{ "AWS::ApplicationAutoScaling::ScalingPolicy": { "properties": [ "PolicyName", "PolicyType", "ResourceId", "ScalableDimension", "ServiceNamespace", "ScalingTargetId", "StepScalingPolicyConfiguration" ], "full_properties": { "PolicyName": { "description": "A name for the scaling policy.", "required": true, "type": "String", "update_causes": "replacement" }, "PolicyType": { "description": "An Application Auto Scaling policy type. For valid values, see the PolicyType parameter for the PutScalingPolicy action in the Application Auto Scaling API Reference.", "required": true, "type": "Unknown", "update_causes": "none" }, "ResourceId": { "description": "The unique resource identifier for the scalable target that this scaling policy applies to. For more information, see the ResourceId parameter for the PutScalingPolicy action in the Application Auto Scaling API Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "ScalableDimension": { "description": "The scalable dimension of the scalable target that this scaling policy applies to. The scalable dimension contains the service namespace, resource type, and scaling property, such as ecs:service:DesiredCount for the desired task count of an Amazon ECS service.", "required": false, "type": "String", "update_causes": "replacement" }, "ServiceNamespace": { "description": "The AWS service namespace of the scalable target that this scaling policy applies to. For a list of service namespaces, see AWS Service Namespaces in the AWS General Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "ScalingTargetId": { "description": "The AWS CloudFormation-generated ID of an Application Auto Scaling scalable target. For more information about the ID, see the Return Value section of the AWS::ApplicationAutoScaling::ScalableTarget resource.", "required": false, "type": "String", "update_causes": "replacement" }, "StepScalingPolicyConfiguration": { "description": "A step policy that configures when Application Auto Scaling scales resources up or down, and by how much.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-applicationautoscaling-scalingpolicy.html" }, "AWS::OpsWorks::App": { "properties": [ "AppSource", "Attributes", "Description", "DataSources", "Domains", "EnableSsl", "Environment", "Name", "Shortname", "SslConfiguration", "StackId", "Type" ], "full_properties": { "AppSource": { "description": "The information required to retrieve an app from a repository.", "required": false, "type": "Unknown", "update_causes": "none" }, "Attributes": { "description": "One or more user-defined key-value pairs to be added to the app attributes bag.", "required": false, "type": "Array", "update_causes": "none" }, "Description": { "description": "A description of the app.", "required": false, "type": "String", "update_causes": "none" }, "DataSources": { "description": "A list of databases to associate with the AWS OpsWorks app.", "required": false, "type": "Array", "update_causes": "none" }, "Domains": { "description": "The app virtual host settings, with multiple domains separated by commas. For example, 'www.example.com, example.com'.", "required": false, "type": "Array", "update_causes": "none" }, "EnableSsl": { "description": "Whether to enable SSL for this app.", "required": false, "type": "Boolean", "update_causes": "none" }, "Environment": { "description": "The environment variables to associate with the AWS OpsWorks app.", "required": false, "type": "Array", "update_causes": "none" }, "Name": { "description": "The name of the AWS OpsWorks app.", "required": true, "type": "String", "update_causes": "none" }, "Shortname": { "description": "The app short name, which is used internally by AWS OpsWorks and by Chef recipes.", "required": false, "type": "String", "update_causes": "replacement" }, "SslConfiguration": { "description": "The SSL configuration", "required": false, "type": "Unknown", "update_causes": "none" }, "StackId": { "description": "The ID of the AWS OpsWorks stack to associate this app with.", "required": true, "type": "String", "update_causes": "replacement" }, "Type": { "description": "The app type. Each supported type is associated with a particular layer. For more information, see CreateApp in the AWS OpsWorks Stacks API Reference.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-opsworks-app.html" }, "AWS::EC2::VPNConnection": { "properties": [ "Type", "CustomerGatewayId", "StaticRoutesOnly", "Tags", "VpnGatewayId" ], "full_properties": { "Type": { "description": "The type of VPN connection this virtual private gateway supports.", "required": true, "type": "String", "update_causes": "replacement" }, "CustomerGatewayId": { "description": "The ID of the customer gateway. This can either be an embedded JSON object or a reference to a Gateway ID.", "required": true, "type": "String", "update_causes": "replacement" }, "StaticRoutesOnly": { "description": "Indicates whether the VPN connection requires static routes.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "Tags": { "description": "The tags that you want to attach to the resource.", "required": false, "type": "Unknown", "update_causes": "none" }, "VpnGatewayId": { "description": "The ID of the virtual private gateway. This can either be an embedded JSON object or a reference to a Gateway ID.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-vpn-connection.html" }, "AWS::CloudFront::Distribution": { "properties": [ "DistributionConfig" ], "full_properties": { "DistributionConfig": { "description": "The distribution's configuration information.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-properties-cloudfront-distribution.html" }, "AWS::Logs::Destination": { "properties": [ "DestinationName", "DestinationPolicy", "RoleArn", "TargetArn" ], "full_properties": { "DestinationName": { "description": "The name of the CloudWatch Logs destination.", "required": true, "type": "String", "update_causes": "replacement" }, "DestinationPolicy": { "description": "An AWS Identity and Access Management (IAM) policy that specifies who can write to your destination.", "required": true, "type": "String", "update_causes": "none" }, "RoleArn": { "description": "The Amazon Resource Name (ARN) of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource (TargetArn).", "required": true, "type": "String", "update_causes": "none" }, "TargetArn": { "description": "The ARN of the AWS resource that receives log events. Currently, you can specify only an Amazon Kinesis stream.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-logs-destination.html" }, "AWS::GameLift::Alias": { "properties": [ "Description", "Name", "RoutingStrategy" ], "full_properties": { "Description": { "description": "Information that helps you identify the purpose of this alias.", "required": false, "type": "String", "update_causes": "none" }, "Name": { "description": "An identifier to associate with this alias. Alias names don't need to be unique.", "required": true, "type": "String", "update_causes": "none" }, "RoutingStrategy": { "description": "A routing configuration that specifies where traffic is directed for this alias, such as to a fleet or to a message.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-gamelift-alias.html" }, "AWS::WAF::SizeConstraintSet": { "properties": [ "Name", "SizeConstraints" ], "full_properties": { "Name": { "description": "A friendly name or description for the SizeConstraintSet.", "required": true, "type": "String", "update_causes": "replacement" }, "SizeConstraints": { "description": "The size constraint and the part of the web request to check.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-waf-sizeconstraintset.html" }, "AWS::EC2::DHCPOptions": { "properties": [ "DomainName", "DomainNameServers", "NetbiosNameServers", "NetbiosNodeType", "NtpServers", "Tags" ], "full_properties": { "DomainName": { "description": "A domain name of your choice.", "required": false, "type": "String", "update_causes": "replacement" }, "DomainNameServers": { "description": "The IP (IPv4) address of a domain name server. You can specify up to four addresses.", "required": false, "type": "Array", "update_causes": "replacement" }, "NetbiosNameServers": { "description": "The IP address (IPv4) of a NetBIOS name server. You can specify up to four addresses.", "required": false, "type": "Array", "update_causes": "replacement" }, "NetbiosNodeType": { "description": "An integer value indicating the NetBIOS node type:", "required": false, "type": "Array", "update_causes": "replacement" }, "NtpServers": { "description": "The IP address (IPv4) of a Network Time Protocol (NTP) server. You can specify up to four addresses.", "required": false, "type": "Array", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this resource.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-ec2-dhcp-options.html" }, "AWS::Events::Rule": { "properties": [ "Description", "EventPattern", "Name", "RoleArn", "ScheduleExpression", "State", "Targets" ], "full_properties": { "Description": { "description": "A description of the rule's purpose.", "required": false, "type": "String", "update_causes": "none" }, "EventPattern": { "description": "Describes which events CloudWatch Events routes to the specified target. These routed events are matched events. For more information, see Events and Event Patterns in the Amazon CloudWatch User Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "Name": { "description": "A name for the rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "RoleArn": { "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that grants CloudWatch Events permission to make calls to target services, such as AWS Lambda (Lambda) or Amazon Kinesis streams.", "required": false, "type": "String", "update_causes": "none" }, "ScheduleExpression": { "description": "The schedule or rate (frequency) that determines when CloudWatch Events runs the rule. For more information, see Schedule Expression Syntax for Rules in the Amazon CloudWatch User Guide.", "required": false, "type": "String", "update_causes": "none" }, "State": { "description": "Indicates whether the rule is enabled. For valid values, see the State parameter for the PutRule action in the Amazon CloudWatch Events API Reference.", "required": false, "type": "String", "update_causes": "none" }, "Targets": { "description": "The resources, such as Lambda functions or Amazon Kinesis streams, that CloudWatch Events routes events to and invokes when the rule is triggered. For information about valid targets, see the PutTargets action in the Amazon CloudWatch Events API Reference.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-events-rule.html" }, "AWS::Lambda::EventSourceMapping": { "properties": [ "BatchSize", "Enabled", "EventSourceArn", "FunctionName", "StartingPosition" ], "full_properties": { "BatchSize": { "description": "The largest number of records that Lambda retrieves from your event source when invoking your function. Your function receives an event with all the retrieved records. For the default and valid values, see CreateEventSourceMapping in the AWS Lambda Developer Guide.", "required": false, "type": "Number", "update_causes": "none" }, "Enabled": { "description": "Indicates whether Lambda begins polling the event source.", "required": false, "type": "Boolean", "update_causes": "none" }, "EventSourceArn": { "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream that is the source of events. Any record added to this stream can invoke the Lambda function. For more information, see CreateEventSourceMapping in the AWS Lambda Developer Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "FunctionName": { "description": "The name or ARN of a Lambda function to invoke when Lambda detects an event on the stream.", "required": true, "type": "String", "update_causes": "none" }, "StartingPosition": { "description": "The position in the stream where Lambda starts reading. For valid values, see CreateEventSourceMapping in the AWS Lambda Developer Guide.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-lambda-eventsourcemapping.html" }, "AWS::EMR::Cluster": { "properties": [ "AdditionalInfo", "Applications", "BootstrapActions", "Configurations", "Instances", "JobFlowRole", "LogUri", "Name", "ReleaseLabel", "ServiceRole", "Tags", "VisibleToAllUsers" ], "full_properties": { "AdditionalInfo": { "description": "Additional features that you want to select.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Applications": { "description": "The software applications to deploy on the cluster, and the arguments that Amazon EMR passes to those applications.", "required": false, "type": "Array", "update_causes": "replacement" }, "BootstrapActions": { "description": "A list of bootstrap actions that Amazon EMR runs before starting applications on the cluster.", "required": false, "type": "Array", "update_causes": "replacement" }, "Configurations": { "description": "The software configuration of the Amazon EMR cluster.", "required": false, "type": "Array", "update_causes": "replacement" }, "Instances": { "description": "Configures the EC2 instances that will run jobs in the Amazon EMR cluster.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "JobFlowRole": { "description": "Also called instance profile and EC2 role. Accepts an instance profile associated with the role that you want to use. All EC2 instances in the cluster assume this role.", "required": true, "type": "String", "update_causes": "replacement" }, "LogUri": { "description": "An S3 bucket location to which Amazon EMR writes logs files from a job flow. If you don't specify a value, Amazon EMR doesn't write any log files.", "required": false, "type": "String", "update_causes": "replacement" }, "Name": { "description": "A name for the Amazon EMR cluster.", "required": true, "type": "String", "update_causes": "replacement" }, "ReleaseLabel": { "description": "The Amazon EMR software release label. A release is a set of software applications and components that you can install and configure on an Amazon EMR cluster. For more information, see About Amazon EMR Releases in the Amazon EMR Release Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "ServiceRole": { "description": "The IAM role that Amazon EMR assumes to access AWS resources on your behalf. For more information, see Configure IAM Roles for Amazon EMR in the Amazon EMR Management Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) to help you identify the Amazon EMR cluster.", "required": false, "type": "Unknown", "update_causes": "none" }, "VisibleToAllUsers": { "description": "Indicates whether the instances in the cluster are visible to all IAM users in the AWS account. If you specify true, all IAM users can view and (if they have permissions) manage the instances. If you specify false, only the IAM user that created the cluster can view and manage it. By default, AWS CloudFormation sets this property to false.", "required": false, "type": "Boolean", "update_causes": "none" } }, "path": "aws-resource-emr-cluster.html" }, "AWS::Elasticsearch::Domain": { "properties": [ "AccessPolicies", "AdvancedOptions", "DomainName", "EBSOptions", "ElasticsearchClusterConfig", "ElasticsearchVersion", "SnapshotOptions", "Tags" ], "full_properties": { "AccessPolicies": { "description": "An AWS Identity and Access Management (IAM) policy document that specifies who can access the Amazon ES domain and their permissions. For more information, see Configuring Access Policies in the Amazon Elasticsearch Service Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "AdvancedOptions": { "description": "Additional options to specify for the Amazon ES domain. For more information, see Configuring Advanced Options in the Amazon Elasticsearch Service Developer Guide.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "DomainName": { "description": "A name for the Amazon ES domain. For valid values, see the DomainName data type in the Amazon Elasticsearch Service Developer Guide.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "EBSOptions": { "description": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the Amazon ES domain. For more information, see Configuring EBS-based Storage in the Amazon Elasticsearch Service Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "ElasticsearchClusterConfig": { "description": "The cluster configuration for the Amazon ES domain. You can specify options such as the instance type and the number of instances. For more information, see Configuring Amazon ES Domains in the Amazon Elasticsearch Service Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "ElasticsearchVersion": { "description": "The version of Elasticsearch to use, such as 2.3. For information about the versions that Amazon ES supports, see the Elasticsearch-Version parameter for the CreateElasticsearchDomain action in the Amazon Elasticsearch Service Developer Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "SnapshotOptions": { "description": "The automated snapshot configuration for the Amazon ES domain indices.", "required": false, "type": "Unknown", "update_causes": "none" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) to associate with the Amazon ES domain.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-elasticsearch-domain.html" }, "AWS::WAF::IPSet": { "properties": [ "IPSetDescriptors", "Name" ], "full_properties": { "IPSetDescriptors": { "description": "The IP address type and IP address range (in CIDR notation) from which web requests originate. If you associate the IPSet with a web ACL that is associated with a Amazon CloudFront (CloudFront) distribution, this descriptor is the value of one of the following fields in the CloudFront access logs:", "required": false, "type": "Array", "update_causes": "none" }, "Name": { "description": "A friendly name or description of the IPSet.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-waf-ipset.html" }, "AWS::ElastiCache::SecurityGroup": { "properties": [ "Description" ], "full_properties": { "Description": { "description": "A description for the cache security group.", "required": false, "type": "String", "update_causes": "unavailable" } }, "path": "aws-properties-elasticache-security-group.html" }, "AWS::ApiGateway::Deployment": { "properties": [ "Description", "RestApiId", "StageDescription", "StageName" ], "full_properties": { "Description": { "description": "A description of the purpose of the API Gateway deployment.", "required": false, "type": "String", "update_causes": "none" }, "RestApiId": { "description": "The ID of the RestApi resource to deploy.", "required": true, "type": "String", "update_causes": "replacement" }, "StageDescription": { "description": "Configures the stage that API Gateway creates with this deployment.", "required": false, "type": "Unknown", "update_causes": "none" }, "StageName": { "description": "A name for the stage that API Gateway creates with this deployment. Use only alphanumeric characters.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-apigateway-deployment.html" }, "AWS::CloudFormation::Authentication": { "properties": [ "accessKeyId", "buckets", "password", "secretKey", "type", "uris", "username", "roleName" ], "full_properties": { "accessKeyId": { "description": "Specifies the access key ID for S3 authentication.", "required": false, "type": "String", "update_causes": "unknown" }, "buckets": { "description": "A comma-delimited list of Amazon S3 buckets to be associated with the S3 authentication credentials.", "required": false, "type": "Array", "update_causes": "unknown" }, "password": { "description": "Specifies the password for basic authentication.", "required": false, "type": "String", "update_causes": "unknown" }, "secretKey": { "description": "Specifies the secret key for S3 authentication.", "required": false, "type": "String", "update_causes": "unknown" }, "type": { "description": "Specifies whether the authentication scheme uses a user name and password (\"basic\") or an access key ID and secret key (\"S3\").", "required": true, "type": "String", "update_causes": "unknown" }, "uris": { "description": "A comma-delimited list of URIs to be associated with the basic authentication credentials. The authorization applies to the specified URIs and any more specific URI. For example, if you specify http://www.example.com, the authorization will also apply to http://www.example.com/test.", "required": false, "type": "Array", "update_causes": "unknown" }, "username": { "description": "Specifies the user name for basic authentication.", "required": false, "type": "String", "update_causes": "unknown" }, "roleName": { "description": "Describes the role for role-based authentication.", "required": false, "type": "String", "update_causes": "unknown" } }, "path": "aws-resource-authentication.html" }, "AWS::ApiGateway::UsagePlan": { "properties": [ "ApiStages", "Description", "Quota", "Throttle", "UsagePlanName" ], "full_properties": { "ApiStages": { "description": "The APIs and API stages to associate with this usage plan.", "required": false, "type": "Array", "update_causes": "none" }, "Description": { "description": "The purpose of this usage plan.", "required": false, "type": "String", "update_causes": "none" }, "Quota": { "description": "Configures the number of requests that users can make within a given interval.", "required": false, "type": "Unknown", "update_causes": "none" }, "Throttle": { "description": "Configures the overall request rate (average requests per second) and burst capacity.", "required": false, "type": "Unknown", "update_causes": "none" }, "UsagePlanName": { "description": "A name for this usage plan.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-apigateway-usageplan.html" }, "AWS::CodeDeploy::DeploymentConfig": { "properties": [ "DeploymentConfigName", "MinimumHealthyHosts" ], "full_properties": { "DeploymentConfigName": { "description": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "MinimumHealthyHosts": { "description": "The minimum number of healthy instances that must be available at any time during an AWS CodeDeploy deployment. For example, for a fleet of nine instances, if you specify a minimum of six healthy instances, AWS CodeDeploy deploys your application up to three instances at a time so that you always have six healthy instances. The deployment succeeds if your application successfully deploys to six or more instances; otherwise, the deployment fails.", "required": false, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-codedeploy-deploymentconfig.html" }, "AWS::EC2::NetworkInterface": { "properties": [ "Description", "GroupSet", "Ipv6AddressCount", "Ipv6Addresses", "PrivateIpAddress", "PrivateIpAddresses", "SecondaryPrivateIpAddressCount", "SourceDestCheck", "SubnetId", "Tags" ], "full_properties": { "Description": { "description": "The description of this network interface.", "required": false, "type": "String", "update_causes": "none" }, "GroupSet": { "description": "A list of security group IDs associated with this network interface.", "required": false, "type": "Array", "update_causes": "none" }, "Ipv6AddressCount": { "description": "The number of IPv6 addresses to associate with the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the Ipv6Addresses property and don't specify this property.", "required": false, "type": "Number", "update_causes": "none" }, "Ipv6Addresses": { "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet to associate with the network interface. If you're specifying a number of IPv6 addresses, use the Ipv6AddressCount property and don't specify this property.", "required": false, "type": "Array", "update_causes": "none" }, "PrivateIpAddress": { "description": "Assigns a single private IP address to the network interface, which is used as the primary private IP address. If you want to specify multiple private IP address, use the PrivateIpAddresses property.", "required": false, "type": "String", "update_causes": "replacement" }, "PrivateIpAddresses": { "description": "Assigns a list of private IP addresses to the network interface. You can specify a primary private IP address by setting the value of the Primary property to true in the PrivateIpAddressSpecification property. If you want Amazon EC2 to automatically assign private IP addresses, use the SecondaryPrivateIpAddressCount property and do not specify this property.", "required": false, "type": "Unknown", "update_causes": [ "replacement", "none" ] }, "SecondaryPrivateIpAddressCount": { "description": "The number of secondary private IP addresses that Amazon EC2 automatically assigns to the network interface. Amazon EC2 uses the value of the PrivateIpAddress property as the primary private IP address. If you don't specify that property, Amazon EC2 automatically assigns both the primary and secondary private IP addresses.", "required": false, "type": "Unknown", "update_causes": "none" }, "SourceDestCheck": { "description": "Flag indicating whether traffic to or from the instance is validated.", "required": false, "type": "Boolean", "update_causes": "none" }, "SubnetId": { "description": "The ID of the subnet to associate with the network interface.", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this network interface.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-ec2-network-interface.html" }, "AWS::Redshift::Cluster": { "properties": [ "AllowVersionUpgrade", "AutomatedSnapshotRetentionPeriod", "AvailabilityZone", "ClusterParameterGroupName", "ClusterSecurityGroups", "ClusterSubnetGroupName", "ClusterType", "ClusterVersion", "DBName", "ElasticIp", "Encrypted", "HsmClientCertificateIdentifier", "HsmConfigurationIdentifier", "KmsKeyId", "MasterUsername", "MasterUserPassword", "NodeType", "NumberOfNodes", "OwnerAccount", "Port", "PreferredMaintenanceWindow", "PubliclyAccessible", "SnapshotClusterIdentifier", "SnapshotIdentifier", "VpcSecurityGroupIds" ], "full_properties": { "AllowVersionUpgrade": { "description": "When a new version of the Amazon Redshift is released, indicates whether upgrades can be applied to the engine that is running on the cluster. The upgrades are applied during the maintenance window.", "required": false, "type": "Boolean", "update_causes": "none" }, "AutomatedSnapshotRetentionPeriod": { "description": "The number of days that automated snapshots are retained. If you set the value to 0, automated snapshots are disabled.", "required": false, "type": "Number", "update_causes": "none" }, "AvailabilityZone": { "description": "The Amazon EC2 Availability Zone in which you want to provision your Amazon Redshift cluster. For example, if you have several Amazon EC2 instances running in a specific Availability Zone, you might want the cluster to be provisioned in the same zone in order to decrease network latency.", "required": false, "type": "String", "update_causes": "replacement" }, "ClusterParameterGroupName": { "description": "The name of the parameter group that you want to associate with this cluster.", "required": false, "type": "String", "update_causes": "interrupt" }, "ClusterSecurityGroups": { "description": "A list of security groups that you want to associate with this cluster.", "required": false, "type": "Array", "update_causes": "none" }, "ClusterSubnetGroupName": { "description": "The name of a cluster subnet group that you want to associate with this cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "ClusterType": { "description": "The type of cluster. You can specify single-node or multi-node.", "required": true, "type": "String", "update_causes": "interrupt" }, "ClusterVersion": { "description": "The Amazon Redshift engine version that you want to deploy on the cluster.", "required": false, "type": "String", "update_causes": "none" }, "DBName": { "description": "The name of the first database that is created when the cluster is created.", "required": true, "type": "String", "update_causes": "replacement" }, "ElasticIp": { "description": "The Elastic IP (EIP) address for the cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "Encrypted": { "description": "Indicates whether the data in the cluster is encrypted at rest.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "HsmClientCertificateIdentifier": { "description": "Specifies the name of the HSM client certificate that the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", "required": false, "type": "String", "update_causes": "none" }, "HsmConfigurationIdentifier": { "description": "Specifies the name of the HSM configuration that contains the information that the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", "required": false, "type": "String", "update_causes": "none" }, "KmsKeyId": { "description": "The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt data in the cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "MasterUsername": { "description": "The user name that is associated with the master user account for this cluster.", "required": true, "type": "String", "update_causes": "replacement" }, "MasterUserPassword": { "description": "The password associated with the master user account for this cluster.", "required": true, "type": "String", "update_causes": "none" }, "NodeType": { "description": "The node type that is provisioned for this cluster.", "required": true, "type": "String", "update_causes": "none" }, "NumberOfNodes": { "description": "The number of compute nodes in the cluster. If you specify multi-node for the ClusterType parameter, you must specify a number greater than 1.", "required": false, "type": "Unknown", "update_causes": "interrupt" }, "OwnerAccount": { "description": "When you restore from a snapshot from another AWS account, the 12-digit AWS account ID that contains that snapshot.", "required": false, "type": "String", "update_causes": "replacement" }, "Port": { "description": "The port number on which the cluster accepts incoming connections.", "required": false, "type": "Number", "update_causes": "replacement" }, "PreferredMaintenanceWindow": { "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur. The format of the time range is ddd:hh24:mi-ddd:hh24:mi.", "required": false, "type": "String", "update_causes": "none" }, "PubliclyAccessible": { "description": "Indicates whether the cluster can be accessed from a public network.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "SnapshotClusterIdentifier": { "description": "The name of the cluster the source snapshot was created from. For more information about restoring from a snapshot, see the RestoreFromClusterSnapshot action in the Amazon Redshift API Reference.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "SnapshotIdentifier": { "description": "The name of the snapshot from which to create a new cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "VpcSecurityGroupIds": { "description": "A list of VPC security groups that are associated with this cluster.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-redshift-cluster.html" }, "AWS::AutoScaling::ScheduledAction": { "properties": [ "AutoScalingGroupName", "DesiredCapacity", "EndTime", "MaxSize", "MinSize", "Recurrence", "StartTime" ], "full_properties": { "AutoScalingGroupName": { "description": "The name or ARN of the Auto Scaling group.", "required": true, "type": "String", "update_causes": "replacement" }, "DesiredCapacity": { "description": "The number of Amazon EC2 instances that should be running in the Auto Scaling group.", "required": false, "type": "Number", "update_causes": "none" }, "EndTime": { "description": "The time in UTC for this schedule to end. For example, 2010-06-01T00:00:00Z.", "required": false, "type": "Unknown", "update_causes": "none" }, "MaxSize": { "description": "The maximum number of Amazon EC2 instances in the Auto Scaling group.", "required": false, "type": "Number", "update_causes": "none" }, "MinSize": { "description": "The minimum number of Amazon EC2 instances in the Auto Scaling group.", "required": false, "type": "Number", "update_causes": "none" }, "Recurrence": { "description": "The time in UTC when recurring future actions will start. You specify the start time by following the Unix cron syntax format. For more information about cron syntax, go to http://en.wikipedia.org/wiki/Cron.", "required": false, "type": "String", "update_causes": "none" }, "StartTime": { "description": "The time in UTC for this schedule to start. For example, 2010-06-01T00:00:00Z.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-as-scheduledaction.html" }, "AWS::EC2::InternetGateway": { "properties": [ "Tags" ], "full_properties": { "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this resource.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-ec2-internet-gateway.html" }, "AWS::Kinesis::Stream": { "properties": [ "Name", "ShardCount", "Tags" ], "full_properties": { "Name": { "description": "The name of the Amazon Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "ShardCount": { "description": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", "required": true, "type": "Number", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) to associate with the Amazon Kinesis stream.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-kinesis-stream.html" }, "AWS::OpsWorks::Instance": { "properties": [ "AgentVersion", "AmiId", "Architecture", "AutoScalingType", "AvailabilityZone", "BlockDeviceMappings", "EbsOptimized", "ElasticIps", "Hostname", "InstallUpdatesOnBoot", "InstanceType", "LayerIds", "Os", "RootDeviceType", "SshKeyName", "StackId", "SubnetId", "Tenancy", "TimeBasedAutoScaling", "VirtualizationType", "Volumes" ], "full_properties": { "AgentVersion": { "description": "The version of the AWS OpsWorks agent that AWS OpsWorks installs on each instance. AWS OpsWorks sends commands to the agent to performs tasks on your instances, such as starting Chef runs. For valid values, see the AgentVersion parameter for the CreateInstance action in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "none" }, "AmiId": { "description": "The ID of the custom Amazon Machine Image (AMI) to be used to create the instance. For more information about custom AMIs, see Using Custom AMIs in the AWS OpsWorks User Guide.", "required": false, "type": "String", "update_causes": "unavailable" }, "Architecture": { "description": "The instance architecture.", "required": false, "type": "String", "update_causes": "interrupt" }, "AutoScalingType": { "description": "For scaling instances, the type of scaling. If you specify load-based scaling, do not specify a time-based scaling configuration. For valid values, see CreateInstance in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "AvailabilityZone": { "description": "The instance Availability Zone.", "required": false, "type": "String", "update_causes": "replacement" }, "BlockDeviceMappings": { "description": "A list of block devices that are mapped to the AWS OpsWorks instance. For more information, see the BlockDeviceMappings parameter for the CreateInstance action in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "Array", "update_causes": "replacement" }, "EbsOptimized": { "description": "Whether the instance is optimized for Amazon Elastic Block Store (Amazon EBS) I/O. If you specify an Amazon EBS-optimized instance type, AWS OpsWorks enables EBS optimization by default. For more information, see Amazon EBS–Optimized Instances in the Amazon EC2 User Guide for Linux Instances.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "ElasticIps": { "description": "A list of Elastic IP addresses to associate with the instance.", "required": false, "type": "Array", "update_causes": "none" }, "Hostname": { "description": "The name of the instance host.", "required": false, "type": "String", "update_causes": "none" }, "InstallUpdatesOnBoot": { "description": "Whether to install operating system and package updates when the instance boots.", "required": false, "type": "Boolean", "update_causes": "interrupt" }, "InstanceType": { "description": "The instance type, which must be supported by AWS OpsWorks. For more information, see CreateInstance in the AWS OpsWorks Stacks API Reference.", "required": true, "type": "String", "update_causes": "interrupt" }, "LayerIds": { "description": "The IDs of the AWS OpsWorks layers to associate with this instance.", "required": true, "type": "Array", "update_causes": "interrupt" }, "Os": { "description": "The instance operating system. For more information, see CreateInstance in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "RootDeviceType": { "description": "The root device type of the instance.", "required": false, "type": "String", "update_causes": "replacement" }, "SshKeyName": { "description": "The SSH key name of the instance.", "required": false, "type": "String", "update_causes": "interrupt" }, "StackId": { "description": "The ID of the AWS OpsWorks stack that this instance will be associated with.", "required": true, "type": "String", "update_causes": "replacement" }, "SubnetId": { "description": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks to launch the instance in a different subnet.", "required": false, "type": "String", "update_causes": "replacement" }, "Tenancy": { "description": "The tenancy of the instance. For more information, see the Tenancy parameter for the CreateInstance action in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "TimeBasedAutoScaling": { "description": "The time-based scaling configuration for the instance.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "VirtualizationType": { "description": "The instance's virtualization type, paravirtual or hvm.", "required": false, "type": "String", "update_causes": "replacement" }, "Volumes": { "description": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see AWS::OpsWorks::Volume.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-opsworks-instance.html" }, "AWS::ApiGateway::Account": { "properties": [ "CloudWatchRoleArn" ], "full_properties": { "CloudWatchRoleArn": { "description": "The Amazon Resource Name (ARN) of an IAM role that has write access to CloudWatch Logs in your account.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-apigateway-account.html" }, "AWS::WAF::Rule": { "properties": [ "MetricName", "Name", "Predicates" ], "full_properties": { "MetricName": { "description": "A friendly name or description for the metrics of the rule. For valid values, see the MetricName parameter for the CreateRule action in the AWS WAF API Reference.", "required": true, "type": "String", "update_causes": "replacement" }, "Name": { "description": "A friendly name or description of the rule.", "required": true, "type": "String", "update_causes": "replacement" }, "Predicates": { "description": "The ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet, or XssMatchSet objects to include in a rule. If you add more than one predicate to a rule, a request must match all conditions in order to be allowed or blocked.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-waf-rule.html" }, "AWS::ApiGateway::BasePathMapping": { "properties": [ "BasePath", "DomainName", "RestApiId", "Stage" ], "full_properties": { "BasePath": { "description": "The base path name that callers of the API must provide in the URL after the domain name.", "required": false, "type": "String", "update_causes": "none" }, "DomainName": { "description": "The name of a DomainName resource.", "required": true, "type": "String", "update_causes": "none" }, "RestApiId": { "description": "The name of the API.", "required": true, "type": "String", "update_causes": "none" }, "Stage": { "description": "The name of the API's stage.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-apigateway-basepathmapping.html" }, "AWS::RDS::DBCluster": { "properties": [ "AvailabilityZones", "BackupRetentionPeriod", "DatabaseName", "DBClusterParameterGroupName", "DBSubnetGroupName", "Engine", "EngineVersion", "KmsKeyId", "MasterUsername", "MasterUserPassword", "Port", "PreferredBackupWindow", "PreferredMaintenanceWindow", "SnapshotIdentifier", "StorageEncrypted", "Tags", "VpcSecurityGroupIds" ], "full_properties": { "AvailabilityZones": { "description": "A list of Availability Zones (AZs) in which DB instances in the cluster can be created.", "required": false, "type": "String", "update_causes": "replacement" }, "BackupRetentionPeriod": { "description": "The number of days for which automatic backups are retained. For more information, see CreateDBCluster in the Amazon Relational Database Service API Reference.", "required": false, "type": "Number", "update_causes": [ "none", "interrupt" ] }, "DatabaseName": { "description": "The name of your database. You can specify a name of up to eight alpha-numeric characters. If you do not provide a name, Amazon Relational Database Service (Amazon RDS) won't create a database in this DB cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "DBClusterParameterGroupName": { "description": "The name of the DB cluster parameter group to associate with this DB cluster. For the default value, see the DBClusterParameterGroupName parameter of the CreateDBCluster action in the Amazon Relational Database Service API Reference.", "required": false, "type": "String", "update_causes": "interrupt" }, "DBSubnetGroupName": { "description": "A DB subnet group that you want to associate with this DB cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "Engine": { "description": "The name of the database engine that you want to use for this DB cluster.", "required": true, "type": "String", "update_causes": "replacement" }, "EngineVersion": { "description": "The version number of the database engine that you want to use.", "required": false, "type": "String", "update_causes": "replacement" }, "KmsKeyId": { "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service master key that is used to encrypt the database instances in the DB cluster, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. If you enable the StorageEncrypted property but don't specify this property, the default master key is used. If you specify this property, you must set the StorageEncrypted property to true.", "required": false, "type": "String", "update_causes": "replacement" }, "MasterUsername": { "description": "The master user name for the DB instance.", "required": false, "type": "String", "update_causes": "replacement" }, "MasterUserPassword": { "description": "The password for the master database user.", "required": false, "type": "String", "update_causes": "none" }, "Port": { "description": "The port number on which the DB instances in the cluster can accept connections.", "required": false, "type": "Number", "update_causes": "none" }, "PreferredBackupWindow": { "description": "if automated backups are enabled (see the BackupRetentionPeriod property), the daily time range in UTC during which you want to create automated backups.", "required": false, "type": "String", "update_causes": "none" }, "PreferredMaintenanceWindow": { "description": "The weekly time range (in UTC) during which system maintenance can occur.", "required": false, "type": "String", "update_causes": [ "none", "interrupt" ] }, "SnapshotIdentifier": { "description": "The identifier for the DB cluster snapshot from which you want to restore.", "required": false, "type": "String", "update_causes": "replacement" }, "StorageEncrypted": { "description": "Indicates whether the DB instances in the cluster are encrypted.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "Tags": { "description": "The tags that you want to attach to this DB cluster.", "required": false, "type": "Array", "update_causes": "unavailable" }, "VpcSecurityGroupIds": { "description": "A list of VPC security groups to associate with this DB cluster.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-rds-dbcluster.html" }, "AWS::ECS::TaskDefinition": { "properties": [ "ContainerDefinitions", "Family", "TaskRoleArn", "Volumes" ], "full_properties": { "ContainerDefinitions": { "description": "A list of container definitions in JSON format that describe the containers that make up your task.", "required": true, "type": "Array", "update_causes": "replacement" }, "Family": { "description": "The name of a family that this task definition is registered to. A family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.", "required": false, "type": "String", "update_causes": "replacement" }, "TaskRoleArn": { "description": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see IAM Roles for Tasks in the Amazon EC2 Container Service Developer Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "Volumes": { "description": "A list of volume definitions in JSON format for volumes that you can use in your container definitions.", "required": true, "type": "Array", "update_causes": "replacement" } }, "path": "aws-resource-ecs-taskdefinition.html" }, "AWS::EC2::VPNGateway": { "properties": [ "Type", "Tags" ], "full_properties": { "Type": { "description": "The type of VPN connection this virtual private gateway supports. The only valid value is \"ipsec.1\".", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this resource.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-ec2-vpn-gateway.html" }, "AWS::EC2::VPCEndpoint": { "properties": [ "PolicyDocument", "RouteTableIds", "ServiceName", "VpcId" ], "full_properties": { "PolicyDocument": { "description": "A policy to attach to the endpoint that controls access to the service. The policy must be valid JSON. The default policy allows full access to the AWS service. For more information, see Controlling Access to Services in the Amazon VPC User Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "RouteTableIds": { "description": "One or more route table IDs that are used by the VPC to reach the endpoint.", "required": false, "type": "Array", "update_causes": "none" }, "ServiceName": { "description": "The AWS service to which you want to establish a connection. Specify the service name in the form of com.amazonaws.region.service.", "required": true, "type": "String", "update_causes": "replacement" }, "VpcId": { "description": "The ID of the VPC in which the endpoint is used.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-vpcendpoint.html" }, "AWS::EC2::VPCCidrBlock": { "properties": [ "AmazonProvidedIpv6CidrBlock", "VpcId" ], "full_properties": { "AmazonProvidedIpv6CidrBlock": { "description": "Whether to request an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You can't specify the range of IPv6 addresses or the size of the CIDR block.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "VpcId": { "description": "The ID of the VPC to associate the Amazon-provided IPv6 CIDR block with.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-vpccidrblock.html" }, "AWS::EC2::VPC": { "properties": [ "CidrBlock", "EnableDnsSupport", "EnableDnsHostnames", "InstanceTenancy", "Tags" ], "full_properties": { "CidrBlock": { "description": "The CIDR block you want the VPC to cover. For example: \"10.0.0.0/16\".", "required": true, "type": "String", "update_causes": "replacement" }, "EnableDnsSupport": { "description": "Specifies whether DNS resolution is supported for the VPC. If this attribute is true, the Amazon DNS server resolves DNS hostnames for your instances to their corresponding IP addresses; otherwise, it does not. By default the value is set to true.", "required": false, "type": "Boolean", "update_causes": "none" }, "EnableDnsHostnames": { "description": "Specifies whether the instances launched in the VPC get DNS hostnames. If this attribute is true, instances in the VPC get DNS hostnames; otherwise, they do not. You can only set EnableDnsHostnames to true if you also set the EnableDnsSupport attribute to true. By default, the value is set to false.", "required": false, "type": "Boolean", "update_causes": "none" }, "InstanceTenancy": { "description": "The allowed tenancy of instances launched into the VPC.", "required": false, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this VPC. To name a VPC resource, specify a value for the Name key.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-ec2-vpc.html" }, "AWS::CodeDeploy::Application": { "properties": [ "ApplicationName" ], "full_properties": { "ApplicationName": { "description": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "unavailable" } }, "path": "aws-resource-codedeploy-application.html" }, "AWS::SNS::TopicPolicy": { "properties": [ "PolicyDocument", "Topics" ], "full_properties": { "PolicyDocument": { "description": "A policy document that contains permissions to add to the specified SNS topics.", "required": true, "type": "Unknown", "update_causes": "none" }, "Topics": { "description": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the Ref function to specify an AWS::SNS::Topic resource.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-sns-policy.html" }, "AWS::RDS::DBSubnetGroup": { "properties": [ "DBSubnetGroupDescription", "SubnetIds", "Tags" ], "full_properties": { "DBSubnetGroupDescription": { "description": "The description for the DB Subnet Group.", "required": true, "type": "String", "update_causes": "none" }, "SubnetIds": { "description": "The EC2 Subnet IDs for the DB Subnet Group.", "required": true, "type": "Array", "update_causes": "none" }, "Tags": { "description": "The tags that you want to attach to the RDS database subnet group.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-rds-dbsubnet-group.html" }, "AWS::AutoScaling::LaunchConfiguration": { "properties": [ "AssociatePublicIpAddress", "BlockDeviceMappings", "ClassicLinkVPCId", "ClassicLinkVPCSecurityGroups", "EbsOptimized", "IamInstanceProfile", "ImageId", "InstanceId", "InstanceMonitoring", "InstanceType", "KernelId", "KeyName", "PlacementTenancy", "RamDiskId", "SecurityGroups", "SpotPrice", "UserData" ], "full_properties": { "AssociatePublicIpAddress": { "description": "For Amazon EC2 instances in a VPC, indicates whether instances in the Auto Scaling group receive public IP addresses. If you specify true, each instance in the Auto Scaling receives a unique public IP address.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "BlockDeviceMappings": { "description": "Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.", "required": false, "type": "Array", "update_causes": "replacement" }, "ClassicLinkVPCId": { "description": "The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to. You can specify this property only for EC2-Classic instances. For more information, see ClassicLink in the Amazon Elastic Compute Cloud User Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "ClassicLinkVPCSecurityGroups": { "description": "The IDs of one or more security groups for the VPC that you specified in the ClassicLinkVPCId property.", "required": false, "type": "Array", "update_causes": "replacement" }, "EbsOptimized": { "description": "Specifies whether the launch configuration is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "IamInstanceProfile": { "description": "Provides the name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.", "required": false, "type": "String", "update_causes": "replacement" }, "ImageId": { "description": "Provides the unique ID of the Amazon Machine Image (AMI) that was assigned during registration.", "required": true, "type": "String", "update_causes": "replacement" }, "InstanceId": { "description": "The ID of the Amazon EC2 instance you want to use to create the launch configuration. Use this property if you want the launch configuration to use settings from an existing Amazon EC2 instance.", "required": false, "type": "String", "update_causes": "replacement" }, "InstanceMonitoring": { "description": "Indicates whether detailed instance monitoring is enabled for the Auto Scaling group. By default, this property is set to true (enabled).", "required": false, "type": "Boolean", "update_causes": "replacement" }, "InstanceType": { "description": "Specifies the instance type of the EC2 instance.", "required": true, "type": "String", "update_causes": "replacement" }, "KernelId": { "description": "Provides the ID of the kernel associated with the EC2 AMI.", "required": false, "type": "String", "update_causes": "replacement" }, "KeyName": { "description": "Provides the name of the EC2 key pair.", "required": false, "type": "String", "update_causes": "replacement" }, "PlacementTenancy": { "description": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware and can only be launched in a VPC. You must set the value of this parameter to dedicated if want to launch dedicated instances in a shared tenancy VPC (a VPC with the instance placement tenancy attribute set to default). For more information, see CreateLaunchConfiguration in the Auto Scaling API Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "RamDiskId": { "description": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", "required": false, "type": "String", "update_causes": "replacement" }, "SecurityGroups": { "description": "A list that contains the EC2 security groups to assign to the Amazon EC2 instances in the Auto Scaling group. The list can contain the name of existing EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template. If your instances are launched within VPC, specify Amazon VPC security group IDs.", "required": false, "type": "Array", "update_causes": "replacement" }, "SpotPrice": { "description": "The spot price for this autoscaling group. If a spot price is set, then the autoscaling group will launch when the current spot price is less than the amount specified in the template.", "required": false, "type": "String", "update_causes": "replacement" }, "UserData": { "description": "The user data available to the launched EC2 instances.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-properties-as-launchconfig.html" }, "AWS::EFS::FileSystem": { "properties": [ "FileSystemTags", "PerformanceMode" ], "full_properties": { "FileSystemTags": { "description": "Tags to associate with the file system.", "required": false, "type": "Unknown", "update_causes": "none" }, "PerformanceMode": { "description": "The performance mode of the file system. For valid values, see the PerformanceMode parameter for the CreateFileSystem action in the Amazon Elastic File System User Guide.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-efs-filesystem.html" }, "AWS::ElastiCache::ParameterGroup": { "properties": [ "CacheParameterGroupFamily", "Description", "Properties" ], "full_properties": { "CacheParameterGroupFamily": { "description": "The name of the cache parameter group family that the cache parameter group can be used with.", "required": true, "type": "String", "update_causes": "unavailable" }, "Description": { "description": "The description for the Cache Parameter Group.", "required": true, "type": "String", "update_causes": "unavailable" }, "Properties": { "description": "A comma-delimited list of parameter name/value pairs. For more information, go to ModifyCacheParameterGroup in the Amazon ElastiCache API Reference Guide.", "required": false, "type": "Unknown", "update_causes": "unavailable" } }, "path": "aws-properties-elasticache-parameter-group.html" }, "AWS::EMR::Step": { "properties": [ "ActionOnFailure", "HadoopJarStep", "JobFlowId", "Name" ], "full_properties": { "ActionOnFailure": { "description": "The action to take if the job flow step fails. Currently, AWS CloudFormation supports CONTINUE and CANCEL_AND_WAIT. For more information, see Managing Cluster Termination in the Amazon EMR Management Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "HadoopJarStep": { "description": "The JAR file that includes the main function that Amazon EMR executes.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "JobFlowId": { "description": "The ID of a cluster in which you want to run this job flow step.", "required": true, "type": "String", "update_causes": "replacement" }, "Name": { "description": "A name for the job flow step.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-emr-step.html" }, "AWS::CertificateManager::Certificate": { "properties": [ "DomainName", "DomainValidationOptions", "SubjectAlternativeNames", "Tags" ], "full_properties": { "DomainName": { "description": "Fully qualified domain name (FQDN), such as www.example.com, of the site that you want to secure with the ACM certificate. To protect several sites in the same domain, use an asterisk (*) to specify a wildcard. For example, *.example.com protects www.example.com, site.example.com, and images.example.com.", "required": true, "type": "String", "update_causes": "replacement" }, "DomainValidationOptions": { "description": "Domain information that domain name registrars use to verify your identity. For more information and the default values, see Configure Email for Your Domain and Validate Domain Ownership in the AWS Certificate Manager User Guide.", "required": false, "type": "Array", "update_causes": "replacement" }, "SubjectAlternativeNames": { "description": "FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for the www.example.com domain name so that users can reach your site by using either name.", "required": false, "type": "Array", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this ACM certificate.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-certificatemanager-certificate.html" }, "AWS::Lambda::Function": { "properties": [ "Code", "Description", "Environment", "FunctionName", "Handler", "KmsKeyArn", "MemorySize", "Role", "Runtime", "Timeout", "VpcConfig" ], "full_properties": { "Code": { "description": "The source code of your Lambda function. You can point to a file in an Amazon Simple Storage Service (Amazon S3) bucket or specify your source code as inline text.", "required": true, "type": "Unknown", "update_causes": "none" }, "Description": { "description": "A description of the function.", "required": false, "type": "String", "update_causes": "none" }, "Environment": { "description": "Key-value pairs that Lambda caches and makes available for your Lambda functions. Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.", "required": false, "type": "Unknown", "update_causes": "none" }, "FunctionName": { "description": "A name for the function. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Handler": { "description": "The name of the function (within your source code) that Lambda calls to start running your code. For more information, see the Handler property in the AWS Lambda Developer Guide.", "required": true, "type": "String", "update_causes": "none" }, "KmsKeyArn": { "description": "The Amazon Resource Name (ARN) of an AWS Key Management Service (AWS KMS) key that Lambda uses to encrypt and decrypt environment variable values.", "required": false, "type": "String", "update_causes": "none" }, "MemorySize": { "description": "The amount of memory, in MB, that is allocated to your Lambda function. Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.", "required": false, "type": "Number", "update_causes": "none" }, "Role": { "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) execution role that Lambda assumes when it runs your code to access AWS services.", "required": true, "type": "String", "update_causes": "none" }, "Runtime": { "description": "The runtime environment for the Lambda function that you are uploading. For valid values, see the Runtime property in the AWS Lambda Developer Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "Timeout": { "description": "The function execution time (in seconds) after which Lambda terminates the function. Because the execution time affects cost, set this value based on the function's expected execution time. By default, Timeout is set to 3 seconds.", "required": false, "type": "Number", "update_causes": "none" }, "VpcConfig": { "description": "If the Lambda function requires access to resources in a VPC, specify a VPC configuration that Lambda uses to set up an elastic network interface (ENI). The ENI enables your function to connect to other resources in your VPC, but it doesn't provide public Internet access. If your function requires Internet access (for example, to access AWS services that don't have VPC endpoints), configure a Network Address Translation (NAT) instance inside your VPC or use an Amazon Virtual Private Cloud (Amazon VPC) NAT gateway. For more information, see NAT Gateways in the Amazon VPC User Guide.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-lambda-function.html" }, "AWS::ElasticLoadBalancingV2::ListenerRule": { "properties": [ "Actions", "Conditions", "ListenerArn", "Priority" ], "full_properties": { "Actions": { "description": "The action that the listener takes when a request meets the specified condition.", "required": true, "type": "Array", "update_causes": "none" }, "Conditions": { "description": "The conditions under which a rule takes effect.", "required": true, "type": "Array", "update_causes": "none" }, "ListenerArn": { "description": "The Amazon Resource Name (ARN) of the listener that the rule applies to.", "required": true, "type": "String", "update_causes": "replacement" }, "Priority": { "description": "The priority for the rule. Elastic Load Balancing evaluates rules in priority order, from the lowest value to the highest value. If a request satisfies a rule, Elastic Load Balancing ignores all subsequent rules.", "required": true, "type": "Number", "update_causes": "none" } }, "path": "aws-resource-elasticloadbalancingv2-listenerrule.html" }, "AWS::EC2::SubnetNetworkAclAssociation": { "properties": [ "SubnetId", "NetworkAclId" ], "full_properties": { "SubnetId": { "description": "The ID representing the current association between the original network ACL and the subnet.", "required": true, "type": "String", "update_causes": "replacement" }, "NetworkAclId": { "description": "The ID of the new ACL to associate with the subnet.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-subnet-network-acl-assoc.html" }, "AWS::ApplicationAutoScaling::ScalableTarget": { "properties": [ "MaxCapacity", "MinCapacity", "ResourceId", "RoleARN", "ScalableDimension", "ServiceNamespace" ], "full_properties": { "MaxCapacity": { "description": "The maximum value that Application Auto Scaling can use to scale a target during a scaling activity.", "required": true, "type": "Number", "update_causes": "none" }, "MinCapacity": { "description": "The minimum value that Application Auto Scaling can use to scale a target during a scaling activity.", "required": true, "type": "Number", "update_causes": "none" }, "ResourceId": { "description": "The unique resource identifier to associate with this scalable target. For more information, see the ResourceId parameter for the RegisterScalableTarget action in the Application Auto Scaling API Reference.", "required": true, "type": "String", "update_causes": "replacement" }, "RoleARN": { "description": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that allows Application Auto Scaling to modify your scalable target.", "required": true, "type": "String", "update_causes": "none" }, "ScalableDimension": { "description": "The scalable dimension associated with the scalable target. Specify the service namespace, resource type, and scaling property, such as ecs:service:DesiredCount for the desired task count of an Amazon EC2 Container Service service. For valid values, see the ScalableDimension content for the ScalingPolicy data type in the Application Auto Scaling API Reference.", "required": true, "type": "String", "update_causes": "replacement" }, "ServiceNamespace": { "description": "The AWS service namespace of the scalable target. For a list of service namespaces, see AWS Service Namespaces in the AWS General Reference.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-applicationautoscaling-scalabletarget.html" }, "AWS::ECS::Cluster": { "properties": [ "ClusterName" ], "full_properties": { "ClusterName": { "description": "A name for the cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-ecs-cluster.html" }, "AWS::SNS::Subscription": { "properties": [ "Endpoint", "Protocol", "TopicArn" ], "full_properties": { "Endpoint": { "description": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the Subscribe Endpoint parameter in the Amazon Simple Notification Service API Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "Protocol": { "description": "The subscription's protocol. For more information, see the Subscribe Protocol parameter in the Amazon Simple Notification Service API Reference.", "required": false, "type": "String", "update_causes": "replacement" }, "TopicArn": { "description": "The Amazon Resource Name (ARN) of the topic to subscribe to.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-sns-subscription.html" }, "AWS::ElastiCache::ReplicationGroup": { "properties": [ "AutomaticFailoverEnabled", "AutoMinorVersionUpgrade", "CacheNodeType", "CacheParameterGroupName", "CacheSecurityGroupNames", "CacheSubnetGroupName", "Engine", "EngineVersion", "NodeGroupConfiguration", "NotificationTopicArn", "NumCacheClusters", "NumNodeGroups", "Port", "PreferredCacheClusterAZs", "PreferredMaintenanceWindow", "PrimaryClusterId", "ReplicasPerNodeGroup", "ReplicationGroupDescription", "ReplicationGroupId", "SecurityGroupIds", "SnapshotArns", "SnapshotName", "SnapshotRetentionLimit", "SnapshottingClusterId", "SnapshotWindow", "Tags" ], "full_properties": { "AutomaticFailoverEnabled": { "description": "Indicates whether Multi-AZ is enabled. When Multi-AZ is enabled, a read-only replica is automatically promoted to a read-write primary cluster if the existing primary cluster fails. If you specify true, you must specify a value greater than 1 for the NumCacheClusters property. By default, AWS CloudFormation sets the value to true.", "required": false, "type": "Boolean", "update_causes": "none" }, "AutoMinorVersionUpgrade": { "description": "Currently, this property isn't used by ElastiCache.", "required": false, "type": "Boolean", "update_causes": "none" }, "CacheNodeType": { "description": "The compute and memory capacity of nodes in the node group. To see valid values, see CreateReplicationGroup in the Amazon ElastiCache API Reference Guide.", "required": false, "type": "String", "update_causes": "none" }, "CacheParameterGroupName": { "description": "The name of the parameter group to associate with this replication group. For valid and default values, see CreateReplicationGroup in the Amazon ElastiCache API Reference Guide.", "required": false, "type": "String", "update_causes": "interrupt" }, "CacheSecurityGroupNames": { "description": "A list of cache security group names to associate with this replication group.", "required": false, "type": "Array", "update_causes": "none" }, "CacheSubnetGroupName": { "description": "The name of a cache subnet group to use for this replication group.", "required": false, "type": "String", "update_causes": "replacement" }, "Engine": { "description": "The name of the cache engine to use for the cache clusters in this replication group. Currently, you can specify only redis.", "required": true, "type": "String", "update_causes": "none" }, "EngineVersion": { "description": "The version number of the cache engine to use for the cache clusters in this replication group.", "required": false, "type": "String", "update_causes": "none" }, "NodeGroupConfiguration": { "description": "Configuration options for the node group (shard).", "required": false, "type": "Array", "update_causes": "replacement" }, "NotificationTopicArn": { "description": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic to which notifications are sent.", "required": false, "type": "String", "update_causes": "none" }, "NumCacheClusters": { "description": "The number of cache clusters for this replication group. If automatic failover is enabled, you must specify a value greater than 1. For valid values, see CreateReplicationGroup in the Amazon ElastiCache API Reference Guide.", "required": false, "type": "Number", "update_causes": "none" }, "NumNodeGroups": { "description": "The number of node groups (shards) for this Redis (clustered mode enabled) replication group. For Redis (clustered mode disabled), omit this property.", "required": false, "type": "Number", "update_causes": "replacement" }, "Port": { "description": "The port number on which each member of the replication group accepts connections.", "required": false, "type": "Number", "update_causes": "replacement" }, "PreferredCacheClusterAZs": { "description": "A list of Availability Zones (AZs) in which the cache clusters in this replication group are created.", "required": false, "type": "Array", "update_causes": "replacement" }, "PreferredMaintenanceWindow": { "description": "The weekly time range during which system maintenance can occur. Use the following format to specify a time range: ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). For example, you can specify sun:22:00-sun:23:30 for Sunday from 10 PM to 11:30 PM.", "required": false, "type": "String", "update_causes": "none" }, "PrimaryClusterId": { "description": "The cache cluster that ElastiCache uses as the primary cluster for the replication group. The cache cluster must have a status of available.", "required": false, "type": "String", "update_causes": "none" }, "ReplicasPerNodeGroup": { "description": "The number of replica nodes in each node group (shard). For valid values, see CreateReplicationGroup in the Amazon ElastiCache API Reference Guide.", "required": false, "type": "Number", "update_causes": "replacement" }, "ReplicationGroupDescription": { "description": "The description of the replication group.", "required": true, "type": "String", "update_causes": "none" }, "ReplicationGroupId": { "description": "An ID for the replication group. If you don't specify an ID, AWS CloudFormation generates a unique physical ID. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "SecurityGroupIds": { "description": "A list of Amazon Virtual Private Cloud (Amazon VPC) security groups to associate with this replication group.", "required": false, "type": "Array", "update_causes": "none" }, "SnapshotArns": { "description": "A single-element string list that specifies an ARN of a Redis .rdb snapshot file that is stored in Amazon Simple Storage Service (Amazon S3). The snapshot file populates the node group. The Amazon S3 object name in the ARN cannot contain commas. For example, you can specify arn:aws:s3:::my_bucket/snapshot1.rdb.", "required": false, "type": "Array", "update_causes": "replacement" }, "SnapshotName": { "description": "The name of a snapshot from which to restore data into the replication group.", "required": false, "type": "String", "update_causes": "replacement" }, "SnapshotRetentionLimit": { "description": "The number of days that ElastiCache retains automatic snapshots before deleting them.", "required": false, "type": "Number", "update_causes": "none" }, "SnapshottingClusterId": { "description": "The ID of the cache cluster that ElastiCache uses as the daily snapshot source for the replication group.", "required": false, "type": "String", "update_causes": "none" }, "SnapshotWindow": { "description": "The time range (in UTC) when ElastiCache takes a daily snapshot of your node group that you specified in the SnapshottingClusterId property. For example, you can specify 05:00-09:00.", "required": false, "type": "String", "update_causes": "none" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this replication group.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-elasticache-replicationgroup.html" }, "AWS::EC2::PlacementGroup": { "properties": [ "Strategy" ], "full_properties": { "Strategy": { "description": "The placement strategy, which relates to the instance types that can be added to the placement group. For example, for the cluster strategy, you can cluster C4 instance types but not T2 instance types. For valid values, see CreatePlacementGroup in the Amazon EC2 API Reference. By default, AWS CloudFormation sets the value of this property to cluster.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-placementgroup.html" }, "AWS::ElasticBeanstalk::ApplicationVersion": { "properties": [ ], "path": "aws-properties-beanstalk-version.html" }, "AWS::EC2::SubnetCidrBlock": { "properties": [ "Ipv6CidrBlock", "SubnetId" ], "full_properties": { "Ipv6CidrBlock": { "description": "The IPv6 CIDR block for the subnet. The CIDR block must have a prefix length of /64.", "required": true, "type": "String", "update_causes": "replacement" }, "SubnetId": { "description": "The ID of the subnet to associate the IPv6 CIDR block with.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-subnetcidrblock.html" }, "AWS::EC2::CustomerGateway": { "properties": [ "BgpAsn", "IpAddress", "Tags", "Type" ], "full_properties": { "BgpAsn": { "description": "The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).", "required": true, "type": "Unknown", "update_causes": "replacement" }, "IpAddress": { "description": "The internet-routable IP address for the customer gateway's outside interface. The address must be static.", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "The tags that you want to attach to the resource.", "required": false, "type": "Unknown", "update_causes": "none" }, "Type": { "description": "The type of VPN connection that this customer gateway supports.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-customer-gateway.html" }, "AWS::EC2::EIPAssociation": { "properties": [ "AllocationId", "EIP", "InstanceId", "NetworkInterfaceId", "PrivateIpAddress" ], "full_properties": { "AllocationId": { "description": "[EC2-VPC] Allocation ID for the VPC Elastic IP address you want to associate with an Amazon EC2 instance in your VPC.", "required": false, "type": "String", "update_causes": [ "replacement", "none" ] }, "EIP": { "description": "Elastic IP address that you want to associate with the Amazon EC2 instance specified by the InstanceId property. You can specify an existing Elastic IP address or a reference to an Elastic IP address allocated with a AWS::EC2::EIP resource.", "required": false, "type": "String", "update_causes": [ "replacement", "none" ] }, "InstanceId": { "description": "Instance ID of the Amazon EC2 instance that you want to associate with the Elastic IP address specified by the EIP property. If the instance has more than one network interface, you must specify a network interface ID.", "required": false, "type": "String", "update_causes": [ "replacement", "none" ] }, "NetworkInterfaceId": { "description": "[EC2-VPC] The ID of the network interface to associate with the Elastic IP address. If the instance has more than one network interface, you must specify a network interface ID.", "required": false, "type": "String", "update_causes": [ "replacement", "none" ] }, "PrivateIpAddress": { "description": "[EC2-VPC] The private IP address that you want to associate with the Elastic IP address. The private IP address is restricted to the primary and secondary private IP addresses that are associated with the network interface. By default, the private IP address that is associated with the EIP is the primary private IP address of the network interface.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-properties-ec2-eip-association.html" }, "AWS::WorkSpaces::Workspace": { "properties": [ "BundleId", "DirectoryId", "UserName", "RootVolumeEncryptionEnabled", "UserVolumeEncryptionEnabled", "VolumeEncryptionKey" ], "full_properties": { "BundleId": { "description": "The identifier of the bundle from which you want to create the workspace. A bundle specifies the details of the workspace, such as the installed applications and the size of CPU, memory, and storage. Use the DescribeWorkspaceBundles action to list the bundles that AWS offers.", "required": true, "type": "String", "update_causes": "unavailable" }, "DirectoryId": { "description": "The identifier of the AWS Directory Service directory in which you want to create the workspace. The directory must already be registered with Amazon WorkSpaces. Use the DescribeWorkspaceDirectories action to list the directories that are available.", "required": true, "type": "String", "update_causes": "replacement" }, "UserName": { "description": "The name of the user to which the workspace is assigned. This user name must exist in the specified AWS Directory Service directory.", "required": true, "type": "String", "update_causes": "replacement" }, "RootVolumeEncryptionEnabled": { "description": "Indicates whether Amazon WorkSpaces encrypts data stored on the root volume (C: drive).", "required": false, "type": "Boolean", "update_causes": "unavailable" }, "UserVolumeEncryptionEnabled": { "description": "Indicates whether Amazon WorkSpaces encrypts data stored on the user volume (D: drive).", "required": false, "type": "Boolean", "update_causes": "unavailable" }, "VolumeEncryptionKey": { "description": "The AWS Key Management Service (AWS KMS) key ID that Amazon WorkSpaces uses to encrypt data stored on your workspace.", "required": false, "type": "String", "update_causes": "unavailable" } }, "path": "aws-resource-workspaces-workspace.html" }, "AWS::WAF::ByteMatchSet": { "properties": [ "ByteMatchTuples", "Name" ], "full_properties": { "ByteMatchTuples": { "description": "Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests.", "required": false, "type": "Array", "update_causes": "none" }, "Name": { "description": "A friendly name or description of the ByteMatchSet.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-waf-bytematchset.html" }, "AWS::AutoScaling::AutoScalingGroup": { "properties": [ "AvailabilityZones", "Cooldown", "DesiredCapacity", "HealthCheckGracePeriod", "HealthCheckType", "InstanceId", "LaunchConfigurationName", "LoadBalancerNames", "MaxSize", "MetricsCollection", "MinSize", "NotificationConfigurations", "PlacementGroup", "Tags", "TargetGroupARNs", "TerminationPolicies", "VPCZoneIdentifier" ], "full_properties": { "AvailabilityZones": { "description": "Contains a list of availability zones for the group.", "required": false, "type": "Array", "update_causes": "none" }, "Cooldown": { "description": "The number of seconds after a scaling activity is completed before any further scaling activities can start.", "required": false, "type": "String", "update_causes": "none" }, "DesiredCapacity": { "description": "Specifies the desired capacity for the Auto Scaling group.", "required": false, "type": "String", "update_causes": "none" }, "HealthCheckGracePeriod": { "description": "The length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.", "required": false, "type": "Number", "update_causes": "none" }, "HealthCheckType": { "description": "The service you want the health status from, Amazon EC2 or Elastic Load Balancer. Valid values are EC2 or ELB.", "required": false, "type": "String", "update_causes": "none" }, "InstanceId": { "description": "The ID of the Amazon EC2 instance you want to use to create the Auto Scaling group. Use this property if you want to create an Auto Scaling group that uses an existing Amazon EC2 instance instead of a launch configuration.", "required": false, "type": "String", "update_causes": "replacement" }, "LaunchConfigurationName": { "description": "Specifies the name of the associated AWS::AutoScaling::LaunchConfiguration.", "required": false, "type": "String", "update_causes": "none" }, "LoadBalancerNames": { "description": "A list of Classic load balancers associated with this Auto Scaling group. To specify Application load balancers, use TargetGroupARNs.", "required": false, "type": "Array", "update_causes": "replacement" }, "MaxSize": { "description": "The maximum size of the Auto Scaling group.", "required": true, "type": "String", "update_causes": "none" }, "MetricsCollection": { "description": "Enables the monitoring of group metrics of an Auto Scaling group.", "required": false, "type": "Array", "update_causes": "none" }, "MinSize": { "description": "The minimum size of the Auto Scaling group.", "required": true, "type": "String", "update_causes": "none" }, "NotificationConfigurations": { "description": "An embedded property that configures an Auto Scaling group to send notifications when specified events take place.", "required": false, "type": "Array", "update_causes": "none" }, "PlacementGroup": { "description": "The name of an existing cluster placement group into which you want to launch your instances. A placement group is a logical grouping of instances within a single Availability Zone. You cannot specify multiple Availability Zones and a placement group.", "required": false, "type": "String", "update_causes": "none" }, "Tags": { "description": "The tags you want to attach to this resource.", "required": false, "type": "Array", "update_causes": "none" }, "TargetGroupARNs": { "description": "A list of Amazon Resource Names (ARN) of target groups to associate with the Auto Scaling group.", "required": false, "type": "Array", "update_causes": "none" }, "TerminationPolicies": { "description": "A policy or a list of policies that are used to select the instances to terminate. The policies are executed in the order that you list them.", "required": false, "type": "Array", "update_causes": "none" }, "VPCZoneIdentifier": { "description": "A list of subnet identifiers of Amazon Virtual Private Cloud (Amazon VPCs).", "required": false, "type": "Array", "update_causes": "interrupt" } }, "path": "aws-properties-as-group.html" }, "AWS::EFS::MountTarget": { "properties": [ "FileSystemId", "IpAddress", "SecurityGroups", "SubnetId" ], "full_properties": { "FileSystemId": { "description": "The ID of the file system for which you want to create the mount target.", "required": true, "type": "String", "update_causes": "replacement" }, "IpAddress": { "description": "An IPv4 address that is within the address range of the subnet that is specified in the SubnetId property. If you don't specify an IP address, Amazon EFS automatically assigns an address that is within the range of the subnet.", "required": false, "type": "String", "update_causes": "replacement" }, "SecurityGroups": { "description": "A maximum of five VPC security group IDs that are in the same VPC as the subnet that is specified in the SubnetId property. For more information about security groups and mount targets, see Security in the Amazon Elastic File System User Guide.", "required": true, "type": "Array", "update_causes": "none" }, "SubnetId": { "description": "The ID of the subnet in which you want to add the mount target.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-efs-mounttarget.html" }, "AWS::RDS::DBParameterGroup": { "properties": [ "Description", "Family", "Parameters", "Tags" ], "full_properties": { "Description": { "description": "A friendly description of the RDS parameter group. For example, \"My Parameter Group\".", "required": true, "type": "String", "update_causes": "unavailable" }, "Family": { "description": "The database family of this RDS parameter group. For example, \"MySQL5.1\".", "required": true, "type": "String", "update_causes": "unavailable" }, "Parameters": { "description": "The parameters to set for this RDS parameter group.", "required": false, "type": "Unknown", "update_causes": [ "none", "interrupt" ] }, "Tags": { "description": "The tags that you want to attach to the RDS parameter group.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-rds-dbparametergroup.html" }, "AWS::ApiGateway::ClientCertificate": { "properties": [ "Description" ], "full_properties": { "Description": { "description": "A description of the client certificate.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-apigateway-clientcertificate.html" }, "AWS::Logs::LogGroup": { "properties": [ "LogGroupName", "RetentionInDays" ], "full_properties": { "LogGroupName": { "description": "A name for the log group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "RetentionInDays": { "description": "The number of days log events are kept in CloudWatch Logs. When a log event expires, CloudWatch Logs automatically deletes it. For valid values, see PutRetentionPolicy in the Amazon CloudWatch Logs API Reference.", "required": false, "type": "Number", "update_causes": "none" } }, "path": "aws-resource-logs-loggroup.html" }, "AWS::SNS::Topic": { "properties": [ "DisplayName", "Subscription", "TopicName" ], "full_properties": { "DisplayName": { "description": "A developer-defined string that can be used to identify this SNS topic.", "required": false, "type": "String", "update_causes": "none" }, "Subscription": { "description": "The SNS subscriptions (endpoints) for this topic.", "required": false, "type": "Array", "update_causes": "none" }, "TopicName": { "description": "A name for the topic. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-properties-sns-topic.html" }, "AWS::Lambda::Permission": { "properties": [ "Action", "FunctionName", "Principal", "SourceAccount", "SourceArn" ], "full_properties": { "Action": { "description": "The Lambda actions that you want to allow in this statement. For example, you can specify lambda:CreateFunction to specify a certain action, or use a wildcard (lambda:*) to grant permission to all Lambda actions. For a list of actions, see Actions and Condition Context Keys for AWS Lambda in the IAM User Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "FunctionName": { "description": "The name (physical ID), Amazon Resource Name (ARN), or alias ARN of the Lambda function that you want to associate with this statement. Lambda adds this statement to the function's access policy.", "required": true, "type": "String", "update_causes": "replacement" }, "Principal": { "description": "The entity for which you are granting permission to invoke the Lambda function. This entity can be any valid AWS service principal, such as s3.amazonaws.com or sns.amazonaws.com, or, if you are granting cross-account permission, an AWS account ID. For example, you might want to allow a custom application in another AWS account to push events to Lambda by invoking your function.", "required": true, "type": "String", "update_causes": "replacement" }, "SourceAccount": { "description": "The AWS account ID (without hyphens) of the source owner. For example, if you specify an S3 bucket in the SourceArn property, this value is the bucket owner's account ID. You can use this property to ensure that all source principals are owned by a specific account.", "required": false, "type": "String", "update_causes": "replacement" }, "SourceArn": { "description": "The ARN of a resource that is invoking your function. When granting Amazon Simple Storage Service (Amazon S3) permission to invoke your function, specify this property with the bucket ARN as its value. This ensures that events generated only from the specified bucket, not just any bucket from any AWS account that creates a mapping to your function, can invoke the function.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-lambda-permission.html" }, "AWS::Route53::RecordSet": { "properties": [ "AliasTarget", "Comment", "Failover", "GeoLocation", "HealthCheckId", "HostedZoneId", "HostedZoneName", "Name", "Region", "ResourceRecords", "SetIdentifier", "TTL", "Type", "Weight" ], "full_properties": { "AliasTarget": { "description": "Alias resource record sets only: Information about the domain to which you are redirecting traffic.", "required": false, "type": "Unknown", "update_causes": "none" }, "Comment": { "description": "Any comments that you want to include about the hosted zone.", "required": false, "type": "String", "update_causes": "none" }, "Failover": { "description": "Designates the record set as a PRIMARY or SECONDARY failover record set. When you have more than one resource performing the same function, you can configure Amazon Route 53 to check the health of your resources and use only health resources to respond to DNS queries. You cannot create nonfailover resource record sets that have the same Name and Type property values as failover resource record sets. For more information, see the Failover content in the Amazon Route 53 API Reference.", "required": false, "type": "Unknown", "update_causes": "none" }, "GeoLocation": { "description": "Describes how Amazon Route 53 responds to DNS queries based on the geographic origin of the query.", "required": false, "type": "Unknown", "update_causes": "none" }, "HealthCheckId": { "description": "The health check ID that you want to apply to this record set. Amazon Route 53 returns this resource record set in response to a DNS query only while record set is healthy.", "required": false, "type": "String", "update_causes": "none" }, "HostedZoneId": { "description": "The ID of the hosted zone.", "required": false, "type": "String", "update_causes": "replacement" }, "HostedZoneName": { "description": "The name of the domain for the hosted zone where you want to add the record set.", "required": false, "type": "String", "update_causes": "replacement" }, "Name": { "description": "The name of the domain. You must specify a fully qualified domain name that ends with a period as the last label indication. If you omit the final period, AWS CloudFormation adds it.", "required": true, "type": "String", "update_causes": "replacement" }, "Region": { "description": "Latency resource record sets only: The Amazon EC2 region where the resource that is specified in this resource record set resides. The resource typically is an AWS resource, for example, Amazon EC2 instance or an Elastic Load Balancing load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.", "required": false, "type": "Unknown", "update_causes": "unknown" }, "ResourceRecords": { "description": "List of resource records to add. Each record should be in the format appropriate for the record type specified by the Type property. For information about different record types and their record formats, see Appendix: Domain Name Format in the Amazon Route 53 Developer Guide.", "required": false, "type": "Array", "update_causes": "none" }, "SetIdentifier": { "description": "A unique identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.", "required": false, "type": "String", "update_causes": "none" }, "TTL": { "description": "The resource record cache time to live (TTL), in seconds. If you specify this property, do not specify the AliasTarget property. For alias target records, the alias uses a TTL value from the target.", "required": false, "type": "String", "update_causes": "none" }, "Type": { "description": "The type of records to add. For valid values, see the Type content in the Amazon Route 53 API Reference. In AWS CloudFormation, you can't create records of type NS or SOA.", "required": true, "type": "Unknown", "update_causes": "none" }, "Weight": { "description": "Weighted resource record sets only: Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-properties-route53-recordset.html" }, "AWS::IAM::User": { "properties": [ "Groups", "LoginProfile", "ManagedPolicyArns", "Path", "Policies", "UserName" ], "full_properties": { "Groups": { "description": "A name of a group to which you want to add the user.", "required": false, "type": "Array", "update_causes": "none" }, "LoginProfile": { "description": "Creates a login profile so that the user can access the AWS Management Console.", "required": false, "type": "Unknown", "update_causes": "none" }, "ManagedPolicyArns": { "description": "One or more managed policy ARNs to attach to this user.", "required": false, "type": "Array", "update_causes": "none" }, "Path": { "description": "The path for the user name. For more information about paths, see IAM Identifiers in the IAM User Guide.", "required": false, "type": "String", "update_causes": "none" }, "Policies": { "description": "The policies to associate with this user. For information about policies, see Overview of IAM Policies in the IAM User Guide.", "required": false, "type": "Array", "update_causes": "none" }, "UserName": { "description": "A name for the IAM user. For valid values, see the UserName parameter for the CreateUser action in the IAM API Reference. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-properties-iam-user.html" }, "AWS::EC2::NetworkAcl": { "properties": [ "Tags", "VpcId" ], "full_properties": { "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this ACL.", "required": false, "type": "Unknown", "update_causes": "none" }, "VpcId": { "description": "The ID of the VPC where the network ACL will be created.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-network-acl.html" }, "AWS::EC2::SecurityGroupIngress": { "properties": [ "CidrIp", "CidrIpv6", "FromPort", "GroupId", "GroupName", "IpProtocol", "SourceSecurityGroupId", "SourceSecurityGroupName", "SourceSecurityGroupOwnerId", "ToPort" ], "full_properties": { "CidrIp": { "description": "An IPv4 CIDR range.", "required": false, "type": "String", "update_causes": "replacement" }, "CidrIpv6": { "description": "An IPv6 CIDR range.", "required": false, "type": "String", "update_causes": "replacement" }, "FromPort": { "description": "Start of port range for the TCP and UDP protocols, or an ICMP type number. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP type number).", "required": true, "type": "Number", "update_causes": "replacement" }, "GroupId": { "description": "ID of the Amazon EC2 or VPC security group to modify. The group must belong to your account.", "required": false, "type": "String", "update_causes": "replacement" }, "GroupName": { "description": "Name of the Amazon EC2 security group (non-VPC security group) to modify. This value can be a reference to an AWS::EC2::SecurityGroup resource or the name of an existing Amazon EC2 security group.", "required": false, "type": "String", "update_causes": "replacement" }, "IpProtocol": { "description": "IP protocol name or number. For valid values, see the IpProtocol parameter in AuthorizeSecurityGroupIngress", "required": true, "type": "String", "update_causes": "replacement" }, "SourceSecurityGroupId": { "description": "Specifies the ID of the source security group or uses the Ref intrinsic function to refer to the logical ID of a security group defined in the same template.", "required": false, "type": "String", "update_causes": "replacement" }, "SourceSecurityGroupName": { "description": "Specifies the name of the Amazon EC2 security group (non-VPC security group) to allow access or uses the Ref intrinsic function to refer to the logical name of a security group defined in the same template. For instances in a VPC, specify the SourceSecurityGroupId property.", "required": false, "type": "String", "update_causes": "replacement" }, "SourceSecurityGroupOwnerId": { "description": "Specifies the AWS Account ID of the owner of the Amazon EC2 security group specified in the SourceSecurityGroupName property.", "required": false, "type": "String", "update_causes": "replacement" }, "ToPort": { "description": "End of port range for the TCP and UDP protocols, or an ICMP code. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP code).", "required": true, "type": "Number", "update_causes": "replacement" } }, "path": "aws-properties-ec2-security-group-ingress.html" }, "AWS::S3::BucketPolicy": { "properties": [ "Bucket", "PolicyDocument" ], "full_properties": { "Bucket": { "description": "The Amazon S3 bucket that the policy applies to.", "required": true, "type": "String", "update_causes": "unavailable" }, "PolicyDocument": { "description": "A policy document containing permissions to add to the specified bucket. For more information, see Access Policy Language Overview in the Amazon Simple Storage Service Developer Guide.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-properties-s3-policy.html" }, "AWS::Route53::HostedZone": { "properties": [ "HostedZoneConfig", "HostedZoneTags", "Name", "VPCs" ], "full_properties": { "HostedZoneConfig": { "description": "A complex type that contains an optional comment about your hosted zone.", "required": false, "type": "Unknown", "update_causes": "none" }, "HostedZoneTags": { "description": "An arbitrary set of tags (key–value pairs) for this hosted zone.", "required": false, "type": "Array", "update_causes": "none" }, "Name": { "description": "The name of the domain. For resource record types that include a domain name, specify a fully qualified domain name.", "required": true, "type": "String", "update_causes": "replacement" }, "VPCs": { "description": "One or more VPCs that you want to associate with this hosted zone. When you specify this property, AWS CloudFormation creates a private hosted zone.", "required": false, "type": "Array", "update_causes": [ "replacement", "none" ] } }, "path": "aws-resource-route53-hostedzone.html" }, "AWS::RDS::EventSubscription": { "properties": [ "Enabled", "EventCategories", "SnsTopicArn", "SourceIds", "SourceType" ], "full_properties": { "Enabled": { "description": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", "required": false, "type": "Boolean", "update_causes": "none" }, "EventCategories": { "description": "A list of event categories that you want to subscribe to for a given source type. If you don't specify this property, you are notified about all event categories. For more information, see Using Amazon RDS Event Notification in the Amazon Relational Database Service User Guide.", "required": false, "type": "Array", "update_causes": "none" }, "SnsTopicArn": { "description": "The Amazon Resource Name (ARN) of an Amazon SNS topic that you want to send event notifications to.", "required": true, "type": "String", "update_causes": "replacement" }, "SourceIds": { "description": "A list of identifiers for which Amazon RDS provides notification events.", "required": false, "type": "Array", "update_causes": "none" }, "SourceType": { "description": "The type of source for which Amazon RDS provides notification events. For example, if you want to be notified of events generated by a database instance, set this parameter to db-instance. If you don't specify a value, notifications are provided for all source types. For valid values, see the SourceType parameter for the CreateEventSubscription action in the Amazon Relational Database Service API Reference.", "required": false, "type": "Unknown", "update_causes": [ "replacement", "interrupt" ] } }, "path": "aws-resource-rds-eventsubscription.html" }, "AWS::OpsWorks::Layer": { "properties": [ "Attributes", "AutoAssignElasticIps", "AutoAssignPublicIps", "CustomInstanceProfileArn", "CustomJson", "CustomRecipes", "CustomSecurityGroupIds", "EnableAutoHealing", "InstallUpdatesOnBoot", "LifecycleEventConfiguration", "LoadBasedAutoScaling", "Name", "Packages", "Shortname", "StackId", "Type", "VolumeConfigurations" ], "full_properties": { "Attributes": { "description": "One or more user-defined key-value pairs to be added to the stack attributes bag.", "required": false, "type": "Array", "update_causes": "none" }, "AutoAssignElasticIps": { "description": "Whether to automatically assign an Elastic IP address to Amazon EC2 instances in this layer.", "required": true, "type": "Boolean", "update_causes": "none" }, "AutoAssignPublicIps": { "description": "For AWS OpsWorks stacks that are running in a VPC, whether to automatically assign a public IP address to Amazon EC2 instances in this layer.", "required": true, "type": "Boolean", "update_causes": "none" }, "CustomInstanceProfileArn": { "description": "The Amazon Resource Name (ARN) of an IAM instance profile that is to be used for the Amazon EC2 instances in this layer.", "required": false, "type": "String", "update_causes": "none" }, "CustomJson": { "description": "A custom stack configuration and deployment attributes that AWS OpsWorks installs on the layer's instances. For more information, see the CustomJson parameter for the CreateLayer action in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "Unknown", "update_causes": "unknown" }, "CustomRecipes": { "description": "Custom event recipes for this layer.", "required": false, "type": "Unknown", "update_causes": "none" }, "CustomSecurityGroupIds": { "description": "Custom security group IDs for this layer.", "required": false, "type": "Array", "update_causes": "none" }, "EnableAutoHealing": { "description": "Whether to automatically heal Amazon EC2 instances that have become disconnected or timed out.", "required": true, "type": "Boolean", "update_causes": "none" }, "InstallUpdatesOnBoot": { "description": "Whether to install operating system and package updates when the instance boots.", "required": false, "type": "Boolean", "update_causes": "none" }, "LifecycleEventConfiguration": { "description": "The lifecycle events for the AWS OpsWorks layer.", "required": false, "type": "Unknown", "update_causes": "none" }, "LoadBasedAutoScaling": { "description": "The load-based scaling configuration for the AWS OpsWorks layer.", "required": false, "type": "Unknown", "update_causes": "none" }, "Name": { "description": "The AWS OpsWorks layer name.", "required": true, "type": "String", "update_causes": "none" }, "Packages": { "description": "The packages for this layer.", "required": false, "type": "Array", "update_causes": "none" }, "Shortname": { "description": "The layer short name, which is used internally by AWS OpsWorks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed.", "required": true, "type": "String", "update_causes": "none" }, "StackId": { "description": "The ID of the AWS OpsWorks stack that this layer will be associated with.", "required": true, "type": "String", "update_causes": "replacement" }, "Type": { "description": "The layer type. A stack cannot have more than one layer of the same type, except for the custom type. You can have any number of custom types. For more information, see CreateLayer in the AWS OpsWorks Stacks API Reference.", "required": true, "type": "String", "update_causes": "replacement" }, "VolumeConfigurations": { "description": "Describes the Amazon EBS volumes for this layer.", "required": false, "type": "Array", "update_causes": "interrupt" } }, "path": "aws-resource-opsworks-layer.html" }, "AWS::SSM::Document": { "properties": [ "Content", "DocumentType" ], "full_properties": { "Content": { "description": "A JSON object that describes an instance configuration. For more information, see Creating SSM Documents in the Amazon EC2 User Guide for Linux Instances.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "DocumentType": { "description": "The type of document to create that relates to the purpose of your document, such as running commands, bootstrapping software, or automating tasks. For valid values, see the CreateDocument action in the Amazon EC2 Simple Systems Manager API Reference.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ssm-document.html" }, "AWS::S3::Bucket": { "properties": [ "AccessControl", "BucketName", "CorsConfiguration", "LifecycleConfiguration", "LoggingConfiguration", "NotificationConfiguration", "ReplicationConfiguration", "Tags", "VersioningConfiguration", "WebsiteConfiguration" ], "full_properties": { "AccessControl": { "description": "A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACLs in the Amazon S3 documentation.", "required": false, "type": "String", "update_causes": "none" }, "BucketName": { "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name. For more information, see Name Type. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-).", "required": false, "type": "Unknown", "update_causes": "replacement" }, "CorsConfiguration": { "description": "Rules that define cross-origin resource sharing of objects in this bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon Simple Storage Service Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "LifecycleConfiguration": { "description": "Rules that define how Amazon S3 manages objects during their lifetime. For more information, see Object Lifecycle Management in the Amazon Simple Storage Service Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "LoggingConfiguration": { "description": "Settings that defines where logs are stored.", "required": false, "type": "Unknown", "update_causes": "none" }, "NotificationConfiguration": { "description": "Configuration that defines how Amazon S3 handles bucket notifications.", "required": false, "type": "Unknown", "update_causes": "none" }, "ReplicationConfiguration": { "description": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property.", "required": false, "type": "Unknown", "update_causes": "none" }, "Tags": { "description": "An arbitrary set of tags (key-value pairs) for this Amazon S3 bucket.", "required": false, "type": "Unknown", "update_causes": "none" }, "VersioningConfiguration": { "description": "Enables multiple variants of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.", "required": false, "type": "Unknown", "update_causes": "none" }, "WebsiteConfiguration": { "description": "Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-properties-s3-bucket.html" }, "AWS::OpsWorks::ElasticLoadBalancerAttachment": { "properties": [ "ElasticLoadBalancerName", "LayerId" ], "full_properties": { "ElasticLoadBalancerName": { "description": "Elastic Load Balancing load balancer name.", "required": true, "type": "String", "update_causes": "none" }, "LayerId": { "description": "The AWS OpsWorks layer ID that the Elastic Load Balancing load balancer will be attached to.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-opsworks-elbattachment.html" }, "AWS::GameLift::Fleet": { "properties": [ "BuildId", "Description", "DesiredEC2Instances", "EC2InboundPermissions", "EC2InstanceType", "LogPaths", "MaxSize", "MinSize", "Name", "ServerLaunchParameters", "ServerLaunchPath" ], "full_properties": { "BuildId": { "description": "The unique identifier for the build that you want to use with this fleet.", "required": true, "type": "String", "update_causes": "replacement" }, "Description": { "description": "Information that helps you identify the purpose of this fleet.", "required": false, "type": "String", "update_causes": "none" }, "DesiredEC2Instances": { "description": "The number of EC2 instances that you want in this fleet.", "required": true, "type": "Number", "update_causes": "none" }, "EC2InboundPermissions": { "description": "The incoming traffic, expressed as IP ranges and port numbers, that is permitted to access the game server. If you don't specify values, no traffic is permitted to your game servers.", "required": false, "type": "Array", "update_causes": "none" }, "EC2InstanceType": { "description": "The type of EC2 instances that the fleet uses. EC2 instance types define the CPU, memory, storage, and networking capacity of the fleet's hosts. For more information about the instance types that are supported by GameLift, see the EC2InstanceType parameter in the Amazon GameLift API Reference.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "LogPaths": { "description": "The path to game-session log files that are generated by your game server, with the slashes (\\) escaped. After a game session has been terminated, GameLift captures and stores the logs in an S3 bucket.", "required": false, "type": "Array", "update_causes": "replacement" }, "MaxSize": { "description": "The maximum number of EC2 instances that you want to allow in this fleet. By default, AWS CloudFormation, sets this property to 1.", "required": false, "type": "Number", "update_causes": "none" }, "MinSize": { "description": "The minimum number of EC2 instances that you want to allow in this fleet. By default, AWS CloudFormation, sets this property to 0.", "required": false, "type": "Number", "update_causes": "none" }, "Name": { "description": "An identifier to associate with this fleet. Fleet names don't need to be unique.", "required": true, "type": "String", "update_causes": "none" }, "ServerLaunchParameters": { "description": "The parameters that are required to launch your game server. Specify these parameters as a string of command-line parameters, such as +sv_port 33435 +start_lobby.", "required": false, "type": "String", "update_causes": "replacement" }, "ServerLaunchPath": { "description": "The location of your game server that GameLift launches. You must escape the slashes (\\) and use the following pattern: C:\\\\game\\\\launchpath. For example, if your game server files are in the MyGame folder, the path should be C:\\\\game\\\\MyGame\\\\server.exe.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-gamelift-fleet.html" }, "AWS::IAM::Group": { "properties": [ "GroupName", "ManagedPolicyArns", "Path", "Policies" ], "full_properties": { "GroupName": { "description": "A name for the IAM group. For valid values, see the GroupName parameter for the CreateGroup action in the IAM API Reference. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.", "required": false, "type": "String", "update_causes": "replacement" }, "ManagedPolicyArns": { "description": "One or more managed policy ARNs to attach to this group.", "required": false, "type": "Array", "update_causes": "none" }, "Path": { "description": "The path to the group. For more information about paths, see IAM Identifiers in the IAM User Guide.", "required": false, "type": "String", "update_causes": "none" }, "Policies": { "description": "The policies to associate with this group. For information about policies, see Overview of IAM Policies in the IAM User Guide.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-iam-group.html" }, "AWS::ApiGateway::Authorizer": { "properties": [ "AuthorizerCredentials", "AuthorizerResultTtlInSeconds", "AuthorizerUri", "IdentitySource", "IdentityValidationExpression", "Name", "ProviderARNs", "RestApiId", "Type" ], "full_properties": { "AuthorizerCredentials": { "description": "The credentials required for the authorizer. To specify an AWS Identity and Access Management (IAM) role that API Gateway assumes, specify the role's Amazon Resource Name (ARN). To use resource-based permissions on the AWS Lambda (Lambda) function, specify null.", "required": false, "type": "String", "update_causes": "none" }, "AuthorizerResultTtlInSeconds": { "description": "The time-to-live (TTL) period, in seconds, that specifies how long API Gateway caches authorizer results. If you specify a value greater than 0, API Gateway caches the authorizer responses. By default, API Gateway sets this property to 300. The maximum value is 3600, or 1 hour.", "required": false, "type": "Number", "update_causes": "none" }, "AuthorizerUri": { "description": "The authorizer's Uniform Resource Identifier (URI). If you specify TOKEN for the authorizer's Type property, specify a Lambda function URI, which has the form arn:aws:apigateway:region:lambda:path/path. The path usually has the form /2015-03-31/functions/LambdaFunctionARN/invocations.", "required": false, "type": "Unknown", "update_causes": "none" }, "IdentitySource": { "description": "The source of the identity in an incoming request. If you specify TOKEN for the authorizer's Type property, specify a mapping expression. The custom header mapping expression has the form method.request.header.name, where name is the name of a custom authorization header that clients submit as part of their requests.", "required": true, "type": "Unknown", "update_causes": "none" }, "IdentityValidationExpression": { "description": "A validation expression for the incoming identity. If you specify TOKEN for the authorizer's Type property, specify a regular expression. API Gateway uses the expression to attempt to match the incoming client token, and proceeds if the token matches. If the token doesn't match, API Gateway responds with a 401 (unauthorized request) error code.", "required": false, "type": "Unknown", "update_causes": "none" }, "Name": { "description": "The name of the authorizer.", "required": true, "type": "String", "update_causes": "none" }, "ProviderARNs": { "description": "A list of the Amazon Cognito user pool Amazon Resource Names (ARNs) to associate with this authorizer. For more information, see Use Amazon Cognito Your User Pool in the API Gateway Developer Guide.", "required": false, "type": "Array", "update_causes": "none" }, "RestApiId": { "description": "The ID of the RestApi resource in which API Gateway creates the authorizer.", "required": false, "type": "String", "update_causes": "replacement" }, "Type": { "description": "The type of authorizer:", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-apigateway-authorizer.html" }, "AWS::Route53::RecordSetGroup": { "properties": [ "Comment", "HostedZoneId", "HostedZoneName", "RecordSets" ], "full_properties": { "Comment": { "description": "Any comments you want to include about the hosted zone.", "required": false, "type": "String", "update_causes": "none" }, "HostedZoneId": { "description": "The ID of the hosted zone.", "required": false, "type": "String", "update_causes": "replacement" }, "HostedZoneName": { "description": "The name of the domain for the hosted zone where you want to add the record set.", "required": false, "type": "String", "update_causes": "replacement" }, "RecordSets": { "description": "List of resource record sets to add.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-route53-recordsetgroup.html" }, "AWS::IoT::Policy": { "properties": [ "PolicyDocument", "PolicyName" ], "full_properties": { "PolicyDocument": { "description": "The JSON document that describes the policy.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "PolicyName": { "description": "The name (the physical ID) of the AWS IoT policy.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-iot-policy.html" }, "AWS::Lambda::Version": { "properties": [ "CodeSha256", "Description", "FunctionName" ], "full_properties": { "CodeSha256": { "description": "The SHA-256 hash of the deployment package that you want to publish. This value must match the SHA-256 hash of the $LATEST version of the function. Specify this property to validate that you are publishing the correct package.", "required": false, "type": "String", "update_causes": "unavailable" }, "Description": { "description": "A description of the version you are publishing. If you don't specify a value, Lambda copies the description from the $LATEST version of the function.", "required": false, "type": "String", "update_causes": "unavailable" }, "FunctionName": { "description": "The Lambda function for which you want to publish a version. You can specify the function's name or its Amazon Resource Name (ARN).", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-lambda-version.html" }, "AWS::AutoScaling::ScalingPolicy": { "properties": [ "AdjustmentType", "AutoScalingGroupName", "Cooldown", "EstimatedInstanceWarmup", "MetricAggregationType", "MinAdjustmentMagnitude", "PolicyType", "ScalingAdjustment", "StepAdjustments" ], "full_properties": { "AdjustmentType": { "description": "Specifies whether the ScalingAdjustment is an absolute number or a percentage of the current capacity. Valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity.", "required": true, "type": "String", "update_causes": "none" }, "AutoScalingGroupName": { "description": "The name or Amazon Resource Name (ARN) of the Auto Scaling Group that you want to attach the policy to.", "required": true, "type": "String", "update_causes": "none" }, "Cooldown": { "description": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start.", "required": false, "type": "String", "update_causes": "none" }, "EstimatedInstanceWarmup": { "description": "The estimated time, in seconds, until a newly launched instance can send metrics to CloudWatch. By default, Auto Scaling uses the cooldown period, as specified in the Cooldown property.", "required": false, "type": "Number", "update_causes": "none" }, "MetricAggregationType": { "description": "The aggregation type for the CloudWatch metrics. You can specify Minimum, Maximum, or Average. By default, AWS CloudFormation specifies Average.", "required": false, "type": "String", "update_causes": "none" }, "MinAdjustmentMagnitude": { "description": "For the PercentChangeInCapacity adjustment type, the minimum number of instances to scale. The scaling policy changes the desired capacity of the Auto Scaling group by a minimum of this many instances. This property replaces the MinAdjustmentStep property.", "required": false, "type": "Number", "update_causes": "none" }, "PolicyType": { "description": "An Auto Scaling policy type. You can specify SimpleScaling or StepScaling. By default, AWS CloudFormation specifies SimpleScaling. For more information, see Scaling Policy Types in the Auto Scaling User Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "ScalingAdjustment": { "description": "The number of instances by which to scale. The AdjustmentType property determines if AWS CloudFormation interprets this number as an absolute number (when the ExactCapacity value is specified), increase or decrease capacity by a specified number (when the ChangeInCapacity value is specified), or increase or decrease capacity as a percentage of the existing Auto Scaling group size (when the PercentChangeInCapacity value is specified). A positive value adds to the current capacity and a negative value subtracts from the current capacity. For exact capacity, you must specify a positive value.", "required": false, "type": "Unknown", "update_causes": "none" }, "StepAdjustments": { "description": "A set of adjustments that enable you to scale based on the size of the alarm breach.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-as-policy.html" }, "AWS::EC2::VPCPeeringConnection": { "properties": [ "PeerVpcId", "Tags", "VpcId" ], "full_properties": { "PeerVpcId": { "description": "The ID of the VPC with which you are creating the peering connection.", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this resource.", "required": false, "type": "Unknown", "update_causes": "none" }, "VpcId": { "description": "The ID of the VPC that is requesting a peering connection.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-vpcpeeringconnection.html" }, "AWS::CodeCommit::Repository": { "properties": [ "RepositoryDescription", "RepositoryName", "Triggers" ], "full_properties": { "RepositoryDescription": { "description": "A description about the AWS CodeCommit repository. For constraints, see the CreateRepository action in the AWS CodeCommit API Reference.", "required": false, "type": "String", "update_causes": "none" }, "RepositoryName": { "description": "A name for the AWS CodeCommit repository.", "required": true, "type": "String", "update_causes": "none" }, "Triggers": { "description": "Defines the actions to take in response to events that occur in the repository. For example, you can send email notifications when someone pushes to the repository.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-codecommit-repository.html" }, "AWS::ElastiCache::CacheCluster": { "properties": [ "AutoMinorVersionUpgrade", "AZMode", "CacheNodeType", "CacheParameterGroupName", "CacheSecurityGroupNames", "CacheSubnetGroupName", "ClusterName", "Engine", "EngineVersion", "NotificationTopicArn", "NumCacheNodes", "Port", "PreferredAvailabilityZone", "PreferredAvailabilityZones", "PreferredMaintenanceWindow", "SnapshotArns", "SnapshotName", "SnapshotRetentionLimit", "SnapshotWindow", "Tags", "VpcSecurityGroupIds" ], "full_properties": { "AutoMinorVersionUpgrade": { "description": "Indicates that minor engine upgrades will be applied automatically to the cache cluster during the maintenance window.", "required": false, "type": "Boolean", "update_causes": "none" }, "AZMode": { "description": "For Memcached cache clusters, indicates whether the nodes are created in a single Availability Zone or across multiple Availability Zones in the cluster's region. For valid values, see CreateCacheCluster in the Amazon ElastiCache API Reference.", "required": false, "type": "String", "update_causes": "none" }, "CacheNodeType": { "description": "The compute and memory capacity of nodes in a cache cluster.", "required": true, "type": "String", "update_causes": "interrupt" }, "CacheParameterGroupName": { "description": "The name of the cache parameter group that is associated with this cache cluster.", "required": false, "type": "String", "update_causes": "interrupt" }, "CacheSecurityGroupNames": { "description": "A list of cache security group names that are associated with this cache cluster. If your cache cluster is in a VPC, specify the VpcSecurityGroupIds property instead.", "required": false, "type": "Array", "update_causes": "none" }, "CacheSubnetGroupName": { "description": "The cache subnet group that you associate with a cache cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "ClusterName": { "description": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Engine": { "description": "The name of the cache engine to be used for this cache cluster, such as memcached or redis.", "required": true, "type": "String", "update_causes": "replacement" }, "EngineVersion": { "description": "The version of the cache engine to be used for this cluster.", "required": false, "type": "String", "update_causes": "interrupt" }, "NotificationTopicArn": { "description": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications will be sent.", "required": false, "type": "String", "update_causes": "none" }, "NumCacheNodes": { "description": "The number of cache nodes that the cache cluster should have.", "required": true, "type": "Number", "update_causes": [ "replacement", "none" ] }, "Port": { "description": "The port number on which each of the cache nodes will accept connections.", "required": false, "type": "Number", "update_causes": "replacement" }, "PreferredAvailabilityZone": { "description": "The Amazon EC2 Availability Zone in which the cache cluster is created.", "required": false, "type": "String", "update_causes": "replacement" }, "PreferredAvailabilityZones": { "description": "For Memcached cache clusters, the list of Availability Zones in which cache nodes are created. The number of Availability Zones listed must equal the number of cache nodes. For example, if you want to create three nodes in two different Availability Zones, you can specify [\"us-east-1a\", \"us-east-1a\", \"us-east-1b\"], which would create two nodes in us-east-1a and one node in us-east-1b.", "required": false, "type": "Array", "update_causes": [ "replacement", "interrupt" ] }, "PreferredMaintenanceWindow": { "description": "The weekly time range (in UTC) during which system maintenance can occur.", "required": false, "type": "String", "update_causes": "none" }, "SnapshotArns": { "description": "The ARN of the snapshot file that you want to use to seed a new Redis cache cluster. If you manage a Redis instance outside of Amazon ElastiCache, you can create a new cache cluster in ElastiCache by using a snapshot file that is stored in an Amazon S3 bucket.", "required": false, "type": "Array", "update_causes": "replacement" }, "SnapshotName": { "description": "The name of a snapshot from which to restore data into a new Redis cache cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "SnapshotRetentionLimit": { "description": "For Redis cache clusters, the number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set the value to 5, a snapshot that was taken today will be retained for 5 days before being deleted.", "required": false, "type": "Number", "update_causes": "none" }, "SnapshotWindow": { "description": "For Redis cache clusters, the daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your node group. For example, you can specify 05:00-09:00.", "required": false, "type": "String", "update_causes": "none" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this cache cluster.", "required": false, "type": "Unknown", "update_causes": "none" }, "VpcSecurityGroupIds": { "description": "A list of VPC security group IDs. If your cache cluster isn't in a VPC, specify the CacheSecurityGroupNames property instead.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-elasticache-cache-cluster.html" }, "AWS::Route53::HealthCheck": { "properties": [ "HealthCheckConfig", "HealthCheckTags" ], "full_properties": { "HealthCheckConfig": { "description": "An Amazon Route 53 health check.", "required": true, "type": "Unknown", "update_causes": "none" }, "HealthCheckTags": { "description": "An arbitrary set of tags (key–value pairs) for this health check.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-route53-healthcheck.html" }, "AWS::EC2::Route": { "properties": [ "DestinationCidrBlock", "DestinationIpv6CidrBlock", "GatewayId", "InstanceId", "NatGatewayId", "NetworkInterfaceId", "RouteTableId" ], "full_properties": { "DestinationCidrBlock": { "description": "The IPv4 CIDR address block used for the destination match. For example, 0.0.0.0/0. Routing decisions are based on the most specific match.", "required": false, "type": "String", "update_causes": "replacement" }, "DestinationIpv6CidrBlock": { "description": "The IPv6 CIDR address block used for the destination match. For example, ::/0. Routing decisions are based on the most specific match.", "required": false, "type": "String", "update_causes": "replacement" }, "GatewayId": { "description": "The ID of an Internet gateway or virtual private gateway that is attached to your VPC. For example: igw-eaad4883.", "required": false, "type": "String", "update_causes": "none" }, "InstanceId": { "description": "The ID of a NAT instance in your VPC. For example, i-1a2b3c4d.", "required": false, "type": "String", "update_causes": "none" }, "NatGatewayId": { "description": "The ID of a NAT gateway. For example, nat-0a12bc456789de0fg.", "required": false, "type": "String", "update_causes": "none" }, "NetworkInterfaceId": { "description": "Allows the routing of network interface IDs.", "required": false, "type": "String", "update_causes": "none" }, "RouteTableId": { "description": "The ID of the route table where the route will be added.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-route.html" }, "AWS::RDS::DBInstance": { "properties": [ "AllocatedStorage", "AllowMajorVersionUpgrade", "AutoMinorVersionUpgrade", "AvailabilityZone", "BackupRetentionPeriod", "CharacterSetName", "CopyTagsToSnapshot", "DBClusterIdentifier", "DBInstanceClass", "DBInstanceIdentifier", "DBName", "DBParameterGroupName", "DBSecurityGroups", "DBSnapshotIdentifier", "DBSubnetGroupName", "Domain", "DomainIAMRoleName", "Engine", "EngineVersion", "Iops", "KmsKeyId", "LicenseModel", "MasterUsername", "MasterUserPassword", "MonitoringInterval", "MonitoringRoleArn", "MultiAZ", "OptionGroupName", "Port", "PreferredBackupWindow", "PreferredMaintenanceWindow", "PubliclyAccessible", "SourceDBInstanceIdentifier", "StorageEncrypted", "StorageType", "Tags", "VPCSecurityGroups" ], "full_properties": { "AllocatedStorage": { "description": "The allocated storage size, specified in gigabytes (GB).", "required": false, "type": "String", "update_causes": "none" }, "AllowMajorVersionUpgrade": { "description": "If you update the EngineVersion property to a version that's different from the DB instance's current major version, set this property to true. For more information, see ModifyDBInstance in the Amazon Relational Database Service API Reference.", "required": false, "type": "Boolean", "update_causes": "none" }, "AutoMinorVersionUpgrade": { "description": "Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window. The default value is true.", "required": false, "type": "Boolean", "update_causes": [ "none", "interrupt" ] }, "AvailabilityZone": { "description": "The name of the Availability Zone where the DB instance is located. You cannot set the AvailabilityZone parameter if the MultiAZ parameter is set to true.", "required": false, "type": "String", "update_causes": "replacement" }, "BackupRetentionPeriod": { "description": "The number of days during which automatic DB snapshots are retained.", "required": false, "type": "String", "update_causes": [ "none", "interrupt" ] }, "CharacterSetName": { "description": "For supported engines, specifies the character set to associate with the DB instance. For more information, see Appendix: Oracle Character Sets Supported in Amazon RDS in the Amazon Relational Database Service User Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "CopyTagsToSnapshot": { "description": "Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. By default, Amazon RDS doesn't copy tags to snapshots. Amazon RDS doesn't copy tags with the aws:: prefix unless it's the DB instance's final snapshot (the snapshot when you delete the DB instance).", "required": false, "type": "Boolean", "update_causes": "none" }, "DBClusterIdentifier": { "description": "The name of an existing DB cluster that this instance will be associated with. If you specify this property, specify aurora for the Engine property and do not specify any of the following properties: AllocatedStorage, BackupRetentionPeriod, CharacterSetName, DBSecurityGroups, PreferredBackupWindow, PreferredMaintenanceWindow, Port, SourceDBInstanceIdentifier, or StorageType.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "DBInstanceClass": { "description": "The name of the compute and memory capacity classes of the DB instance.", "required": true, "type": "String", "update_causes": "interrupt" }, "DBInstanceIdentifier": { "description": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lower case. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "DBName": { "description": "The name of the DB instance that was provided at the time of creation, if one was specified. This same name is returned for the life of the DB instance.", "required": false, "type": "String", "update_causes": "replacement" }, "DBParameterGroupName": { "description": "The name of an existing DB parameter group or a reference to an AWS::RDS::DBParameterGroup resource created in the template.", "required": false, "type": "String", "update_causes": [ "none", "interrupt" ] }, "DBSecurityGroups": { "description": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.", "required": false, "type": "Unknown", "update_causes": "none" }, "DBSnapshotIdentifier": { "description": "The name or ARN of the DB snapshot used to restore the DB instance. If you are restoring from a shared manual DB snapshot, you must specify the Amazon Resource Name (ARN) of the snapshot.", "required": false, "type": "String", "update_causes": "replacement" }, "DBSubnetGroupName": { "description": "A DB subnet group to associate with the DB instance.", "required": false, "type": "String", "update_causes": "replacement" }, "Domain": { "description": "For an Amazon RDS DB instance that is running Microsoft SQL Server, the Active Directory directory ID to create the instance in. Amazon RDS uses Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon Relational Database Service User Guide.", "required": false, "type": "String", "update_causes": "none" }, "DomainIAMRoleName": { "description": "The name of an IAM role that Amazon RDS uses when calling the Directory Service APIs.", "required": false, "type": "String", "update_causes": "none" }, "Engine": { "description": "The database engine that the DB instance uses. This property is optional when you specify the DBSnapshotIdentifier property to create DB instances.", "required": false, "type": "String", "update_causes": "replacement" }, "EngineVersion": { "description": "The version number of the database engine that the DB instance uses.", "required": false, "type": "String", "update_causes": "interrupt" }, "Iops": { "description": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.", "required": false, "type": "Unknown", "update_causes": "none" }, "KmsKeyId": { "description": "The ARN of the AWS Key Management Service (AWS KMS) master key that is used to encrypt the DB instance, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default master key. If you specify this property, you must set the StorageEncrypted property to true.", "required": false, "type": "String", "update_causes": "replacement" }, "LicenseModel": { "description": "The license model of the DB instance.", "required": false, "type": "String", "update_causes": "replacement" }, "MasterUsername": { "description": "The master user name for the DB instance.", "required": false, "type": "String", "update_causes": "replacement" }, "MasterUserPassword": { "description": "The master password for the DB instance.", "required": false, "type": "String", "update_causes": "none" }, "MonitoringInterval": { "description": "The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance. To disable metrics collection, specify 0.", "required": false, "type": "Number", "update_causes": [ "none", "interrupt" ] }, "MonitoringRoleArn": { "description": "The ARN of the AWS Identity and Access Management (IAM) role that permits Amazon RDS to send enhanced monitoring metrics to Amazon CloudWatch, for example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, see To create an IAM role for Amazon RDS Enhanced Monitoring in the Amazon Relational Database Service User Guide.", "required": false, "type": "String", "update_causes": "none" }, "MultiAZ": { "description": "Specifies if the database instance is a multiple Availability Zone deployment. You cannot set the AvailabilityZone parameter if the MultiAZ parameter is set to true.", "required": false, "type": "Boolean", "update_causes": "none" }, "OptionGroupName": { "description": "The option group that this DB instance is associated with.", "required": false, "type": "String", "update_causes": "none" }, "Port": { "description": "The port for the instance.", "required": false, "type": "String", "update_causes": "replacement" }, "PreferredBackupWindow": { "description": "The daily time range during which automated backups are performed if automated backups are enabled, as determined by the BackupRetentionPeriod property. For valid values, see the PreferredBackupWindow parameter for the CreateDBInstance action in the Amazon Relational Database Service API Reference.", "required": false, "type": "String", "update_causes": "none" }, "PreferredMaintenanceWindow": { "description": "The weekly time range (in UTC) during which system maintenance can occur. For valid values, see the PreferredMaintenanceWindow parameter for the CreateDBInstance action in the Amazon Relational Database Service API Reference.", "required": false, "type": "String", "update_causes": [ "none", "interrupt" ] }, "PubliclyAccessible": { "description": "Indicates whether the DB instance is an Internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "SourceDBInstanceIdentifier": { "description": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see Working with Read Replicas in the Amazon Relational Database Service Developer Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "StorageEncrypted": { "description": "Indicates whether the DB instance is encrypted.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "StorageType": { "description": "The storage type associated with this DB instance.", "required": false, "type": "Unknown", "update_causes": "interrupt" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this DB instance.", "required": false, "type": "Unknown", "update_causes": "none" }, "VPCSecurityGroups": { "description": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to AWS::EC2::SecurityGroup resources created in the template.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-rds-database-instance.html" }, "AWS::AutoScaling::LifecycleHook": { "properties": [ "AutoScalingGroupName", "DefaultResult", "HeartbeatTimeout", "LifecycleTransition", "NotificationMetadata", "NotificationTargetARN", "RoleARN" ], "full_properties": { "AutoScalingGroupName": { "description": "The name of the Auto Scaling group for the lifecycle hook.", "required": true, "type": "String", "update_causes": "replacement" }, "DefaultResult": { "description": "The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs.", "required": false, "type": "String", "update_causes": "none" }, "HeartbeatTimeout": { "description": "The amount of time that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the action that you specified in the DefaultResult property.", "required": false, "type": "Number", "update_causes": "none" }, "LifecycleTransition": { "description": "The state of the Amazon EC2 instance to which you want to attach the lifecycle hook. For valid values, see the LifecycleTransition content for the LifecycleHook data type in the Auto Scaling API Reference.", "required": true, "type": "String", "update_causes": "none" }, "NotificationMetadata": { "description": "Additional information that you want to include when Auto Scaling sends a message to the notification target.", "required": false, "type": "String", "update_causes": "none" }, "NotificationTargetARN": { "description": "The Amazon resource name (ARN) of the notification target that Auto Scaling uses to notify you when an instance is in the transition state for the lifecycle hook. You can specify an Amazon SQS queue or an Amazon SNS topic. The notification message includes the following information: lifecycle action token, user account ID, Auto Scaling group name, lifecycle hook name, instance ID, lifecycle transition, and notification metadata.", "required": true, "type": "String", "update_causes": "none" }, "RoleARN": { "description": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target. The role requires permissions to Amazon SNS and Amazon SQS.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-as-lifecyclehook.html" }, "AWS::Lambda::Alias": { "properties": [ "Description", "FunctionName", "FunctionVersion", "Name" ], "full_properties": { "Description": { "description": "Information about the alias, such as its purpose or the Lambda function that is associated with it.", "required": false, "type": "String", "update_causes": "none" }, "FunctionName": { "description": "The Lambda function that you want to associate with this alias. You can specify the function's name or its Amazon Resource Name (ARN).", "required": true, "type": "String", "update_causes": "replacement" }, "FunctionVersion": { "description": "The version of the Lambda function that you want to associate with this alias.", "required": true, "type": "String", "update_causes": "none" }, "Name": { "description": "A name for the alias.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-lambda-alias.html" }, "AWS::CloudFormation::Stack": { "properties": [ "NotificationARNs", "Parameters", "Tags", "TemplateURL", "TimeoutInMinutes" ], "full_properties": { "NotificationARNs": { "description": "A list of existing Amazon SNS topics where notifications about stack events are sent.", "required": false, "type": "Array", "update_causes": "none" }, "Parameters": { "description": "The set of parameters passed to AWS CloudFormation when this nested stack is created.", "required": false, "type": "Unknown", "update_causes": "interrupt" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) to describe this stack.", "required": false, "type": "Unknown", "update_causes": "none" }, "TemplateURL": { "description": "The URL of a template that specifies the stack that you want to create as a resource. The template must be stored on an Amazon S3 bucket, so the URL must have the form: https://s3.amazonaws.com/.../TemplateName.template", "required": true, "type": "String", "update_causes": "interrupt" }, "TimeoutInMinutes": { "description": "The length of time, in minutes, that AWS CloudFormation waits for the nested stack to reach the CREATE_COMPLETE state. The default is no timeout. When AWS CloudFormation detects that the nested stack has reached the CREATE_COMPLETE state, it marks the nested stack resource as CREATE_COMPLETE in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches CREATE_COMPLETE, AWS CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.", "required": false, "type": "Number", "update_causes": "unavailable" } }, "path": "aws-properties-stack.html" }, "AWS::ECS::Service": { "properties": [ "Cluster", "DeploymentConfiguration", "DesiredCount", "LoadBalancers", "Role", "TaskDefinition" ], "full_properties": { "Cluster": { "description": "The name or Amazon Resource Name (ARN) of the cluster that you want to run your service on. If you do not specify a cluster, Amazon ECS uses the default cluster.", "required": false, "type": "String", "update_causes": "replacement" }, "DeploymentConfiguration": { "description": "Configures how many tasks run during a deployment.", "required": false, "type": "Unknown", "update_causes": "none" }, "DesiredCount": { "description": "The number of simultaneous tasks, which you specify by using the TaskDefinition property, that you want to run on the cluster.", "required": true, "type": "Number", "update_causes": "none" }, "LoadBalancers": { "description": "A list of load balancer objects to associate with the cluster. For information about the number of load balancers you can specify per service, see Service Load Balancing in the Amazon EC2 Container Service Developer Guide.", "required": false, "type": "Array", "update_causes": "replacement" }, "Role": { "description": "The name or ARN of an AWS Identity and Access Management (IAM) role that allows your Amazon ECS container agent to make calls to your load balancer.", "required": false, "type": "String", "update_causes": "replacement" }, "TaskDefinition": { "description": "The ARN of the task definition (including the revision number) that you want to run on the cluster, such as arn:aws:ecs:us-east-1:123456789012:task-definition/mytask:3. You can't use :latest to specify a revision because it's ambiguous. For example, if AWS CloudFormation needed to rollback an update, it wouldn't know which revision to rollback to.", "required": true, "type": "String", "update_causes": "interrupt" } }, "path": "aws-resource-ecs-service.html" }, "AWS::CloudFormation::WaitConditionHandle": { "properties": [ ], "path": "aws-properties-waitconditionhandle.html" }, "AWS::SQS::Queue": { "properties": [ "DelaySeconds", "MaximumMessageSize", "MessageRetentionPeriod", "QueueName", "ReceiveMessageWaitTimeSeconds", "RedrivePolicy", "VisibilityTimeout" ], "full_properties": { "DelaySeconds": { "description": "The time in seconds that the delivery of all messages in the queue will be delayed. You can specify an integer value of 0 to 900 (15 minutes). The default value is 0.", "required": false, "type": "Number", "update_causes": "none" }, "MaximumMessageSize": { "description": "The limit of how many bytes a message can contain before Amazon SQS rejects it. You can specify an integer value from 1024 bytes (1 KiB) to 262144 bytes (256 KiB). The default value is 262144 (256 KiB).", "required": false, "type": "Number", "update_causes": "none" }, "MessageRetentionPeriod": { "description": "The number of seconds Amazon SQS retains a message. You can specify an integer value from 60 seconds (1 minute) to 1209600 seconds (14 days). The default value is 345600 seconds (4 days).", "required": false, "type": "Number", "update_causes": "none" }, "QueueName": { "description": "A name for the queue. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "ReceiveMessageWaitTimeSeconds": { "description": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, as opposed to returning an empty response if a message is not yet available. You can specify an integer from 1 to 20. The short polling is used as the default or when you specify 0 for this property. For more information, see Amazon SQS Long Poll.", "required": false, "type": "Number", "update_causes": "none" }, "RedrivePolicy": { "description": "Specifies an existing dead letter queue to receive messages after the source queue (this queue) fails to process a message a specified number of times.", "required": false, "type": "Unknown", "update_causes": "none" }, "VisibilityTimeout": { "description": "The length of time during which a message will be unavailable once a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.", "required": false, "type": "Number", "update_causes": "none" } }, "path": "aws-properties-sqs-queues.html" }, "AWS::CloudFormation::CustomResource": { "properties": [ "ServiceToken" ], "full_properties": { "ServiceToken": { "description": "The service token that was given to the template developer by the service provider to access the service, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same region in which you are creating the stack.", "required": true, "type": "String", "update_causes": "unavailable" } }, "path": "aws-resource-cfn-customresource.html" }, "AWS::RDS::DBClusterParameterGroup": { "properties": [ "Description", "Family", "Parameters", "Tags" ], "full_properties": { "Description": { "description": "A friendly description for this DB cluster parameter group.", "required": true, "type": "String", "update_causes": "replacement" }, "Family": { "description": "The database family of this DB cluster parameter group, such as aurora5.6.", "required": true, "type": "String", "update_causes": "replacement" }, "Parameters": { "description": "The parameters to set for this DB cluster parameter group. For a list of parameter keys, see Appendix: DB Cluster and DB Instance Parameters in the Amazon Relational Database Service User Guide.", "required": true, "type": "Unknown", "update_causes": [ "none", "interrupt" ] }, "Tags": { "description": "The tags that you want to attach to this parameter group.", "required": false, "type": "Array", "update_causes": "unavailable" } }, "path": "aws-resource-rds-dbclusterparametergroup.html" }, "AWS::ElasticLoadBalancingV2::Listener": { "properties": [ "Certificates", "DefaultActions", "LoadBalancerArn", "Port", "Protocol", "SslPolicy" ], "full_properties": { "Certificates": { "description": "The SSL server certificate for the listener. With a certificate, you can encrypt traffic between the load balancer and the clients that initiate HTTPS sessions, and traffic between the load balancer and your targets.", "required": false, "type": "Array", "update_causes": "none" }, "DefaultActions": { "description": "The default actions that the listener takes when handling incoming requests.", "required": true, "type": "Array", "update_causes": "none" }, "LoadBalancerArn": { "description": "The Amazon Resource Name (ARN) of the load balancer to associate with the listener.", "required": true, "type": "String", "update_causes": "replacement" }, "Port": { "description": "The port on which the listener listens for requests.", "required": true, "type": "Number", "update_causes": "none" }, "Protocol": { "description": "The protocol that clients must use to send requests to the listener.", "required": true, "type": "String", "update_causes": "none" }, "SslPolicy": { "description": "The security policy that defines the ciphers and protocols that the load balancer supports.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-elasticloadbalancingv2-listener.html" }, "AWS::Redshift::ClusterParameterGroup": { "properties": [ "Description", "ParameterGroupFamily", "Parameters" ], "full_properties": { "Description": { "description": "A description of the parameter group.", "required": true, "type": "String", "update_causes": "replacement" }, "ParameterGroupFamily": { "description": "The Amazon Redshift engine version that applies to this cluster parameter group. The cluster engine version determines the set of parameters that you can specify in the Parameters property.", "required": true, "type": "String", "update_causes": "replacement" }, "Parameters": { "description": "A list of parameter names and values that are allowed by the Amazon Redshift engine version that you specified in the ParameterGroupFamily property. For more information, see Amazon Redshift Parameter Groups in the Amazon Redshift Cluster Management Guide.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-redshift-clusterparametergroup.html" }, "AWS::Redshift::ClusterSecurityGroup": { "properties": [ "Description" ], "full_properties": { "Description": { "description": "A description of the security group.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-redshift-clustersecuritygroup.html" }, "AWS::CodePipeline::Pipeline": { "properties": [ "ArtifactStore", "DisableInboundStageTransitions", "Name", "RestartExecutionOnUpdate", "RoleArn", "Stages" ], "full_properties": { "ArtifactStore": { "description": "The Amazon Simple Storage Service (Amazon S3) location where AWS CodePipeline stores pipeline artifacts. The S3 bucket must have versioning enabled. For more information, see Create an Amazon S3 Bucket for Your Application in the AWS CodePipeline User Guide.", "required": true, "type": "Unknown", "update_causes": "none" }, "DisableInboundStageTransitions": { "description": "Prevents artifacts in a pipeline from transitioning to the stage that you specified. This enables you to manually control transitions.", "required": false, "type": "Array", "update_causes": "none" }, "Name": { "description": "The name of your AWS CodePipeline pipeline.", "required": false, "type": "String", "update_causes": "none" }, "RestartExecutionOnUpdate": { "description": "Indicates whether to rerun the AWS CodePipeline pipeline after you update it.", "required": false, "type": "Boolean", "update_causes": "none" }, "RoleArn": { "description": "A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf. For more information, see AWS CodePipeline Access Permissions Reference in the AWS CodePipeline User Guide.", "required": true, "type": "String", "update_causes": "none" }, "Stages": { "description": "Defines the AWS CodePipeline pipeline stages.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-codepipeline-pipeline.html" }, "AWS::EC2::Instance": { "properties": [ "Affinity", "AvailabilityZone", "BlockDeviceMappings", "DisableApiTermination", "EbsOptimized", "HostId", "IamInstanceProfile", "ImageId", "InstanceInitiatedShutdownBehavior", "InstanceType", "Ipv6AddressCount", "Ipv6Addresses", "KernelId", "KeyName", "Monitoring", "NetworkInterfaces", "PlacementGroupName", "PrivateIpAddress", "RamdiskId", "SecurityGroupIds", "SecurityGroups", "SourceDestCheck", "SsmAssociations", "SubnetId", "Tags", "Tenancy", "UserData", "Volumes", "AdditionalInfo" ], "full_properties": { "Affinity": { "description": "Indicates whether Amazon Elastic Compute Cloud (Amazon EC2) always associates the instance with a dedicated host. If you want Amazon EC2 to always restart the instance (if it was stopped) onto the same host on which it was launched, specify host. If you want Amazon EC2 to restart the instance on any available host, but to try to launch the instance onto the last host it ran on (on a best-effort basis), specify default.", "required": false, "type": "String", "update_causes": "none" }, "AvailabilityZone": { "description": "Specifies the name of the Availability Zone in which the instance is located.", "required": false, "type": "String", "update_causes": "replacement" }, "BlockDeviceMappings": { "description": "Defines a set of Amazon Elastic Block Store block device mappings, ephemeral instance store block device mappings, or both. For more information, see Amazon Elastic Block Store or Amazon EC2 Instance Store in the Amazon EC2 User Guide for Linux Instances.", "required": false, "type": "Array", "update_causes": [ "replacement", "none" ] }, "DisableApiTermination": { "description": "Specifies whether the instance can be terminated through the API.", "required": false, "type": "Boolean", "update_causes": "none" }, "EbsOptimized": { "description": "Specifies whether the instance is optimized for Amazon Elastic Block Store I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance.", "required": false, "type": "Boolean", "update_causes": [ "replacement", "interrupt" ] }, "HostId": { "description": "If you specify host for the Affinity property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", "required": false, "type": "String", "update_causes": "none" }, "IamInstanceProfile": { "description": "The physical ID of an instance profile or a reference to an AWS::IAM::InstanceProfile resource.", "required": false, "type": "String", "update_causes": "replacement" }, "ImageId": { "description": "Provides the unique ID of the Amazon Machine Image (AMI) that was assigned during registration.", "required": true, "type": "String", "update_causes": "replacement" }, "InstanceInitiatedShutdownBehavior": { "description": "Indicates whether an instance stops or terminates when you shut down the instance from the instance's operating system shutdown command. You can specify stop or terminate. For more information, see the RunInstances command in the Amazon EC2 API Reference.", "required": false, "type": "String", "update_causes": "none" }, "InstanceType": { "description": "The instance type, such as t2.micro. The default type is \"m3.medium\". For a list of instance types, see Instance Families and Types.", "required": false, "type": "Array", "update_causes": [ "replacement", "interrupt" ] }, "Ipv6AddressCount": { "description": "The number of IPv6 addresses to associate with the instance's primary network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the Ipv6Addresses property and don't specify this property.", "required": false, "type": "Number", "update_causes": "replacement" }, "Ipv6Addresses": { "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet to associate with the instance's primary network interface. To specify a number of IPv6 addresses, use the Ipv6AddressCount property and don't specify this property.", "required": false, "type": "Array", "update_causes": "replacement" }, "KernelId": { "description": "The kernel ID.", "required": false, "type": "String", "update_causes": [ "replacement", "interrupt" ] }, "KeyName": { "description": "Provides the name of the Amazon EC2 key pair.", "required": false, "type": "String", "update_causes": "replacement" }, "Monitoring": { "description": "Specifies whether detailed monitoring is enabled for the instance.", "required": false, "type": "Boolean", "update_causes": "none" }, "NetworkInterfaces": { "description": "A list of embedded objects that describes the network interfaces to associate with this instance.", "required": false, "type": "Array", "update_causes": "replacement" }, "PlacementGroupName": { "description": "The name of an existing placement group that you want to launch the instance into (for cluster instances).", "required": false, "type": "String", "update_causes": "replacement" }, "PrivateIpAddress": { "description": "The private IP address for this instance.", "required": false, "type": "String", "update_causes": "replacement" }, "RamdiskId": { "description": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.", "required": false, "type": "String", "update_causes": [ "replacement", "interrupt" ] }, "SecurityGroupIds": { "description": "A list that contains the security group IDs for VPC security groups to assign to the Amazon EC2 instance. If you specified the NetworkInterfaces property, do not specify this property.", "required": false, "type": "Array", "update_causes": [ "replacement", "none" ] }, "SecurityGroups": { "description": "Valid only for Amazon EC2 security groups. A list that contains the Amazon EC2 security groups to assign to the Amazon EC2 instance. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.", "required": false, "type": "Array", "update_causes": "replacement" }, "SourceDestCheck": { "description": "Controls whether source/destination checking is enabled on the instance. Also determines if an instance in a VPC will perform network address translation (NAT).", "required": false, "type": "Boolean", "update_causes": "none" }, "SsmAssociations": { "description": "The Amazon EC2 Simple Systems Manager (SSM) document and parameter values to associate with this instance. To use this property, you must specify an IAM role for the instance. For more information, see Prerequisites for Remotely Running Commands on EC2 Instances in the Amazon EC2 User Guide for Windows Instances.", "required": false, "type": "Array", "update_causes": "none" }, "SubnetId": { "description": "If you're using Amazon VPC, this property specifies the ID of the subnet that you want to launch the instance into. If you specified the NetworkInterfaces property, do not specify this property.", "required": false, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this instance.", "required": false, "type": "Unknown", "update_causes": "none" }, "Tenancy": { "description": "The tenancy of the instance that you want to launch, such as default, dedicated, or host. If you specify a tenancy value of dedicated or host, you must launch the instance in a VPC. For more information, see Dedicated Instances in the Amazon VPC User Guide.", "required": false, "type": "String", "update_causes": [ "replacement", "none" ] }, "UserData": { "description": "Base64-encoded MIME user data that is made available to the instances.", "required": false, "type": "String", "update_causes": [ "replacement", "interrupt" ] }, "Volumes": { "description": "The Amazon EBS volumes to attach to the instance.", "required": false, "type": "Array", "update_causes": "none" }, "AdditionalInfo": { "description": "Reserved.", "required": false, "type": "String", "update_causes": [ "replacement", "interrupt" ] } }, "path": "aws-properties-ec2-instance.html" }, "AWS::EC2::VPNGatewayRoutePropagation": { "properties": [ "RouteTableIds", "VpnGatewayId" ], "full_properties": { "RouteTableIds": { "description": "A list of routing table IDs that are associated with a VPC. The routing tables must be associated with the same VPC that the virtual private gateway is attached to.", "required": true, "type": "Array", "update_causes": "none" }, "VpnGatewayId": { "description": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-ec2-vpn-gatewayrouteprop.html" }, "AWS::ApiGateway::Resource": { "properties": [ "ParentId", "PathPart", "RestApiId" ], "full_properties": { "ParentId": { "description": "If you want to create a child resource, the ID of the parent resource. For resources without a parent, specify the RestApi root resource ID, such as { \"Fn::GetAtt\": [\"MyRestApi\", \"RootResourceId\"] }.", "required": true, "type": "String", "update_causes": "replacement" }, "PathPart": { "description": "A path name for the resource.", "required": true, "type": "String", "update_causes": "replacement" }, "RestApiId": { "description": "The ID of the RestApi resource in which you want to create this resource.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-apigateway-resource.html" }, "AWS::Config::ConfigurationRecorder": { "properties": [ "Name", "RecordingGroup", "RoleARN" ], "full_properties": { "Name": { "description": "A name for the configuration recorder. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the configuration recorder name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "unavailable" }, "RecordingGroup": { "description": "Indicates whether to record configurations for all supported resources or for a list of resource types. The resource types that you list must be supported by AWS Config.", "required": false, "type": "Unknown", "update_causes": "none" }, "RoleARN": { "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to make read or write requests to the delivery channel that you specify and to get configuration details for supported AWS resources. For more information, see Permissions for the AWS Config IAM Role in the AWS Config Developer Guide.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-config-configurationrecorder.html" }, "AWS::EMR::InstanceGroupConfig": { "properties": [ "BidPrice", "Configurations", "EbsConfiguration", "InstanceCount", "InstanceRole", "InstanceType", "JobFlowId", "Market", "Name" ], "full_properties": { "BidPrice": { "description": "The bid price in USD for each EC2 instance in the instance group when launching instances (nodes) as Spot Instances.", "required": false, "type": "String", "update_causes": "replacement" }, "Configurations": { "description": "A list of configurations to apply to this instance group. For more information see, Configuring Applications in the Amazon EMR Release Guide.", "required": false, "type": "Array", "update_causes": "replacement" }, "EbsConfiguration": { "description": "Configures Amazon Elastic Block Store (Amazon EBS) storage volumes to attach to your instances.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "InstanceCount": { "description": "The number of instances to launch in the instance group.", "required": true, "type": "Number", "update_causes": "none" }, "InstanceRole": { "description": "The role of the servers in the Amazon EMR cluster, such as TASK. For more information, see Instance Groups in the Amazon EMR Management Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "InstanceType": { "description": "The EC2 instance type for all instances in the instance group. For more information, see Instance Configurations in the Amazon EMR Management Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "JobFlowId": { "description": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", "required": true, "type": "String", "update_causes": "replacement" }, "Market": { "description": "The type of marketplace from which your instances are provisioned into this group, either ON_DEMAND or SPOT. For more information, see Amazon EC2 Purchasing Options.", "required": false, "type": "String", "update_causes": "replacement" }, "Name": { "description": "A name for the instance group.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-emr-instancegroupconfig.html" }, "AWS::Redshift::ClusterSecurityGroupIngress": { "properties": [ "ClusterSecurityGroupName", "CIDRIP", "EC2SecurityGroupName", "EC2SecurityGroupOwnerId" ], "full_properties": { "ClusterSecurityGroupName": { "description": "The name of the Amazon Redshift security group that will be associated with the ingress rule.", "required": true, "type": "String", "update_causes": "replacement" }, "CIDRIP": { "description": "The IP address range that has inbound access to the Amazon Redshift security group.", "required": false, "type": "String", "update_causes": "replacement" }, "EC2SecurityGroupName": { "description": "The Amazon EC2 security group that will be added the Amazon Redshift security group.", "required": false, "type": "String", "update_causes": "replacement" }, "EC2SecurityGroupOwnerId": { "description": "The 12-digit AWS account number of the owner of the Amazon EC2 security group that is specified by the EC2SecurityGroupName parameter.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-redshift-clustersecuritygroupingress.html" }, "AWS::EC2::Volume": { "properties": [ "AutoEnableIO", "AvailabilityZone", "Encrypted", "Iops", "KmsKeyId", "Size", "SnapshotId", "Tags", "VolumeType" ], "full_properties": { "AutoEnableIO": { "description": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O. For more information, see Working with the AutoEnableIO Volume Attribute in the Amazon EC2 User Guide for Linux Instances.", "required": false, "type": "Boolean", "update_causes": "none" }, "AvailabilityZone": { "description": "The Availability Zone in which to create the new volume.", "required": true, "type": "String", "update_causes": "unavailable" }, "Encrypted": { "description": "Indicates whether the volume is encrypted. You can attach encrypted Amazon EBS volumes only to instance types that support Amazon EBS encryption. Volumes that are created from encrypted snapshots are automatically encrypted. You can't create an encrypted volume from an unencrypted snapshot, or vice versa. If your AMI uses encrypted volumes, you can launch the AMI only on supported instance types. For more information, see Amazon EBS encryption in the Amazon EC2 User Guide for Linux Instances.", "required": false, "type": "Boolean", "update_causes": "unavailable" }, "Iops": { "description": "The number of I/O operations per second (IOPS) that the volume supports. For more information about the valid sizes for each volume type, see the Iops parameter for the CreateVolume action in the Amazon EC2 API Reference.", "required": false, "type": "Unknown", "update_causes": "unavailable" }, "KmsKeyId": { "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service master key that is used to create the encrypted volume, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. If you create an encrypted volume and don't specify this property, AWS CloudFormation uses the default master key.", "required": false, "type": "String", "update_causes": "unavailable" }, "Size": { "description": "The size of the volume, in gibibytes (GiBs). For more information about the valid sizes for each volume type, see the Size parameter for the CreateVolume action in the Amazon EC2 API Reference.", "required": false, "type": "Number", "update_causes": "unavailable" }, "SnapshotId": { "description": "The snapshot from which to create the new volume.", "required": false, "type": "String", "update_causes": "unavailable" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this volume.", "required": false, "type": "Unknown", "update_causes": "none" }, "VolumeType": { "description": "The volume type. If you set the type to io1, you must also set the Iops property. For valid values, see the VolumeType parameter for the CreateVolume action in the Amazon EC2 API Reference.", "required": false, "type": "Unknown", "update_causes": "unavailable" } }, "path": "aws-properties-ec2-ebs-volume.html" }, "AWS::IAM::AccessKey": { "properties": [ "Serial", "Status", "UserName" ], "full_properties": { "Serial": { "description": "This value is specific to AWS CloudFormation and can only be incremented. Incrementing this value notifies AWS CloudFormation that you want to rotate your access key. When you update your stack, AWS CloudFormation will replace the existing access key with a new key.", "required": false, "type": "Number", "update_causes": "replacement" }, "Status": { "description": "The status of the access key. By default, AWS CloudFormation sets this property value to Active.", "required": false, "type": "String", "update_causes": "none" }, "UserName": { "description": "The name of the user that the new key will belong to.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-properties-iam-accesskey.html" }, "AWS::RDS::DBSecurityGroup": { "properties": [ "EC2VpcId", "DBSecurityGroupIngress", "GroupDescription", "Tags" ], "full_properties": { "EC2VpcId": { "description": "The Id of VPC. Indicates which VPC this DB Security Group should belong to.", "required": false, "type": "String", "update_causes": "replacement" }, "DBSecurityGroupIngress": { "description": "Network ingress authorization for an Amazon EC2 security group or an IP address range.", "required": true, "type": "Array", "update_causes": "none" }, "GroupDescription": { "description": "Description of the security group.", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "The tags that you want to attach to the Amazon RDS DB security group.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-rds-security-group.html" }, "AWS::DataPipeline::Pipeline": { "properties": [ "Activate", "Description", "Name", "ParameterObjects", "ParameterValues", "PipelineObjects", "PipelineTags" ], "full_properties": { "Activate": { "description": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to true.", "required": false, "type": "Boolean", "update_causes": "none" }, "Description": { "description": "A description for the pipeline.", "required": false, "type": "String", "update_causes": "replacement" }, "Name": { "description": "A name for the pipeline. Because AWS CloudFormation assigns each new pipeline a unique identifier, you can use the same name for multiple pipelines that are associated with your AWS account.", "required": true, "type": "String", "update_causes": "replacement" }, "ParameterObjects": { "description": "Defines the variables that are in the pipeline definition. For more information, see Creating a Pipeline Using Parameterized Templates in the AWS Data Pipeline Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "ParameterValues": { "description": "Defines the values for the parameters that are defined in the ParameterObjects property. For more information, see Creating a Pipeline Using Parameterized Templates in the AWS Data Pipeline Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "PipelineObjects": { "description": "A list of pipeline objects that make up the pipeline. For more information about pipeline objects and a description of each object, see Pipeline Object Reference in the AWS Data Pipeline Developer Guide.", "required": true, "type": "Array", "update_causes": "interrupt" }, "PipelineTags": { "description": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see Controlling Access to Pipelines and Resources in the AWS Data Pipeline Developer Guide.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-datapipeline-pipeline.html" }, "AWS::EC2::NatGateway": { "properties": [ "AllocationId", "SubnetId" ], "full_properties": { "AllocationId": { "description": "The allocation ID of an Elastic IP address to associate with the NAT gateway. If the Elastic IP address is associated with another resource, you must first disassociate it.", "required": true, "type": "String", "update_causes": "replacement" }, "SubnetId": { "description": "The public subnet in which to create the NAT gateway.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-natgateway.html" }, "AWS::IoT::TopicRule": { "properties": [ "RuleName", "TopicRulePayload" ], "full_properties": { "RuleName": { "description": "The name (the physical ID) of the AWS IoT rule.", "required": false, "type": "String", "update_causes": "replacement" }, "TopicRulePayload": { "description": "The actions associated with the AWS IoT rule.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-iot-topicrule.html" }, "AWS::EC2::VPCGatewayAttachment": { "properties": [ "InternetGatewayId", "VpcId", "VpnGatewayId" ], "full_properties": { "InternetGatewayId": { "description": "The ID of the Internet gateway.", "required": false, "type": "String", "update_causes": "none" }, "VpcId": { "description": "The ID of the VPC to associate with this gateway.", "required": true, "type": "String", "update_causes": "none" }, "VpnGatewayId": { "description": "The ID of the virtual private network (VPN) gateway to attach to the VPC.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-ec2-vpc-gateway-attachment.html" }, "AWS::Config::ConfigRule": { "properties": [ "ConfigRuleName", "Description", "InputParameters", "MaximumExecutionFrequency", "Scope", "Source" ], "full_properties": { "ConfigRuleName": { "description": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Description": { "description": "A description about this AWS Config rule.", "required": false, "type": "String", "update_causes": "none" }, "InputParameters": { "description": "Input parameter values that are passed to the AWS Config rule (Lambda function).", "required": false, "type": "Unknown", "update_causes": "none" }, "MaximumExecutionFrequency": { "description": "The maximum frequency at which the AWS Config rule runs evaluations. For valid values, see the ConfigRule data type in the AWS Config API Reference.", "required": false, "type": "String", "update_causes": "none" }, "Scope": { "description": "Defines which AWS resources will trigger an evaluation when their configurations change. The scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. Specify a scope to constrain the resources that are evaluated. If you don't specify a scope, the rule evaluates all resources in the recording group.", "required": false, "type": "Unknown", "update_causes": "none" }, "Source": { "description": "Specifies the rule owner, the rule identifier, and the events that cause the function to evaluate your AWS resources.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-config-configrule.html" }, "AWS::EC2::Host": { "properties": [ "AutoPlacement", "AvailabilityZone", "InstanceType" ], "full_properties": { "AutoPlacement": { "description": "Indicates if the host accepts EC2 instances with only matching configurations or if instances must also specify the host ID. Instances that don't specify a host ID can't launch onto a host with AutoPlacement set to off. By default, AWS CloudFormation sets this property to on. For more information, see Understanding Instance Placement and Host Affinity in the Amazon EC2 User Guide for Linux Instances.", "required": false, "type": "String", "update_causes": "none" }, "AvailabilityZone": { "description": "The Availability Zone (AZ) in which to launch the dedicated host.", "required": true, "type": "String", "update_causes": "replacement" }, "InstanceType": { "description": "The instance type that the dedicated host accepts. Only instances of this type can be launched onto the host. For more information, see Supported Instance Types in the Amazon EC2 User Guide for Linux Instances.", "required": true, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-ec2-host.html" }, "AWS::EC2::VolumeAttachment": { "properties": [ "Device", "InstanceId", "VolumeId" ], "full_properties": { "Device": { "description": "How the device is exposed to the instance (e.g., /dev/sdh, or xvdh).", "required": true, "type": "String", "update_causes": "unavailable" }, "InstanceId": { "description": "The ID of the instance to which the volume attaches. This value can be a reference to an AWS::EC2::Instance resource, or it can be the physical ID of an existing EC2 instance.", "required": true, "type": "String", "update_causes": "unavailable" }, "VolumeId": { "description": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an AWS::EC2::Volume resource, or it can be the volume ID of an existing Amazon EBS volume.", "required": true, "type": "String", "update_causes": "unavailable" } }, "path": "aws-properties-ec2-ebs-volumeattachment.html" }, "AWS::EC2::SecurityGroupEgress": { "properties": [ "CidrIp", "CidrIpv6", "DestinationPrefixListId", "DestinationSecurityGroupId", "FromPort", "GroupId", "IpProtocol", "ToPort" ], "full_properties": { "CidrIp": { "description": "An IPv4 CIDR range.", "required": false, "type": "String", "update_causes": "replacement" }, "CidrIpv6": { "description": "An IPv6 CIDR range.", "required": false, "type": "String", "update_causes": "replacement" }, "DestinationPrefixListId": { "description": "The AWS service prefix of an Amazon VPC endpoint. For more information, see VPC Endpoints in the Amazon VPC User Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "DestinationSecurityGroupId": { "description": "Specifies the group ID of the destination Amazon VPC security group.", "required": false, "type": "String", "update_causes": "replacement" }, "FromPort": { "description": "Start of port range for the TCP and UDP protocols, or an ICMP type number. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP type number).", "required": true, "type": "Number", "update_causes": "replacement" }, "GroupId": { "description": "ID of the Amazon VPC security group to modify. This value can be a reference to an AWS::EC2::SecurityGroup resource that has a valid VpcId property or the ID of an existing Amazon VPC security group.", "required": true, "type": "String", "update_causes": "replacement" }, "IpProtocol": { "description": "IP protocol name or number. For valid values, see the IpProtocol parameter in AuthorizeSecurityGroupIngress", "required": true, "type": "String", "update_causes": "replacement" }, "ToPort": { "description": "End of port range for the TCP and UDP protocols, or an ICMP code. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP code).", "required": true, "type": "Number", "update_causes": "replacement" } }, "path": "aws-resource-ec2-security-group-egress.html" }, "AWS::EC2::VPNConnectionRoute": { "properties": [ "DestinationCidrBlock", "VpnConnectionId" ], "full_properties": { "DestinationCidrBlock": { "description": "The CIDR block that is associated with the local subnet of the customer network.", "required": true, "type": "String", "update_causes": "replacement" }, "VpnConnectionId": { "description": "The ID of the VPN connection.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-vpn-connection-route.html" }, "AWS::DynamoDB::Table": { "properties": [ "AttributeDefinitions", "GlobalSecondaryIndexes", "KeySchema", "LocalSecondaryIndexes", "ProvisionedThroughput", "StreamSpecification", "TableName" ], "full_properties": { "AttributeDefinitions": { "description": "A list of AttributeName and AttributeType objects that describe the key schema for the table and indexes.", "required": true, "type": "Array", "update_causes": "replacement" }, "GlobalSecondaryIndexes": { "description": "Global secondary indexes to be created on the table. You can create up to 5 global secondary indexes.", "required": false, "type": "Array", "update_causes": [ "unavailable", "none", "interrupt" ] }, "KeySchema": { "description": "Specifies the attributes that make up the primary key for the table. The attributes in the KeySchema property must also be defined in the AttributeDefinitions property.", "required": true, "type": "Array", "update_causes": "replacement" }, "LocalSecondaryIndexes": { "description": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", "required": false, "type": "Array", "update_causes": "replacement" }, "ProvisionedThroughput": { "description": "Throughput for the specified table, consisting of values for ReadCapacityUnits and WriteCapacityUnits. For more information about the contents of a provisioned throughput structure, see DynamoDB Provisioned Throughput.", "required": true, "type": "Unknown", "update_causes": "none" }, "StreamSpecification": { "description": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", "required": false, "type": "Unknown", "update_causes": "none" }, "TableName": { "description": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-dynamodb-table.html" }, "AWS::ECR::Repository": { "properties": [ "RepositoryName", "RepositoryPolicyText" ], "full_properties": { "RepositoryName": { "description": "A name for the image repository. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "RepositoryPolicyText": { "description": "A policy that controls who has access to the repository and which actions they can perform on it. For more information, see Amazon ECR Repository Policies in the Amazon EC2 Container Registry User Guide.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-ecr-repository.html" }, "AWS::OpsWorks::UserProfile": { "properties": [ "AllowSelfManagement", "IamUserArn", "SshPublicKey" ], "full_properties": { "AllowSelfManagement": { "description": "Indicates whether users can use the AWS OpsWorks My Settings page to specify their own SSH public key. For more information, see Setting an IAM User's Public SSH Key in the AWS OpsWorks User Guide.", "required": false, "type": "Boolean", "update_causes": "none" }, "IamUserArn": { "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) user to associate with this configuration.", "required": true, "type": "String", "update_causes": "replacement" }, "SshPublicKey": { "description": "The public SSH key that is associated with the IAM user. The IAM user must have or be given the corresponding private key to access instances.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-opsworks-userprofile.html" }, "AWS::CloudTrail::Trail": { "properties": [ "CloudWatchLogsLogGroupArn", "CloudWatchLogsRoleArn", "EnableLogFileValidation" ], "full_properties": { "CloudWatchLogsLogGroupArn": { "description": "The Amazon Resource Name (ARN) of a log group to which CloudTrail logs will be delivered.", "required": false, "type": "String", "update_causes": "none" }, "CloudWatchLogsRoleArn": { "description": "The role ARN that Amazon CloudWatch Logs (CloudWatch Logs) assumes to write logs to a log group. For more information, see Role Policy Document for CloudTrail to Use CloudWatch Logs for Monitoring in the AWS CloudTrail User Guide.", "required": false, "type": "String", "update_causes": "none" }, "EnableLogFileValidation": { "description": "Indicates whether CloudTrail validates the integrity of log files. By default, AWS CloudFormation sets this value to false. When you disable log file integrity validation, CloudTrail stops creating digest files. For more information, see CreateTrail in the AWS CloudTrail API Reference.", "required": false, "type": "Boolean", "update_causes": "none" } }, "path": "aws-resource-cloudtrail-trail.html" }, "AWS::SSM::Association": { "properties": [ "DocumentVersion", "InstanceId", "Name", "Parameters", "ScheduleExpression", "Targets" ], "full_properties": { "DocumentVersion": { "description": "The version of the SSM document to associate with the target.", "required": false, "type": "String", "update_causes": "none" }, "InstanceId": { "description": "The ID of the instance that the SSM document is associated with.", "required": false, "type": "String", "update_causes": "replacement" }, "Name": { "description": "The name of the SSM document.", "required": true, "type": "String", "update_causes": "replacement" }, "Parameters": { "description": "Parameter values that the SSM document uses at runtime.", "required": false, "type": "String", "update_causes": "none" }, "ScheduleExpression": { "description": "A Cron expression that specifies when the association is applied to the target. For supported expressions, see the ScheduleExpression parameter for the CreateAssociation action in the Amazon EC2 Simple Systems Manager API Reference.", "required": false, "type": "String", "update_causes": "none" }, "Targets": { "description": "The targets that the SSM document sends commands to.", "required": false, "type": "Array", "update_causes": "replacement" } }, "path": "aws-resource-ssm-association.html" }, "AWS::EC2::Subnet": { "properties": [ "AvailabilityZone", "CidrBlock", "MapPublicIpOnLaunch", "Tags", "VpcId" ], "full_properties": { "AvailabilityZone": { "description": "The availability zone in which you want the subnet. Default: AWS selects a zone for you (recommended).", "required": false, "type": "String", "update_causes": "replacement" }, "CidrBlock": { "description": "The CIDR block that you want the subnet to cover (for example, \"10.0.0.0/24\").", "required": true, "type": "String", "update_causes": "replacement" }, "MapPublicIpOnLaunch": { "description": "Indicates whether instances that are launched in this subnet receive a public IP address. By default, the value is false.", "required": false, "type": "Boolean", "update_causes": "none" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this subnet.", "required": false, "type": "Unknown", "update_causes": "none" }, "VpcId": { "description": "A Ref structure that contains the ID of the VPC on which you want to create the subnet. The VPC ID is provided as the value of the \"Ref\" property, as: { \"Ref\": \"VPCID\" }.", "required": true, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-ec2-subnet.html" }, "AWS::ApiGateway::ApiKey": { "properties": [ "Description", "Enabled", "Name", "StageKeys" ], "full_properties": { "Description": { "description": "A description of the purpose of the API key.", "required": false, "type": "String", "update_causes": "none" }, "Enabled": { "description": "Indicates whether the API key can be used by clients.", "required": false, "type": "Boolean", "update_causes": "none" }, "Name": { "description": "A name for the API key. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the API key name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "StageKeys": { "description": "A list of stages to associated with this API key.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-apigateway-apikey.html" }, "AWS::EC2::FlowLog": { "properties": [ "DeliverLogsPermissionArn", "LogGroupName", "ResourceId", "ResourceType", "TrafficType" ], "full_properties": { "DeliverLogsPermissionArn": { "description": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account.", "required": true, "type": "String", "update_causes": "replacement" }, "LogGroupName": { "description": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.", "required": true, "type": "String", "update_causes": "replacement" }, "ResourceId": { "description": "The ID of the subnet, network interface, or VPC for which you want to create a flow log.", "required": true, "type": "String", "update_causes": "replacement" }, "ResourceType": { "description": "The type of resource that you specified in the ResourceId property. For example, if you specified a VPC ID for the ResourceId property, specify VPC for this property. For valid values, see the ResourceType parameter for the CreateFlowLogs action in the Amazon EC2 API Reference.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "TrafficType": { "description": "The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic. For valid values, see the TrafficType parameter for the CreateFlowLogs action in the Amazon EC2 API Reference.", "required": true, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-ec2-flowlog.html" }, "AWS::ElasticLoadBalancingV2::LoadBalancer": { "properties": [ "LoadBalancerAttributes", "Name", "Scheme", "SecurityGroups", "Subnets", "Tags" ], "full_properties": { "LoadBalancerAttributes": { "description": "Specifies the load balancer configuration.", "required": false, "type": "Array", "update_causes": "none" }, "Name": { "description": "Specifies a name for the load balancer. This name must be unique within your AWS account and can have a maximum of 32 alphanumeric characters and hyphens. A name can't begin or end with a hyphen.", "required": false, "type": "String", "update_causes": "replacement" }, "Scheme": { "description": "Specifies whether the load balancer is internal or Internet-facing. An internal load balancer routes requests to targets using private IP addresses. An Internet-facing load balancer routes requests from clients over the Internet to targets in your public subnets.", "required": false, "type": "String", "update_causes": "replacement" }, "SecurityGroups": { "description": "Specifies a list of the IDs of the security groups to assign to the load balancer.", "required": false, "type": "Array", "update_causes": "none" }, "Subnets": { "description": "Specifies a list of at least two IDs of the subnets to associate with the load balancer. The subnets must be in different Availability Zones.", "required": true, "type": "Array", "update_causes": "none" }, "Tags": { "description": "Specifies an arbitrary set of tags (key–value pairs) to associate with this load balancer. Use tags to manage your resources.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-elasticloadbalancingv2-loadbalancer.html" }, "AWS::ApiGateway::Stage": { "properties": [ "CacheClusterEnabled", "CacheClusterSize", "ClientCertificateId", "DeploymentId", "Description", "MethodSettings", "RestApiId", "StageName", "Variables" ], "full_properties": { "CacheClusterEnabled": { "description": "Indicates whether cache clustering is enabled for the stage.", "required": false, "type": "Boolean", "update_causes": "none" }, "CacheClusterSize": { "description": "The stage's cache cluster size.", "required": false, "type": "String", "update_causes": "none" }, "ClientCertificateId": { "description": "The identifier of the client certificate that API Gateway uses to call your integration endpoints in the stage.", "required": false, "type": "String", "update_causes": "none" }, "DeploymentId": { "description": "The ID of the deployment that the stage points to.", "required": true, "type": "String", "update_causes": "none" }, "Description": { "description": "A description of the stage's purpose.", "required": false, "type": "String", "update_causes": "none" }, "MethodSettings": { "description": "Settings for all methods in the stage.", "required": false, "type": "Unknown", "update_causes": "none" }, "RestApiId": { "description": "The ID of the RestApi resource that you're deploying with this stage.", "required": true, "type": "String", "update_causes": "replacement" }, "StageName": { "description": "The name of the stage, which API Gateway uses as the first path segment in the invoke Uniform Resource Identifier (URI).", "required": true, "type": "String", "update_causes": "replacement" }, "Variables": { "description": "A map (string to string map) that defines the stage variables, where the variable name is the key and the variable value is the value. Variable names are limited to alphanumeric characters. Values must match the following regular expression: [A-Za-z0-9-._~:/?#&=,]+.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-apigateway-stage.html" }, "AWS::ElasticBeanstalk::ConfigurationTemplate": { "properties": [ ], "path": "aws-resource-beanstalk-configurationtemplate.html" }, "AWS::SQS::QueuePolicy": { "properties": [ "PolicyDocument", "Queues" ], "full_properties": { "PolicyDocument": { "description": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see Creating Custom Policies Using the Access Policy Language in the Amazon Simple Queue Service Developer Guide.", "required": true, "type": "Unknown", "update_causes": "none" }, "Queues": { "description": "The URLs of the queues to which you want to add the policy. You can use the Ref function to specify an AWS::SQS::Queue resource.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-sqs-policy.html" }, "AWS::IAM::InstanceProfile": { "properties": [ "Path", "Roles" ], "full_properties": { "Path": { "description": "The path associated with this IAM instance profile. For information about IAM paths, see Friendly Names and Paths in the AWS Identity and Access Management User Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "Roles": { "description": "The name of an existing IAM role to associate with this instance profile. Currently, a maximum of one role can be assigned to an instance profile.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-iam-instanceprofile.html" }, "AWS::ElasticBeanstalk::Application": { "properties": [ "ApplicationName", "Description" ], "full_properties": { "ApplicationName": { "description": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Description": { "description": "An optional description of this application.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-properties-beanstalk.html" }, "AWS::IAM::ManagedPolicy": { "properties": [ "Description", "Groups", "Path", "PolicyDocument", "Roles", "Users" ], "full_properties": { "Description": { "description": "A description of the policy. For example, you can describe the permissions that are defined in the policy.", "required": false, "type": "String", "update_causes": "replacement" }, "Groups": { "description": "The names of groups to attach to this policy.", "required": false, "type": "Array", "update_causes": "none" }, "Path": { "description": "The path for the policy. By default, the path is /. For more information, see IAM Identifiers in the IAM User Guide guide.", "required": false, "type": "String", "update_causes": "replacement" }, "PolicyDocument": { "description": "Policies that define the permissions for this managed policy. For more information about policy syntax, see IAM Policy Elements Reference in IAM User Guide.", "required": true, "type": "Unknown", "update_causes": "none" }, "Roles": { "description": "The names of roles to attach to this policy.", "required": false, "type": "Array", "update_causes": "none" }, "Users": { "description": "The names of users to attach to this policy.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-iam-managedpolicy.html" }, "AWS::KMS::Alias": { "properties": [ "AliasName", "TargetKeyId" ], "full_properties": { "AliasName": { "description": "The name of the alias. The name must start with alias followed by a forward slash, such as alias/. You can't specify aliases that begin with alias/AWS. These aliases are reserved.", "required": true, "type": "String", "update_causes": "replacement" }, "TargetKeyId": { "description": "The ID of the key for which you are creating the alias. Specify the key's globally unique identifier or Amazon Resource Name (ARN). You can't specify another alias.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-kms-alias.html" }, "AWS::EC2::VPCDHCPOptionsAssociation": { "properties": [ "DhcpOptionsId", "VpcId" ], "full_properties": { "DhcpOptionsId": { "description": "The ID of the DHCP options you want to associate with the VPC. Specify default if you want the VPC to use no DHCP options.", "required": true, "type": "String", "update_causes": "none" }, "VpcId": { "description": "The ID of the VPC to associate with this DHCP options set.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-vpc-dhcp-options-assoc.html" }, "AWS::IAM::Policy": { "properties": [ "Groups", "PolicyDocument", "PolicyName", "Roles", "Users" ], "full_properties": { "Groups": { "description": "The names of groups to which you want to add the policy.", "required": false, "type": "Array", "update_causes": "none" }, "PolicyDocument": { "description": "A policy document that contains permissions to add to the specified users or groups.", "required": true, "type": "Unknown", "update_causes": "none" }, "PolicyName": { "description": "The name of the policy. If you specify multiple policies for an entity, specify unique names. For example, if you specify a list of policies for an IAM role, each policy must have a unique name.", "required": true, "type": "String", "update_causes": "none" }, "Roles": { "description": "The names of AWS::IAM::Roles to attach to this policy.", "required": false, "type": "Array", "update_causes": "none" }, "Users": { "description": "The names of users for whom you want to add the policy.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-iam-policy.html" }, "AWS::ElasticBeanstalk::Environment": { "properties": [ "ApplicationName", "CNAMEPrefix", "Description", "EnvironmentName", "OptionSettings", "SolutionStackName", "Tags", "TemplateName", "Tier", "VersionLabel" ], "full_properties": { "ApplicationName": { "description": "The name of the application that is associated with this environment.", "required": true, "type": "String", "update_causes": "replacement" }, "CNAMEPrefix": { "description": "A prefix for your Elastic Beanstalk environment URL.", "required": false, "type": "String", "update_causes": "replacement" }, "Description": { "description": "A description that helps you identify this environment.", "required": false, "type": "String", "update_causes": "none" }, "EnvironmentName": { "description": "A name for the Elastic Beanstalk environment. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "OptionSettings": { "description": "Key-value pairs defining configuration options for this environment. These options override the values that are defined in the solution stack or the configuration template. If you remove any options during a stack update, the removed options revert to default values.", "required": false, "type": "Array", "update_causes": "interrupt" }, "SolutionStackName": { "description": "The name of an Elastic Beanstalk solution stack that this configuration will use. For more information, see Supported Platforms in the AWS Elastic Beanstalk Developer Guide. You must specify either this parameter or an Elastic Beanstalk configuration template name.", "required": false, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this environment.", "required": false, "type": "Unknown", "update_causes": "unknown" }, "TemplateName": { "description": "The name of the Elastic Beanstalk configuration template to use with the environment. You must specify either this parameter or a solution stack name.", "required": false, "type": "String", "update_causes": "interrupt" }, "Tier": { "description": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", "required": false, "type": "Unknown", "update_causes": "unknown" }, "VersionLabel": { "description": "The version to associate with the environment.", "required": false, "type": "String", "update_causes": "interrupt" } }, "path": "aws-properties-beanstalk-environment.html" }, "AWS::WAF::SqlInjectionMatchSet": { "properties": [ "Name", "SqlInjectionMatchTuples" ], "full_properties": { "Name": { "description": "A friendly name or description of the SqlInjectionMatchSet.", "required": true, "type": "String", "update_causes": "replacement" }, "SqlInjectionMatchTuples": { "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-waf-sqlinjectionmatchset.html" }, "AWS::GameLift::Build": { "properties": [ "Name", "StorageLocation", "Version" ], "full_properties": { "Name": { "description": "An identifier to associate with this build. Build names don't need to be unique.", "required": false, "type": "String", "update_causes": "none" }, "StorageLocation": { "description": "The Amazon Simple Storage Service (Amazon S3) location where your build package files are located.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Version": { "description": "A version to associate with this build. Version is useful if you want to track updates to your build package files. Versions don't need to be unique.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-gamelift-build.html" }, "AWS::EC2::SecurityGroup": { "properties": [ "GroupDescription", "SecurityGroupEgress", "SecurityGroupIngress", "Tags", "VpcId" ], "full_properties": { "GroupDescription": { "description": "Description of the security group.", "required": true, "type": "String", "update_causes": "replacement" }, "SecurityGroupEgress": { "description": "A list of Amazon EC2 security group egress rules.", "required": false, "type": "Array", "update_causes": "none" }, "SecurityGroupIngress": { "description": "A list of Amazon EC2 security group ingress rules.", "required": false, "type": "Array", "update_causes": "none" }, "Tags": { "description": "The tags that you want to attach to the resource.", "required": false, "type": "Unknown", "update_causes": "none" }, "VpcId": { "description": "The physical ID of the VPC. Can be obtained by using a reference to an AWS::EC2::VPC, such as: { \"Ref\" : \"myVPC\" }.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-properties-ec2-security-group.html" }, "AWS::ApiGateway::RestApi": { "properties": [ "Body", "BodyS3Location" ], "full_properties": { "Body": { "description": "An OpenAPI specification that defines a set of RESTful APIs in the JSON format. For YAML templates, you can also specify the specification in the YAML format.", "required": false, "type": "Unknown", "update_causes": "none" }, "BodyS3Location": { "description": "The Amazon Simple Storage Service (Amazon S3) location that points to a OpenAPI file, which defines a set of RESTful APIs in JSON or YAML format.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-apigateway-restapi.html" }, "AWS::EC2::SubnetRouteTableAssociation": { "properties": [ "RouteTableId", "SubnetId" ], "full_properties": { "RouteTableId": { "description": "The ID of the route table. This is commonly written as a reference to a route table declared elsewhere in the template. For example:", "required": true, "type": "String", "update_causes": "none" }, "SubnetId": { "description": "The ID of the subnet. This is commonly written as a reference to a subnet declared elsewhere in the template. For example:", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-ec2-subnet-route-table-assoc.html" }, "AWS::CodeBuild::Project": { "properties": [ "Artifacts", "Description", "EncryptionKey", "Environment", "Name", "ServiceRole", "Source", "Tags", "TimeoutInMinutes" ], "full_properties": { "Artifacts": { "description": "The output settings for artifacts that the project generates during a build.", "required": true, "type": "Unknown", "update_causes": "none" }, "Description": { "description": "A description of the project. Use the description to identify the purpose of the project.", "required": false, "type": "String", "update_causes": "none" }, "EncryptionKey": { "description": "The alias or Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) customer master key (CMK) that AWS CodeBuild uses to encrypt the build output. If you don't specify a value, AWS CodeBuild uses the AWS-managed CMK for Amazon Simple Storage Service.", "required": false, "type": "String", "update_causes": "none" }, "Environment": { "description": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", "required": true, "type": "Unknown", "update_causes": "none" }, "Name": { "description": "A name for the project. The name must be unique across all of the projects in your AWS account.", "required": true, "type": "String", "update_causes": "replacement" }, "ServiceRole": { "description": "The ARN of the service role that AWS CodeBuild uses to interact with services on your behalf.", "required": true, "type": "String", "update_causes": "none" }, "Source": { "description": "The source code settings for the project, such as the source code's repository type and location.", "required": true, "type": "Unknown", "update_causes": "none" }, "Tags": { "description": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.", "required": false, "type": "Unknown", "update_causes": "none" }, "TimeoutInMinutes": { "description": "The number of minutes after which AWS CodeBuild stops the build if it's not complete. For valid values, see the timeoutInMinutes field in the AWS CodeBuild User Guide.", "required": false, "type": "Number", "update_causes": "none" } }, "path": "aws-resource-codebuild-project.html" }, "AWS::EC2::SpotFleet": { "properties": [ "SpotFleetRequestConfigData" ], "full_properties": { "SpotFleetRequestConfigData": { "description": "The configuration for a Spot fleet request.", "required": true, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-ec2-spotfleet.html" }, "AWS::EC2::RouteTable": { "properties": [ "VpcId", "Tags" ], "full_properties": { "VpcId": { "description": "The ID of the VPC where the route table will be created.", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this route table.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-ec2-route-table.html" }, "AWS::IoT::PolicyPrincipalAttachment": { "properties": [ "PolicyName", "Principal" ], "full_properties": { "PolicyName": { "description": "The name of the policy.", "required": true, "type": "String", "update_causes": "replacement" }, "Principal": { "description": "The principal, which can be a certificate ARN (as returned from the CreateCertificate operation) or an Amazon Cognito ID.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-iot-policyprincipalattachment.html" }, "AWS::IAM::UserToGroupAddition": { "properties": [ "GroupName", "Users" ], "full_properties": { "GroupName": { "description": "The name of group to add users to.", "required": true, "type": "String", "update_causes": "none" }, "Users": { "description": "Required: Yes", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-iam-addusertogroup.html" }, "AWS::Config::DeliveryChannel": { "properties": [ "ConfigSnapshotDeliveryProperties", "Name", "S3BucketName", "S3KeyPrefix", "SnsTopicARN" ], "full_properties": { "ConfigSnapshotDeliveryProperties": { "description": "Provides options for how AWS Config delivers configuration snapshots to the S3 bucket in your delivery channel.", "required": false, "type": "Unknown", "update_causes": "none" }, "Name": { "description": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "unavailable" }, "S3BucketName": { "description": "The name of an S3 bucket where you want to store configuration history for the delivery channel.", "required": true, "type": "String", "update_causes": "none" }, "S3KeyPrefix": { "description": "A key prefix (folder) for the specified S3 bucket.", "required": false, "type": "String", "update_causes": "none" }, "SnsTopicARN": { "description": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (Amazon SNS) topic that AWS Config delivers notifications to.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-config-deliverychannel.html" }, "AWS::CloudFormation::WaitCondition": { "properties": [ "Count", "Handle", "Timeout" ], "full_properties": { "Count": { "description": "The number of success signals that AWS CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, AWS CloudFormation resumes the creation of the stack. If the wait condition does not receive the specified number of success signals before the Timeout period expires, AWS CloudFormation assumes that the wait condition has failed and rolls the stack back.", "required": false, "type": "Number", "update_causes": "unavailable" }, "Handle": { "description": "A reference to the wait condition handle used to signal this wait condition. Use the Ref intrinsic function to specify an AWS::CloudFormation::WaitConditionHandle resource.", "required": true, "type": "String", "update_causes": "unavailable" }, "Timeout": { "description": "The length of time (in seconds) to wait for the number of signals that the Count property specifies. Timeout is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).", "required": true, "type": "String", "update_causes": "unavailable" } }, "path": "aws-properties-waitcondition.html" }, "AWS::ElasticLoadBalancing::LoadBalancer": { "properties": [ "AccessLoggingPolicy", "AppCookieStickinessPolicy", "AvailabilityZones", "ConnectionDrainingPolicy", "ConnectionSettings", "CrossZone", "HealthCheck", "Instances", "LBCookieStickinessPolicy", "LoadBalancerName", "Listeners", "Policies", "Scheme", "SecurityGroups", "Subnets", "Tags" ], "full_properties": { "AccessLoggingPolicy": { "description": "Captures detailed information for all requests made to your load balancer, such as the time a request was received, client’s IP address, latencies, request path, and server responses.", "required": false, "type": "Unknown", "update_causes": "none" }, "AppCookieStickinessPolicy": { "description": "Generates one or more stickiness policies with sticky session lifetimes that follow that of an application-generated cookie. These policies can be associated only with HTTP/HTTPS listeners.", "required": false, "type": "Array", "update_causes": "none" }, "AvailabilityZones": { "description": "The Availability Zones in which to create the load balancer. You can specify the AvailabilityZones or Subnets property, but not both.", "required": false, "type": "Array", "update_causes": [ "replacement", "none" ] }, "ConnectionDrainingPolicy": { "description": "Whether deregistered or unhealthy instances can complete all in-flight requests.", "required": false, "type": "Unknown", "update_causes": "none" }, "ConnectionSettings": { "description": "Specifies how long front-end and back-end connections of your load balancer can remain idle.", "required": false, "type": "Unknown", "update_causes": "none" }, "CrossZone": { "description": "Whether cross-zone load balancing is enabled for the load balancer. With cross-zone load balancing, your load balancer nodes route traffic to the back-end instances across all Availability Zones. By default the CrossZone property is false.", "required": false, "type": "Boolean", "update_causes": "none" }, "HealthCheck": { "description": "Application health check for the instances.", "required": false, "type": "Unknown", "update_causes": [ "replacement", "none" ] }, "Instances": { "description": "A list of EC2 instance IDs for the load balancer.", "required": false, "type": "Array", "update_causes": "none" }, "LBCookieStickinessPolicy": { "description": "Generates a stickiness policy with sticky session lifetimes controlled by the lifetime of the browser (user-agent), or by a specified expiration period. This policy can be associated only with HTTP/HTTPS listeners.", "required": false, "type": "Array", "update_causes": "none" }, "LoadBalancerName": { "description": "A name for the load balancer. For valid values, see the LoadBalancerName parameter for the CreateLoadBalancer action in the Elastic Load Balancing API Reference version 2012-06-01.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Listeners": { "description": "One or more listeners for this load balancer. Each listener must be registered for a specific port, and you cannot have more than one listener for a given port.", "required": true, "type": "Array", "update_causes": "none" }, "Policies": { "description": "A list of elastic load balancing policies to apply to this elastic load balancer. Specify only back-end server policies. For more information, see DescribeLoadBalancerPolicyTypes in the Elastic Load Balancing API Reference version 2012-06-01.", "required": false, "type": "Array", "update_causes": "none" }, "Scheme": { "description": "For load balancers attached to an Amazon VPC, this parameter can be used to specify the type of load balancer to use. Specify internal to create an internal load balancer with a DNS name that resolves to private IP addresses or internet-facing to create a load balancer with a publicly resolvable DNS name, which resolves to public IP addresses.", "required": false, "type": "String", "update_causes": "replacement" }, "SecurityGroups": { "description": "Required: No", "required": false, "type": "Array", "update_causes": "none" }, "Subnets": { "description": "A list of subnet IDs in your virtual private cloud (VPC) to attach to your load balancer. Do not specify multiple subnets that are in the same Availability Zone. You can specify the AvailabilityZones or Subnets property, but not both.", "required": false, "type": "Array", "update_causes": [ "replacement", "none" ] }, "Tags": { "description": "An arbitrary set of tags (key-value pairs) for this load balancer.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-properties-ec2-elb.html" }, "AWS::Redshift::ClusterSubnetGroup": { "properties": [ "Description", "SubnetIds" ], "full_properties": { "Description": { "description": "A description of the subnet group.", "required": true, "type": "String", "update_causes": "none" }, "SubnetIds": { "description": "A list of VPC subnet IDs. You can modify a maximum of 20 subnets.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-redshift-clustersubnetgroup.html" }, "AWS::CloudFormation::Init": { "properties": [ "command", "env", "cwd", "test", "ignoreErrors", "waitAfterCompletion", "content", "source", "encoding", "group", "owner", "mode", "authentication", "context", "gid", "ensureRunning", "enabled", "files", "sources", "packages", "commands", "uid", "groups", "homeDir" ], "path": "aws-resource-init.html" }, "AWS::CodePipeline::CustomActionType": { "properties": [ "Category", "ConfigurationProperties", "InputArtifactDetails", "OutputArtifactDetails", "Provider", "Settings", "Version" ], "full_properties": { "Category": { "description": "The category of the custom action, such as a source action or a build action. For valid values, see CreateCustomActionType in the AWS CodePipeline API Reference.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "ConfigurationProperties": { "description": "The configuration properties for the custom action.", "required": false, "type": "Array", "update_causes": "replacement" }, "InputArtifactDetails": { "description": "The input artifact details for this custom action.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "OutputArtifactDetails": { "description": "The output artifact details for this custom action.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "Provider": { "description": "The name of the service provider that AWS CodePipeline uses for this custom action.", "required": true, "type": "String", "update_causes": "replacement" }, "Settings": { "description": "URLs that provide users information about this custom action.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Version": { "description": "The version number of this custom action.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-codepipeline-customactiontype.html" }, "AWS::ElastiCache::SubnetGroup": { "properties": [ "CacheSubnetGroupName", "Description", "SubnetIds" ], "full_properties": { "CacheSubnetGroupName": { "description": "A name for the cache subnet group. If you don't specify a name, AWS CloudFormation generates a unique physical ID. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Description": { "description": "The description for the cache subnet group.", "required": true, "type": "String", "update_causes": "none" }, "SubnetIds": { "description": "The Amazon EC2 subnet IDs for the cache subnet group.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-properties-elasticache-subnetgroup.html" }, "AWS::IoT::Thing": { "properties": [ "AttributePayload", "ThingName" ], "full_properties": { "AttributePayload": { "description": "A JSON string that contains up to three key-value pairs, for example: { \"attributes\": { \"string1\":\"string2\" } }.", "required": false, "type": "String", "update_causes": "none" }, "ThingName": { "description": "The name (the physical ID) of the AWS IoT thing.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-iot-thing.html" }, "AWS::ApiGateway::Model": { "properties": [ "ContentType", "Description", "Name", "RestApiId", "Schema" ], "full_properties": { "ContentType": { "description": "The content type for the model.", "required": false, "type": "String", "update_causes": "replacement" }, "Description": { "description": "A description that identifies this model.", "required": false, "type": "String", "update_causes": "none" }, "Name": { "description": "A name for the mode. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the model name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "RestApiId": { "description": "The ID of a REST API with which to associate this model.", "required": true, "type": "String", "update_causes": "replacement" }, "Schema": { "description": "The schema to use to transform data to one or more output formats. Specify null ({}) if you don't want to specify a schema.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-apigateway-model.html" }, "AWS::EC2::NetworkAclEntry": { "properties": [ "CidrBlock", "Egress", "Icmp", "Ipv6CidrBlock", "NetworkAclId", "PortRange", "Protocol", "RuleAction", "RuleNumber" ], "full_properties": { "CidrBlock": { "description": "The IPv4 CIDR range to allow or deny, in CIDR notation (e.g., 172.16.0.0/24).", "required": false, "type": "String", "update_causes": "none" }, "Egress": { "description": "Whether this rule applies to egress traffic from the subnet (true) or ingress traffic to the subnet (false). By default, AWS CloudFormation specifies false.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "Icmp": { "description": "The Internet Control Message Protocol (ICMP) code and type.", "required": false, "type": "Unknown", "update_causes": "none" }, "Ipv6CidrBlock": { "description": "The IPv6 CIDR range to allow or deny, in CIDR notation.", "required": false, "type": "String", "update_causes": "none" }, "NetworkAclId": { "description": "ID of the ACL where the entry will be created.", "required": true, "type": "String", "update_causes": "replacement" }, "PortRange": { "description": "The range of port numbers for the UDP/TCP protocol.", "required": false, "type": "Unknown", "update_causes": "none" }, "Protocol": { "description": "The IP protocol that the rule applies to. You must specify -1 or a protocol number (go to Protocol Numbers at iana.org). You can specify -1 for all protocols.", "required": true, "type": "Unknown", "update_causes": "none" }, "RuleAction": { "description": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", "required": true, "type": "String", "update_causes": "none" }, "RuleNumber": { "description": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule. For valid values, see the CreateNetworkAclEntry action in the Amazon EC2 API Reference.", "required": true, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-ec2-network-acl-entry.html" }, "AWS::KinesisFirehose::DeliveryStream": { "properties": [ "DeliveryStreamName", "ElasticsearchDestinationConfiguration", "RedshiftDestinationConfiguration", "S3DestinationConfiguration" ], "full_properties": { "DeliveryStreamName": { "description": "A name for the delivery stream.", "required": false, "type": "String", "update_causes": "replacement" }, "ElasticsearchDestinationConfiguration": { "description": "An Amazon ES destination for the delivery stream.", "required": false, "type": "Unknown", "update_causes": [ "none", "interrupt" ] }, "RedshiftDestinationConfiguration": { "description": "An Amazon Redshift destination for the delivery stream.", "required": false, "type": "Unknown", "update_causes": [ "none", "interrupt" ] }, "S3DestinationConfiguration": { "description": "An Amazon S3 destination for the delivery stream.", "required": false, "type": "Unknown", "update_causes": [ "none", "interrupt" ] } }, "path": "aws-resource-kinesisfirehose-deliverystream.html" }, "AWS::RDS::OptionGroup": { "properties": [ "EngineName", "MajorEngineVersion", "OptionGroupDescription", "OptionConfigurations", "Tags" ], "full_properties": { "EngineName": { "description": "The name of the database engine that this option group is associated with.", "required": true, "type": "String", "update_causes": "replacement" }, "MajorEngineVersion": { "description": "The major version number of the database engine that this option group is associated with.", "required": true, "type": "String", "update_causes": "replacement" }, "OptionGroupDescription": { "description": "A description of the option group.", "required": true, "type": "String", "update_causes": "replacement" }, "OptionConfigurations": { "description": "The configurations for this option group.", "required": true, "type": "Unknown", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for this option group.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-rds-optiongroup.html" }, "AWS::KMS::Key": { "properties": [ "Description", "Enabled", "EnableKeyRotation", "KeyPolicy" ], "full_properties": { "Description": { "description": "A description of the key. Use a description that helps your users decide whether the key is appropriate for a particular task.", "required": false, "type": "String", "update_causes": "none" }, "Enabled": { "description": "Indicates whether the key is available for use. AWS CloudFormation sets this value to true by default.", "required": false, "type": "Boolean", "update_causes": "none" }, "EnableKeyRotation": { "description": "Indicates whether AWS KMS rotates the key. AWS CloudFormation sets this value to false by default.", "required": false, "type": "Boolean", "update_causes": "none" }, "KeyPolicy": { "description": "An AWS KMS key policy to attach to the key. Use a policy to specify who has permission to use the key and which actions they can perform. For more information, see Key Policies in the AWS Key Management Service Developer Guide.", "required": true, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-kms-key.html" }, "AWS::EC2::EIP": { "properties": [ "InstanceId", "Domain" ], "full_properties": { "InstanceId": { "description": "The Instance ID of the Amazon EC2 instance that you want to associate with this Elastic IP address.", "required": false, "type": "String", "update_causes": "none" }, "Domain": { "description": "Set to vpc to allocate the address to your Virtual Private Cloud (VPC). No other values are supported.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-properties-ec2-eip.html" }, "AWS::WAF::WebACL": { "properties": [ "DefaultAction", "MetricName", "Name", "Rules" ], "full_properties": { "DefaultAction": { "description": "The action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.", "required": true, "type": "Unknown", "update_causes": "none" }, "MetricName": { "description": "A friendly name or description for the Amazon CloudWatch metric of this web ACL. For valid values, see the MetricName parameter of the CreateWebACL action in the AWS WAF API Reference.", "required": true, "type": "String", "update_causes": "replacement" }, "Name": { "description": "A friendly name or description of the web ACL.", "required": true, "type": "String", "update_causes": "replacement" }, "Rules": { "description": "The rules to associate with the web ACL and the settings for each rule.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-waf-webacl.html" }, "AWS::EC2::NetworkInterfaceAttachment": { "properties": [ "DeleteOnTermination", "DeviceIndex", "InstanceId", "NetworkInterfaceId" ], "full_properties": { "DeleteOnTermination": { "description": "Whether to delete the network interface when the instance terminates. By default, this value is set to True.", "required": false, "type": "Boolean", "update_causes": "none" }, "DeviceIndex": { "description": "The network interface's position in the attachment order. For example, the first attached network interface has a DeviceIndex of 0.", "required": true, "type": "String", "update_causes": "none" }, "InstanceId": { "description": "The ID of the instance to which you will attach the ENI.", "required": true, "type": "String", "update_causes": "none" }, "NetworkInterfaceId": { "description": "The ID of the ENI that you want to attach.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-ec2-network-interface-attachment.html" }, "AWS::DirectoryService::SimpleAD": { "properties": [ "CreateAlias", "Description", "EnableSso", "Name", "Password", "ShortName", "Size", "VpcSettings" ], "full_properties": { "CreateAlias": { "description": "A unique alias to assign to the directory. AWS Directory Service uses the alias to construct the access URL for the directory, such as http://alias.awsapps.com. By default, AWS CloudFormation does not create an alias.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "Description": { "description": "A description of the directory.", "required": false, "type": "String", "update_causes": "replacement" }, "EnableSso": { "description": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", "required": false, "type": "Boolean", "update_causes": "none" }, "Name": { "description": "The fully qualified name for the directory, such as corp.example.com.", "required": true, "type": "String", "update_causes": "replacement" }, "Password": { "description": "The password for the directory administrator. AWS Directory Service creates a directory administrator account with the user name Administrator and this password.", "required": true, "type": "String", "update_causes": "replacement" }, "ShortName": { "description": "The NetBIOS name of the on-premises directory, such as CORP.", "required": false, "type": "String", "update_causes": "replacement" }, "Size": { "description": "The size of the directory. For valid values, see CreateDirectory in the AWS Directory Service API Reference.", "required": true, "type": "String", "update_causes": "replacement" }, "VpcSettings": { "description": "Specifies the VPC settings of the directory server.", "required": true, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-directoryservice-simplead.html" }, "AWS::ApiGateway::Method": { "properties": [ "ApiKeyRequired", "AuthorizationType", "AuthorizerId", "HttpMethod", "Integration", "MethodResponses", "RequestModels", "RequestParameters", "ResourceId", "RestApiId" ], "full_properties": { "ApiKeyRequired": { "description": "Indicates whether the method requires clients to submit a valid API key.", "required": false, "type": "Boolean", "update_causes": "none" }, "AuthorizationType": { "description": "The method's authorization type.", "required": true, "type": "String", "update_causes": "none" }, "AuthorizerId": { "description": "The identifier of the authorizer to use on this method. If you specify this property, specify CUSTOM for the AuthorizationType property.", "required": false, "type": "Unknown", "update_causes": "none" }, "HttpMethod": { "description": "The HTTP method that clients will use to call this method.", "required": true, "type": "String", "update_causes": "none" }, "Integration": { "description": "The back-end system that the method calls when it receives a request.", "required": false, "type": "Unknown", "update_causes": "none" }, "MethodResponses": { "description": "The responses that can be sent to the client who calls the method.", "required": false, "type": "Array", "update_causes": "none" }, "RequestModels": { "description": "The resources used for the response's content type. Specify response models as key-value pairs (string-to-string map), with a content type as the key and a Model resource name as the value.", "required": false, "type": "Unknown", "update_causes": "none" }, "RequestParameters": { "description": "Request parameters that API Gateway accepts. Specify request parameters as key-value pairs (string-to-Boolean map), with a source as the key and a Boolean as the value. The Boolean specifies whether a parameter is required. A source must match the following format method.request.location.name, where the location is querystring, path, or header, and name is a valid, unique parameter name.", "required": false, "type": "Unknown", "update_causes": "none" }, "ResourceId": { "description": "The ID of an API Gateway resource. For root resource methods, specify the RestApi root resource ID, such as { \"Fn::GetAtt\": [\"MyRestApi\", \"RootResourceId\"] }.", "required": true, "type": "String", "update_causes": "none" }, "RestApiId": { "description": "The ID of the RestApi resource in which API Gateway creates the method.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-apigateway-method.html" }, "AWS::Logs::LogStream": { "properties": [ "LogGroupName", "LogStreamName" ], "full_properties": { "LogGroupName": { "description": "The name of the log group where the log stream is created.", "required": true, "type": "String", "update_causes": "replacement" }, "LogStreamName": { "description": "The name of the log stream to create. The name must be unique within the log group.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-logs-logstream.html" }, "AWS::WAF::XssMatchSet": { "properties": [ "Name", "XssMatchTuples" ], "full_properties": { "Name": { "description": "A friendly name or description for the XssMatchSet.", "required": true, "type": "String", "update_causes": "replacement" }, "XssMatchTuples": { "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.", "required": false, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-waf-xssmatchset.html" }, "AWS::IAM::Role": { "properties": [ "AssumeRolePolicyDocument", "ManagedPolicyArns", "Path", "Policies", "RoleName" ], "full_properties": { "AssumeRolePolicyDocument": { "description": "The trust policy that is associated with this role.", "required": true, "type": "JSON", "update_causes": "none" }, "ManagedPolicyArns": { "description": "One or more managed policy ARNs to attach to this role.", "required": false, "type": "Array", "update_causes": "none" }, "Path": { "description": "The path associated with this role. For information about IAM paths, see Friendly Names and Paths in IAM User Guide.", "required": false, "type": "String", "update_causes": "replacement" }, "Policies": { "description": "The policies to associate with this role. For sample templates, see Template Examples.", "required": false, "type": "Array", "update_causes": "none" }, "RoleName": { "description": "A name for the IAM role. For valid values, see the RoleName parameter for the CreateRole action in the IAM API Reference. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-iam-role.html" }, "AWS::Logs::MetricFilter": { "properties": [ "FilterPattern", "LogGroupName", "MetricTransformations" ], "full_properties": { "FilterPattern": { "description": "Describes the pattern that CloudWatch Logs follows to interpret each entry in a log. For example, a log entry might contain fields such as timestamps, IP addresses, error codes, bytes transferred, and so on. You use the pattern to specify those fields and to specify what to look for in the log file. For example, if you're interested in error codes that begin with 1234, your filter pattern might be [timestamps, ip_addresses, error_codes = 1234*, size, ...].", "required": true, "type": "String", "update_causes": "none" }, "LogGroupName": { "description": "The name of an existing log group that you want to associate with this metric filter.", "required": true, "type": "String", "update_causes": "replacement" }, "MetricTransformations": { "description": "Describes how to transform data from a log into a CloudWatch metric.", "required": true, "type": "Array", "update_causes": "none" } }, "path": "aws-resource-logs-metricfilter.html" }, "AWS::RDS::DBSecurityGroupIngress": { "properties": [ "CIDRIP", "DBSecurityGroupName", "EC2SecurityGroupId", "EC2SecurityGroupName", "EC2SecurityGroupOwnerId" ], "full_properties": { "CIDRIP": { "description": "The IP range to authorize.", "required": false, "type": "String", "update_causes": "none" }, "DBSecurityGroupName": { "description": "The name (ARN) of the AWS::RDS::DBSecurityGroup to which this ingress will be added.", "required": true, "type": "String", "update_causes": "none" }, "EC2SecurityGroupId": { "description": "The ID of the VPC or EC2 security group to authorize.", "required": false, "type": "String", "update_causes": "none" }, "EC2SecurityGroupName": { "description": "The name of the EC2 security group to authorize.", "required": false, "type": "String", "update_causes": "none" }, "EC2SecurityGroupOwnerId": { "description": "The AWS Account Number of the owner of the EC2 security group specified in the EC2SecurityGroupName parameter. The AWS Access Key ID is not an acceptable value.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-resource-rds-security-group-ingress.html" }, "AWS::OpsWorks::Stack": { "properties": [ "AgentVersion", "Attributes", "ChefConfiguration", "CloneAppIds", "ClonePermissions", "ConfigurationManager", "CustomCookbooksSource", "CustomJson", "DefaultAvailabilityZone", "DefaultInstanceProfileArn", "DefaultOs", "DefaultRootDeviceType", "DefaultSshKeyName", "DefaultSubnetId", "EcsClusterArn", "ElasticIps", "HostnameTheme", "Name", "RdsDbInstances", "ServiceRoleArn", "SourceStackId", "UseCustomCookbooks", "UseOpsworksSecurityGroups", "VpcId" ], "full_properties": { "AgentVersion": { "description": "The AWS OpsWorks agent version that you want to use. The agent communicates with the service and handles tasks such as initiating Chef runs in response to lifecycle events. For valid values, see the AgentVersion parameter for the CreateStack action in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "none" }, "Attributes": { "description": "One or more user-defined key-value pairs to be added to the stack attributes bag.", "required": false, "type": "Array", "update_causes": "none" }, "ChefConfiguration": { "description": "Describes the Chef configuration. For more information, see the CreateStack ChefConfiguration parameter in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "Unknown", "update_causes": "none" }, "CloneAppIds": { "description": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", "required": false, "type": "Array", "update_causes": "replacement" }, "ClonePermissions": { "description": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "ConfigurationManager": { "description": "Describes the configuration manager. When you create a stack, you use the configuration manager to specify the Chef version. For supported Chef versions, see the CreateStack ConfigurationManager parameter in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "Unknown", "update_causes": "none" }, "CustomCookbooksSource": { "description": "Contains the information required to retrieve a cookbook from a repository.", "required": false, "type": "Unknown", "update_causes": "none" }, "CustomJson": { "description": "A user-defined custom JSON object. The custom JSON is used to override the corresponding default stack configuration JSON values. For more information, see CreateStack in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "Unknown", "update_causes": "none" }, "DefaultAvailabilityZone": { "description": "The stack's default Availability Zone, which must be in the specified region.", "required": false, "type": "String", "update_causes": "none" }, "DefaultInstanceProfileArn": { "description": "The Amazon Resource Name (ARN) of an IAM instance profile that is the default profile for all of the stack's Amazon EC2 instances.", "required": true, "type": "String", "update_causes": "none" }, "DefaultOs": { "description": "The stack's default operating system. For more information, see CreateStack in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "none" }, "DefaultRootDeviceType": { "description": "The default root device type. This value is used by default for all instances in the stack, but you can override it when you create an instance. For more information, see CreateStack in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "none" }, "DefaultSshKeyName": { "description": "A default SSH key for the stack instances. You can override this value when you create or update an instance.", "required": false, "type": "String", "update_causes": "none" }, "DefaultSubnetId": { "description": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance.", "required": false, "type": "String", "update_causes": "none" }, "EcsClusterArn": { "description": "The Amazon Resource Name (ARN) of the Amazon EC2 Container Service (Amazon ECS) cluster to register with the AWS OpsWorks stack.", "required": false, "type": "String", "update_causes": "none" }, "ElasticIps": { "description": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.", "required": false, "type": "Array", "update_causes": "none" }, "HostnameTheme": { "description": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. For more information, see CreateStack in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "none" }, "Name": { "description": "The name of the AWS OpsWorks stack.", "required": true, "type": "String", "update_causes": "none" }, "RdsDbInstances": { "description": "The Amazon Relational Database Service (Amazon RDS) DB instance to register with the AWS OpsWorks stack.", "required": false, "type": "Array", "update_causes": "none" }, "ServiceRoleArn": { "description": "The AWS Identity and Access Management (IAM) role that AWS OpsWorks uses to work with AWS resources on your behalf. You must specify an Amazon Resource Name (ARN) for an existing IAM role.", "required": true, "type": "String", "update_causes": "replacement" }, "SourceStackId": { "description": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", "required": false, "type": "String", "update_causes": "replacement" }, "UseCustomCookbooks": { "description": "Whether the stack uses custom cookbooks.", "required": false, "type": "Boolean", "update_causes": "none" }, "UseOpsworksSecurityGroups": { "description": "Whether to associate the AWS OpsWorks built-in security groups with the stack's layers.", "required": false, "type": "Boolean", "update_causes": "none" }, "VpcId": { "description": "The ID of the VPC that the stack is to be launched into, which must be in the specified region. All instances are launched into this VPC. If you specify this property, you must specify the DefaultSubnetId property.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-opsworks-stack.html" }, "AWS::CodeDeploy::DeploymentGroup": { "properties": [ "ApplicationName", "AutoScalingGroups", "Deployment", "DeploymentConfigName", "DeploymentGroupName", "Ec2TagFilters", "OnPremisesInstanceTagFilters", "ServiceRoleArn" ], "full_properties": { "ApplicationName": { "description": "The name of an AWS CodeDeploy application for this deployment group.", "required": true, "type": "String", "update_causes": "replacement" }, "AutoScalingGroups": { "description": "A list of associated Auto Scaling groups that AWS CodeDeploy automatically deploys revisions to when new instances are created.", "required": false, "type": "Array", "update_causes": "none" }, "Deployment": { "description": "The application revision that will be deployed to this deployment group.", "required": false, "type": "Unknown", "update_causes": "none" }, "DeploymentConfigName": { "description": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time, half of the instances at a time, or all the instances at once. For more information and valid values, see the DeploymentConfigName parameter for the CreateDeploymentGroup action in the AWS CodeDeploy API Reference.", "required": false, "type": "String", "update_causes": "none" }, "DeploymentGroupName": { "description": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "Ec2TagFilters": { "description": "The Amazon EC2 tags to filter on. AWS CodeDeploy includes all instances that match the tag filter with this deployment group.", "required": false, "type": "Unknown", "update_causes": "none" }, "OnPremisesInstanceTagFilters": { "description": "The on-premises instance tags to filter on. AWS CodeDeploy includes all on-premises instances that match the tag filter with this deployment group. To register on-premises instances with AWS CodeDeploy, see Configure Existing On-Premises Instances by Using AWS CodeDeploy in the AWS CodeDeploy User Guide.", "required": false, "type": "Unknown", "update_causes": "none" }, "ServiceRoleArn": { "description": "A service role Amazon Resource Name (ARN) that grants AWS CodeDeploy permission to make calls to AWS services on your behalf. For more information, see Create a Service Role for AWS CodeDeploy in the AWS CodeDeploy User Guide.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-codedeploy-deploymentgroup.html" }, "AWS::OpsWorks::Volume": { "properties": [ "Ec2VolumeId", "MountPoint", "Name", "StackId" ], "full_properties": { "Ec2VolumeId": { "description": "The ID of the Amazon EBS volume to register with the AWS OpsWorks stack.", "required": true, "type": "String", "update_causes": "replacement" }, "MountPoint": { "description": "The mount point for the Amazon EBS volume, such as /mnt/disk1.", "required": false, "type": "String", "update_causes": "none" }, "Name": { "description": "A name for the Amazon EBS volume.", "required": false, "type": "String", "update_causes": "none" }, "StackId": { "description": "The ID of the AWS OpsWorks stack that AWS OpsWorks registers the volume to.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-opsworks-volume.html" }, "AWS::Logs::SubscriptionFilter": { "properties": [ "DestinationArn", "FilterPattern", "LogGroupName", "RoleArn" ], "full_properties": { "DestinationArn": { "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis stream or Lambda function that you want to use as the subscription feed destination.", "required": true, "type": "String", "update_causes": "replacement" }, "FilterPattern": { "description": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see Filter and Pattern Syntax in the Amazon CloudWatch User Guide.", "required": true, "type": "String", "update_causes": "replacement" }, "LogGroupName": { "description": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", "required": true, "type": "String", "update_causes": "replacement" }, "RoleArn": { "description": "An IAM role that grants CloudWatch Logs permission to put data into the specified Amazon Kinesis stream. For Lambda and CloudWatch Logs destinations, don't specify this property because CloudWatch Logs gets the necessary permissions from the destination resource.", "required": false, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-logs-subscriptionfilter.html" }, "AWS::CloudWatch::Alarm": { "properties": [ "ActionsEnabled", "AlarmActions", "AlarmDescription", "AlarmName", "ComparisonOperator", "Dimensions", "EvaluationPeriods", "InsufficientDataActions", "MetricName", "Namespace", "OKActions", "Period", "Statistic", "Threshold", "Unit" ], "full_properties": { "ActionsEnabled": { "description": "Indicates whether or not actions should be executed during any changes to the alarm's state.", "required": false, "type": "Boolean", "update_causes": "none" }, "AlarmActions": { "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Number (ARN). For more information about creating alarms and the actions you can specify, see Creating Amazon CloudWatch Alarms in the Amazon CloudWatch User Guide.", "required": false, "type": "Array", "update_causes": "none" }, "AlarmDescription": { "description": "The description for the alarm.", "required": false, "type": "String", "update_causes": "none" }, "AlarmName": { "description": "A name for the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name. For more information, see Name Type.", "required": false, "type": "Unknown", "update_causes": "replacement" }, "ComparisonOperator": { "description": "The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand.", "required": true, "type": "String", "update_causes": "none" }, "Dimensions": { "description": "The dimensions for the alarm's associated metric.", "required": false, "type": "Array", "update_causes": "none" }, "EvaluationPeriods": { "description": "The number of periods over which data is compared to the specified threshold.", "required": true, "type": "Number", "update_causes": "none" }, "InsufficientDataActions": { "description": "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Number (ARN). Currently the only action supported is publishing to an Amazon SNS topic or an Amazon Auto Scaling policy.", "required": false, "type": "Array", "update_causes": "none" }, "MetricName": { "description": "The name for the alarm's associated metric. For more information about the metrics that you can specify, see Amazon CloudWatch Namespaces, Dimensions, and Metrics Reference in the Amazon CloudWatch User Guide.", "required": true, "type": "String", "update_causes": "none" }, "Namespace": { "description": "The namespace for the alarm's associated metric.", "required": true, "type": "String", "update_causes": "none" }, "OKActions": { "description": "The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Number (ARN). Currently the only action supported is publishing to an Amazon SNS topic or an Amazon Auto Scaling policy.", "required": false, "type": "Array", "update_causes": "none" }, "Period": { "description": "The time over which the specified statistic is applied. You must specify a time in seconds that is also a multiple of 60.", "required": true, "type": "Number", "update_causes": "none" }, "Statistic": { "description": "The statistic to apply to the alarm's associated metric.", "required": true, "type": "String", "update_causes": "none" }, "Threshold": { "description": "The value against which the specified statistic is compared.", "required": true, "type": "Unknown", "update_causes": "none" }, "Unit": { "description": "The unit for the alarm's associated metric.", "required": false, "type": "String", "update_causes": "none" } }, "path": "aws-properties-cw-alarm.html" }, "AWS::ElastiCache::SecurityGroupIngress": { "properties": [ "CacheSecurityGroupName", "EC2SecurityGroupName", "EC2SecurityGroupOwnerId" ], "full_properties": { "CacheSecurityGroupName": { "description": "The name of the Cache Security Group to authorize.", "required": true, "type": "String", "update_causes": "unavailable" }, "EC2SecurityGroupName": { "description": "Name of the EC2 Security Group to include in the authorization.", "required": true, "type": "String", "update_causes": "unavailable" }, "EC2SecurityGroupOwnerId": { "description": "Specifies the AWS Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The AWS access key ID is not an acceptable value.", "required": false, "type": "String", "update_causes": "unavailable" } }, "path": "aws-properties-elasticache-security-group-ingress.html" }, "AWS::IoT::Certificate": { "properties": [ "CertificateSigningRequest", "Status" ], "full_properties": { "CertificateSigningRequest": { "description": "The certificate signing request (CSR).", "required": true, "type": "String", "update_causes": "replacement" }, "Status": { "description": "The status of the certificate.", "required": true, "type": "String", "update_causes": "none" } }, "path": "aws-resource-iot-certificate.html" }, "AWS::DirectoryService::MicrosoftAD": { "properties": [ "CreateAlias", "EnableSso", "Name", "Password", "ShortName", "VpcSettings" ], "full_properties": { "CreateAlias": { "description": "A unique alias to assign to the Microsoft Active Directory in AWS. AWS Directory Service uses the alias to construct the access URL for the directory, such as http://alias.awsapps.com. By default, AWS CloudFormation does not create an alias.", "required": false, "type": "Boolean", "update_causes": "replacement" }, "EnableSso": { "description": "Whether to enable single sign-on for a Microsoft Active Directory in AWS. Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", "required": false, "type": "Boolean", "update_causes": "none" }, "Name": { "description": "The fully qualified name for the Microsoft Active Directory in AWS, such as corp.example.com. The name doesn't need to be publicly resolvable; it will resolve inside your VPC only.", "required": true, "type": "String", "update_causes": "replacement" }, "Password": { "description": "The password for the default administrative user, Admin.", "required": true, "type": "String", "update_causes": "replacement" }, "ShortName": { "description": "The NetBIOS name for your domain, such as CORP. If you don't specify a value, AWS Directory Service uses the first part of your directory DNS server name. For example, if your directory DNS server name is corp.example.com, AWS Directory Service specifies CORP for the NetBIOS name.", "required": false, "type": "String", "update_causes": "replacement" }, "VpcSettings": { "description": "Specifies the VPC settings of the Microsoft Active Directory server in AWS.", "required": true, "type": "Unknown", "update_causes": "replacement" } }, "path": "aws-resource-directoryservice-microsoftad.html" }, "AWS::SDB::Domain": { "properties": [ "Description" ], "full_properties": { "Description": { "description": "Information about the Amazon SimpleDB domain.", "required": false, "type": "String", "update_causes": "unavailable" } }, "path": "aws-properties-simpledb.html" }, "DataSource": { "properties": [ "Arn", "DatabaseName", "Type" ], "full_properties": { "Arn": { "description": "The ARN of the data source.", "required": false, "type": "String", "update_causes": "unknown" }, "DatabaseName": { "description": "The name of the database.", "required": false, "type": "String", "update_causes": "unknown" }, "Type": { "description": "The type of the data source, such as AutoSelectOpsworksMysqlInstance, OpsworksMysqlInstance, or RdsDbInstance. For valid values, see the DataSource type in the AWS OpsWorks Stacks API Reference.", "required": false, "type": "String", "update_causes": "unknown" } }, "path": "aws-properties-opsworks-app-datasource.html" }, "AWS::CloudFormation::Interface": { "properties": [ "ParameterGroups", "ParameterLabels" ], "full_properties": { "ParameterGroups": { "description": "A list of parameter group types, where you specify group names, the parameters in each group, and the order in which the parameters are shown.", "required": false, "type": "Unknown", "update_causes": "none" }, "ParameterLabels": { "description": "A mapping of parameters and their friendly names that the AWS CloudFormation console shows when a stack is created or updated.", "required": false, "type": "Unknown", "update_causes": "none" } }, "path": "aws-resource-cloudformation-interface.html" }, "AWS::ElasticLoadBalancingV2::TargetGroup": { "properties": [ "HealthCheckIntervalSeconds", "HealthCheckPath", "HealthCheckPort", "HealthCheckProtocol", "HealthCheckTimeoutSeconds", "HealthyThresholdCount", "Matcher", "Name", "Port", "Protocol", "Tags", "TargetGroupAttributes", "TargetGroupFullName", "Targets", "UnhealthyThresholdCount", "VpcId" ], "full_properties": { "HealthCheckIntervalSeconds": { "description": "The approximate number of seconds between health checks for an individual target.", "required": false, "type": "Number", "update_causes": "none" }, "HealthCheckPath": { "description": "The ping path destination where Elastic Load Balancing sends health check requests.", "required": false, "type": "String", "update_causes": "none" }, "HealthCheckPort": { "description": "The port that the load balancer uses when performing health checks on the targets.", "required": false, "type": "String", "update_causes": "none" }, "HealthCheckProtocol": { "description": "The protocol that the load balancer uses when performing health checks on the targets, such as HTTP or HTTPS.", "required": false, "type": "String", "update_causes": "none" }, "HealthCheckTimeoutSeconds": { "description": "The number of seconds to wait for a response before considering that a health check has failed.", "required": false, "type": "Number", "update_causes": "none" }, "HealthyThresholdCount": { "description": "The number of consecutive successful health checks that are required before an unhealthy target is considered healthy.", "required": false, "type": "Number", "update_causes": "none" }, "Matcher": { "description": "The HTTP codes that a healthy target uses when responding to a health check.", "required": false, "type": "Unknown", "update_causes": "none" }, "Name": { "description": "A name for the target group.", "required": false, "type": "String", "update_causes": "replacement" }, "Port": { "description": "The port on which the targets receive traffic.", "required": true, "type": "Number", "update_causes": "replacement" }, "Protocol": { "description": "The protocol to use for routing traffic to the targets.", "required": true, "type": "String", "update_causes": "replacement" }, "Tags": { "description": "An arbitrary set of tags (key–value pairs) for the target group. Use tags to help manage resources.", "required": false, "type": "Unknown", "update_causes": "none" }, "TargetGroupAttributes": { "description": "Target group configurations.", "required": false, "type": "Array", "update_causes": "none" }, "TargetGroupFullName": { "description": "The full name of the target group.", "required": false, "type": "String", "update_causes": "none" }, "Targets": { "description": "The targets to add to this target group.", "required": false, "type": "Array", "update_causes": "none" }, "UnhealthyThresholdCount": { "description": "The number of consecutive failed health checks that are required before a target is considered unhealthy.", "required": false, "type": "Number", "update_causes": "none" }, "VpcId": { "description": "The ID of the VPC in which your targets are located.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-elasticloadbalancingv2-targetgroup.html" }, "AWS::IoT::ThingPrincipalAttachment": { "properties": [ "Principal", "ThingName" ], "full_properties": { "Principal": { "description": "The principal, which can be a certificate ARN (as returned from the CreateCertificate operation) or an Amazon Cognito ID.", "required": true, "type": "String", "update_causes": "replacement" }, "ThingName": { "description": "The name of the AWS IoT thing.", "required": true, "type": "String", "update_causes": "replacement" } }, "path": "aws-resource-iot-thingprincipalattachment.html" } }