Internal

AWS CloudFormation Concepts

AWS::ApiGateway

AWS::ApiGateway::RestApi

AWS::ApiGateway::RestApi

AWS::ApiGateway::Deployment

AWS::ApiGateway::Stage

AWS::CloudFormation

AWS::CloudFormation::Stack

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html

AWS::CloudFormation::Stack enables nesting another stack as a resource within a template.

AWS::CodeBuild

AWS::CodeBuild::Project

For an example of a CodeBuild build project that integrates with a CodePipeline see:

CodePipeline-Driven CodeBuild Builds

AWS::CodePipeline

AWS::CodePipeline::Pipeline

Creates a CodePipeline pipeline. Other pipeline examples:

Pipeline that Delegates the Build to the CodeBuild Build Project

AWS::EC2

AWS::EC2::SecurityGroup

Resources:
  ServiceSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: '...'
      VpcId:
        Fn::ImportValue: !Join [':', [!Ref 'DeploymentStackName', 'VPCId']]
      GroupName: !Sub ${ECRRepository}-sg
      SecurityGroupIngress:
        - IpProtocol: -1
          CidrIp: 10.0.0.0/8

AWS::ECR

AWS::ECR::Repository

Resources:
  Repository:
    Type: AWS::ECR::Repository
    Properties:
      RepositoryName: some-docker-repository-name

AWS::ECS

AWS::ECS::TaskDefinition

Resources:
  TaskDefinition:
    Type: AWS::ECS::TaskDefinition
    Properties:
      Family: 'some-family'
      RequiresCompatibilities: ["FARGATE"]
      NetworkMode: "awsvpc"
      Cpu: '2048'
      Memory: '4096'
      TaskRoleArn: !GetAtt TaskRole.Arn
      ExecutionRoleArn: !GetAtt TaskExecutionRole.Arn
      ContainerDefinitions:
      - Name: 'some-name'
        Cpu: '2048'
        Memory: '4096'
        Essential: 'true'
        Environment:
        - Name: SPRING_PROFILES_ACTIVE
          Value: 'something'
        Image: !Sub ${Image}:${Tag}
        PortMappings:
        - HostPort: 10002
          ContainerPort: 10002
        LogConfiguration:
          LogDriver: "awslogs"
          Options:
            awslogs-group: 'some-group'
            awslogs-region: !Sub ${AWS::Region}
            awslogs-stream-prefix: 'some-prefix'

AWS::ECS::Service

Resources:
  ServiceDefinition:
    Type: AWS::ECS::Service
    DependsOn: LoadBalancerListener
    Properties:
      ServiceName: themyscira
      LaunchType: FARGATE
      Cluster: 'some-cluster'
      TaskDefinition: !Ref TaskDefinition
      DesiredCount: 1
      HealthCheckGracePeriodSeconds: 60
      NetworkConfiguration:
        AwsvpcConfiguration:
          AssignPublicIp: DISABLED
          SecurityGroups:
          - !Ref ServiceSecurityGroup
          Subnets:
            - 'blue-subnet'
            - 'green-subnet'
      ServiceRegistries:
      - RegistryArn: !GetAtt ServiceDiscovery.Arn
      LoadBalancers:
      - ContainerName: 'some-name'
        ContainerPort: 10002
        TargetGroupArn: !Ref TargetGroup

AWS::ElasticLoadBalancingV2

AWS::ElasticLoadBalancingV2::TargetGroup

Resources:
 TargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      HealthCheckIntervalSeconds: 60
      HealthCheckPath: '/myservice/actuator/health'
      HealthCheckProtocol: HTTP
      HealthCheckTimeoutSeconds: 5
      HealthyThresholdCount: 2
      TargetType: ip
      Name: myservice
      Port: 8086
      Protocol: HTTP
      UnhealthyThresholdCount: 10
      VpcId: !Ref MyVpcId

AWS::ElasticLoadBalancingV2::Listener

Resources:
  LoadBalancerListener:
    Type: AWS::ElasticLoadBalancingV2::Listener
    DependsOn:
      - TargetGroup
    Properties:
      DefaultActions:
        - TargetGroupArn: !Ref 'TargetGroup'
          Type: 'forward'
      LoadBalancerArn:
        Fn::ImportValue: !Join [':', [!Ref 'DeploymentStackName', 'ServiceALB']]
      Port: 10002
      Protocol: HTTP

AWS::IAM

AWS::IAM::Role

Resources:
  CodeBuildServiceRole:
    Type: AWS::IAM::Role
    Properties:
      ...

If this role is declared by an "example" stack, then, after successful creation, its ARN will be arn:aws:iam::AccountID:role/service-role/example-CodeBuildServiceRole-1V7H0HL94BUX6

AWS::Logs

AWS::Logs::LogGroup

Resources:
  ServiceLogGroup:
    Type: "AWS::Logs::LogGroup"
    Properties:
      LogGroupName: some-name
      RetentionInDays: 7

AWS::S3

AWS::S3::Bucket

Resources:
  BuildBucket:
    Type: AWS::S3::Bucket
    Properties:
      AccessControl: BucketOwnerFullControl

AWS CloudFormation Resource Types

Contents

Internal

AWS::ApiGateway

AWS::ApiGateway::RestApi

AWS::ApiGateway::Deployment

AWS::ApiGateway::Stage

AWS::CloudFormation

AWS::CloudFormation::Stack

AWS::CodeBuild

AWS::CodeBuild::Project

AWS::CodePipeline

AWS::CodePipeline::Pipeline

AWS::EC2

AWS::EC2::SecurityGroup

AWS::ECR

AWS::ECR::Repository

AWS::ECS

AWS::ECS::TaskDefinition

AWS::ECS::Service

AWS::ElasticLoadBalancingV2

AWS::ElasticLoadBalancingV2::TargetGroup

AWS::ElasticLoadBalancingV2::Listener

AWS::IAM

AWS::IAM::Role

AWS::Logs

AWS::Logs::LogGroup

AWS::S3

AWS::S3::Bucket

AWS::ServiceDiscovery

AWS::ServiceDiscovery::Service

Navigation menu

AWS CloudFormation Resource Types

Internal

AWS::ApiGateway

AWS::ApiGateway::RestApi

AWS::ApiGateway::Deployment

AWS::ApiGateway::Stage

AWS::CloudFormation

AWS::CloudFormation::Stack

AWS::CodeBuild

AWS::CodeBuild::Project

AWS::CodePipeline

AWS::CodePipeline::Pipeline

AWS::EC2

AWS::EC2::SecurityGroup

AWS::ECR

AWS::ECR::Repository

AWS::ECS

AWS::ECS::TaskDefinition

AWS::ECS::Service

AWS::ElasticLoadBalancingV2

AWS::ElasticLoadBalancingV2::TargetGroup

AWS::ElasticLoadBalancingV2::Listener

AWS::IAM

AWS::IAM::Role

AWS::Logs

AWS::Logs::LogGroup

AWS::S3

AWS::S3::Bucket

AWS::ServiceDiscovery

AWS::ServiceDiscovery::Service

Navigation menu

Search