CloudFormation Resource Properties Reference

Search AWS CloudFormation resource types and their configurable properties with direct AWS documentation links.

Generated CloudFormation property data

Generated from the AWS CloudFormation resource specification with AWS documentation links.

200 of 1,572 matching rows shown

Resource type	Properties
AWS::ACMPCA::Certificate	ApiPassthrough, CertificateAuthorityArn, CertificateSigningRequest, SigningAlgorithm, TemplateArn, Validity, ValidityNotBefore
AWS::ACMPCA::CertificateAuthority	CsrExtensions, KeyAlgorithm, KeyStorageSecurityStandard, RevocationConfiguration, SigningAlgorithm, Subject, Tags, Type, UsageMode
AWS::ACMPCA::CertificateAuthorityActivation	Certificate, CertificateAuthorityArn, CertificateChain, Status
AWS::ACMPCA::Permission	Actions, CertificateAuthorityArn, Principal, SourceAccount
AWS::AIOps::InvestigationGroup	ChatbotNotificationChannels, CrossAccountConfigurations, EncryptionConfig, InvestigationGroupPolicy, IsCloudTrailEventHistoryEnabled, Name, RetentionInDays, RoleArn, TagKeyBoundaries, Tags
AWS::APS::AnomalyDetector	Alias, Configuration, EvaluationIntervalInSeconds, Labels, MissingDataAction, Tags, Workspace
AWS::APS::ResourcePolicy	PolicyDocument, WorkspaceArn
AWS::APS::RuleGroupsNamespace	Data, Name, Tags, Workspace
AWS::APS::Scraper	Alias, Destination, RoleConfiguration, ScrapeConfiguration, ScraperLoggingConfiguration, Source, Tags
AWS::APS::Workspace	AlertManagerDefinition, Alias, KmsKeyArn, LoggingConfiguration, QueryLoggingConfiguration, Tags, WorkspaceConfiguration
AWS::ARCRegionSwitch::Plan	AssociatedAlarms, Description, ExecutionRole, Name, PrimaryRegion, RecoveryApproach, RecoveryTimeObjectiveMinutes, Regions, ReportConfiguration, Tags, Triggers, Workflows
AWS::ARCZonalShift::AutoshiftObserverNotificationStatus	Status
AWS::ARCZonalShift::ZonalAutoshiftConfiguration	PracticeRunConfiguration, ResourceIdentifier, ZonalAutoshiftStatus
AWS::AccessAnalyzer::Analyzer	AnalyzerConfiguration, AnalyzerName, ArchiveRules, Tags, Type
AWS::AmazonMQ::Broker	AuthenticationStrategy, AutoMinorVersionUpgrade, BrokerName, Configuration, DataReplicationMode, DataReplicationPrimaryBrokerArn, DeploymentMode, EncryptionOptions, EngineType, EngineVersion, HostInstanceType, LdapServerMetadata, Logs, MaintenanceWindowStartTime, PubliclyAccessible, SecurityGroups, StorageType, SubnetIds, Tags, Users
AWS::AmazonMQ::Configuration	AuthenticationStrategy, Data, Description, EngineType, EngineVersion, Name, Tags
AWS::AmazonMQ::ConfigurationAssociation	Broker, Configuration
AWS::Amplify::App	AccessToken, AutoBranchCreationConfig, BasicAuthConfig, BuildSpec, CacheConfig, ComputeRoleArn, CustomHeaders, CustomRules, Description, EnableBranchAutoDeletion, EnvironmentVariables, IAMServiceRole, JobConfig, Name, OauthToken, Platform, Repository, Tags
AWS::Amplify::Branch	AppId, Backend, BasicAuthConfig, BranchName, BuildSpec, ComputeRoleArn, Description, EnableAutoBuild, EnablePerformanceMode, EnablePullRequestPreview, EnableSkewProtection, EnvironmentVariables, Framework, PullRequestEnvironmentName, Stage, Tags
AWS::Amplify::Domain	AppId, AutoSubDomainCreationPatterns, AutoSubDomainIAMRole, CertificateSettings, DomainName, EnableAutoSubDomain, SubDomainSettings
AWS::AmplifyUIBuilder::Component	AppId, BindingProperties, Children, CollectionProperties, ComponentType, EnvironmentName, Events, Name, Overrides, Properties, SchemaVersion, SourceId, Tags, Variants
AWS::AmplifyUIBuilder::Form	AppId, Cta, DataType, EnvironmentName, Fields, FormActionType, LabelDecorator, Name, SchemaVersion, SectionalElements, Style, Tags
AWS::AmplifyUIBuilder::Theme	AppId, EnvironmentName, Name, Overrides, Tags, Values
AWS::ApiGateway::Account	CloudWatchRoleArn
AWS::ApiGateway::ApiKey	CustomerId, Description, Enabled, GenerateDistinctId, Name, StageKeys, Tags, Value
AWS::ApiGateway::Authorizer	AuthType, AuthorizerCredentials, AuthorizerResultTtlInSeconds, AuthorizerUri, IdentitySource, IdentityValidationExpression, Name, ProviderARNs, RestApiId, Type
AWS::ApiGateway::BasePathMapping	BasePath, DomainName, Id, RestApiId, Stage
AWS::ApiGateway::BasePathMappingV2	BasePath, DomainNameArn, RestApiId, Stage
AWS::ApiGateway::ClientCertificate	Description, Tags
AWS::ApiGateway::Deployment	DeploymentCanarySettings, Description, RestApiId, StageDescription, StageName
AWS::ApiGateway::DocumentationPart	Location, Properties, RestApiId
AWS::ApiGateway::DocumentationVersion	Description, DocumentationVersion, RestApiId
AWS::ApiGateway::DomainName	CertificateArn, DomainName, EndpointAccessMode, EndpointConfiguration, MutualTlsAuthentication, OwnershipVerificationCertificateArn, RegionalCertificateArn, RoutingMode, SecurityPolicy, Tags
AWS::ApiGateway::DomainNameAccessAssociation	AccessAssociationSource, AccessAssociationSourceType, DomainNameArn, Tags
AWS::ApiGateway::DomainNameV2	CertificateArn, DomainName, EndpointAccessMode, EndpointConfiguration, Policy, RoutingMode, SecurityPolicy, Tags
AWS::ApiGateway::GatewayResponse	ResponseParameters, ResponseTemplates, ResponseType, RestApiId, StatusCode
AWS::ApiGateway::Method	ApiKeyRequired, AuthorizationScopes, AuthorizationType, AuthorizerId, HttpMethod, Integration, MethodResponses, OperationName, RequestModels, RequestParameters, RequestValidatorId, ResourceId, RestApiId
AWS::ApiGateway::Model	ContentType, Description, Name, RestApiId, Schema
AWS::ApiGateway::RequestValidator	Name, RestApiId, ValidateRequestBody, ValidateRequestParameters
AWS::ApiGateway::Resource	ParentId, PathPart, RestApiId
AWS::ApiGateway::RestApi	ApiKeySourceType, BinaryMediaTypes, Body, BodyS3Location, CloneFrom, Description, DisableExecuteApiEndpoint, EndpointAccessMode, EndpointConfiguration, FailOnWarnings, MinimumCompressionSize, Mode, Name, Parameters, Policy, SecurityPolicy, Tags
AWS::ApiGateway::Stage	AccessLogSetting, CacheClusterEnabled, CacheClusterSize, CanarySetting, ClientCertificateId, DeploymentId, Description, DocumentationVersion, MethodSettings, RestApiId, StageName, Tags, TracingEnabled, Variables
AWS::ApiGateway::UsagePlan	ApiStages, Description, Quota, Tags, Throttle, UsagePlanName
AWS::ApiGateway::UsagePlanKey	KeyId, KeyType, UsagePlanId
AWS::ApiGateway::VpcLink	Description, Name, Tags, TargetArns
AWS::ApiGatewayV2::Api	ApiKeySelectionExpression, BasePath, Body, BodyS3Location, CorsConfiguration, CredentialsArn, Description, DisableExecuteApiEndpoint, DisableSchemaValidation, FailOnWarnings, IpAddressType, Name, ProtocolType, RouteKey, RouteSelectionExpression, Tags, Target, Version
AWS::ApiGatewayV2::ApiGatewayManagedOverrides	ApiId, Integration, Route, Stage
AWS::ApiGatewayV2::ApiMapping	ApiId, ApiMappingKey, DomainName, Stage
AWS::ApiGatewayV2::Authorizer	ApiId, AuthorizerCredentialsArn, AuthorizerPayloadFormatVersion, AuthorizerResultTtlInSeconds, AuthorizerType, AuthorizerUri, EnableSimpleResponses, IdentitySource, IdentityValidationExpression, JwtConfiguration, Name
AWS::ApiGatewayV2::Deployment	ApiId, Description, StageName
AWS::ApiGatewayV2::DomainName	DomainName, DomainNameConfigurations, MutualTlsAuthentication, RoutingMode, Tags
AWS::ApiGatewayV2::Integration	ApiId, ConnectionId, ConnectionType, ContentHandlingStrategy, CredentialsArn, Description, IntegrationMethod, IntegrationSubtype, IntegrationType, IntegrationUri, PassthroughBehavior, PayloadFormatVersion, RequestParameters, RequestTemplates, ResponseParameters, TemplateSelectionExpression, TimeoutInMillis, TlsConfig
AWS::ApiGatewayV2::IntegrationResponse	ApiId, ContentHandlingStrategy, IntegrationId, IntegrationResponseKey, ResponseParameters, ResponseTemplates, TemplateSelectionExpression
AWS::ApiGatewayV2::Model	ApiId, ContentType, Description, Name, Schema
AWS::ApiGatewayV2::Route	ApiId, ApiKeyRequired, AuthorizationScopes, AuthorizationType, AuthorizerId, ModelSelectionExpression, OperationName, RequestModels, RequestParameters, RouteKey, RouteResponseSelectionExpression, Target
AWS::ApiGatewayV2::RouteResponse	ApiId, ModelSelectionExpression, ResponseModels, ResponseParameters, RouteId, RouteResponseKey
AWS::ApiGatewayV2::RoutingRule	Actions, Conditions, DomainNameArn, Priority
AWS::ApiGatewayV2::Stage	AccessLogSettings, ApiId, AutoDeploy, ClientCertificateId, DefaultRouteSettings, DeploymentId, Description, RouteSettings, StageName, StageVariables, Tags
AWS::ApiGatewayV2::VpcLink	Name, SecurityGroupIds, SubnetIds, Tags
AWS::AppConfig::Application	Description, Name, Tags
AWS::AppConfig::ConfigurationProfile	ApplicationId, DeletionProtectionCheck, Description, KmsKeyIdentifier, LocationUri, Name, RetrievalRoleArn, Tags, Type, Validators
AWS::AppConfig::Deployment	ApplicationId, ConfigurationProfileId, ConfigurationVersion, DeploymentStrategyId, Description, DynamicExtensionParameters, EnvironmentId, KmsKeyIdentifier, Tags
AWS::AppConfig::DeploymentStrategy	DeploymentDurationInMinutes, Description, FinalBakeTimeInMinutes, GrowthFactor, GrowthType, Name, ReplicateTo, Tags
AWS::AppConfig::Environment	ApplicationId, DeletionProtectionCheck, Description, Monitors, Name, Tags
AWS::AppConfig::Extension	Actions, Description, LatestVersionNumber, Name, Parameters, Tags
AWS::AppConfig::ExtensionAssociation	ExtensionIdentifier, ExtensionVersionNumber, Parameters, ResourceIdentifier, Tags
AWS::AppConfig::HostedConfigurationVersion	ApplicationId, ConfigurationProfileId, Content, ContentType, Description, LatestVersionNumber, VersionLabel
AWS::AppFlow::Connector	ConnectorLabel, ConnectorProvisioningConfig, ConnectorProvisioningType, Description
AWS::AppFlow::ConnectorProfile	ConnectionMode, ConnectorLabel, ConnectorProfileConfig, ConnectorProfileName, ConnectorType, KMSArn
AWS::AppFlow::Flow	Description, DestinationFlowConfigList, FlowName, FlowStatus, KMSArn, MetadataCatalogConfig, SourceFlowConfig, Tags, Tasks, TriggerConfig
AWS::AppIntegrations::Application	ApplicationConfig, ApplicationSourceConfig, ApplicationType, Description, IframeConfig, InitializationTimeout, IsService, Name, Namespace, Permissions, Tags
AWS::AppIntegrations::DataIntegration	Description, FileConfiguration, KmsKey, Name, ObjectConfiguration, ScheduleConfig, SourceURI, Tags
AWS::AppIntegrations::EventIntegration	Description, EventBridgeBus, EventFilter, Name, Tags
AWS::AppMesh::GatewayRoute	GatewayRouteName, MeshName, MeshOwner, Spec, Tags, VirtualGatewayName
AWS::AppMesh::Mesh	MeshName, Spec, Tags
AWS::AppMesh::Route	MeshName, MeshOwner, RouteName, Spec, Tags, VirtualRouterName
AWS::AppMesh::VirtualGateway	MeshName, MeshOwner, Spec, Tags, VirtualGatewayName
AWS::AppMesh::VirtualNode	MeshName, MeshOwner, Spec, Tags, VirtualNodeName
AWS::AppMesh::VirtualRouter	MeshName, MeshOwner, Spec, Tags, VirtualRouterName
AWS::AppMesh::VirtualService	MeshName, MeshOwner, Spec, Tags, VirtualServiceName
AWS::AppRunner::AutoScalingConfiguration	AutoScalingConfigurationName, MaxConcurrency, MaxSize, MinSize, Tags
AWS::AppRunner::ObservabilityConfiguration	ObservabilityConfigurationName, Tags, TraceConfiguration
AWS::AppRunner::Service	AutoScalingConfigurationArn, EncryptionConfiguration, HealthCheckConfiguration, InstanceConfiguration, NetworkConfiguration, ObservabilityConfiguration, ServiceName, SourceConfiguration, Tags
AWS::AppRunner::VpcConnector	SecurityGroups, Subnets, Tags, VpcConnectorName
AWS::AppRunner::VpcIngressConnection	IngressVpcConfiguration, ServiceArn, Tags, VpcIngressConnectionName
AWS::AppStream::AppBlock	Description, DisplayName, Name, PackagingType, PostSetupScriptDetails, SetupScriptDetails, SourceS3Location, Tags
AWS::AppStream::AppBlockBuilder	AccessEndpoints, AppBlockArns, Description, DisplayName, EnableDefaultInternetAccess, IamRoleArn, InstanceType, Name, Platform, Tags, VpcConfig
AWS::AppStream::Application	AppBlockArn, AttributesToDelete, Description, DisplayName, IconS3Location, InstanceFamilies, LaunchParameters, LaunchPath, Name, Platforms, Tags, WorkingDirectory
AWS::AppStream::ApplicationEntitlementAssociation	ApplicationIdentifier, EntitlementName, StackName
AWS::AppStream::ApplicationFleetAssociation	ApplicationArn, FleetName
AWS::AppStream::DirectoryConfig	CertificateBasedAuthProperties, DirectoryName, OrganizationalUnitDistinguishedNames, ServiceAccountCredentials
AWS::AppStream::Entitlement	AppVisibility, Attributes, Description, Name, StackName
AWS::AppStream::Fleet	ComputeCapacity, Description, DisableIMDSV1, DisconnectTimeoutInSeconds, DisplayName, DomainJoinInfo, EnableDefaultInternetAccess, FleetType, IamRoleArn, IdleDisconnectTimeoutInSeconds, ImageArn, ImageName, InstanceType, MaxConcurrentSessions, MaxSessionsPerInstance, MaxUserDurationInSeconds, Name, Platform, RootVolumeConfig, SessionScriptS3Location, StreamView, Tags, UsbDeviceFilterStrings, VpcConfig
AWS::AppStream::ImageBuilder	AccessEndpoints, AppstreamAgentVersion, Description, DisplayName, DomainJoinInfo, EnableDefaultInternetAccess, IamRoleArn, ImageArn, ImageName, InstanceType, Name, RootVolumeConfig, SoftwaresToInstall, SoftwaresToUninstall, Tags, VpcConfig
AWS::AppStream::Stack	AccessEndpoints, ApplicationSettings, AttributesToDelete, DeleteStorageConnectors, Description, DisplayName, EmbedHostDomains, FeedbackURL, Name, RedirectURL, StorageConnectors, StreamingExperienceSettings, Tags, UserSettings
AWS::AppStream::StackFleetAssociation	FleetName, StackName
AWS::AppStream::StackUserAssociation	AuthenticationType, SendEmailNotification, StackName, UserName
AWS::AppStream::User	AuthenticationType, FirstName, LastName, MessageAction, UserName
AWS::AppSync::Api	EventConfig, Name, OwnerContact, Tags
AWS::AppSync::ApiCache	ApiCachingBehavior, ApiId, AtRestEncryptionEnabled, HealthMetricsConfig, TransitEncryptionEnabled, Ttl, Type
AWS::AppSync::ApiKey	ApiId, ApiKeyId, Description, Expires
AWS::AppSync::ChannelNamespace	ApiId, CodeHandlers, CodeS3Location, HandlerConfigs, Name, PublishAuthModes, SubscribeAuthModes, Tags
AWS::AppSync::DataSource	ApiId, Description, DynamoDBConfig, EventBridgeConfig, HttpConfig, LambdaConfig, MetricsConfig, Name, OpenSearchServiceConfig, RelationalDatabaseConfig, ServiceRoleArn, Type
AWS::AppSync::DomainName	CertificateArn, Description, DomainName, Tags
AWS::AppSync::DomainNameApiAssociation	ApiId, DomainName
AWS::AppSync::FunctionConfiguration	ApiId, Code, CodeS3Location, DataSourceName, Description, FunctionVersion, MaxBatchSize, Name, RequestMappingTemplate, RequestMappingTemplateS3Location, ResponseMappingTemplate, ResponseMappingTemplateS3Location, Runtime, SyncConfig
AWS::AppSync::GraphQLApi	AdditionalAuthenticationProviders, ApiType, AuthenticationType, EnhancedMetricsConfig, EnvironmentVariables, IntrospectionConfig, LambdaAuthorizerConfig, LogConfig, MergedApiExecutionRoleArn, Name, OpenIDConnectConfig, OwnerContact, QueryDepthLimit, ResolverCountLimit, Tags, UserPoolConfig, Visibility, XrayEnabled
AWS::AppSync::GraphQLSchema	ApiId, Definition, DefinitionS3Location
AWS::AppSync::Resolver	ApiId, CachingConfig, Code, CodeS3Location, DataSourceName, FieldName, Kind, MaxBatchSize, MetricsConfig, PipelineConfig, RequestMappingTemplate, RequestMappingTemplateS3Location, ResponseMappingTemplate, ResponseMappingTemplateS3Location, Runtime, SyncConfig, TypeName
AWS::AppSync::SourceApiAssociation	Description, MergedApiIdentifier, SourceApiAssociationConfig, SourceApiIdentifier
AWS::AppTest::TestCase	Description, Name, Steps, Tags
AWS::ApplicationAutoScaling::ScalableTarget	MaxCapacity, MinCapacity, ResourceId, RoleARN, ScalableDimension, ScheduledActions, ServiceNamespace, SuspendedState
AWS::ApplicationAutoScaling::ScalingPolicy	PolicyName, PolicyType, PredictiveScalingPolicyConfiguration, ResourceId, ScalableDimension, ScalingTargetId, ServiceNamespace, StepScalingPolicyConfiguration, TargetTrackingScalingPolicyConfiguration
AWS::ApplicationInsights::Application	AttachMissingPermission, AutoConfigurationEnabled, CWEMonitorEnabled, ComponentMonitoringSettings, CustomComponents, GroupingType, LogPatternSets, OpsCenterEnabled, OpsItemSNSTopicArn, ResourceGroupName, SNSNotificationArn, Tags
AWS::ApplicationSignals::Discovery	No properties
AWS::ApplicationSignals::GroupingConfiguration	GroupingAttributeDefinitions
AWS::ApplicationSignals::ServiceLevelObjective	BurnRateConfigurations, Description, ExclusionWindows, Goal, Name, RequestBasedSli, Sli, Tags
AWS::Athena::CapacityReservation	CapacityAssignmentConfiguration, Name, Tags, TargetDpus
AWS::Athena::DataCatalog	ConnectionType, Description, Error, Name, Parameters, Status, Tags, Type
AWS::Athena::NamedQuery	Database, Description, Name, QueryString, WorkGroup
AWS::Athena::PreparedStatement	Description, QueryStatement, StatementName, WorkGroup
AWS::Athena::WorkGroup	Description, Name, RecursiveDeleteOption, State, Tags, WorkGroupConfiguration
AWS::AuditManager::Assessment	AssessmentReportsDestination, AwsAccount, Delegations, Description, FrameworkId, Name, Roles, Scope, Status, Tags
AWS::AutoScaling::AutoScalingGroup	AutoScalingGroupName, AvailabilityZoneDistribution, AvailabilityZoneIds, AvailabilityZoneImpairmentPolicy, AvailabilityZones, CapacityRebalance, CapacityReservationSpecification, Context, Cooldown, DefaultInstanceWarmup, DeletionProtection, DesiredCapacity, DesiredCapacityType, HealthCheckGracePeriod, HealthCheckType, InstanceId, InstanceLifecyclePolicy, InstanceMaintenancePolicy, LaunchConfigurationName, LaunchTemplate, LifecycleHookSpecificationList, LoadBalancerNames, MaxInstanceLifetime, MaxSize, MetricsCollection, MinSize, MixedInstancesPolicy, NewInstancesProtectedFromScaleIn, NotificationConfigurations, PlacementGroup, ServiceLinkedRoleARN, SkipZonalShiftValidation, Tags, TargetGroupARNs, TerminationPolicies, TrafficSources, VPCZoneIdentifier
AWS::AutoScaling::LaunchConfiguration	AssociatePublicIpAddress, BlockDeviceMappings, ClassicLinkVPCId, ClassicLinkVPCSecurityGroups, EbsOptimized, IamInstanceProfile, ImageId, InstanceId, InstanceMonitoring, InstanceType, KernelId, KeyName, LaunchConfigurationName, MetadataOptions, PlacementTenancy, RamDiskId, SecurityGroups, SpotPrice, UserData
AWS::AutoScaling::LifecycleHook	AutoScalingGroupName, DefaultResult, HeartbeatTimeout, LifecycleHookName, LifecycleTransition, NotificationMetadata, NotificationTargetARN, RoleARN
AWS::AutoScaling::ScalingPolicy	AdjustmentType, AutoScalingGroupName, Cooldown, EstimatedInstanceWarmup, MetricAggregationType, MinAdjustmentMagnitude, PolicyType, PredictiveScalingConfiguration, ScalingAdjustment, StepAdjustments, TargetTrackingConfiguration
AWS::AutoScaling::ScheduledAction	AutoScalingGroupName, DesiredCapacity, EndTime, MaxSize, MinSize, Recurrence, StartTime, TimeZone
AWS::AutoScaling::WarmPool	AutoScalingGroupName, InstanceReusePolicy, MaxGroupPreparedCapacity, MinSize, PoolState
AWS::AutoScalingPlans::ScalingPlan	ApplicationSource, ScalingInstructions
AWS::B2BI::Capability	Configuration, InstructionsDocuments, Name, Tags, Type
AWS::B2BI::Partnership	Capabilities, CapabilityOptions, Email, Name, Phone, ProfileId, Tags
AWS::B2BI::Profile	BusinessName, Email, Logging, Name, Phone, Tags
AWS::B2BI::Transformer	InputConversion, Mapping, Name, OutputConversion, SampleDocuments, Status, Tags
AWS::BCMDataExports::Export	Export, Tags
AWS::Backup::BackupPlan	BackupPlan, BackupPlanTags
AWS::Backup::BackupSelection	BackupPlanId, BackupSelection
AWS::Backup::BackupVault	AccessPolicy, BackupVaultName, BackupVaultTags, EncryptionKeyArn, LockConfiguration, Notifications
AWS::Backup::Framework	FrameworkControls, FrameworkDescription, FrameworkName, FrameworkTags
AWS::Backup::LogicallyAirGappedBackupVault	AccessPolicy, BackupVaultName, BackupVaultTags, EncryptionKeyArn, MaxRetentionDays, MinRetentionDays, MpaApprovalTeamArn, Notifications
AWS::Backup::ReportPlan	ReportDeliveryChannel, ReportPlanDescription, ReportPlanName, ReportPlanTags, ReportSetting
AWS::Backup::RestoreTestingPlan	RecoveryPointSelection, RestoreTestingPlanName, ScheduleExpression, ScheduleExpressionTimezone, StartWindowHours, Tags
AWS::Backup::RestoreTestingSelection	IamRoleArn, ProtectedResourceArns, ProtectedResourceConditions, ProtectedResourceType, RestoreMetadataOverrides, RestoreTestingPlanName, RestoreTestingSelectionName, ValidationWindowHours
AWS::Backup::TieringConfiguration	BackupVaultName, ResourceSelection, TieringConfigurationName, TieringConfigurationTags
AWS::BackupGateway::Hypervisor	Host, KmsKeyArn, LogGroupArn, Name, Password, Tags, Username
AWS::Batch::ComputeEnvironment	ComputeEnvironmentName, ComputeResources, Context, EksConfiguration, ReplaceComputeEnvironment, ServiceRole, State, Tags, Type, UnmanagedvCpus, UpdatePolicy
AWS::Batch::ConsumableResource	ConsumableResourceName, ResourceType, Tags, TotalQuantity
AWS::Batch::JobDefinition	ConsumableResourceProperties, ContainerProperties, EcsProperties, EksProperties, JobDefinitionName, NodeProperties, Parameters, PlatformCapabilities, PropagateTags, ResourceRetentionPolicy, RetryStrategy, SchedulingPriority, Tags, Timeout, Type
AWS::Batch::JobQueue	ComputeEnvironmentOrder, JobQueueName, JobQueueType, JobStateTimeLimitActions, Priority, SchedulingPolicyArn, ServiceEnvironmentOrder, State, Tags
AWS::Batch::QuotaShare	CapacityLimits, JobQueue, PreemptionConfiguration, QuotaShareName, ResourceSharingConfiguration, State, Tags
AWS::Batch::SchedulingPolicy	FairsharePolicy, Name, QuotaSharePolicy, Tags
AWS::Batch::ServiceEnvironment	CapacityLimits, ServiceEnvironmentName, ServiceEnvironmentType, State, Tags
AWS::BcmPricingCalculator::BillScenario	CostCategoryGroupSharingPreferenceArn, ExpiresAt, GroupSharingPreference, Name, Tags
AWS::Bedrock::Agent	ActionGroups, AgentCollaboration, AgentCollaborators, AgentName, AgentResourceRoleArn, AutoPrepare, CustomOrchestration, CustomerEncryptionKeyArn, Description, FoundationModel, GuardrailConfiguration, IdleSessionTTLInSeconds, Instruction, KnowledgeBases, MemoryConfiguration, OrchestrationType, PromptOverrideConfiguration, SkipResourceInUseCheckOnDelete, Tags, TestAliasTags
AWS::Bedrock::AgentAlias	AgentAliasName, AgentId, Description, RoutingConfiguration, Tags
AWS::Bedrock::ApplicationInferenceProfile	Description, InferenceProfileName, ModelSource, Tags
AWS::Bedrock::AutomatedReasoningPolicy	Description, ForceDelete, KmsKeyId, Name, PolicyDefinition, Tags
AWS::Bedrock::AutomatedReasoningPolicyVersion	LastUpdatedDefinitionHash, PolicyArn, Tags
AWS::Bedrock::Blueprint	BlueprintName, KmsEncryptionContext, KmsKeyId, Schema, Tags, Type
AWS::Bedrock::DataAutomationLibrary	EncryptionConfiguration, LibraryDescription, LibraryName, Tags
AWS::Bedrock::DataAutomationProject	CustomOutputConfiguration, KmsEncryptionContext, KmsKeyId, OverrideConfiguration, ProjectDescription, ProjectName, ProjectType, StandardOutputConfiguration, Tags
AWS::Bedrock::DataSource	DataDeletionPolicy, DataSourceConfiguration, Description, KnowledgeBaseId, Name, ServerSideEncryptionConfiguration, VectorIngestionConfiguration
AWS::Bedrock::EnforcedGuardrailConfiguration	GuardrailIdentifier, GuardrailVersion, ModelEnforcement, SelectiveContentGuarding
AWS::Bedrock::Flow	CustomerEncryptionKeyArn, Definition, DefinitionS3Location, DefinitionString, DefinitionSubstitutions, Description, ExecutionRoleArn, Name, Tags, TestAliasTags
AWS::Bedrock::FlowAlias	ConcurrencyConfiguration, Description, FlowArn, Name, RoutingConfiguration, Tags
AWS::Bedrock::FlowVersion	Description, FlowArn
AWS::Bedrock::Guardrail	AutomatedReasoningPolicyConfig, BlockedInputMessaging, BlockedOutputsMessaging, ContentPolicyConfig, ContextualGroundingPolicyConfig, CrossRegionConfig, Description, KmsKeyArn, Name, SensitiveInformationPolicyConfig, Tags, TopicPolicyConfig, WordPolicyConfig
AWS::Bedrock::GuardrailVersion	Description, GuardrailIdentifier
AWS::Bedrock::IntelligentPromptRouter	Description, FallbackModel, Models, PromptRouterName, RoutingCriteria, Tags
AWS::Bedrock::KnowledgeBase	Description, KnowledgeBaseConfiguration, Name, RoleArn, StorageConfiguration, Tags
AWS::Bedrock::Prompt	CustomerEncryptionKeyArn, DefaultVariant, Description, Name, Tags, Variants
AWS::Bedrock::PromptVersion	Description, PromptArn, Tags
AWS::Bedrock::ResourcePolicy	PolicyDocument, ResourceArn
AWS::BedrockAgentCore::ApiKeyCredentialProvider	ApiKey, Name, Tags
AWS::BedrockAgentCore::BrowserCustom	BrowserSigning, Description, ExecutionRoleArn, Name, NetworkConfiguration, RecordingConfig, Tags
AWS::BedrockAgentCore::BrowserProfile	Description, Name, Tags
AWS::BedrockAgentCore::CodeInterpreterCustom	Description, ExecutionRoleArn, Name, NetworkConfiguration, Tags
AWS::BedrockAgentCore::Evaluator	Description, EvaluatorConfig, EvaluatorName, Level, Tags
AWS::BedrockAgentCore::Gateway	AuthorizerConfiguration, AuthorizerType, Description, ExceptionLevel, InterceptorConfigurations, KmsKeyArn, Name, PolicyEngineConfiguration, ProtocolConfiguration, ProtocolType, RoleArn, Tags
AWS::BedrockAgentCore::GatewayTarget	CredentialProviderConfigurations, Description, GatewayIdentifier, MetadataConfiguration, Name, TargetConfiguration
AWS::BedrockAgentCore::Memory	Description, EncryptionKeyArn, EventExpiryDuration, MemoryExecutionRoleArn, MemoryStrategies, Name, StreamDeliveryResources, Tags
AWS::BedrockAgentCore::OAuth2CredentialProvider	CredentialProviderVendor, Name, Oauth2ProviderConfigInput, Tags
AWS::BedrockAgentCore::OnlineEvaluationConfig	DataSourceConfig, Description, EvaluationExecutionRoleArn, Evaluators, ExecutionStatus, OnlineEvaluationConfigName, Rule, Tags
AWS::BedrockAgentCore::Policy	Definition, Description, Name, PolicyEngineId, ValidationMode
AWS::BedrockAgentCore::PolicyEngine	Description, EncryptionKeyArn, Name, Tags
AWS::BedrockAgentCore::Runtime	AgentRuntimeArtifact, AgentRuntimeName, AuthorizerConfiguration, Description, EnvironmentVariables, FilesystemConfigurations, LifecycleConfiguration, NetworkConfiguration, ProtocolConfiguration, RequestHeaderConfiguration, RoleArn, Tags
AWS::BedrockAgentCore::RuntimeEndpoint	AgentRuntimeId, AgentRuntimeVersion, Description, Name, Tags
AWS::BedrockAgentCore::WorkloadIdentity	AllowedResourceOauth2ReturnUrls, Name, Tags
AWS::BedrockMantle::Project	Name, Tags
AWS::Billing::BillingView	DataFilterExpression, Description, Name, SourceViews, Tags
AWS::BillingConductor::BillingGroup	AccountGrouping, ComputationPreference, Description, Name, PrimaryAccountId, Tags
AWS::BillingConductor::CustomLineItem	AccountId, BillingGroupArn, BillingPeriodRange, ComputationRule, CustomLineItemChargeDetails, Description, Name, PresentationDetails, Tags
AWS::BillingConductor::PricingPlan	Description, Name, PricingRuleArns, Tags
AWS::BillingConductor::PricingRule	BillingEntity, Description, ModifierPercentage, Name, Operation, Scope, Service, Tags, Tiering, Type, UsageType
AWS::Braket::SpendingLimit	DeviceArn, SpendingLimit, Tags, TimePeriod
AWS::Budgets::Budget	Budget, NotificationsWithSubscribers, ResourceTags
AWS::Budgets::BudgetsAction	ActionThreshold, ActionType, ApprovalModel, BudgetName, Definition, ExecutionRoleArn, NotificationType, ResourceTags, Subscribers
AWS::CE::AnomalyMonitor	MonitorDimension, MonitorName, MonitorSpecification, MonitorType, ResourceTags
AWS::CE::AnomalySubscription	Frequency, MonitorArnList, ResourceTags, Subscribers, SubscriptionName, Threshold, ThresholdExpression
AWS::CE::CostCategory	DefaultValue, Name, RuleVersion, Rules, SplitChargeRules, Tags

Why use this CloudFormation properties reference?

Building AWS infrastructure with CloudFormation requires knowing the exact properties available for each AWS resource type. This reference provides quick access to every CloudFormation resource type and its configurable properties, making template development faster and more accurate.

The official AWS documentation spreads this information across many resource pages. This tool consolidates those properties into a single searchable table so you can find the exact property names you need without hunting through service documentation.

Quick CloudFormation property syntax

Properties sit under a resource's Properties block. The names must match the CloudFormation resource specification exactly.

Resources:
  MyS3Bucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: my-unique-bucket-name
      VersioningConfiguration:
        Status: Enabled
      PublicAccessBlockConfiguration:
        BlockPublicAcls: true
        BlockPublicPolicy: true

How to use the properties table

Search for an AWS service, resource type, or property name, such as AWS::S3::Bucket or BucketName.
Find the available properties in the properties column.
Open the resource type link when you need the official AWS documentation.
Copy the property names into your CloudFormation template.
Configure each property according to your infrastructure requirements.

Why exact property names matter

CloudFormation validates resource properties before it creates or updates a stack. A typo, wrong casing, or property from a different resource type can fail validation before deployment. Searching the table helps you confirm whether a property is supported before you add it to a template.

This is especially useful when you move between similar resources. For example, AWS::ApiGateway::Stage and AWS::ApiGatewayV2::Stage look related, but their property sets are not identical.

Useful workflow for template authoring

Start with the resource type you want to create.
Search this table for the resource and scan the supported properties.
Open the AWS documentation link for nested property shapes and update behavior.
Validate locally with cfn-lint or your IDE before deploying.
Create a change set when updating production stacks.

Generate CloudFormation resources in VS Code

If you prefer working directly in your IDE, the CloudFormation Snippets VS Code extension can scaffold CloudFormation resources in YAML.

Related tools

CloudFormation Resource Attributes Reference

Search AWS CloudFormation resource types and the attributes available through Fn::GetAtt for each resource.

Amazon Resource Names (ARNs) Reference

Search AWS service prefixes and Amazon Resource Name formats for IAM policies and resource references.

AWS IAM Service Principals Reference

Search the complete AWS service principal reference for IAM trust policies, resource policies, and service-linked role setup.

Next step

Want AWS engineering that feels this practical?

I build these tools to make AWS easier to manage. If this level of quality is what you want in your own cloud platform, Towards The Cloud can help with landing zones, infrastructure as code, security reviews, migrations, and cost optimization.

Explore AWS services

← Back to tools