedImportedDevicesCount, OnboardedImportedDevicesCount, PendingImportedDevicesCount, Sidewalk.DeviceCreationFileList, Status, StatusReason
AWS::IoTWireless::WirelessGateway	Arn, Id
AWS::KMS::Alias	❌
AWS::KMS::Key	Arn, KeyId
AWS::KMS::ReplicaKey	Arn, KeyId
AWS::KafkaConnect::Connector	ConnectorArn
AWS::KafkaConnect::CustomPlugin	CustomPluginArn, FileDescription, FileDescription.FileMd5, FileDescription.FileSize, Revision
AWS::KafkaConnect::WorkerConfiguration	Revision, WorkerConfigurationArn
AWS::Kendra::DataSource	Arn, Id
AWS::Kendra::Faq	Arn, Id
AWS::Kendra::Index	Arn, Id
AWS::KendraRanking::ExecutionPlan	Arn, Id
AWS::Kinesis::ResourcePolicy	❌
AWS::Kinesis::Stream	Arn
AWS::Kinesis::StreamConsumer	ConsumerARN, ConsumerCreationTimestamp, ConsumerName, ConsumerStatus, StreamARN
AWS::KinesisAnalytics::Application	❌
AWS::KinesisAnalytics::ApplicationOutput	❌
AWS::KinesisAnalytics::ApplicationReferenceDataSource	❌
AWS::KinesisAnalyticsV2::Application	❌
AWS::KinesisAnalyticsV2::ApplicationOutput	❌
AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource	❌
AWS::KinesisFirehose::DeliveryStream	Arn
AWS::KinesisVideo::SignalingChannel	Arn
AWS::KinesisVideo::Stream	Arn
AWS::LakeFormation::DataCellsFilter	❌
AWS::LakeFormation::DataLakeSettings	❌
AWS::LakeFormation::Permissions	❌
AWS::LakeFormation::PrincipalPermissions	PrincipalIdentifier, ResourceIdentifier
AWS::LakeFormation::Resource	❌
AWS::LakeFormation::Tag	❌
AWS::LakeFormation::TagAssociation	ResourceIdentifier, TagsIdentifier
AWS::Lambda::Alias	AliasArn
AWS::Lambda::CodeSigningConfig	CodeSigningConfigArn, CodeSigningConfigId
AWS::Lambda::EventInvokeConfig	❌
AWS::Lambda::EventSourceMapping	EventSourceMappingArn, Id
AWS::Lambda::Function	Arn, SnapStartResponse, SnapStartResponse.ApplyOn, SnapStartResponse.OptimizationStatus
AWS::Lambda::LayerVersion	LayerVersionArn
AWS::Lambda::LayerVersionPermission	Id
AWS::Lambda::Permission	Id
AWS::Lambda::Url	FunctionArn, FunctionUrl
AWS::Lambda::Version	FunctionArn, Version
AWS::LaunchWizard::Deployment	Arn, CreatedAt, DeletedAt, DeploymentId, ResourceGroup, Status
AWS::Lex::Bot	Arn, Id
AWS::Lex::BotAlias	Arn, BotAliasId, BotAliasStatus
AWS::Lex::BotVersion	BotVersion
AWS::Lex::ResourcePolicy	Id, RevisionId
AWS::LicenseManager::Grant	GrantArn, Version
AWS::LicenseManager::License	LicenseArn, Version
AWS::Lightsail::Alarm	AlarmArn, State
AWS::Lightsail::Bucket	AbleToUpdateBundle, BucketArn, Url
AWS::Lightsail::Certificate	CertificateArn, Status
AWS::Lightsail::Container	ContainerArn, PrincipalArn, PrivateRegistryAccess.EcrImagePullerRole.PrincipalArn, Url
AWS::Lightsail::Database	DatabaseArn
AWS::Lightsail::Disk	AttachedTo, AttachmentState, DiskArn, Iops, IsAttached, Location.AvailabilityZone, Location.RegionName, Path, ResourceType, State, SupportCode
AWS::Lightsail::Distribution	AbleToUpdateBundle, DistributionArn, Status
AWS::Lightsail::Domain	Arn, CreatedAt, Location, Location.AvailabilityZone, Location.RegionName, ResourceType, SupportCode
AWS::Lightsail::Instance	Hardware.CpuCount, Hardware.RamSizeInGb, InstanceArn, Ipv6Addresses, IsStaticIp, Location.AvailabilityZone, Location.RegionName, Networking.MonthlyTransfer.GbPerMonthAllocated, PrivateIpAddress, PublicIpAddress, ResourceType, SshKeyName, State.Code, State.Name, SupportCode, UserName
AWS::Lightsail::InstanceSnapshot	Arn, FromInstanceArn, FromInstanceName, IsFromAutoSnapshot, Location, Location.AvailabilityZone, Location.RegionName, ResourceType, SizeInGb, State, SupportCode
AWS::Lightsail::LoadBalancer	LoadBalancerArn
AWS::Lightsail::LoadBalancerTlsCertificate	LoadBalancerTlsCertificateArn, Status
AWS::Lightsail::StaticIp	IpAddress, IsAttached, StaticIpArn
AWS::Location::APIKey	Arn, CreateTime, KeyArn, UpdateTime
AWS::Location::GeofenceCollection	Arn, CollectionArn, CreateTime, UpdateTime
AWS::Location::Map	Arn, CreateTime, MapArn, UpdateTime
AWS::Location::PlaceIndex	Arn, CreateTime, IndexArn, UpdateTime
AWS::Location::RouteCalculator	Arn, CalculatorArn, CreateTime, UpdateTime
AWS::Location::Tracker	Arn, CreateTime, TrackerArn, UpdateTime
AWS::Location::TrackerConsumer	❌
AWS::Logs::AccountPolicy	AccountId
AWS::Logs::Delivery	Arn, DeliveryDestinationType, DeliveryId
AWS::Logs::DeliveryDestination	Arn, DeliveryDestinationType
AWS::Logs::DeliverySource	Arn, ResourceArns, Service
AWS::Logs::Destination	Arn
AWS::Logs::Integration	IntegrationStatus
AWS::Logs::LogAnomalyDetector	AnomalyDetectorArn, AnomalyDetectorStatus, CreationTimeStamp, LastModifiedTimeStamp
AWS::Logs::LogGroup	Arn
AWS::Logs::LogStream	❌
AWS::Logs::MetricFilter	❌
AWS::Logs::QueryDefinition	QueryDefinitionId
AWS::Logs::ResourcePolicy	❌
AWS::Logs::SubscriptionFilter	❌
AWS::Logs::Transformer	❌
AWS::LookoutEquipment::InferenceScheduler	InferenceSchedulerArn
AWS::LookoutMetrics::Alert	Arn
AWS::LookoutMetrics::AnomalyDetector	Arn
AWS::LookoutVision::Project	Arn
AWS::M2::Application	ApplicationArn, ApplicationId
AWS::M2::Deployment	DeploymentId, Status
AWS::M2::Environment	EnvironmentArn, EnvironmentId
AWS::MPA::ApprovalTeam	Arn, CreationTime, LastUpdateTime, NumberOfApprovers, Status, StatusCode, StatusMessage, UpdateSessionArn, VersionId
AWS::MPA::IdentitySource	CreationTime, IdentitySourceArn, IdentitySourceParameters.IamIdentityCenter.ApprovalPortalUrl, IdentitySourceType, Status, StatusCode, StatusMessage
AWS::MSK::BatchScramSecret	❌
AWS::MSK::Cluster	Arn
AWS::MSK::ClusterPolicy	CurrentVersion
AWS::MSK::Configuration	Arn, LatestRevision.CreationTime, LatestRevision.Description, LatestRevision.Revision
AWS::MSK::Replicator	CurrentVersion, ReplicatorArn
AWS::MSK::ServerlessCluster	Arn
AWS::MSK::VpcConnection	Arn
AWS::Macie::AllowList	Arn, Id, Status
AWS::Macie::CustomDataIdentifier	Arn, Id
AWS::Macie::FindingsFilter	Arn, Id
AWS::Macie::Session	AutomatedDiscoveryStatus, AwsAccountId, ServiceRole
AWS::ManagedBlockchain::Accessor	Arn, BillingToken, CreationDate, Id, Status
AWS::ManagedBlockchain::Member	MemberId, NetworkId
AWS::ManagedBlockchain::Node	Arn, MemberId, NetworkId, NodeId
AWS::MediaConnect::Bridge	BridgeArn, BridgeState
AWS::MediaConnect::BridgeOutput	❌
AWS::MediaConnect::BridgeSource	❌
AWS::MediaConnect::Flow	EgressIp, FlowArn, FlowAvailabilityZone, FlowNdiMachineName, Source.IngestIp, Source.SourceArn, Source.SourceIngestPort
AWS::MediaConnect::FlowEntitlement	EntitlementArn
AWS::MediaConnect::FlowOutput	OutputArn
AWS::MediaConnect::FlowSource	IngestIp, SourceArn, SourceIngestPort
AWS::MediaConnect::FlowVpcInterface	NetworkInterfaceIds
AWS::MediaConnect::Gateway	GatewayArn, GatewayState
AWS::MediaConvert::JobTemplate	Arn, Name
AWS::MediaConvert::Preset	Arn, Name
AWS::MediaConvert::Queue	Arn, Name
AWS::MediaLive::Channel	Arn, Inputs
AWS::MediaLive::ChannelPlacementGroup	Arn, Channels, Id, State
AWS::MediaLive::CloudWatchAlarmTemplate	Arn, CreatedAt, GroupId, Id, Identifier, ModifiedAt
AWS::MediaLive::CloudWatchAlarmTemplateGroup	Arn, CreatedAt, Id, Identifier, ModifiedAt
AWS::MediaLive::Cluster	Arn, ChannelIds, Id, State
AWS::MediaLive::EventBridgeRuleTemplate	Arn, CreatedAt, GroupId, Id, Identifier, ModifiedAt
AWS::MediaLive::EventBridgeRuleTemplateGroup	Arn, CreatedAt, Id, Identifier, ModifiedAt
AWS::MediaLive::Input	Arn, Destinations, Sources
AWS::MediaLive::InputSecurityGroup	Arn
AWS::MediaLive::Multiplex	Arn, Id, PipelinesRunningCount, ProgramCount, State
AWS::MediaLive::Multiplexprogram	ChannelId
AWS::MediaLive::Network	Arn, AssociatedClusterIds, Id, State
AWS::MediaLive::SdiSource	Arn, Id, Inputs, State
AWS::MediaLive::SignalMap	Arn, CloudWatchAlarmTemplateGroupIds, CreatedAt, ErrorMessage, EventBridgeRuleTemplateGroupIds, FailedMediaResourceMap, Id, Identifier, LastDiscoveredAt, LastSuccessfulMonitorDeployment, LastSuccessfulMonitorDeployment.DetailsUri, LastSuccessfulMonitorDeployment.Status, MediaResourceMap, ModifiedAt, MonitorChangesPendingDeployment, MonitorDeployment, MonitorDeployment.DetailsUri, MonitorDeployment.ErrorMessage, MonitorDeployment.Status, Status
AWS::MediaPackage::Asset	Arn, CreatedAt
AWS::MediaPackage::Channel	Arn
AWS::MediaPackage::OriginEndpoint	Arn, Url
AWS::MediaPackage::PackagingConfiguration	Arn
AWS::MediaPackage::PackagingGroup	Arn, DomainName
AWS::MediaPackageV2::Channel	Arn, CreatedAt, IngestEndpointUrls, IngestEndpoints, ModifiedAt
AWS::MediaPackageV2::ChannelGroup	Arn, CreatedAt, EgressDomain, ModifiedAt
AWS::MediaPackageV2::ChannelPolicy	❌
AWS::MediaPackageV2::OriginEndpoint	Arn, CreatedAt, DashManifestUrls, HlsManifestUrls, LowLatencyHlsManifestUrls, ModifiedAt
AWS::MediaPackageV2::OriginEndpointPolicy	❌
AWS::MediaStore::Container	Endpoint
AWS::MediaTailor::Channel	Arn
AWS::MediaTailor::ChannelPolicy	❌
AWS::MediaTailor::LiveSource	Arn
AWS::MediaTailor::PlaybackConfiguration	DashConfiguration.ManifestEndpointPrefix, HlsConfiguration.ManifestEndpointPrefix, PlaybackConfigurationArn, PlaybackEndpointPrefix, SessionInitializationEndpointPrefix
AWS::MediaTailor::SourceLocation	Arn
AWS::MediaTailor::VodSource	Arn
AWS::MemoryDB::ACL	Arn, Status
AWS::MemoryDB::Cluster	ARN, ClusterEndpoint.Address, ClusterEndpoint.Port, ParameterGroupStatus, Status
AWS::MemoryDB::MultiRegionCluster	ARN, MultiRegionClusterName, Status
AWS::MemoryDB::ParameterGroup	ARN
AWS::MemoryDB::SubnetGroup	ARN, SupportedNetworkTypes
AWS::MemoryDB::User	Arn, Status
AWS::Neptune::DBCluster	ClusterResourceId, Endpoint, Port, ReadEndpoint
AWS::Neptune::DBClusterParameterGroup	❌
AWS::Neptune::DBInstance	Endpoint, Port
AWS::Neptune::DBParameterGroup	❌
AWS::Neptune::DBSubnetGroup	❌
AWS::Neptune::EventSubscription	❌
AWS::NeptuneGraph::Graph	Endpoint, GraphArn, GraphId
AWS::NeptuneGraph::PrivateGraphEndpoint	PrivateGraphEndpointIdentifier, VpcEndpointId
AWS::NetworkFirewall::Firewall	EndpointIds, FirewallArn, FirewallId
AWS::NetworkFirewall::FirewallPolicy	FirewallPolicyArn, FirewallPolicyId
AWS::NetworkFirewall::LoggingConfiguration	❌
AWS::NetworkFirewall::RuleGroup	RuleGroupArn, RuleGroupId
AWS::NetworkFirewall::TLSInspectionConfiguration	TLSInspectionConfigurationArn, TLSInspectionConfigurationId
AWS::NetworkFirewall::VpcEndpointAssociation	EndpointId, VpcEndpointAssociationArn, VpcEndpointAssociationId
AWS::NetworkManager::ConnectAttachment	AttachmentId, AttachmentPolicyRuleNumber, AttachmentType, CoreNetworkArn, CreatedAt, OwnerAccountId, ResourceArn, SegmentName, State, UpdatedAt
AWS::NetworkManager::ConnectPeer	Configuration, Configuration.BgpConfigurations, Configuration.CoreNetworkAddress, Configuration.InsideCidrBlocks, Configuration.PeerAddress, Configuration.Protocol, ConnectPeerId, CoreNetworkId, CreatedAt, EdgeLocation, State
AWS::NetworkManager::CoreNetwork	CoreNetworkArn, CoreNetworkId, CreatedAt, Edges, NetworkFunctionGroups, OwnerAccount, Segments, State
AWS::NetworkManager::CustomerGatewayAssociation	❌
AWS::NetworkManager::Device	CreatedAt, DeviceArn, DeviceId, State
AWS::NetworkManager::DirectConnectGatewayAttachment	AttachmentId, AttachmentPolicyRuleNumber, AttachmentType, CoreNetworkArn, CreatedAt, NetworkFunctionGroupName, OwnerAccountId, ResourceArn, SegmentName, State, UpdatedAt
AWS::NetworkManager::GlobalNetwork	Arn, Id
AWS::NetworkManager::Link	CreatedAt, LinkArn, LinkId, State
AWS::NetworkManager::LinkAssociation	❌
AWS::NetworkManager::Site	CreatedAt, SiteArn, SiteId, State
AWS::NetworkManager::SiteToSiteVpnAttachment	AttachmentId, AttachmentPolicyRuleNumber, AttachmentType, CoreNetworkArn, CreatedAt, EdgeLocation, OwnerAccountId, ResourceArn, SegmentName, State, UpdatedAt
AWS::NetworkManager::TransitGatewayPeering	CoreNetworkArn, CreatedAt, EdgeLocation, OwnerAccountId, PeeringId, PeeringType, ResourceArn, State, TransitGatewayPeeringAttachmentId
AWS::NetworkManager::TransitGatewayRegistration	❌
AWS::NetworkManager::TransitGatewayRouteTableAttachment	AttachmentId, AttachmentPolicyRuleNumber, AttachmentType, CoreNetworkArn, CoreNetworkId, CreatedAt, EdgeLocation, OwnerAccountId, ResourceArn, SegmentName, State, UpdatedAt
AWS::NetworkManager::VpcAttachment	AttachmentId, AttachmentPolicyRuleNumber, AttachmentType, CoreNetworkArn, CreatedAt, EdgeLocation, NetworkFunctionGroupName, OwnerAccountId, ResourceArn, SegmentName, State, UpdatedAt
AWS::Notifications::ChannelAssociation	❌
AWS::Notifications::EventRule	Arn, CreationTime, ManagedRules, StatusSummaryByRegion
AWS::Notifications::NotificationConfiguration	Arn, CreationTime, Status
AWS::Notifications::NotificationHub	CreationTime, NotificationHubStatusSummary, NotificationHubStatusSummary.NotificationHubStatus, NotificationHubStatusSummary.NotificationHubStatusReason
AWS::NotificationsContacts::EmailContact	Arn, EmailContact, EmailContact.Address, EmailContact.Arn, EmailContact.CreationTime, EmailContact.Name, EmailContact.Status, EmailContact.UpdateTime
AWS::ODB::CloudAutonomousVmCluster	AutonomousDataStoragePercentage, AvailableAutonomousDataStorageSizeInTBs, AvailableContainerDatabases, AvailableCpus, CloudAutonomousVmClusterArn, CloudAutonomousVmClusterId, ComputeModel, CpuCoreCount, CpuPercentage, DataStorageSizeInGBs, DataStorageSizeInTBs, DbNodeStorageSizeInGBs, Domain, ExadataStorageInTBsLowestScaledValue, Hostname, MaxAcdsLowestScaledValue, MemorySizeInGBs, NodeCount, NonProvisionableAutonomousContainerDatabases, OciResourceAnchorName, OciUrl, Ocid, ProvisionableAutonomousContainerDatabases, ProvisionedAutonomousContainerDatabases, ProvisionedCpus, ReclaimableCpus, ReservedCpus, Shape
AWS::ODB::CloudExadataInfrastructure	ActivatedStorageCount, AdditionalStorageCount, AvailableStorageSizeInGBs, CloudExadataInfrastructureArn, CloudExadataInfrastructureId, ComputeModel, CpuCount, DataStorageSizeInTBs, DbNodeStorageSizeInGBs, DbServerIds, DbServerVersion, MaxCpuCount, MaxDataStorageInTBs, MaxDbNodeStorageSizeInGBs, MaxMemoryInGBs, MemorySizeInGBs, OciResourceAnchorName, OciUrl, Ocid, StorageServerVersion, TotalStorageSizeInGBs
AWS::ODB::CloudVmCluster	CloudVmClusterArn, CloudVmClusterId, ComputeModel, DiskRedundancy, Domain, ListenerPort, NodeCount, OciResourceAnchorName, OciUrl, Ocid, ScanDnsName, ScanIpIds, Shape, StorageSizeInGBs, VipIds
AWS::ODB::OdbNetwork	OciNetworkAnchorId, OciResourceAnchorName, OciVcnUrl, OdbNetworkArn, OdbNetworkId
AWS::OSIS::Pipeline	IngestEndpointUrls, PipelineArn, VpcEndpointService, VpcEndpoints
AWS::Oam::Link	Arn, Label
AWS::Oam::Sink	Arn
AWS::ObservabilityAdmin::OrganizationTelemetryRule	RuleArn
AWS::ObservabilityAdmin::TelemetryRule	RuleArn
AWS::Omics::AnnotationStore	CreationTime, Id, Status, StatusMessage, StoreArn, StoreSizeBytes, UpdateTime
AWS::Omics::ReferenceStore	Arn, CreationTime, ReferenceStoreId
AWS::Omics::RunGroup	Arn, CreationTime, Id
AWS::Omics::SequenceStore	Arn, CreationTime, S3AccessPointArn, S3Uri, SequenceStoreId, Status, StatusMessage, UpdateTime
AWS::Omics::VariantStore	CreationTime, Id, Status, StatusMessage, StoreArn, StoreSizeBytes, UpdateTime
AWS::Omics::Workflow	Arn, CreationTime, Id, Status, Type, Uuid
AWS::Omics::WorkflowVersion	Arn, CreationTime, Status, Type, Uuid
AWS::OpenSearchServerless::AccessPolicy	❌
AWS::OpenSearchServerless::Collection	Arn, CollectionEndpoint, DashboardEndpoint, Id
AWS::OpenSearchServerless::Index	Uuid
AWS::OpenSearchServerless::LifecyclePolicy	❌
AWS::OpenSearchServerless::SecurityConfig	IamIdentityCenterOptions.ApplicationArn, IamIdentityCenterOptions.ApplicationDescription, IamIdentityCenterOptions.ApplicationName, Id
AWS::OpenSearchServerless::SecurityPolicy	❌
AWS::OpenSearchServerless::VpcEndpoint	Id
AWS::OpenSearchService::Application	Arn, Id
AWS::OpenSearchService::Domain	AdvancedSecurityOptions.AnonymousAuthDisableDate, Arn, DomainArn, DomainEndpoint, DomainEndpointV2, DomainEndpoints, Id, IdentityCenterOptions.IdentityCenterApplicationARN, IdentityCenterOptions.IdentityStoreId, ServiceSoftwareOptions, ServiceSoftwareOptions.AutomatedUpdateDate, ServiceSoftwareOptions.Cancellable, ServiceSoftwareOptions.CurrentVersion, ServiceSoftwareOptions.Description, ServiceSoftwareOptions.NewVersion, ServiceSoftwareOptions.OptionalDeployment, ServiceSoftwareOptions.UpdateAvailable, ServiceSoftwareOptions.UpdateStatus
AWS::OpsWorks::App	❌
AWS::OpsWorks::ElasticLoadBalancerAttachment	❌
AWS::OpsWorks::Instance	AvailabilityZone, PrivateDnsName, PrivateIp, PublicDnsName, PublicIp
AWS::OpsWorks::Layer	❌
AWS::OpsWorks::Stack	❌
AWS::OpsWorks::UserProfile	SshUsername
AWS::OpsWorks::Volume	❌
AWS::OpsWorksCM::Server	Arn, Endpoint
AWS::Organizations::Account	AccountId, Arn, JoinedMethod, JoinedTimestamp, Status
AWS::Organizations::Organization	Arn, Id, ManagementAccountArn, ManagementAccountEmail, ManagementAccountId, RootId
AWS::Organizations::OrganizationalUnit	Arn, Id
AWS::Organizations::Policy	Arn, AwsManaged, Id
AWS::Organizations::ResourcePolicy	Arn, Id
AWS::PCAConnectorAD::Connector	ConnectorArn
AWS::PCAConnectorAD::DirectoryRegistration	DirectoryRegistrationArn
AWS::PCAConnectorAD::ServicePrincipalName	❌
AWS::PCAConnectorAD::Template	TemplateArn
AWS::PCAConnectorAD::TemplateGroupAccessControlEntry	❌
AWS::PCAConnectorSCEP::Challenge	ChallengeArn
AWS::PCAConnectorSCEP::Connector	ConnectorArn, Endpoint, OpenIdConfiguration, OpenIdConfiguration.Audience, OpenIdConfiguration.Issuer, OpenIdConfiguration.Subject, Type
AWS::PCS::Cluster	Arn, Endpoints, ErrorInfo, Id, Status
AWS::PCS::ComputeNodeGroup	Arn, ErrorInfo, Id, Status
AWS::PCS::Queue	Arn, ErrorInfo, Id, Status
AWS::Panorama::ApplicationInstance	ApplicationInstanceId, Arn, CreatedTime, DefaultRuntimeContextDeviceName, HealthStatus, LastUpdatedTime, Status, StatusDescription
AWS::Panorama::Package	Arn, CreatedTime, PackageId, StorageLocation.BinaryPrefixLocation, StorageLocation.Bucket, StorageLocation.GeneratedPrefixLocation, StorageLocation.ManifestPrefixLocation, StorageLocation.RepoPrefixLocation
AWS::Panorama::PackageVersion	IsLatestPatch, PackageArn, PackageName, RegisteredTime, Status, StatusDescription
AWS::PaymentCryptography::Alias	❌
AWS::PaymentCryptography::Key	KeyIdentifier, KeyOrigin, KeyState
AWS::Personalize::Dataset	DatasetArn
AWS::Personalize::DatasetGroup	DatasetGroupArn
AWS::Personalize::Schema	SchemaArn
AWS::Personalize::Solution	SolutionArn
AWS::Pinpoint::ADMChannel	❌
AWS::Pinpoint::APNSChannel	❌
AWS::Pinpoint::APNSSandboxChannel	❌
AWS::Pinpoint::APNSVoipChannel	❌
AWS::Pinpoint::APNSVoipSandboxChannel	❌
AWS::Pinpoint::App	Arn
AWS::Pinpoint::ApplicationSettings	❌
AWS::Pinpoint::BaiduChannel	❌
AWS::Pinpoint::Campaign	Arn, CampaignId
AWS::Pinpoint::EmailChannel	❌
AWS::Pinpoint::EmailTemplate	Arn
AWS::Pinpoint::EventStream	❌
AWS::Pinpoint::GCMChannel	❌
AWS::Pinpoint::InAppTemplate	Arn
AWS::Pinpoint::PushTemplate	Arn
AWS::Pinpoint::SMSChannel	❌
AWS::Pinpoint::Segment	Arn, SegmentId
AWS::Pinpoint::SmsTemplate	Arn
AWS::Pinpoint::VoiceChannel	❌
AWS::PinpointEmail::ConfigurationSet	❌
AWS::PinpointEmail::ConfigurationSetEventDestination	❌
AWS::PinpointEmail::DedicatedIpPool	❌
AWS::PinpointEmail::Identity	IdentityDNSRecordName1, IdentityDNSRecordName2, IdentityDNSRecordName3, IdentityDNSRecordValue1, IdentityDNSRecordValue2, IdentityDNSRecordValue3
AWS::Pipes::Pipe	Arn, CreationTime, CurrentState, LastModifiedTime, StateReason
AWS::Proton::EnvironmentAccountConnection	Arn, Id, Status
AWS::Proton::EnvironmentTemplate	Arn
AWS::Proton::ServiceTemplate	Arn
AWS::QBusiness::Application	ApplicationArn, ApplicationId, CreatedAt, IdentityCenterApplicationArn, Status, UpdatedAt
AWS::QBusiness::DataAccessor	CreatedAt, DataAccessorArn, DataAccessorId, IdcApplicationArn, UpdatedAt
AWS::QBusiness::DataSource	CreatedAt, DataSourceArn, DataSourceId, Status, Type, UpdatedAt
AWS::QBusiness::Index	CreatedAt, IndexArn, IndexId, IndexStatistics, IndexStatistics.TextDocumentStatistics, IndexStatistics.TextDocumentStatistics.IndexedTextBytes, IndexStatistics.TextDocumentStatistics.IndexedTextDocumentCount, Status, UpdatedAt
AWS::QBusiness::Permission	❌
AWS::QBusiness::Plugin	BuildStatus, CreatedAt, PluginArn, PluginId, UpdatedAt
AWS::QBusiness::Retriever	CreatedAt, RetrieverArn, RetrieverId, Status, UpdatedAt
AWS::QBusiness::WebExperience	CreatedAt, DefaultEndpoint, Status, UpdatedAt, WebExperienceArn, WebExperienceId
AWS::QLDB::Ledger	❌
AWS::QLDB::Stream	Arn, Id
AWS::QuickSight::Analysis	Arn, CreatedTime, DataSetArns, LastUpdatedTime
AWS::QuickSight::CustomPermissions	Arn
AWS::QuickSight::Dashboard	Arn, CreatedTime, LastPublishedTime, LastUpdatedTime, Version, Version.Arn, Version.CreatedTime, Version.DataSetArns, Version.Description, Version.Errors, Version.Sheets, Version.SourceEntityArn, Version.Status, Version.ThemeArn, Version.VersionNumber
AWS::QuickSight::DataSet	Arn, ConsumedSpiceCapacityInBytes, CreatedTime, LastUpdatedTime, OutputColumns
AWS::QuickSight::DataSource	Arn, CreatedTime, LastUpdatedTime, Status
AWS::QuickSight::Folder	Arn, CreatedTime, LastUpdatedTime
AWS::QuickSight::RefreshSchedule	Arn
AWS::QuickSight::Template	Arn, CreatedTime, LastUpdatedTime, Version, Version.CreatedTime, Version.DataSetConfigurations, Version.Description, Version.Errors, Version.Sheets, Version.SourceEntityArn, Version.Status, Version.ThemeArn, Version.VersionNumber
AWS::QuickSight::Theme	Arn, CreatedTime, LastUpdatedTime, Type, Version, Version.Arn, Version.BaseThemeId, Version.Configuration, Version.Configuration.DataColorPalette, Version.Configuration.Sheet, Version.Configuration.Typography, Version.Configuration.UIColorPalette, Version.CreatedTime, Version.Description, Version.Errors, Version.Status, Version.VersionNumber
AWS::QuickSight::Topic	Arn
AWS::QuickSight::VPCConnection	Arn, CreatedTime, LastUpdatedTime, NetworkInterfaces, Status, VPCId
AWS::RAM::Permission	Arn, IsResourceTypeDefault, PermissionType, Version
AWS::RAM::ResourceShare	Arn
AWS::RDS::CustomDBEngineVersion	DBEngineVersionArn
AWS::RDS::DBCluster	DBClusterArn, DBClusterResourceId, Endpoint, Endpoint.Address, Endpoint.Port, MasterUserSecret.SecretArn, ReadEndpoint, ReadEndpoint.Address, StorageThroughput
AWS::RDS::DBClusterParameterGroup	❌
AWS::RDS::DBInstance	AutomaticRestartTime, CertificateDetails, CertificateDetails.CAIdentifier, CertificateDetails.ValidTill, DBInstanceArn, DBInstanceStatus, DBSystemId, DbiResourceId, Endpoint, Endpoint.Address, Endpoint.HostedZoneId, Endpoint.Port, InstanceCreateTime, IsStorageConfigUpgradeAvailable, LatestRestorableTime, ListenerEndpoint, ListenerEndpoint.Address, ListenerEndpoint.HostedZoneId, ListenerEndpoint.Port, MasterUserSecret.SecretArn, PercentProgress, ReadReplicaDBClusterIdentifiers, ReadReplicaDBInstanceIdentifiers, ResumeFullAutomationModeTime, SecondaryAvailabilityZone, StatusInfos
AWS::RDS::DBParameterGroup	DBParameterGroupName
AWS::RDS::DBProxy	DBProxyArn, Endpoint, VpcId
AWS::RDS::DBProxyEndpoint	DBProxyEndpointArn, Endpoint, IsDefault, VpcId
AWS::RDS::DBProxyTargetGroup	TargetGroupArn
AWS::RDS::DBSecurityGroup	❌
AWS::RDS::DBSecurityGroupIngress	❌
AWS::RDS::DBShardGroup	DBShardGroupResourceId, Endpoint
AWS::RDS::DBSubnetGroup	❌
AWS::RDS::EventSubscription	❌
AWS::RDS::GlobalCluster	GlobalEndpoint, GlobalEndpoint.Address
AWS::RDS::Integration	CreateTime, IntegrationArn
AWS::RDS::OptionGroup	❌
AWS::RUM::AppMonitor	Id
AWS::Rbin::Rule	Arn, Identifier, LockState
AWS::Redshift::Cluster	ClusterNamespaceArn, DeferMaintenanceIdentifier, Endpoint.Address, Endpoint.Port, MasterPasswordSecretArn
AWS::Redshift::ClusterParameterGroup	❌
AWS::Redshift::ClusterSecurityGroup	❌
AWS::Redshift::ClusterSecurityGroupIngress	❌
AWS::Redshift::ClusterSubnetGroup	ClusterSubnetGroupName
AWS::Redshift::EndpointAccess	Address, EndpointCreateTime, EndpointStatus, Port, VpcEndpoint, VpcEndpoint.NetworkInterfaces, VpcEndpoint.VpcEndpointId, VpcEndpoint.VpcId, VpcSecurityGroups
AWS::Redshift::EndpointAuthorization	AllowedAllVPCs, AllowedVPCs, AuthorizeTime, ClusterStatus, EndpointCount, Grantee, Grantor, Status
AWS::Redshift::EventSubscription	CustSubscriptionId, CustomerAwsId, EventCategoriesList, SourceIdsList, Status, SubscriptionCreationTime
AWS::Redshift::Integration	CreateTime, IntegrationArn
AWS::Redshift::ScheduledAction	NextInvocations, State
AWS::RedshiftServerless::Namespace	Namespace, Namespace.AdminPasswordSecretArn, Namespace.AdminPasswordSecretKmsKeyId, Namespace.AdminUsername, Namespace.CreationDate, Namespace.DbName, Namespace.DefaultIamRoleArn, Namespace.IamRoles, Namespace.KmsKeyId, Namespace.LogExports, Namespace.NamespaceArn, Namespace.NamespaceId, Namespace.NamespaceName, Namespace.Status
AWS::RedshiftServerless::Snapshot	OwnerAccount, Snapshot, Snapshot.AdminUsername, Snapshot.KmsKeyId, Snapshot.NamespaceArn, Snapshot.NamespaceName, Snapshot.OwnerAccount, Snapshot.RetentionPeriod, Snapshot.SnapshotArn, Snapshot.SnapshotCreateTime, Snapshot.SnapshotName, Snapshot.Status
AWS::RedshiftServerless::Workgroup	Workgroup.BaseCapacity, Workgroup.CreationDate, Workgroup.Endpoint.Address, Workgroup.Endpoint.Port, Workgroup.EnhancedVpcRouting, Workgroup.MaxCapacity, Workgroup.NamespaceName, Workgroup.PubliclyAccessible, Workgroup.SecurityGroupIds, Workgroup.Status, Workgroup.SubnetIds, Workgroup.TrackName, Workgroup.WorkgroupArn, Workgroup.WorkgroupId, Workgroup.WorkgroupName
AWS::RefactorSpaces::Application	ApiGatewayId, ApplicationIdentifier, Arn, NlbArn, NlbName, ProxyUrl, StageName, VpcLinkId
AWS::RefactorSpaces::Environment	Arn, EnvironmentIdentifier, TransitGatewayId
AWS::RefactorSpaces::Route	Arn, PathResourceToId, RouteIdentifier
AWS::RefactorSpaces::Service	Arn, ServiceIdentifier
AWS::Rekognition::Collection	Arn
AWS::Rekognition::Project	Arn
AWS::Rekognition::StreamProcessor	Arn, Status, StatusMessage
AWS::ResilienceHub::App	AppArn, DriftStatus
AWS::ResilienceHub::ResiliencyPolicy	PolicyArn
AWS::ResourceExplorer2::DefaultViewAssociation	AssociatedAwsPrincipal
AWS::ResourceExplorer2::Index	Arn, IndexState
AWS::ResourceExplorer2::View	ViewArn
AWS::ResourceGroups::Group	Arn
AWS::ResourceGroups::TagSyncTask	GroupArn, GroupName, Status, TaskArn
AWS::RoboMaker::Fleet	Arn
AWS::RoboMaker::Robot	Arn
AWS::RoboMaker::RobotApplication	Arn, CurrentRevisionId
AWS::RoboMaker::RobotApplicationVersion	ApplicationVersion, Arn
AWS::RoboMaker::SimulationApplication	Arn, CurrentRevisionId
AWS::RoboMaker::SimulationApplicationVersion	ApplicationVersion, Arn
AWS::RolesAnywhere::CRL	CrlId
AWS::RolesAnywhere::Profile	ProfileArn, ProfileId
AWS::RolesAnywhere::TrustAnchor	TrustAnchorArn, TrustAnchorId
AWS::Route53::CidrCollection	Arn, Id
AWS::Route53::DNSSEC	❌
AWS::Route53::HealthCheck	HealthCheckId
AWS::Route53::HostedZone	Id, NameServers
AWS::Route53::KeySigningKey	❌
AWS::Route53::RecordSet	❌
AWS::Route53::RecordSetGroup	❌
AWS::Route53Profiles::Profile	Arn, ClientToken, Id
AWS::Route53Profiles::ProfileAssociation	Id
AWS::Route53Profiles::ProfileResourceAssociation	Id, ResourceType
AWS::Route53RecoveryControl::Cluster	ClusterArn, ClusterEndpoints, Status
AWS::Route53RecoveryControl::ControlPanel	ControlPanelArn, DefaultControlPanel, RoutingControlCount, Status
AWS::Route53RecoveryControl::RoutingControl	RoutingControlArn, Status
AWS::Route53RecoveryControl::SafetyRule	SafetyRuleArn, Status
AWS::Route53RecoveryReadiness::Cell	CellArn, ParentReadinessScopes
AWS::Route53RecoveryReadiness::ReadinessCheck	ReadinessCheckArn
AWS::Route53RecoveryReadiness::RecoveryGroup	RecoveryGroupArn
AWS::Route53RecoveryReadiness::ResourceSet	ResourceSetArn
AWS::Route53Resolver::FirewallDomainList	Arn, CreationTime, CreatorRequestId, DomainCount, Id, ManagedOwnerName, ModificationTime, Status, StatusMessage
AWS::Route53Resolver::FirewallRuleGroup	Arn, CreationTime, CreatorRequestId, Id, ModificationTime, OwnerId, RuleCount, ShareStatus, Status, StatusMessage
AWS::Route53Resolver::FirewallRuleGroupAssociation	Arn, CreationTime, CreatorRequestId, Id, ManagedOwnerName, ModificationTime, Status, StatusMessage
AWS::Route53Resolver::OutpostResolver	Arn, CreationTime, CreatorRequestId, Id, ModificationTime, Status, StatusMessage
AWS::Route53Resolver::ResolverConfig	AutodefinedReverse, Id, OwnerId
AWS::Route53Resolver::ResolverDNSSECConfig	Id, OwnerId, ValidationStatus
AWS::Route53Resolver::ResolverEndpoint	Arn, Direction, HostVPCId, IpAddressCount, Name, ResolverEndpointId
AWS::Route53Resolver::ResolverQueryLoggingConfig	Arn, AssociationCount, CreationTime, CreatorRequestId, Id, OwnerId, ShareStatus, Status
AWS::Route53Resolver::ResolverRule	Arn, DomainName, Name, ResolverEndpointId, ResolverRuleId, TargetIps
AWS::Route53Resolver::ResolverRuleAssociation	Name, ResolverRuleAssociationId, ResolverRuleId, VPCId
AWS::S3::AccessGrant	AccessGrantArn, AccessGrantId, GrantScope
AWS::S3::AccessGrantsInstance	AccessGrantsInstanceArn, AccessGrantsInstanceId
AWS::S3::AccessGrantsLocation	AccessGrantsLocationArn, AccessGrantsLocationId
AWS::S3::AccessPoint	Alias, Arn, Name, NetworkOrigin
AWS::S3::Bucket	Arn, DomainName, DualStackDomainName, MetadataConfiguration.Destination, MetadataConfiguration.Destination.TableBucketArn, MetadataConfiguration.Destination.TableBucketType, MetadataConfiguration.Destination.TableNamespace, MetadataConfiguration.InventoryTableConfiguration.TableArn, MetadataConfiguration.InventoryTableConfiguration.TableName, MetadataConfiguration.JournalTableConfiguration.TableArn, MetadataConfiguration.JournalTableConfiguration.TableName, MetadataTableConfiguration.S3TablesDestination.TableArn, MetadataTableConfiguration.S3TablesDestination.TableNamespace, RegionalDomainName, WebsiteURL
AWS::S3::BucketPolicy	❌
AWS::S3::MultiRegionAccessPoint	Alias, CreatedAt
AWS::S3::MultiRegionAccessPointPolicy	PolicyStatus, PolicyStatus.IsPublic
AWS::S3::StorageLens	StorageLensConfiguration.StorageLensArn
AWS::S3::StorageLensGroup	StorageLensGroupArn
AWS::S3Express::AccessPoint	Arn, NetworkOrigin
AWS::S3Express::BucketPolicy	❌
AWS::S3Express::DirectoryBucket	Arn, AvailabilityZoneName
AWS::S3ObjectLambda::AccessPoint	Alias, Alias.Status, Alias.Value, Arn, CreationDate, PublicAccessBlockConfiguration, PublicAccessBlockConfiguration.BlockPublicAcls, PublicAccessBlockConfiguration.BlockPublicPolicy, PublicAccessBlockConfiguration.IgnorePublicAcls, PublicAccessBlockConfiguration.RestrictPublicBuckets
AWS::S3ObjectLambda::AccessPointPolicy	❌
AWS::S3Outposts::AccessPoint	Arn
AWS::S3Outposts::Bucket	Arn
AWS::S3Outposts::BucketPolicy	❌
AWS::S3Outposts::Endpoint	Arn, CidrBlock, CreationTime, Id, NetworkInterfaces, Status
AWS::S3Tables::Namespace	❌
AWS::S3Tables::Table	TableARN, VersionToken, WarehouseLocation
AWS::S3Tables::TableBucket	TableBucketARN
AWS::S3Tables::TableBucketPolicy	❌
AWS::S3Tables::TablePolicy	Namespace, TableBucketARN, TableName
AWS::SDB::Domain	❌
AWS::SES::ConfigurationSet	❌
AWS::SES::ConfigurationSetEventDestination	Id
AWS::SES::ContactList	❌
AWS::SES::DedicatedIpPool	❌
AWS::SES::EmailIdentity	DkimDNSTokenName1, DkimDNSTokenName2, DkimDNSTokenName3, DkimDNSTokenValue1, DkimDNSTokenValue2, DkimDNSTokenValue3
AWS::SES::MailManagerAddonInstance	AddonInstanceArn, AddonInstanceId, AddonName
AWS::SES::MailManagerAddonSubscription	AddonSubscriptionArn, AddonSubscriptionId
AWS::SES::MailManagerAddressList	AddressListArn, AddressListId
AWS::SES::MailManagerArchive	ArchiveArn, ArchiveId, ArchiveState
AWS::SES::MailManagerIngressPoint	ARecord, IngressPointArn, IngressPointId, Status
AWS::SES::MailManagerRelay	RelayArn, RelayId
AWS::SES::MailManagerRuleSet	RuleSetArn, RuleSetId
AWS::SES::MailManagerTrafficPolicy	TrafficPolicyArn, TrafficPolicyId
AWS::SES::ReceiptFilter	❌
AWS::SES::ReceiptRule	❌
AWS::SES::ReceiptRuleSet	❌
AWS::SES::Template	Id
AWS::SES::VdmAttributes	VdmAttributesResourceId
AWS::SNS::Subscription	Arn
AWS::SNS::Topic	TopicArn, TopicName
AWS::SNS::TopicInlinePolicy	❌
AWS::SNS::TopicPolicy	Id
AWS::SQS::Queue	Arn, QueueName, QueueUrl
AWS::SQS::QueueInlinePolicy	❌
AWS::SQS::QueuePolicy	Id
AWS::SSM::Association	AssociationId
AWS::SSM::Document	❌
AWS::SSM::MaintenanceWindow	❌
AWS::SSM::MaintenanceWindowTarget	❌
AWS::SSM::MaintenanceWindowTask	❌
AWS::SSM::Parameter	Type, Value
AWS::SSM::PatchBaseline	Id
AWS::SSM::ResourceDataSync	❌
AWS::SSM::ResourcePolicy	PolicyHash, PolicyId
AWS::SSMContacts::Contact	Arn
AWS::SSMContacts::ContactChannel	Arn
AWS::SSMContacts::Plan	Arn
AWS::SSMContacts::Rotation	Arn
AWS::SSMGuiConnect::Preferences	AccountId
AWS::SSMIncidents::ReplicationSet	Arn
AWS::SSMIncidents::ResponsePlan	Arn
AWS::SSMQuickSetup::ConfigurationManager	CreatedAt, LastModifiedAt, ManagerArn, StatusSummaries
AWS::SSO::Application	ApplicationArn
AWS::SSO::ApplicationAssignment	❌
AWS::SSO::Assignment	❌
AWS::SSO::Instance	IdentityStoreId, InstanceArn, OwnerAccountId, Status
AWS::SSO::InstanceAccessControlAttributeConfiguration	❌
AWS::SSO::PermissionSet	PermissionSetArn
AWS::SageMaker::App	AppArn, BuiltInLifecycleConfigArn
AWS::SageMaker::AppImageConfig	AppImageConfigArn
AWS::SageMaker::Cluster	ClusterArn, ClusterStatus, CreationTime, FailureMessage
AWS::SageMaker::CodeRepository	CodeRepositoryName
AWS::SageMaker::DataQualityJobDefinition	CreationTime, JobDefinitionArn
AWS::SageMaker::Device	❌
AWS::SageMaker::DeviceFleet	❌
AWS::SageMaker::Domain	DomainArn, DomainId, HomeEfsFileSystemId, SecurityGroupIdForDomainBoundary, SingleSignOnApplicationArn, SingleSignOnManagedApplicationInstanceId, Url
AWS::SageMaker::Endpoint	EndpointName
AWS::SageMaker::EndpointConfig	EndpointConfigName
AWS::SageMaker::FeatureGroup	CreationTime, FeatureGroupStatus
AWS::SageMaker::Image	ImageArn
AWS::SageMaker::ImageVersion	ContainerImage, ImageArn, ImageVersionArn, Version
AWS::SageMaker::InferenceComponent	CreationTime, FailureReason, InferenceComponentArn, InferenceComponentStatus, LastModifiedTime, RuntimeConfig.CurrentCopyCount, RuntimeConfig.DesiredCopyCount, Specification.Container.DeployedImage, Specification.Container.DeployedImage.ResolutionTime, Specification.Container.DeployedImage.ResolvedImage, Specification.Container.DeployedImage.SpecifiedImage
AWS::SageMaker::InferenceExperiment	Arn, CreationTime, EndpointMetadata, EndpointMetadata.EndpointConfigName, EndpointMetadata.EndpointName, EndpointMetadata.EndpointStatus, LastModifiedTime, Status
AWS::SageMaker::MlflowTrackingServer	TrackingServerArn
AWS::SageMaker::Model	ModelName
AWS::SageMaker::ModelBiasJobDefinition	CreationTime, JobDefinitionArn
AWS::SageMaker::ModelCard	CreatedBy.DomainId, CreatedBy.UserProfileArn, CreatedBy.UserProfileName, CreationTime, LastModifiedBy.DomainId, LastModifiedBy.UserProfileArn, LastModifiedBy.UserProfileName, LastModifiedTime, ModelCardArn, ModelCardProcessingStatus, ModelCardVersion
AWS::SageMaker::ModelExplainabilityJobDefinition	CreationTime, JobDefinitionArn
AWS::SageMaker::ModelPackage	CreationTime, ModelPackageArn, ModelPackageStatus
AWS::SageMaker::ModelPackageGroup	CreationTime, ModelPackageGroupArn, ModelPackageGroupStatus
AWS::SageMaker::ModelQualityJobDefinition	CreationTime, JobDefinitionArn
AWS::SageMaker::MonitoringSchedule	CreationTime, LastModifiedTime, MonitoringScheduleArn
AWS::SageMaker::NotebookInstance	NotebookInstanceName
AWS::SageMaker::NotebookInstanceLifecycleConfig	NotebookInstanceLifecycleConfigName
AWS::SageMaker::PartnerApp	Arn, BaseUrl
AWS::SageMaker::Pipeline	❌
AWS::SageMaker::ProcessingJob	AutoMLJobArn, CreationTime, ExitMessage, FailureReason, LastModifiedTime, MonitoringScheduleArn, ProcessingEndTime, ProcessingJobArn, ProcessingJobStatus, ProcessingStartTime, TrainingJobArn
AWS::SageMaker::Project	CreationTime, ProjectArn, ProjectId, ProjectStatus
AWS::SageMaker::Space	SpaceArn, Url
AWS::SageMaker::StudioLifecycleConfig	StudioLifecycleConfigArn
AWS::SageMaker::UserProfile	UserProfileArn
AWS::SageMaker::Workteam	WorkteamName
AWS::Scheduler::Schedule	Arn
AWS::Scheduler::ScheduleGroup	Arn, CreationDate, LastModificationDate, State
AWS::SecretsManager::ResourcePolicy	Id
AWS::SecretsManager::RotationSchedule	Id
AWS::SecretsManager::Secret	Id
AWS::SecretsManager::SecretTargetAttachment	Id
AWS::SecurityHub::AggregatorV2	AggregationRegion, AggregatorV2Arn
AWS::SecurityHub::AutomationRule	CreatedAt, CreatedBy, RuleArn, UpdatedAt
AWS::SecurityHub::AutomationRuleV2	CreatedAt, RuleArn, RuleId, UpdatedAt
AWS::SecurityHub::ConfigurationPolicy	Arn, CreatedAt, Id, ServiceEnabled, UpdatedAt
AWS::SecurityHub::DelegatedAdmin	DelegatedAdminIdentifier, Status
AWS::SecurityHub::FindingAggregator	FindingAggregationRegion, FindingAggregatorArn
AWS::SecurityHub::Hub	ARN, SubscribedAt
AWS::SecurityHub::HubV2	HubV2Arn, SubscribedAt
AWS::SecurityHub::Insight	InsightArn
AWS::SecurityHub::OrganizationConfiguration	MemberAccountLimitReached, OrganizationConfigurationIdentifier, Status, StatusMessage
AWS::SecurityHub::PolicyAssociation	AssociationIdentifier, AssociationStatus, AssociationStatusMessage, AssociationType, UpdatedAt
AWS::SecurityHub::ProductSubscription	ProductSubscriptionArn
AWS::SecurityHub::SecurityControl	❌
AWS::SecurityHub::Standard	StandardsSubscriptionArn
AWS::SecurityLake::AwsLogSource	❌
AWS::SecurityLake::DataLake	Arn, S3BucketArn
AWS::SecurityLake::Subscriber	ResourceShareArn, ResourceShareName, S3BucketArn, SubscriberArn, SubscriberRoleArn
AWS::SecurityLake::SubscriberNotification	SubscriberEndpoint
AWS::ServiceCatalog::AcceptedPortfolioShare	❌
AWS::ServiceCatalog::CloudFormationProduct	ProductName, ProvisioningArtifactIds, ProvisioningArtifactNames
AWS::ServiceCatalog::CloudFormationProvisionedProduct	CloudformationStackArn, Outputs, ProvisionedProductId, RecordId
AWS::ServiceCatalog::LaunchNotificationConstraint	❌
AWS::ServiceCatalog::LaunchRoleConstraint	❌
AWS::ServiceCatalog::LaunchTemplateConstraint	❌
AWS::ServiceCatalog::Portfolio	PortfolioName
AWS::ServiceCatalog::PortfolioPrincipalAssociation	❌
AWS::ServiceCatalog::PortfolioProductAssociation	❌
AWS::ServiceCatalog::PortfolioShare	❌
AWS::ServiceCatalog::ResourceUpdateConstraint	❌
AWS::ServiceCatalog::ServiceAction	Id
AWS::ServiceCatalog::ServiceActionAssociation	❌
AWS::ServiceCatalog::StackSetConstraint	❌
AWS::ServiceCatalog::TagOption	❌
AWS::ServiceCatalog::TagOptionAssociation	❌
AWS::ServiceCatalogAppRegistry::Application	ApplicationName, ApplicationTagKey, ApplicationTagValue, Arn, Id
AWS::ServiceCatalogAppRegistry::AttributeGroup	Arn, Id
AWS::ServiceCatalogAppRegistry::ResourceAssociation	ApplicationArn, ResourceArn
AWS::ServiceDiscovery::HttpNamespace	Arn, Id
AWS::ServiceDiscovery::Instance	❌
AWS::ServiceDiscovery::PrivateDnsNamespace	Arn, HostedZoneId, Id
AWS::ServiceDiscovery::PublicDnsNamespace	Arn, HostedZoneId, Id
AWS::ServiceDiscovery::Service	Arn, Id, Name
AWS::Shield::DRTAccess	AccountId
AWS::Shield::ProactiveEngagement	AccountId
AWS::Shield::Protection	ProtectionArn, ProtectionId
AWS::Shield::ProtectionGroup	ProtectionGroupArn
AWS::Signer::ProfilePermission	❌
AWS::Signer::SigningProfile	Arn, ProfileName, ProfileVersion, ProfileVersionArn
AWS::SimSpaceWeaver::Simulation	DescribePayload
AWS::StepFunctions::Activity	Arn, Name
AWS::StepFunctions::StateMachine	Arn, Name, StateMachineRevisionId
AWS::StepFunctions::StateMachineAlias	Arn
AWS::StepFunctions::StateMachineVersion	Arn
AWS::SupportApp::AccountAlias	AccountAliasResourceId
AWS::SupportApp::SlackChannelConfiguration	❌
AWS::SupportApp::SlackWorkspaceConfiguration	❌
AWS::Synthetics::Canary	Code.SourceLocationArn, Id, State
AWS::Synthetics::Group	Id
AWS::SystemsManagerSAP::Application	Arn
AWS::Timestream::Database	Arn
AWS::Timestream::InfluxDBInstance	Arn, AvailabilityZone, Endpoint, Id, InfluxAuthParametersSecretArn, SecondaryAvailabilityZone, Status
AWS::Timestream::ScheduledQuery	Arn, SQErrorReportConfiguration, SQKmsKeyId, SQName, SQNotificationConfiguration, SQQueryString, SQScheduleConfiguration, SQScheduledQueryExecutionRoleArn, SQTargetConfiguration
AWS::Timestream::Table	Arn, Name
AWS::Transfer::Agreement	AgreementId, Arn
AWS::Transfer::Certificate	Arn, CertificateId, NotAfterDate, NotBeforeDate, Serial, Status, Type
AWS::Transfer::Connector	Arn, ConnectorId, ServiceManagedEgressIpAddresses
AWS::Transfer::Profile	Arn, ProfileId
AWS::Transfer::Server	Arn, As2ServiceManagedEgressIpAddresses, ServerId, State
AWS::Transfer::User	Arn, ServerId, UserName
AWS::Transfer::WebApp	Arn, IdentityProviderDetails.ApplicationArn, WebAppId
AWS::Transfer::Workflow	Arn, WorkflowId
AWS::VerifiedPermissions::IdentitySource	IdentitySourceId
AWS::VerifiedPermissions::Policy	PolicyId, PolicyType
AWS::VerifiedPermissions::PolicyStore	Arn, PolicyStoreId
AWS::VerifiedPermissions::PolicyTemplate	PolicyTemplateId
AWS::VoiceID::Domain	DomainId
AWS::VpcLattice::AccessLogSubscription	Arn, Id, ResourceArn, ResourceId
AWS::VpcLattice::AuthPolicy	State
AWS::VpcLattice::Listener	Arn, Id, ServiceArn, ServiceId
AWS::VpcLattice::ResourceConfiguration	Arn, Id
AWS::VpcLattice::ResourceGateway	Arn, Id
AWS::VpcLattice::ResourcePolicy	❌
AWS::VpcLattice::Rule	Arn, Id
AWS::VpcLattice::Service	Arn, CreatedAt, DnsEntry.DomainName, DnsEntry.HostedZoneId, Id, LastUpdatedAt, Status
AWS::VpcLattice::ServiceNetwork	Arn, CreatedAt, Id, LastUpdatedAt
AWS::VpcLattice::ServiceNetworkResourceAssociation	Arn, Id
AWS::VpcLattice::ServiceNetworkServiceAssociation	Arn, CreatedAt, DnsEntry.DomainName, DnsEntry.HostedZoneId, Id, ServiceArn, ServiceId, ServiceName, ServiceNetworkArn, ServiceNetworkId, ServiceNetworkName, Status
AWS::VpcLattice::ServiceNetworkVpcAssociation	Arn, CreatedAt, Id, ServiceNetworkArn, ServiceNetworkId, ServiceNetworkName, Status, VpcId
AWS::VpcLattice::TargetGroup	Arn, CreatedAt, Id, LastUpdatedAt, Status
AWS::WAF::ByteMatchSet	❌
AWS::WAF::IPSet	❌
AWS::WAF::Rule	❌
AWS::WAF::SizeConstraintSet	❌
AWS::WAF::SqlInjectionMatchSet	❌
AWS::WAF::WebACL	❌
AWS::WAF::XssMatchSet	❌
AWS::WAFRegional::ByteMatchSet	❌
AWS::WAFRegional::GeoMatchSet	❌
AWS::WAFRegional::IPSet	❌
AWS::WAFRegional::RateBasedRule	❌
AWS::WAFRegional::RegexPatternSet	❌
AWS::WAFRegional::Rule	❌
AWS::WAFRegional::SizeConstraintSet	❌
AWS::WAFRegional::SqlInjectionMatchSet	❌
AWS::WAFRegional::WebACL	❌
AWS::WAFRegional::WebACLAssociation	❌
AWS::WAFRegional::XssMatchSet	❌
AWS::WAFv2::IPSet	Arn, Id
AWS::WAFv2::LoggingConfiguration	ManagedByFirewallManager
AWS::WAFv2::RegexPatternSet	Arn, Id
AWS::WAFv2::RuleGroup	Arn, Id, LabelNamespace
AWS::WAFv2::WebACL	Arn, Capacity, Id, LabelNamespace
AWS::WAFv2::WebACLAssociation	❌
AWS::Wisdom::AIAgent	AIAgentArn, AIAgentId, AssistantArn, ModifiedTimeSeconds
AWS::Wisdom::AIAgentVersion	AIAgentArn, AIAgentVersionId, AssistantArn, VersionNumber
AWS::Wisdom::AIGuardrail	AIGuardrailArn, AIGuardrailId, AssistantArn
AWS::Wisdom::AIGuardrailVersion	AIGuardrailArn, AIGuardrailVersionId, AssistantArn, VersionNumber
AWS::Wisdom::AIPrompt	AIPromptArn, AIPromptId, AssistantArn, ModifiedTimeSeconds
AWS::Wisdom::AIPromptVersion	AIPromptArn, AIPromptVersionId, AssistantArn, VersionNumber
AWS::Wisdom::Assistant	AssistantArn, AssistantId
AWS::Wisdom::AssistantAssociation	AssistantArn, AssistantAssociationArn, AssistantAssociationId
AWS::Wisdom::KnowledgeBase	KnowledgeBaseArn, KnowledgeBaseId
AWS::Wisdom::MessageTemplate	MessageTemplateArn, MessageTemplateContentSha256, MessageTemplateId
AWS::Wisdom::MessageTemplateVersion	MessageTemplateVersionArn, MessageTemplateVersionNumber
AWS::Wisdom::QuickResponse	Contents, Contents.Markdown, Contents.Markdown.Content, Contents.PlainText, Contents.PlainText.Content, QuickResponseArn, QuickResponseId, Status
AWS::WorkSpaces::ConnectionAlias	AliasId, Associations, ConnectionAliasState
AWS::WorkSpaces::Workspace	❌
AWS::WorkSpaces::WorkspacesPool	CreatedAt, PoolArn, PoolId
AWS::WorkSpacesThinClient::Environment	ActivationCode, Arn, CreatedAt, DesktopType, Id, PendingSoftwareSetId, PendingSoftwareSetVersion, RegisteredDevicesCount, SoftwareSetComplianceStatus, UpdatedAt
AWS::WorkSpacesWeb::BrowserSettings	AssociatedPortalArns, BrowserSettingsArn
AWS::WorkSpacesWeb::DataProtectionSettings	AssociatedPortalArns, CreationDate, DataProtectionSettingsArn
AWS::WorkSpacesWeb::IdentityProvider	IdentityProviderArn
AWS::WorkSpacesWeb::IpAccessSettings	AssociatedPortalArns, CreationDate, IpAccessSettingsArn
AWS::WorkSpacesWeb::NetworkSettings	AssociatedPortalArns, NetworkSettingsArn
AWS::WorkSpacesWeb::Portal	BrowserType, CreationDate, PortalArn, PortalEndpoint, PortalStatus, RendererType, ServiceProviderSamlMetadata, StatusReason
AWS::WorkSpacesWeb::SessionLogger	AssociatedPortalArns, CreationDate, SessionLoggerArn
AWS::WorkSpacesWeb::TrustStore	AssociatedPortalArns, TrustStoreArn
AWS::WorkSpacesWeb::UserAccessLoggingSettings	AssociatedPortalArns, UserAccessLoggingSettingsArn
AWS::WorkSpacesWeb::UserSettings	AssociatedPortalArns, UserSettingsArn
AWS::WorkspacesInstances::Volume	VolumeId
AWS::WorkspacesInstances::VolumeAssociation	❌
AWS::WorkspacesInstances::WorkspaceInstance	EC2ManagedInstance, EC2ManagedInstance.InstanceId, ProvisionState, WorkspaceInstanceId
AWS::XRay::Group	GroupARN
AWS::XRay::ResourcePolicy	❌
AWS::XRay::SamplingRule	RuleARN
AWS::XRay::TransactionSearchConfig	AccountId
Alexa::ASK::Skill	❌

Note: The data was automatically fetched from the official AWS CloudFormation resource specification and got parsed in this markdown table using a custom python script.

More useful CloudFormation tools

I made another cheat sheet called AWS CloudFormation Resource Type properties that shows a single table overview of all available (1430+) AWS resource types including their available resource properties.

If you like this AWS CloudFormation Attributes cheat sheet, then you might also like the CloudFormation Snippets VSCode extension that I published on the Visual Studio Code Marketplace.