AWS CloudFormation Resource Types
Jump to navigation
Jump to search
Internal
AWS::CloudFormation
AWS::CloudFormation::Stack
AWS::CloudFormation::Stack enables nesting another stack as a resource within a template.
AWS::CodeBuild
AWS::CodeBuild::Project
AWS::EC2
AWS::EC2::SecurityGroup
Resources: ServiceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: '...' VpcId: Fn::ImportValue: !Join [':', [!Ref 'DeploymentStackName', 'VPCId']] GroupName: !Sub ${ECRRepository}-sg SecurityGroupIngress: - IpProtocol: -1 CidrIp: 10.0.0.0/8
AWS::ECR
AWS::ECR::Repository
Resources: Repository: Type: AWS::ECR::Repository Properties: RepositoryName: some-docker-repository-name
AWS::ECS
AWS::ECS::TaskDefinition
Resources: TaskDefinition: Type: AWS::ECS::TaskDefinition Properties: Family: 'some-family' RequiresCompatibilities: ["FARGATE"] NetworkMode: "awsvpc" Cpu: '2048' Memory: '4096' TaskRoleArn: !GetAtt TaskRole.Arn ExecutionRoleArn: !GetAtt TaskExecutionRole.Arn ContainerDefinitions: - Name: 'some-name' Cpu: '2048' Memory: '4096' Essential: 'true' Environment: - Name: SPRING_PROFILES_ACTIVE Value: 'something' Image: !Sub ${Image}:${Tag} PortMappings: - HostPort: 10002 ContainerPort: 10002 LogConfiguration: LogDriver: "awslogs" Options: awslogs-group: 'some-group' awslogs-region: !Sub ${AWS::Region} awslogs-stream-prefix: 'some-prefix'
AWS::ECS::Service
Resources: ServiceDefinition: Type: AWS::ECS::Service DependsOn: LoadBalancerListener Properties: ServiceName: themyscira LaunchType: FARGATE Cluster: 'some-cluster' TaskDefinition: !Ref TaskDefinition DesiredCount: 1 HealthCheckGracePeriodSeconds: 60 NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: DISABLED SecurityGroups: - !Ref ServiceSecurityGroup Subnets: - 'blue-subnet' - 'green-subnet' ServiceRegistries: - RegistryArn: !GetAtt ServiceDiscovery.Arn LoadBalancers: - ContainerName: 'some-name' ContainerPort: 10002 TargetGroupArn: !Ref TargetGroup
AWS::ElasticLoadBalancingV2
AWS::ElasticLoadBalancingV2::TargetGroup
Resources: TargetGroup: Type: AWS::ElasticLoadBalancingV2::TargetGroup Properties: HealthCheckIntervalSeconds: 60 HealthCheckPath: '/myservice/actuator/health' HealthCheckProtocol: HTTP HealthCheckTimeoutSeconds: 5 HealthyThresholdCount: 2 TargetType: ip Name: myservice Port: 8086 Protocol: HTTP UnhealthyThresholdCount: 10 VpcId: !Ref MyVpcId
AWS::ElasticLoadBalancingV2::Listener
Resources: LoadBalancerListener: Type: AWS::ElasticLoadBalancingV2::Listener DependsOn: - TargetGroup Properties: DefaultActions: - TargetGroupArn: !Ref 'TargetGroup' Type: 'forward' LoadBalancerArn: Fn::ImportValue: !Join [':', [!Ref 'DeploymentStackName', 'ServiceALB']] Port: 10002 Protocol: HTTP
AWS::IAM
AWS::IAM::Role
Resources: CodeBuildServiceRole: Type: AWS::IAM::Role Properties: ...
If this role is declared by an "example" stack, then, after successful creation, its ARN will be arn:aws:iam::AccountID:role/service-role/example-CodeBuildServiceRole-1V7H0HL94BUX6
AWS::Logs
AWS::Logs::LogGroup
Resources: ServiceLogGroup: Type: "AWS::Logs::LogGroup" Properties: LogGroupName: some-name RetentionInDays: 7
AWS::S3
AWS::S3::Bucket
Resources: BuildBucket: Type: AWS::S3::Bucket Properties: AccessControl: BucketOwnerFullControl