AWS CloudFormation
User Guide (API Version 2010-05-15)
Did this page help you?  Yes | No |  Tell us about it...
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.

Release History

The following table describes the important changes to the documentation since the last release of AWS CloudFormation.

ChangeRelease DateDescriptionAPI Version

Parameter types

May 19, 2015

Whenever you use the AWS CloudFormation console to create or update a stack, you can search for AWS-specific parameter type values by ID, name, or Name tag value.

AWS CloudFormation also added support for the following AWS-specific parameter types. For more information, see Parameters.

  • AWS::EC2::AvailabilityZone::Name

  • List<AWS::EC2::AvailabilityZone::Name>

  • AWS::EC2::Instance::Id

  • List<AWS::EC2::Instance::Id>

  • AWS::EC2::Image::Id

  • List<AWS::EC2::Image::Id>

  • AWS::EC2::SecurityGroup::GroupName

  • List<AWS::EC2::SecurityGroup::GroupName>

  • AWS::EC2::Volume::Id

  • List<AWS::EC2::Volume::Id>

  • AWS::Route53::HostedZone::Id

  • List<AWS::Route53::HostedZone::Id>

2010-05-15

New resources

April 16, 2015

AWS CloudFormation added the following resources:

AWS::AutoScaling::LifecycleHook

Use Auto Scaling lifecycle hooks to control the state of an instance after it is launched or terminated.

AWS::RDS::EventSubscription

Use event subscriptions to get notifications about Amazon RDS events.

2010-05-15

Resource updates

April 16, 2015

AWS CloudFormation updated the following resources:

AWS::AutoScaling::AutoScalingGroup

Use the NotificationConfigurations property to specify multiple notifications.

AWS::AutoScaling::LaunchConfiguration

Use the PlacementTenancy property to specify the tenancy of instances.

Use the ClassicLinkVPCId and ClassicLinkVPCSecurityGroups properties to link Classic-EC2 instances to a ClassicLink-enabled VPC.

AWS::AutoScaling::ScalingPolicy

Use the MinAdjustmentStep property to specify the minimum number of instances that are added or removed during a scaling event.

AWS::CloudFront::Distribution

For viewer certificates, use the MinimumProtocolVersion property to specify a minimum protocol version. For cache behaviors, use the CachedMethods property to specify which methods CloudFront caches responses for. For origins, use the OriginPath to specify a path that CloudFront uses to request content.

AWS::ElastiCache::CacheCluster

For Memcached cache clusters, use the AZMode and PreferredAvailabilityZones properties to specify nodes in multiple Availability Zones.

AWS::EC2::Volume

Use the KmsKeyId property to specify a master key for encrypted volumes.

AWS::OpsWorks::Instance

Use the TimeBasedAutoScaling property to automatically scale instances based on a schedule that you specify.

AWS::OpsWorks::Layer

Use the LoadBasedAutoScaling property to specify load-based scaling policies. For volume configurations, use the VolumeType and Iops properties to specify a volume type and the number I/O operations per second.

AWS::RDS::DBInstance

Use the CharacterSetName property to specify a character set for supported database engines.

Use the StorageEncrypted property to indicate whether database instances are encrypted and the KmsKeyId to specify a master key for encrypted database instances.

AWS::Route53::HealthCheck

Use the HealthCheckTags property to associate tags with health checks.

AWS::Route53::HostedZone

Use the VPCs property to create private hosted zones.

Use the HostedZoneTags property to associate tags with hosted zones.

2010-05-15

Metadata template section

April 16, 2015

Add the Metadata section to your templates to include arbitrary JSON objects that describe your templates, such as the design or implementation details.

2010-05-15

Resource update

April 08, 2015

For the AWS::CloudFormation::CustomResource resource, you can specify AWS Lambda function ARNs in the ServiceToken property.

2010-05-15

Amazon RDS update

December 24, 2014

AWS CloudFormation added two new properties for Amazon RDS database instances. You can associate an option group with a database instance and specify the database instance storage type. For more information, see AWS::RDS::DBInstance.

2010-05-15

Elastic Load Balancing update

December 24, 2014

You can use the ConnectionSettings property to specify how long connections can remain idle. For more information, see AWS::ElasticLoadBalancing::LoadBalancer.

2010-05-15

Amazon Route 53 update

November 06, 2014

You can now provision and manage Amazon Route 53 hosted zones, health checks, failover record sets, and geolocation record sets.

2010-05-15

Auto Scaling rolling update enhancement

November 06, 2014

During an update, you can use the WaitOnResourceSignals flag to instruct AWS CloudFormation to wait for instances to signal success. That way, AWS CloudFormation won't update the next batch of instances until the current batch is ready. For more information, see UpdatePolicy.

2010-05-15

Fn:GetAtt default VPC values

November 06, 2014

Given a VPC ID, you can retrieve the default security group and network ACL for that VPC. For more information, see Fn::GetAtt.

2010-05-15

AWS-specific parameter types

November 06, 2014

You can specify AWS-specific parameter types in your AWS CloudFormation templates. In the AWS CloudFormation console, these parameter types provide a drop-down list of valid values. With the API or CLI, AWS CloudFormation can quickly validate values for these parameter types before creating or updating a stack. For more information, see Parameters.

2010-05-15

CreationPolicy attribute

November 06, 2014

With the CreationPolicy attribute, you can instruct AWS CloudFormation to wait until applications are ready on Amazon EC2 instances before proceeding with stack creation. You can use a creation policy instead of a wait condition and wait condition handle. For more information, see CreationPolicy.

2010-05-15

Amazon CloudFront forwarded values

September 29, 2014

For cache behaviors, you can forward headers to the origin. See CloudFront ForwardedValues.

2010-05-15

AWS OpsWorks update

September 29, 2014

For Chef 11.10, you can use the ChefConfiguration property to enable Berkshelf. You can also use the AWS OpsWorks built-in security groups with your AWS OpsWorks stacks. For more information, see AWS::OpsWorks::Stack.

2010-05-15

Elastic Load Balancing tagging support

September 29, 2014

AWS CloudFormation tags Elastic Load Balancing load balancers with stack-level tags. You can also add your own tags to a load balancer. See AWS::ElasticLoadBalancing::LoadBalancer.

2010-05-15

Amazon Simple Notification Service topic policy

September 29, 2014

You can now update Amazon SNS topic policies. For more information, see AWS::SNS::TopicPolicy.

2010-05-15

Amazon RDS database instance update

September 05, 2014

You can specify whether a database instance is Internet-facing by using the PubliclyAccessible property in the AWS::RDS::DBInstance resource.

2010-05-15

UpdatePolicy Attribute update

September 05, 2014

You can specify an update policy for an Auto Scaling group that has an associated scheduled action. For more information, see UpdatePolicy.

2010-05-15

Amazon CloudWatch support

July 10, 2014

You can use AWS CloudFormation to provision and manage CloudWatch Logs log groups and metric filters. For more information, see AWS::Logs::LogGroup or AWS::Logs::MetricFilter.

2010-05-15

Amazon CloudFront distribution configuration update

June 17, 2014

You can specify additional CloudFront distribution configuration properties:

  • Custom error responses define custom error messages for 4xx and 5xx HTTP status codes.

  • Price class defines the maximum price that you want to pay for the CloudFront service.

  • Restrictions define who can view your content.

  • Viewer certificate specifies the certificate to use when viewers use HTTPS.

  • For cache behaviors, you can specify allowed HTTP methods and indicate whether to forward cookies.

For more information, see AWS::CloudFront::Distribution.

2010-05-15

Amazon EC2 instance update

June 17, 2014

You can specify whether an instance stops or terminates when you invoke the instance's operating system shutdown command. For more information, see AWS::EC2::Instance.

2010-05-15

Amazon EBS volume update

June 17, 2014

You can use encrypted Amazon EBS volumes with supported instance types. For more information, see AWS::EC2::Volume.

2010-05-15

Amazon VPC peering

June 17, 2014

You can use AWS CloudFormation to create a VPC peering connection, which establishes a network connection between two VPCs. For more information, see AWS::EC2::VPCPeeringConnection.

2010-05-15

Auto Scaling group update

June 17, 2014

You can specify an existing cluster placement group in which to launch instances for an Auto Scaling group. For more information, see AWS::AutoScaling::AutoScalingGroup.

2010-05-15

AWS CloudTrail

June 17, 2014

AWS CloudFormation supports AWS CloudTrail, which an capture API calls made from your AWS account and where to publish the logs at a location you designate. For more information, see AWS::CloudTrail::Trail.

2010-05-15

Update stack enhancements

May 12, 2014

AWS CloudFormation supports additional features for updating stacks:

  • You can update AWS CloudFormation stack parameters without resubmitting the stack's template.

  • You can add or remove Amazon SNS notification topics for an AWS CloudFormation stack.

For more information, see AWS CloudFormation Stacks Updates.

2010-05-15

Amazon Kinesis

May 06, 2014

You can use AWS CloudFormation to create Amazon Kinesis streams that capture and transport data records from data sources. For more information, see AWS::Kinesis::Stream.

2010-05-15

Amazon S3

May 05, 2014

AWS CloudFormation supports additional Amazon S3 bucket properties:

  • Cross-origin resource sharing (CORS) defines cross-origin resource sharing of objects in a bucket.

  • Lifecycle defines how Amazon S3 manages objects during their lifetime.

  • Access logging policy captures information about requests made to your bucket.

  • Notifications define what events to report and which Amazon SNS topic to send messages to.

  • Versioning enables multiple variants of all objects in a bucket.

  • Redirect and routing rules govern redirect behavior for requests made to a bucket's website endpoint.

For more information, see AWS::S3::Bucket.

2010-05-15

Auto Scaling

May 05, 2014

AWS CloudFormation supports metrics collection for an Auto Scaling group. For more information, see AWS::AutoScaling::AutoScalingGroup.

2010-05-15

Fn::If update

May 05, 2014

You can use the Fn::If intrinsic function in the output section of a template. For more information, see Condition Functions.

2010-05-15

API logging with AWS CloudTrail

April 02, 2014

You can use AWS CloudTrail to log AWS CloudFormation requests. With AWS CloudTrail you can get a history of AWS CloudFormation API calls for your account. For more information, see Logging AWS CloudFormation API Calls in AWS CloudTrail.

2010-05-15

Elastic Load Balancing update

March 20, 2014

You can specify an access logging policy to capture information about requests made to your load balancer. You can also specify a connection draining policy that describes how to handle in-flight requests when instances are deregistered or become unhealthy. For more information, see AWS::ElasticLoadBalancing::LoadBalancer.

2010-05-15

AWS OpsWorks support

March 03, 2014

You can use AWS CloudFormation to provision and manage AWS OpsWorks stacks. For more information, see AWS::OpsWorks::Stack or AWS OpsWorks Template Snippets.

2010-05-15

Limit increase

February 18, 2014

You can specify template sizes up to 460,800 bytes in Amazon S3.

2010-05-15

Amazon Redshift support

February 10, 2014

You can use AWS CloudFormation to provision and manage Amazon Redshift clusters. For more information, see Amazon Redshift Template Snippets or AWS::Redshift::Cluster.

2010-05-15

Amazon S3 buckets and bucket policies update

February 10, 2014

You can update some properties of the Amazon S3 bucket and bucket policy resources. For more information, see AWS::S3::Bucket or AWS::S3::BucketPolicy.

2010-05-15

Elastic Beanstalk environments and application versions update

February 10, 2014

You can update Elastic Beanstalk environment configurations and application versions. For more information, see AWS::ElasticBeanstalk::Environment, AWS::ElasticBeanstalk::ConfigurationTemplate, or AWS::ElasticBeanstalk::ApplicationVersion.

2010-05-15

Amazon SQS update

January 29, 2014

You can specify a dead letter queue for an Amazon SQS queue. For more information, see AWS::SQS::Queue.

2010-05-15

Auto Scaling scheduled actions

January 27, 2014

You can scale the number of Amazon EC2 instances in an Auto Scaling group based on a schedule. By using a schedule, you can scale applications in response to predictable load changes. For more information, see AWS::AutoScaling::ScheduledAction.

2010-05-15

DynamoDB secondary indexes

January 27, 2014

You can create local and global secondary indexes for DynamoDB databases. By using secondary indexes, you can efficiently access data with attributes other than the primary key. For more information, see AWS::DynamoDB::Table.

2010-05-15

Auto Scaling update

January 02, 2014

You can specify an instance ID for an Auto Scaling group or launch configuration. You can also specify additional Auto Scaling block device properties. For more information, see AWS::AutoScaling::AutoScalingGroup or AWS::AutoScaling::LaunchConfiguration.

2010-05-15

Amazon SQS update

January 02, 2014

You can update Amazon SQS queues and specify additional properties. For more information, see AWS::SQS::Queue.

2010-05-15

Limit increases

January 02, 2014

You can specify up to 60 parameters and 60 outputs in your AWS CloudFormation templates

2010-05-15

New console

December 19, 2013

The new AWS CloudFormation console adds features like auto-refreshing stack events and alphabetical ordering of stack parameters.

2010-05-15

Cross-zone load balancing

December 19, 2013

With cross-zone load balancing, you can route traffic to back-end instances across all Avalibility Zones. For more information, see AWS::ElasticLoadBalancing::LoadBalancer.

2010-05-15

AWS Elastic Beanstalk environment tiers

December 19, 2013

You can specify whether AWS Elastic Beanstalk provisions resources to support a web server or to handle background-processing tasks. For more information, see AWS::ElasticBeanstalk::Environment.

2010-05-15

Resource names

December 19, 2013

You can assign names (physical IDs) to the following resources:

  • ElastiCache Clusters

  • Elastic Load Balancing load balancers

  • Amazon Relational Database Service DB instances

For more information, see Name Type.

2010-05-15

VPN support

November 22, 2013

You can enable a virtual private gateway (VGW) to propagate routes to the routing tables of a VPC. For more information, see AWS::EC2::VPNGatewayRoutePropagation.

2010-05-15

Conditionally create resources and assign properties

November 08, 2013

Using input parameters, you can control the creation and settings of designated stack resources by defining conditions in your AWS CloudFormation templates. For example, you can use conditions to create stack resources for a production environment. Using the same template, you can create similar stack resources with lower capacity for a test environment. For more information, see Condition Functions.

2010-05-15

Prevent accidental updates to stack resources

November 08, 2013

You can prevent stack updates that might result in unintentional changes to stack resources. For example, if you have a stack with a database layer that should rarely be updated, you can set a stack policy that prevents most users from updating that database layer. For more information, see Prevent Updates to Stack Resources.

2010-05-15

Name resources

November 08, 2013

Instead of using AWS CloudFormation-generated physical IDs, you can assign names to certain resources. The following AWS CloudFormation resources support naming:

  • Amazon CloudWatch alarms

  • Amazon DynamoDB tables

  • AWS Elastic Beanstalk applications and environments

  • Amazon S3 buckets

  • Amazon SNS topics

  • Amazon SQS queues

For more information, see Name Type.

2010-05-15

Assign custom resource types

November 08, 2013

In your templates, you can specify your own resource type for AWS CloudFormation custom resources (AWS::CloudFormation::CustomResource). By using your own custom resource type name, you can quickly identify the type of custom resources that you have in your stack. For example, you can specify "Type": "Custom::MyCustomResource". For more information, see AWS::CloudFormation::CustomResource.

2010-05-15

Add pseudo parameter

November 08, 2013

You can now refer to the AWS AccountID inside AWS CloudFormation templates by referring to the AWS::AccountID pseudo parameter. For more information, see Pseudo Parameters Reference.

2010-05-15

Specify stacks in IAM policies

November 08, 2013

You can allow or deny IAM users, groups, or roles to operate on specific AWS CloudFormation stacks. For example, you can deny the delete stack action on a specific stack ID. For more information, see Controlling Access with AWS Identity and Access Management.

2010-05-15

Federation support

October 14, 2013

AWS CloudFormation supports temporary security credentials from IAM roles, which enable scenarios such as federation and single sign-on to the AWS Management Console. You can also make calls to AWS CloudFormation from Amazon EC2 instances without embedding long-term security credentials by using IAM roles. For more information about AWS CloudFormation and IAM, see Controlling Access with AWS Identity and Access Management.

2010-05-15

Amazon RDS read replica support

September 24, 2013

You can now create Amazon RDS read replicas from a source DB instance. For more information, see the SourceDBInstanceIdentifier property in the AWS::RDS::DBInstance resource.

2010-05-15

Associate public IP address with instances in Auto Scaling group.

September 19, 2013

You can now associate public IP addresses with instances in an Auto Scaling group. For more information, see AWS::AutoScaling::LaunchConfiguration.

2010-05-15

Additional VPC support.

September 17, 2013

AWS CloudFormation added several enhancements to support VPC and VPN functionality:

  • You can associate a public IP address and multiple private IP addresses to Amazon EC2 network interfaces. For more information, see AWS::EC2::NetworkInterface. You can also associate a primary private IP address to an elastic IP address (EIP).

  • You can enable DNS support and specify DNS host names. For more information, see AWS::EC2::VPC.

  • You can specify a static route between a virtual private gateway to your VPN gateway. For more information, see AWS::EC2::VPNConnectionRoute.

2010-05-15

Redis and VPC security groups support for Amazon ElastiCache.

September 03, 2013

You can now specify Redis as the cache engine for an ElastiCache cluster. You can also now assign VPC security groups to ElastiCache clusters. For more information, see AWS::ElastiCache::CacheCluster.

2010-05-15

Parallel stack creation, update and deletion, and nested stack updates.

August 12, 2013

CloudFormation now creates, updates, and deletes resources in parallel, improving the operations' performance. If you update a top-level template, CloudFormation automatically updates any nested stacks that have changed. For more information, see AWS CloudFormation Stacks Updates.

2010-05-15

VPC security groups can now be set in AWS RDS instances

February 28, 2013

You can now assign VPC security groups to an Amazon RDS instance with AWS CloudFormation. For more information, see the VPCSecurityGroups property in AWS::RDS::DBInstance.

2010-05-15

Rolling Deployments for Auto Scaling Groups

February 20, 2013

AWS CloudFormation now supports update policies on autoscaling groups, which describe how instances in the autoscaling group are replaced or modified when the auto scaling group adds or removes instances. You can modify these settings at stack creation or during a stack update.

For more information and an example, see UpdatePolicy.

2010-05-15

Cancel and Rollback Action for Stack Updates

February 20, 2013

AWS CloudFormation supports the ability to cancel a stack update. The stack must be in the UPDATE_IN_PROGRESS state when the update request is made. More information is available in the following topics:

2010-05-15

EBS-Optimized Instances for Auto Scaling Groups

February 20, 2013

You can now provision EBS-optimized instances in auto scaling groups for dedicated throughput to Amazon EBS in autoscaled instances. The implementation is similar to that of the previously released support for optimized EBS EC2 instances.

For more information, see the new EbsOptimized property in AWS::AutoScaling::LaunchConfiguration.

2010-05-15

New Documentation

December 21, 2012

AWS::EC2::Instance now provides a BlockDeviceMappings property to allow you to set block device mappings for your EC2 instance.

With this change, two new types have been added:

2010-05-15

New Documentation

December 21, 2012

New sections have been added to describe the procedures for creating and viewing stacks using the recently redesigned AWS Management Console. You can find them here:

2010-05-15

New Documentation

November 15, 2012

Information about custom resources is provided in the following topics:

2010-05-15

Updated Documentation

November 15, 2012

AWS CloudFormation now supports specifying provisioned I/O operations per second (IOPS) for Amazon RDS instances. You can set this value from 1000–10,000 in 1000 IOPS increments by using the new Iops property in AWS::RDS::DBInstance.

For more information about specifying IOPS for RDS instances, see Provisioned IOPS in the Amazon Relational Database Service User Guide.

2010-05-15

New and Updated Documentation

August 27, 2012

Reorganization of topics to more clearly provide specific information about using the AWS Management Console and using the AWS CloudFormation command-line interface (CLI).

Information about tagging AWS CloudFormation stacks has been added to the documentation, including new guides and updated reference topics:

New information about working with Windows Stacks:

New topic: Using Regular Expressions in AWS CloudFormation Templates.

2010-05-15

New Feature

April 25, 2012

AWS CloudFormation now provides full support for Virtual Private Cloud (VPC) security with Amazon EC2. You can now create and populate an entire VPC with every type of VPC resource (subnets, gateways, network ACLs, route tables, and so forth) using a single AWS CloudFormation template.

Templates can be downloaded that demonstrate new VPC features:

Single instance in a single subnet
Multiple subnets with Elastic Load Balancing (ELB) and an auto scaling group

Documentation for the following resource types has been updated:

AWS::EC2::SecurityGroup
AWS::EC2::SecurityGroupIngress
AWS::EC2::SecurityGroupEgress
AWS::EC2::Instance
AWS::AutoScaling::AutoScalingGroup
AWS::EC2::EIP
AWS::EC2::EIPAssociation
AWS::ElasticLoadBalancing::LoadBalancer

New resource types have been added to the documentation:

AWS::EC2::VPC
AWS::EC2::InternetGateway
AWS::EC2::DHCPOptions
AWS::EC2::DHCPOptions
AWS::EC2::RouteTable
AWS::EC2::NetworkAcl
AWS::EC2::NetworkAclEntry
AWS::EC2::Subnet
AWS::EC2::VPNGateway
AWS::EC2::CustomerGateway

2010-05-15

New Feature

April 13, 2012

AWS CloudFormation now allows you to add or remove elements from a stack when updating it. AWS CloudFormation Stacks Updates has been updated, and a new section has been added to the walkthrough: Change the Stack's Resources, which describes how to add and remove resources when updating the stack.

2010-05-15

New Feature

February 02, 2012

AWS CloudFormation now provides support for resources in an existing Amazon Virtual Private Cloud (VPC). With this release, you can:

  • Launch an EC2 Dedicated Instance into an existing VPC. For more information, see AWS::EC2::Instance.

  • Set the SourceDestCheck attribute of an Amazon EC2 instance that resides in an existing VPC. For more information, see AWS::EC2::Instance

  • Create Amazon Elastic IP Addresses in an existing VPC. For more information, see AWS::EC2::EIP

  • Use CloudFormation to create VPC security groups and ingress/egress rules in an existing VPC. For more information, see AWS::EC2::SecurityGroup.

  • Associate an Auto Scaling Group with an existing Amazon VPC by setting the VPCZoneIdentifier property of your AWS::AutoScaling::AutoScalingGroup resource. For more information, see AWS::AutoScaling::AutoScalingGroup.

  • Attach an Elastic Load Balancing LoadBalancer to a VPC subnet and create security groups for the LoadBalancer. For more information, see AWS::ElasticLoadBalancing::LoadBalancer.

  • Create an RDS instance in an existing VPC. For more information, see AWS::RDS::DBInstance.

2010-05-15

New Feature

February 02, 2012

You can now update properties for the following resources in an existing stack:

For the full list of updateable resources and details about things to consider when updating a stack, see AWS CloudFormation Stacks Updates.

2010-05-15

Restructured Guide

February 02, 2012

Reorganized existing sections into new sections: Working with AWS CloudFormation Templates and Managing Stacks. Moved Template Reference to the top level of the Table of Contents. Moved Estimating the Cost of Your AWS CloudFormation Stack to the Getting Started section.

2010-05-15

New Content

February 02, 2012

Added three new sections:

2010-05-15

New Feature

May 26, 2011

AWS CloudFormation now provides the aws cloudformation list-stacks command, which enables you to list stacks filtered by stack status. Deleted stacks can be listed for up to 90 days after they have been deleted. For more information, see Describing and Listing Your Stacks.

2010-05-15

New Features

May 26, 2011

The aws cloudformation describe-stack-resources and aws cloudformation get-template commands now enable you to get information from stacks which have been deleted for 90 days after they have been deleted. For more information, see Listing Resources and Retrieving a Template.

2010-05-15

New Link

March 01, 2011

AWS CloudFormation endpoint information is now located in the Amazon Web Services General Reference. For more information, go to Regions and Endpoints in Amazon Web Services General Reference.

2010-05-15

Initial Release

February 25, 2011

This is the initial public release of AWS CloudFormation.

2010-05-15