Release history - AWS CloudFormation

Release history

The following table describes important changes in each release of the AWS CloudFormation User Guide after May 2018. For notification about updates to this documentation, you can subscribe to an RSS feed.

Change Description Date

Updated resource

The following new resource was updated: AWS::SecretsManager::Secret

AWS::SecretsManager::Secret

Use the ReplicaRegions property to replicate secrets into additional Regions for resiliency and disaster recovery.

March 4, 2021

Updated resource

The following new resource was updated: AWS::SecretsManager::Secret

AWS::SecretsManager::Secret

Use the ReplicaRegions property to replicate secrets into additional Regions for resiliency and disaster recovery.

March 4, 2021

New resources

The following resource were added: AWS::Events::ApiDestination and AWS::Events::Connection

AWS::Events::ApiDestination

Use the ApiDestination resource to create an API destination. An API destination defines an HTTP invocation endpoint to use as the target of a rule.

AWS::Events::Connection

Use the Connection resource to create a connection to use with Api destinations. A connection defines the authorization method and parameters to use to connect to the HTTP invocation endpoint for an Api destination.

March 4, 2021

New resources

The following resources were added: AWS::IoT::AccountAuditConfiguration,AWS::IoT::CustomMetric, AWS::IoT::Dimension, AWS::IoT::MitigationAction, AWS::IoT::ScheduledAudit, AWS::IoT::SecurityProfile.

AWS::IoT::AccountAuditConfiguration

Use the AWS::IoT::AccountAuditConfiguration resource to specify an account audit configuration in AWS IoT Core.

AWS::IoT::CustomMetric

Use the AWS::IoT::CustomMetric resource to specify a custom metric in AWS IoT Core.

AWS::IoT::Dimension

Use the AWS::IoT::Dimension resource to specify a dimension in AWS IoT Core.

AWS::IoT::MitigationAction

Use the AWS::IoT::MitigationAction resource to specify a mitigation action in AWS IoT Core.

AWS::IoT::ScheduledAudit

Use the AWS::IoT::ScheduledAudit resource to specify a topic rule destination in AWS IoT Core.

AWS::IoT::SecurityProfile

Use the AWS::IoT::SecurityProfile resource to specify a security profile in AWS IoT Core.

March 4, 2021

New resource

The following resource was added: AWS::Events::ApiDestination.

AWS::Events::ApiDestination

Use the ApiDestination resource to create an API destination. An API destination defines an HTTP invocation endpoint to use as the target of a rule.

March 4, 2021

New resource

The following resource was added: AWS::Events::Connection.

AWS::Events::Connection

Use the Connection resource to create a connection to use with Api destinations. A connection defines the authorization method and parameters to use to connect to the HTTP invocation endpoint for an Api destination.

March 4, 2021

New resource

The following resources were added: AWS::IoT::AccountAuditConfiguration,AWS::IoT::CustomMetric, AWS::IoT::Dimension, AWS::IoT::MitigationAction, AWS::IoT::ScheduledAudit, AWS::IoT::SecurityProfile.

AWS::IoT::AccountAuditConfiguration

Use the AWS::IoT::AccountAuditConfiguration resource to specify an account audit configuration in AWS IoT Core.

AWS::IoT::CustomMetric

Use the AWS::IoT::CustomMetric resource to specify a custom metric in AWS IoT Core.

AWS::IoT::Dimension

Use the AWS::IoT::Dimension resource to specify a dimension in AWS IoT Core.

AWS::IoT::MitigationAction

Use the AWS::IoT::MitigationAction resource to specify a mitigation action in AWS IoT Core.

AWS::IoT::ScheduledAudit

Use the AWS::IoT::ScheduledAudit resource to specify a topic rule destination in AWS IoT Core.

AWS::IoT::SecurityProfile

Use the AWS::IoT::SecurityProfile resource to specify a security profile in AWS IoT Core.

March 4, 2021

New resource

The following resources were added: AWS::S3Outposts::Bucket, AWS::S3Outposts::BucketPolicy, AWS::S3Outposts::AccessPoint, and AWS::S3Outposts::EndPoint

AWS::S3Outposts::Bucket

Use the AWS::S3Outposts::Bucket resource to create a S3 on Outposts Bucket.

AWS::S3Outposts::BucketPolicy

Use the AWS::S3Outposts::BucketPolicy resource to create a bucket policy for your S3 on Outposts Bucket.

AWS::S3Outposts::AccessPoint

Use the AWS::S3Outposts::AccessPoint resource to create an access point for your S3 on Outposts Bucket.

AWS::S3Outposts::EndPoint

Use the AWS::S3Outposts::EndPoint resource to creates an endpoint for the Amazon Simple Storage Service on AWS Outposts.

March 4, 2021

New resource

The following resources were added: AWS::S3Outposts::Bucket, AWS::S3Outposts::BucketPolicy, AWS::S3Outposts::AccessPoint, and AWS::S3Outposts::EndPoint

AWS::S3Outposts::Bucket

Use the AWS::S3Outposts::Bucket resource to create a S3 on Outposts Bucket.

AWS::S3Outposts::BucketPolicy

Use the AWS::S3Outposts::BucketPolicy resource to create a bucket policy for your S3 on Outposts Bucket.

AWS::S3Outposts::AccessPoint

Use the AWS::S3Outposts::AccessPoint resource to create an access point for your S3 on Outposts Bucket.

AWS::S3Outposts::EndPoint

Use the AWS::S3Outposts::EndPoint resource to creates an endpoint for the Amazon Simple Storage Service on AWS Outposts.

March 4, 2021

Updated resource

The following resources were updated: AWS::IoTSiteWise::AccessPolicy and AWS::IoTSiteWise::Portal.

AWS::IoTSiteWise::AccessPolicy

Added the following properties: IamRole and IamUser.

AWS::IoTSiteWise::Portal

Added the following property: PortalAuthMode.

March 2, 2021

Updated resource

The following resource was updated: AWS::IoTSiteWise::AssetModel.

AWS::IoTSiteWise::AssetModel

Added the following property: AssetModelCompositeModel.

You can use this property to define an alarm in AWS IoT SiteWise.

For more information, see Monitoring data with alarms in the AWS IoT SiteWise User Guide.

March 1, 2021

Updated resource

The following resource was updated: AWS::SageMaker::Model

AWS::SageMaker::Model

Use the InferenceExecutionConfig property to specify details of how containers in a multi-container endpoint are called.

February 25, 2021

New resources

The following resource was added: AWS::EC2::TransitGatewayConnect.

AWS::EC2::TransitGatewayConnect

Use the TransitGatewayConnect resource to create a Connect attachment from a specified transit gateway attachment.

February 25, 2021

New resources

The following resources were added: AWS::EMR::Studio and AWS::EMR::StudioSessionMapping

Amazon EMR Studio

Use the AWS::EMR::Studio resource to create a new Amazon EMR Studio.

Assign a user or group to your EMR Studio

Use the AWS::EMR::StudioSessionMapping resource to assign a user or group to an Amazon EMR Studio, and apply an IAM session policy to refine Studio permissions for that user or group.

February 25, 2021

New resources

The following resources was added: AWS::SageMaker::Image, AWS::SageMaker::ImageVersion.

AWS::SageMaker::Image

Use the AWS::SageMaker::Image resource to create a new Image in Amazon SageMaker.

AWS::SageMaker::ImageVersion

Use the AWS::SageMaker::ImageVersion resource to create a new ImageVersion in Amazon SageMaker.

February 25, 2021

New resource

The following resource was added: AWS::EKS::Addon.

AWS::EKS::Addon

Use the AWS::EKS::Addon resource to create an Amazon EKS add-on.

February 25, 2021

New resource

The following resources were added: AWS::IAM::OIDCProvider, AWS::IAM::SAMLProvider, AWS::IAM::ServerCertificate, and AWS::IAM::VirtualMFADevice.

AWS::IAM::OIDCProvider

Use the AWS::IAM::OIDCProvider resource to create an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC).

AWS::IAM::SAMLProvider

Use the AWS::IAM::SAMLProvider resource to create an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.

AWS::IAM::ServerCertificate

Use the AWS::IAM::ServerCertificate resource to retrieve information about the specified server certificate stored in IAM.

AWS::IAM::VirtualMFADevice

Use the AWS::IAM::VirtualMFADevice resource to create a new virtual MFA device for the AWS account.

February 25, 2021

New attributes

The following paramters were added for 10DLC support: EntityId, TemplateId, OriginationNumber.

AWS::Pinpoint::Campaign CampaignSmsMessage

Specifies the content and settings for an SMS message that's sent to recipients of a campaign.

February 24, 2021

Updated resource

The following resource was updated: AWS::DynamoDB::Table

AWS::DynamoDB::Table

Use the ContributorInsightsSpecification property to enable or disable CloudWatch Contributon Insights on a table or global secondary index.

February 22, 2021

Updated resource

The following resource was updated: AWS::CodeCommit::Repository Code

AWS::CodeCommit::Repository Code

The behavior of the BranchName property on update has changed to be consistent with all other aspects of AWS:CodeCommit:Repository Code. All properties of AWS:CodeCommit:Repository Code are ignored on update, as they only apply to initial resource creation.

February 19, 2021

Updated resources

The following resources were updated: AWS::AppMesh::VirtualNode and AWS::AppMesh::VirtualGateway

AWS::AppMesh::VirtualNode

Use the ClientTlsCertificate property represents the client's certificate.

Use the SubjectAlternativeNames property represents the subject alternative names secured by the certificate.

Use the TlsValidationContextSdsTrust property represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.

Use the ListenerTlsValidationContextTrust property represents a listener's Transport Layer Security (TLS) validation context trust.

Use the SubjectAlternativeNameMatchers represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.

Use the ListenerTlsSdsCertificate property represents the listener's Secret Discovery Service certificate.

Use the ListenerTlsValidationContext property represents a listener's Transport Layer Security (TLS) validation context.

AWS::AppMesh::VirtualGateway

Use the VirtualGatewayListenerTlsValidationContextTrust property to specify validation context trust.

Use the VirtualGatewayTlsValidationContextSdsTrust property to represent a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.

Use the SubjectAlternativeNames property represents the subject alternative names secured by the certificate.

Use the VirtualGatewayListenerTlsSdsCertificate property represents the virtual gateway's listener's Secret Discovery Service certificate.

Use the VirtualGatewayClientTlsCertificate property represents the virtual gateway's client's Transport Layer Security (TLS) certificate.

Use the VirtualGatewayListenerTlsValidationContext property represents a virtual gateway's listener's Transport Layer Security (TLS) validation context.

Use the SubjectAlternativeNameMatchers property represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.

February 18, 2021

Updated resources

The following resource was updated: AWS::IoTWireless::ServiceProfile

AWS::IoTWireless::ServiceProfile

Use the attributes of LoRaWANGetServiceProfileInfo with LoRaWANServiceProfile instead as ReadOnly properties that you can return using Fn::GetAtt.

February 18, 2021

Updated resources

The following resources were updated: AWS::Kendra::DataSource, AWS::Kendra::Index.

AWS::Kendra::DataSource

Use the ConfluenceConfiguration property of the resource to specify configuration information for indexing a Confluence data source.

AWS::Kendra::DataSource

Use the GoogleDriveConfiguration property of the resource to specify configuration information for indexing a Google Drive data source.

AWS::Kendra::Index

Use the UserContextPolicy and UserTokenConfiguration properties of the resource to specify how Amazon Kendra uses user tokens for access to the index.

February 18, 2021

Updated resource

The following resource was updated: AWS::DataBrew::Job JobSample.

AWS::DataBrew::Job JobSample

Use the JobSample property to define the sample configuration for profile jobs.

February 18, 2021

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

In the WindowsConfiguration property type, use Aliases to specify one or more DNS alias names that you want to associate with the Amazon FSx file system.

February 18, 2021

Updated resource

The following resource was updated: AWS::IoTAnalytics::Dataset.

AWS::IoTAnalytics::Dataset

Added the following properties: LateDataRule and LateDataRuleConfiguration.

You can use these properties to specify a late data rule for your dataset. The late data rule enables AWS IoT Analytics to send notifications through Amazon CloudWatch when late data arrives.

For more information, see Getting late data notifications in the AWS IoT Analytics User Guide.

February 18, 2021

AWS CloudFormation StackSets now supports delegated administrator with AWS Organizations

In addition to the organization's management account, delegated administrator accounts can create and manage stack sets with service-managed permissions for their organization. For more information, see Register a delegated administrator and Create a stack set with service-managed permissions.

February 18, 2021

New resources

The following resources were added: AWS::EC2::TransitGatewayMulticastDomain, AWS::EC2::TransitGatewayMulticastDomainAssociation, AWS::EC2::TransitGatewayMulticastGroupMembers and AWS::EC2::TransitGatewayMulticastGroupSource.

AWS::EC2::TransitGatewayMulticastDomain

Use the TransitGatewayMulticastDomain resource to create a transit gateway multicast domain.

AWS::EC2::TransitGatewayMulticastDomainAssociation

Use the TransitGatewayMulticastDomainAssociation resource to associate the specified subnets and transit gateway attachments with the specified transit gateway multicast domain.

AWS::EC2::TransitGatewayMulticastGroupMember

Use the TransitGatewayMulticastGroupMembers resource to register members (network interfaces) with the transit gateway multicast group.

AWS::EC2::TransitGatewayMulticastGroupSource

Use the TransitGatewayMulticastGroupSource resource to register sources (network interfaces) with the specified transit gateway multicast group.

February 12, 2021

Updated resources

The following resources were updated: AWS::IoTWireless::Destination, AWS::IoTWireless::DeviceProfile, AWS::IoTWireless::ServiceProfile, AWS::IoTWireless::WirelessDevice, and AWS::IoTWireless::WirelessGateway.

AWS::IoTWireless::Destination

Use the ExpressionType property of the resource to specify whether to use a new value MqttTopic or to use RuleName. In addition, the property descriptions now list any maximum values, minimum values, and patterns.

AWS::IoTWireless::DeviceProfile

Use the new LoRaWAN property which is a renaming of the LoRaWANDeviceProfile property. The property type has not changed from LoRaWANDeviceProfile. In addition, the property descriptions now list any maximum values, minimum values, and patterns.

AWS::IoTWireless::ServiceProfile

Use the new LoRaWAN property which is a renaming of the LoRaWANServiceProfile property. The property type has not changed from LoRaWANServiceProfile. In addition, the property descriptions now list any maximum values, minimum values, and patterns.

AWS::IoTWireless::WirelessDevice

Use the new LoRaWAN property which is a renaming of the LoRaWANDevice property. The property type has not changed from LoRaWANDevice. In addition, the property descriptions now list any maximum values, minimum values, and patterns.

AWS::IoTWireless::WirelessGateway

Use the new LoRaWAN property which is a renaming of the LoRaWANGateway property. The property type has not changed from LoRaWANGateway. In addition, the property descriptions now list any maximum values, minimum values, and patterns.

February 11, 2021

Updated resource

The following resource was updated: AWS::DMS::Endpoint.

AWS::DMS::Endpoint.MongoDbSettings

Added SecretsManager attributes to MongoDbSettings.

AWS::DMS::Endpoint.MySqlSettings

Added SecretsManager attributes to MySqlSettings.

AWS::DMS::Endpoint.RedshiftSettings

Added SecretsManager attributes to RedshiftSettings.

AWS::DMS::Endpoint.SybaseSettings

Added SecretsManager attributes to SybaseSettings.

AWS::DMS::Endpoint.PostgreSqlSettings

Added SecretsManager attributes to PostgreSqlSettings.

AWS::DMS::Endpoint.MicrosoftSqlServerSettings

Added SecretsManager attributes to MicorsoftSqlServerSettings.

AWS::DMS::Endpoint.IbmDb2Settings

Added SecretsManager attributes to IbmDb2Settings.

AWS::DMS::Endpoint.DocDbSettings

Added SecretsManager attributes to DocDbSettings.

AWS::DMS::Endpoint.OracleSettings

Added SecretsManager attributes to OracleSettings.

February 11, 2021

New resources

The following resources were added: AWS::CloudFormation::ResourceDefaultVersion and AWS::CloudFormation::ResourceVersion.

AWS::CloudFormation::ResourceDefaultVersion

Use the AWS::CloudFormation::ResourceDefaultVersion resource to specify the default resource version to be used in CloudFormation operations.

AWS::CloudFormation::ResourceVersion

Use the AWS::CloudFormation::ResourceVersion resource to specify a resource version with the CloudFormation service, making it available for use in CloudFormation operations.

February 11, 2021

New resources

The following resources were added: AWS::SageMaker::App, AWS::SageMaker::AppImageConfig, AWS::SageMaker::Domain, AWS::SageMaker::UserProfile.

AWS::SageMaker::App

Use the AWS::SageMaker::App resource to create a running app for a user profile in SageMaker Studio.

AWS::SageMaker::AppImageConfig

Use the AWS::SageMaker::AppImageConfig resource to create a configuration for running a SageMaker image as a KernelGateway app in SageMaker Studio.

AWS::SageMaker::Domain

Use the AWS::SageMaker::Domain resource to create a domain used by SageMaker Studio.

AWS::SageMaker::UserProfile

Use the AWS::SageMaker::UserProfile resource to create a user profile used by SageMaker Studio.

February 11, 2021

New resources

The following resources were added: AWS::ServiceCatalog::ServiceAction and AWS::ServiceCatalog::ServiceActionAssociation.

AWS::ServiceCatalog::ServiceAction

Use this self-service action feature to create CloudFormation templates that create Service Actions.

AWS::ServiceCatalog::ServiceActionAssociation

Use this self-service action association feature to create CloudFormation templates that create Service Actions.

February 11, 2021

AWS CloudFormation StackSets Region availability

AWS CloudFormation StackSets is now available in the Asia Pacific (Osaka) Region.

For more information, see Working with AWS CloudFormation StackSets.

February 10, 2021

Updated resource

The following resource was updated: AWS::IoTAnalytics::Datastore.

AWS::IoTAnalytics::Datastore

Added the following properties: Column, FileFormatConfiguration, JsonConfiguration, ParquetConfiguration, and SchemaDefinition.

You can use these properties to specify JSON or Parquet file format for your data store.

For more information, see File formats in the AWS IoT Analytics User Guide.

February 5, 2021

Updated resources

The following resources were updated: AWS::ECR::ReplicationConfiguration

AWS::ECR::ReplicationConfiguration

Use the ReplicationConfiguration property to create or update the replication configuration for a private repository.

February 4, 2021

Updated resources

The following resources were updated: AWS::IoTWireless::DeviceProfile, AWS::IoTWireless::ServiceProfile, AWS::IoTWireless::WirelessDevice, and AWS::IoTWireless::WirelessGateway.

AWS::IoTWireless::DeviceProfile

Use the DeviceProfile resource to specify a device profile for a wireless device to use.

AWS::IoTWireless::ServiceProfile

Use the ServiceProfile resource to specify a service profile for a wireless device to use.

AWS::IoTWireless::WirelessDevice

Use the WirelessDevice resource to specify a wireless device in an AWS IoT Core for LoRaWAN solution.

AWS::IoTWireless::WirelessGateway

Use the WirelessGateway resource to specify a wireless gateway in an AWS IoT Core for LoRaWAN solution.

February 4, 2021

Updated resources

The following resources were updated: AWS::Cassandra::Keyspace and AWS::Cassandra::Table.

AWS::Cassandra::Keyspace.Tags

Use the AWS::Cassandra::Keyspace.Tags property to add tags to new or existing keyspaces in Amazon Keyspaces (for Apache Cassandra).

AWS::Cassandra::Table.Tags

Use the AWS::Cassandra::Table.Tags property to create add tags to new or existing tables in Amazon Keyspaces (for Apache Cassandra).

AWS::Cassandra::Table.PointInTimeRecoveryEnabled

Use the AWS::Cassandra::Table.PointInTimeRecoveryEnabled property to enable Point-in-Time Recovery in Amazon Keyspaces (for Apache Cassandra).

February 4, 2021

Updated resource

The following resource was updated: AWS::DataBrew::Job.

AWS::DataBrew::Job

Use the CsvOutputOptions property to define how DataBrew will write a CSV file.

Use the OutputFormatOptions property to define the structure of CSV job output.

February 4, 2021

Updated resource

The following resource was updated: AWS::ElastiCache::GlobalReplicationGroup.

AWS::ElastiCache::GlobalReplicationGroup

Consists of a primary cluster that accepts writes and an associated secondary cluster that resides in a different AWS region. The secondary cluster accepts only reads. The primary cluster automatically replicates updates to the secondary cluster.

February 4, 2021

New resource

Added the following resource: AWS::ImageBuilder::ContainerRecipe.

AWS::ImageBuilder::ContainerRecipe

Use the AWS::ImageBuilder::ContainerRecipe resource to create a container recipe in the EC2 Image Builder service.

February 4, 2021

Updated resource

The following resource was updated: AWS::ApiGatewayV2::Stage.

AWS::ApiGatewayV2::Stage

Use the AWS::ApiGatewayV2::Stage resource to configure a stage for an API.

January 28, 2021

New resource

The following resource was added: AWS::LookoutVision:Project.

AWS::LookoutVision:Project

Use the Project resource to create an Amazon Lookout for Vision project.

January 28, 2021

Updated resource

The following resource was updated: AWS::ACMPCA::Certificate.

AWS::ACMPCA::Certificate

Use the ApiPassthrough property to include parameters in certificates during issuance.

Use the ValidityNotBefore property to customize the start of certificate validity.

January 21, 2021

Updated resource

The following resource was updated: AWS::MediaConnect::FlowVpcInterface.

AWS::MediaConnect::FlowVpcInterface

Use the FlowArn property to specify the ARN of the flow.

Use the Name property to specify the name of the VPC Interface.

January 21, 2021

Updated resource

The following resources were updated: AWS::SageMaker::Device, AWS::SageMaker::DeviceFleet, and AWS::SageMaker::Model.

AWS::SageMaker::Device

Use the DeviceFleetName property to get the name of the fleet the device belongs to.

Use the Device property to make the edge device you want to create.

Use the Tags property to get the tags registered to a specific device.

Use the Device.Device property/resource to get information about a particular device.

Use the Device.Device.Description property/resource to get a description of the device.

Use the Device.Device.DeviceName property/resource to get the device name.

Use the Device.Device.IotThingName property/resource to get the IoT object name.

AWS::SageMaker::DeviceFleet

Use the DeviceFleet.Description property to get information about a fleet.

Use the OutputConfig property to get the output configuration for the fleet.

Use the RoleArn property to get the ARN of the IoT thing.

Use the Tags property to get the tags registered to a specific fleet.

Use the EdgeOutputConfig.KmsKeyId property/resource to set the KMS key ID.

Use the EdgeOutputConfig.S3OutputLocation property/resource to set the S3 bucket URI.

AWS::SageMaker::Model

Use the MultiModelConfiguration property to specify configuration details for a multi-model endpoint.

January 21, 2021

New resources

The following resource was added: AWS::SageMaker::Project.

AWS::SageMaker::Project

Use the AWS::SageMaker::Project resource to create a new project in Amazon SageMaker.

January 21, 2021

Updated resource

The following resource was updated with examples: AWS::S3::AccessPoint

Access Points

Use the AWS::S3::AccessPoint resource to specify an S3 access point.

January 20, 2021

Updated resource

The following resource was updated: AWS::MSK::Cluster

AWS::MSK::Cluster

You can now change the broker type for an existing cluster.

January 15, 2021

New resource

The AWS::EMRContainers::VirtualCluster resource was added.

AWS::EMRContainers::VirtualCluster

The AWS::EMRContainers::VirtualCluster resource specifies a virtual cluster.

January 14, 2021

New resource

The following resource was added: AWS::QuickSight::Analysis, AWS::QuickSight::Dashboard, AWS::QuickSight::Template, and AWS::QuickSight::Theme.

AWS::QuickSight::Analysis

Use the AWS::QuickSight::Analysis resource to create an analysis in Amazon QuickSight.

AWS::QuickSight::Dashboard

Use the AWS::QuickSight::Dashboard resource to create a dashboard from a template in Amazon QuickSight.

AWS::QuickSight::Template

Use the AWS::QuickSight::Template resource to create a template from an existing Amazon QuickSight analysis or template.

AWS::QuickSight::Theme

Use the AWS::QuickSight::Theme resource to create a theme in Amazon QuickSight.

January 14, 2021

New resource

The following new resources were added: AWS::ServiceCatalogAppRegistry::Application, AWS::ServiceCatalogAppRegistry::AttributeGroup, AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation, AWS::ServiceCatalogAppRegistry::ResourceAssociation

AWS::ServiceCatalogAppRegistry::Application

Use the AWS::ServiceCatalogAppRegistry::Application resource to represent a Service Catalog AppRegistry application at the top-level node in a hierarchy of related cloud resource abstractions.

AWS::ServiceCatalogAppRegistry::AttributeGroup

Use the AWS::ServiceCatalogAppRegistry::AttributeGroup resource to create a new attribute group as a container for user-defined attributes.

AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation

Use the AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation as the attribute group to associate ServiceCatalogAppRegistry.

AWS::ServiceCatalogAppRegistry::ResourceAssociation

Use the AWS::ServiceCatalogAppRegistry::ResourceAssociation as the resource association for ServiceCatalogAppRegistry.

January 14, 2021

Updates to resource

The following resource was updated: AWS::SSO::InstanceAccessControlAttributeConfiguration.

AWS::SSO::InstanceAccessControlAttributeConfiguration

Use the AWS::SSO::InstanceAccessControlAttributeConfiguration resource to configure attribute-based access control (ABAC) in AWS SSO.

January 7, 2021

Updated resources

The following resources were updated: AWS::IoTWireless::Destination, AWS::IoTWireless::DeviceProfile, AWS::IoTWireless::ServiceProfile, AWS::IoTWireless::WirelessDevice, and AWS::IoTWireless::WirelessGateway.

AWS::IoTWireless::Destination

Use the Destination resource to specify a destination for a wireless device to use.

AWS::IoTWireless::DeviceProfile

Use the DeviceProfile resource to specify a device profile for a wireless device to use.

AWS::IoTWireless::ServiceProfile

Use the ServiceProfile resource to specify a service profile for a wireless device to use.

AWS::IoTWireless::WirelessDevice

Use the WirelessDevice resource to specify a wireless device in an AWS IoT Core for LoRaWAN solution.

AWS::IoTWireless::WirelessGateway

Use the WirelessGateway resource to specify a wireless gateway in an AWS IoT Core for LoRaWAN solution.

January 7, 2021

Updated resource

The following resource was updated: AWS::ApiGatewayV2::Integration.

AWS::ApiGatewayV2::Integration

Use the AWS::ApiGatewayV2::Integration resource to configure request and response parameter mapping for an HTTP API.

January 7, 2021

Updated resource

The following resource was updated: AWS::EC2::LaunchTemplate

AWS::EC2::LaunchTemplate

Use the Throughput property to specify the throughput to provision for gp3 volumes.

January 7, 2021

Updated resource

The following resources were updated: AWS::FMS::Policy

AWS::FMS::Policy

The AWS::FMS::Policy resource now allows you to manage AWS Network Firewall policies.

January 7, 2021

New resources

The following resources were added: AWS::MediaConnect::Flow, AWS::MediaConnect::FlowEntitlement, AWS::MediaConnect::FlowOutput, AWS::MediaConnect::FlowSource, and AWS::MediaConnect::FlowVpcInterface.

AWS::MediaConnect::Flow

Use the AWS::MediaConnect::Flow resource to create a connection between one or more video sources and one or more outputs.

AWS::MediaConnect::FlowEntitlement

Use the AWS::MediaConnect::FlowEntitlement resource to grant permission to another AWS account to allow access to the content in a specific AWS Elemental MediaConnect flow.

AWS::MediaConnect::FlowOutput

Use the AWS::MediaConnect::FlowOutput resource to define the destination address, protocol, and port that you want MediaConnect to send the ingested video to.

AWS::MediaConnect::FlowSource

Use the AWS::MediaConnect::FlowSource resource to define where the external video content comes from.

AWS::MediaConnect::FlowVpcInterface

Use the AWS::MediaConnect::FlowVpcInterface resource to create a connection between your MediaConnect flow and a virtual private cloud (VPC) that you created using the Amazon Virtual Private Cloud service.

January 7, 2021

New resources

The following resources were added: AWS::Route53::DNSSEC and AWS::Route53::KeySigningKey.

AWS::Route53::DNSSEC

Use the AWS::Route53::DNSSEC resource to enable DNSSEC signing for a hosted zone.

AWS::Route53::KeySigningKey

Use the AWS::Route53::KeySigningKey resource to specify configuration settings for a key-signing key (KSK) that's associated with a hosted zone.

January 7, 2021

New resource

The following resources was added: AWS::Config::StoredQuery

AWS::Config::StoredQuery

Use the AWS::Config::StoredQuery resource to save a new query or update an existing saved query.

January 7, 2021

New resource

The following resource was added: AWS::Route53Resolver::ResolverDNSSECConfig.

AWS::Route53Resolver::ResolverDNSSECConfig

Use the AWS::Route53Resolver::ResolverDNSSECConfig resource to specify configuration for DNSSEC validation.

January 7, 2021

New Resources

The following resources were added: AWS::DataSync::Agent, AWS::DataSync::LocationEFS, AWS::DataSync::LocationFSxWindows, AWS::DataSync::LocationNFS, AWS::DataSync::LocationObjectStorage, AWS::DataSync::LocationS3, AWS::DataSync::LocationSMB, and AWS::DataSync::Task.

AWS::DataSync::Agent

Use the AWS::DataSync::Agent resource to specify an AWS DataSync agent.

AWS::DataSync::LocationEFS

Use the AWS::DataSync::LocationEFS resource to specify an Amazon EFS location.

AWS::DataSync::LocationFSxWindows

Use the AWS::DataSync::LocationFSxWindows resource to specify an Amazon FSx for Windows file system.

AWS::DataSync::LocationNFS

Use the AWS::DataSync::LocationNFS resource to specify a file system on a Network File System (NFS) server.

AWS::DataSync::LocationObjectStorage

Use the AWS::DataSync::LocationObjectStorage resource to specify an endpoint for a self-managed object storage bucket.

AWS::DataSync::LocationS3

Use the AWS::DataSync::LocationS3 resource to specify an endpoint for an Amazon S3 bucket.

AWS::DataSync::LocationSMB

Use the AWS::DataSync::LocationSMB resource to specify an SMB location.

AWS::DataSync::Task

Use the AWS::DataSync::Task resource to specify a task.

January 7, 2021

New resource

The following resource was added AWS::MWAA::Environment

AWS::MWAA::Environment

Use the AWS::MWAA::Environment resource to create an environment in Amazon Managed Workflows for Apache Airflow (MWAA).

December 21, 2020

Updated resources

The following resources were updated: AWS::EC2::Instance, AWS::EC2::SpotFleet, AWS::EC2::Volume.

AWS::EC2::Instance

Use the EnclaveOptions property to indicate whether the instance is enabled for AWS Nitro Enclaves.

AWS::EC2::SpotFleet SpotCapacityRebalance

Use the SpotCapacityRebalance property when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.

AWS::EC2::SpotFleet SpotMaintenanceStrategies

Use the SpotMaintenanceStrategies property to manage your Spot Instances that are at an elevated risk of being interrupted. .

AWS::EC2::Volume

Use the Throughput property to specify the throughput that the volume supports, in MiB/s.

December 18, 2020

Updated resources

The following resources were updated: AWS::ECS::Service

AWS::ECS::Service

Use the DeploymentCircuitBreaker property to enable the deployment circuit breaker for a service.

December 18, 2020

Updated resources

The following resources were updated: AWS::ElastiCache::User AWS::ElastiCache::UserGroup and AWS::ElastiCache::ReplicationGroup.

AWS::ElastiCache::User

For Redis engine version 6.x onwards: Creates a Redis user. For more information, see Using Role Based Access Control (RBAC)

AWS::ElastiCache::UserGroup

For Redis engine version 6.x onwards: Creates a Redis user group. For more information, see Using Role Based Access Control (RBAC)

AWS::ElastiCache::ReplicationGroup

Use the UserGroupIds property to associate a list of user groups with the replication group.

December 18, 2020

Updated resource

The following resource was updated: AWS::Batch::JobDefinition

AWS::Batch::JobDefinition

Use the PlatformCapabilities property to specify whether the job requires EC2 or FARGATE resources.

Use the PropagateTags property to specify whether to propagate tags from the job definition to the corresponding Amazon ECS task.

In the ContainerProperties property type:

  • Use the FargatePlatformConfiguration property to specify the Fargate platform version to use for jobs running on Fargate resources.

  • Use the NetworkConfiguration property to specify the network configuration for jobs running on Fargate resources.

AWS::Batch::JobDefinition

In the ContainerProperties property type, use the FargatePlatformConfiguration property to define the version of the Fargate platform used for the job.

December 18, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

The StorageCapacity property was updated to "Required": conditional.

In the WindowsConfiguration property type, the ThroughputCapacity property was updated to "Required": true.

December 18, 2020

Updated resource

The following resources were updated: AWS::S3::Bucket

SourceSelectionCriteria

Use the ReplicaModifications property in AWS::S3::Bucket SourceSelectionCriteria to filter modifications on replicas.

Amazon S3 Bucket Keys

Use the BucketKeyEnabled property to specify an S3 Bucket Key with default encryption using AWS Key Management Service.

December 18, 2020

New resources

The following resources were added: AWS::CloudFormation::ModuleDefaultVersion and AWS::CloudFormation::ModuleVersion.

AWS::CloudFormation::ModuleDefaultVersion

Use the AWS::CloudFormation::ModuleDefaultVersion resource to specify the default version of a module, which will be used in CloudFormation operations for this account and region.

AWS::CloudFormation::ModuleVersion

Use the AWS::CloudFormation::ModuleVersion resource to register the specified version of the module with the CloudFormation service, making it available for use in CloudFormation templates in this account and region.

December 18, 2020

New resources

The following resources were added: AWS::DevOpsGuru::NotificationChannel, AWS::DevOpsGuru::ResourceCollection

AWS::DevOpsGuru::NotificationChannel

Use the AWS::DevOpsGuru::NotificationChannel resource to add a notification channel to Amazon DevOps Guru. The notification channel is used to notify you about important events. For example, the creation of an insight or a change in an insight's severity.

AWS::DevOpsGuru::ResourceCollection

Use the AWS::DevOpsGuru::ResourceCollection resource to specify a collection of resources in your account that you want Amazon DevOps Guru to analyze. The specified resources are analyzed to generate insights that contain recommendations, related metrics, and operational data to help you improve the performance of your operational solutions.

December 18, 2020

New resources

The following resources were added: AWS::EC2::NetworkInsightsPath and AWS::EC2::NetworkInsightsAnalysis.

AWS::EC2::NetworkInsightsPath

Use the NetworkInsightsPath property to specify a path to analyze for reachability.

AWS::EC2::NetworkInsightsAnalysis

Use the NetworkInsightsAnalysis property to specify a network insights analysis.

December 18, 2020

New resources

The following resources were added: AWS::ECR::PublicRepository

AWS::ECR::PublicRepository

Use the PublicRepository property to create or update a public repository.

December 18, 2020

New resources

The following resources were added: AWS::LicenseManager::Grant and AWS::LicenseManager::License.

AWS::LicenseManager::Grant

Use the AWS::LicenseManager::Grant resource to specify a grant in the AWS License Manager service.

AWS::LicenseManager::License

Use the AWS::LicenseManager::License resource to specify a granted license in the AWS License Manager service.

December 18, 2020

New resources

The following resources were added: AWS::SageMaker::DataQualityJobDefinition, AWS::SageMaker::Device, AWS::SageMaker::DeviceFleet, AWS::SageMaker::ModelBiasJobDefinition, AWS::SageMaker::ModelExplainabilityJobDefinition, AWS::SageMaker::ModelQualityJobDefinition, AWS::SageMaker::ModelPackageGroup, and AWS::SageMaker::Pipeline.

AWS::SageMaker::DataQualityJobDefinition

Use the AWS::SageMaker::DataQualityJobDefinition resource to create a monitoring job that monitors drift in data quality.

AWS::SageMaker::Device

Use the AWS::SageMaker::Device resource to register your Devices against an existing SageMaker Edge Manager DeviceFleet. Each device must be listed individually in the CFN specification.

AWS::SageMaker::DeviceFleet

Use the AWS::SageMaker::DeviceFleet resource to create a DeviceFleet that manages your SageMaker Edge Manager Devices. You must register your devices against the DeviceFleet separately.

AWS::SageMaker::ModelBiasJobDefinition

Use the AWS::SageMaker::ModelBiasJobDefinition resource to create a monitoring job that monitors potential bias in your model.

AWS::SageMaker::ModelExplainabilityJobDefinition

Use the AWS::SageMaker::ModelExplainabilityJobDefinition resource to create a monitoring job that monitors feature attribution drift in your model.

AWS::SageMaker::ModelQualityJobDefinition

Use the AWS::SageMaker::ModelQualityJobDefinition resource to create a monitoring job that monitors quality drift in your model.

AWS::SageMaker::ModelPackageGroup

Use the AWS::SageMaker::ModelPackageGroup resource to create a a group of related models.

AWS::SageMaker::Pipeline

Use the AWS::SageMaker::Pipeline resource to specify shell scripts that run when you create and/or start a SageMaker Pipeline. For information about SageMaker Pipelines, see SageMaker Pipelines in the Amazon SageMaker Developer Guide.

December 18, 2020

New resource

The following resource was added: AWS::AuditManager::Assessment

AWS::AuditManager::Assessment

Use the AWS::AuditManager::Assessment resource to specify a new assessment in AWS Audit Manager.

December 18, 2020

New resource

The following resources were added: AWS::GreengrassV2::ComponentVersion.

AWS::GreengrassV2::ComponentVersion

Use the AWS::GreengrassV2::ComponentVersion resource to create a new component version in AWS IoT Greengrass.

December 18, 2020

New resource

The following resources were added: AWS::IoTSitewise::AccessPolicy, AWS::IoTSiteWise::Dasboard, AWS::IoTSiteWise::Portal, and AWS::IoTSiteWise::Project.

AWS::IoTSiteWise::AccessPolicy

Use the AWS::IoTSiteWise::AccessPolicy resource to create a new access policy in AWS IoT SiteWise.

AWS::IoTSiteWise::Dasboard

Use the AWS::IoTSiteWise::Dasboard resource to create a new dashboard in AWS IoT SiteWise.

AWS::IoTSiteWise::Portal

Use the AWS::IoTSiteWise::Portal resource to create a new portal in AWS IoT SiteWise.

AWS::IoTSiteWise::Project

Use the AWS::IoTSiteWise::Project resource to create a new project in AWS IoT SiteWise.

December 18, 2020

New resource

The following resources were updated: AWS::Lambda::CreateEventSourceMapping and AWS::Lambda::Function.

AWS::Lambda::EventSourceMapping

Use the TumblingWindowInSeconds property to set the window size for SQS event sources.

Lambda now supports a Self-Managed Apache Kafka cluster as an event source.

AWS::Lambda::Function

Lambda now supports functions deployed as container images. Use the ImageUri property to specify the container image location.

In the Code property type, new property ImageUri specifies the image to associate with your Lambda function.

December 18, 2020

New resource

The following resource was added: AWS::SSO::InstanceAccessControlAttributeConfiguration.

AWS::SSO::InstanceAccessControlAttributeConfiguration

Use the AWS::SSO::InstanceAccessControlAttributeConfiguration resource to configure attribute-based access control (ABAC) in AWS SSO.

December 18, 2020

Updated resource

The following resource was updated to support specifying a capacity type for a node group: AWS::EKS::Nodegroup.

AWS::EKS::Nodegroup

Use the CapacityType property to specify whether you want to use Spot or On-Demand instance types for your node group.

December 17, 2020

Updated resource

The following resource was updated: AWS::GameLift::MatchmakingConfiguration.

AWS::GameLift::MatchmakingConfiguration

Use the FlexMatchMode property to specify that the matchmaker is for a standalone FlexMatch solution or for matchmaking with GameLift managed hosting.

November 24, 2020

Updated resource

The following resource was updated: AWS::Lambda::CreateEventSourceMapping.

AWS::Lambda::EventSourceMapping.BatchSize

The BatchSize has been increased for standard SQS queues, and allows for the use of a MaximumBatchingWindowInSeconds.

November 24, 2020

Modules

Modules are a way for you to package resource configurations for inclusion across stack templates, in a transparent, manageable, and repeatable way. Modules can encapsulate common service configurations and best practices as modular, customizable building blocks for you to include in your stack templates.

For more information, see Using modules to encapsulate and reuse resource configurations.

November 24, 2020

New resource

The following resource was added: AWS::Lambda::CodeSigningConfig.

AWS::Lambda::CodeSigningConfig

Use the CodeSigningConfig resource to specify code-signing capability to your Lambda functions.

November 23, 2020

Updated resource

The following resource was updated: AWS::Amplify::App

AWS::Amplify::App

Use the CustomHeaders property to declare custom headers for each HTTP request made to your Amplify Apps.

November 19, 2020

Updated resource

The following resources were updated: AWS::EC2::LaunchTemplate and AWS::EC2::ClientVpnEndpoint.

AWS::EC2::ClientVpnEndpoint

Use the ClientConnectOptions property to indicate whether client connect options are used for Client VPN.

AWS::EC2::LaunchTemplate

Use the AssociateCarrierIpAddress property to indicates whether to associate a Carrier IP address with eth0 for a new network interface.

AWS::EC2::LaunchTemplate

Use the EnclaveOptions property to indicate whether the instance is enabled for AWS Nitro Enclaves.

AWS::EC2::LaunchTemplate

Use the NetworkCardIndex property to specify the network card index.

November 19, 2020

Updated resource

The following resource was updated: AWS::Events::EventBusPolicy.

AWS::Events::EventBusPolicy

Added the Statement property. Use the Statement property to add a statement to the policy attached to an event bus.

November 19, 2020

Updated resource

The following resource was updated: AWS::KMS::Key.

AWS::KMS::Key

Added support for asymmetric CMKs, including the KeySpec property and the SIGN_VERIFY value for the KeyUsage property.

November 19, 2020

Update resource

The following resource was updated: AWS::CloudFront::Distribution.

AWS::CloudFront::Distribution

In the CacheBehavior and DefaultCacheBehavior property types, use the TrustedKeyGroups property to specify a list of the key groups that CloudFront can use to verify signed URLs or signed cookies.

For more information, see Serving private content in the Amazon CloudFront Developer Guide.

November 19, 2020

New resources

The following resources were added: AWS::CloudFront::KeyGroup and AWS::CloudFront::PublicKey.

AWS::CloudFront::KeyGroup

Use the AWS::CloudFront::KeyGroup resource to create a key group in Amazon CloudFront to use with CloudFront signed URLs and signed cookies.

For more information, see Serving private content in the Amazon CloudFront Developer Guide.

AWS::CloudFront::PublicKey

Use the AWS::CloudFront::PublicKey resource to create a public key in Amazon CloudFront to use with CloudFront signed URLs and signed cookies, or with field-level encryption.

For more information, see Serving private content or Using field-level encryption to help protect sensitive data in the Amazon CloudFront Developer Guide.

November 19, 2020

New resource

The following resource was added: AWS::Glue::Registry

AWS::Glue::Registry

Use the AWS::Glue::Registry resource to manage registries in the AWS Glue Schema Registry.

November 19, 2020

New resource

The following resource was added: AWS::Glue::Schema

AWS::Glue::Schema

Use the AWS::Glue::Schema resource to manage schemas in the AWS Glue Schema Registry.

November 19, 2020

New resource

The following resource was added: AWS::Glue::SchemaVersion

AWS::Glue::SchemaVersion

Use the AWS::Glue::SchemaVersion resource to manage schema versions in the AWS Glue Schema Registry.

November 19, 2020

New resource

The following resource was added: AWS::Glue::SchemaVersionMetadata

AWS::Glue::SchemaVersionMetadata

Use the AWS::Glue::SchemaVersionMetadata resource to manage schema version metadata in the AWS Glue Schema Registry.

November 19, 2020

New resource

The following resource is new: AWS::IoT::TopicRuleDestination

AWS::IoT::TopicRuleDestination

Use the AWS::IoT::TopicRuleDestination to specify a topic rule destination.

November 19, 2020

New resource

The following resources were added: AWS::NetworkFirewall::Firewall, AWS::NetworkFirewall::FirewallPolicy, AWS::NetworkFirewall::LoggingConfiguration, and AWS::NetworkFirewall::RuleGroup

AWS::NetworkFirewall::Firewall

Use the AWS::NetworkFirewall::Firewall resource to specify stateful, managed, network firewall and intrusion detection and prevention for your VPCs in Amazon VPC.

AWS::NetworkFirewall::FirewallPolicy

Use the AWS::NetworkFirewall::FirewallPolicy resource to specify the stateless and stateful network traffic filtering behavior for your AWS::NetworkFirewall::Firewall.

AWS::NetworkFirewall::LoggingConfiguration

Use the AWS::NetworkFirewall::LoggingConfiguration resource to specify the destinations and logging options for an AWS::NetworkFirewall::Firewall.

AWS::NetworkFirewall::RuleGroup

Use the AWS::NetworkFirewall::RuleGroup resource to specify a reusable collection of stateless or stateful network traffic filtering rules for use in your AWS::NetworkFirewall::FirewallPolicy.

November 19, 2020

New resource

The following resource was added: AWS::S3::StorageLens

S3 Storage Lens

Use the AWS::S3::StorageLens resource to create a S3 Storage Lens configuration in the Amazon Simple Storage Service.

November 19, 2020

Change sets for nested stacks

With change sets for nested stacks you can preview the changes to your application and infrastructure resources across the entire nested stack hierarchy and proceed with updates when you’ve confirmed that all the changes are as intended.

For more information, see Change sets for nested stacks.

November 18, 2020

Updated resources

The following resources were updated: AWS::AppMesh::VirtualNode and AWS::AppMesh::VirtualGateway

AWS::AppMesh::VirtualNode

Use the ConnectionPool property to specify the type of connection pool for the listener.

Use the VirtualNodeHttp2ConnectionPool property to specify an http2 type of connection pool.

Use the VirtualNodeGrpcConnectionPool property to specify a grpc type of connection pool.

Use the VirtualNodeConnectionPool property to specify the type of virtual node connection pool.

Use the VirtualNodeHttpConnectionPool property to specify an http type of connection pool.

Use the OutlierDetection property to specify the type of outlier detection for the listener.

Use the VirtualNodeTcpConnectionPool property to specify an http2 type of connection pool.

AWS::AppMesh::VirtualGateway

Use the ConnectionPool property to specify the type of connection pool for the listener.

Use the VirtualGatewayHttpConnectionPool property to specify an http type of connection pool.

Use the VirtualGatewayHttp2ConnectionPool property to specify an http2 type of connection pool.

Use the VirtualGatewayConnectionPool property to specify the type of virtual gateway connection pool.

Use the VirtualGatewayGrpcConnectionPool property to specify a grpc type of connection pool.

November 12, 2020

Updated resource

The following resources were updated: AWS::EC2::Route and AWS::EC2::VPCEndpointService.

AWS::EC2::Route

Use the VpcEndpointId property to create a route to a Gateway Load Balancer endpoint.

AWS::EC2::VPCEndpointService

Use the GatewayLoadBalancerArns property to specify a Gateway Load Balancer for your VPC endpoint service.

November 12, 2020

Updated resource

The following resource was updated: AWS::Kendra::DataSource.

AWS::Kendra::DataSource

Use the new CUSTOM value to specify the custom data sources.

November 12, 2020

New resources: AWS Glue DataBrew

This is the first release of AWS Glue DataBrew.

November 12, 2020

Updated resource

The following resources were updated: AWS::S3::Bucket

IntelligentTieringConfiguration

Use the IntelligentTieringConfiguration property to specify an S3 Intelligent-Tiering configuration.

OwnershipControls

Use the OwnershipControls property to specify object ownership on a bucket.

November 9, 2020

Updated resources

The following resources were updated: AWS::CodeArtifact::Domain and AWS::CodeArtifact::Repository.

AWS::CodeArtifact::Domain

The AWS::CodeArtifact::Domain resource now supports tags.

AWS::CodeArtifact::Repository

The AWS::CodeArtifact::Repository resource now supports tags.

November 5, 2020

Updated resource

The following resource was updated: AWS::AutoScaling::AutoScalingGroup.

CapacityRebalance

Use the CapacityRebalance property to indicate whether Capacity Rebalancing is enabled.

November 5, 2020

Updated resource

The following resource was updated: AWS::Batch::JobDefinition

AWS::Batch::JobDefinition

In the RetryStrategy property type, use the EvaluateOnExit property to specify a set of conditions to be met, and an action to take (RETRY or EXIT) if all conditions are met.

November 5, 2020

Updated resource

The following resource was updated: AWS::EC2::Route.

AWS::EC2::Route

Use the CarrierGatewayId property to create a route to a carrier gateway.

November 5, 2020

Updated resource

The following resource was updated: AWS::Lambda::EventSourceMapping.

AWS::Lambda::EventSourceMapping

Use the Queues property to specify the Amazon MQ queue to stream to a Lambda function. Use the Source access configuration property to specify the Secrets Manager secret that stores your MQ broker credentials.

November 5, 2020

New resource

The following new resource was added: AWS::Events::Archive.

AWS::Events::Archive

Use the Archive resource to create an EventBridge archive to store events in.

November 5, 2020

New resource

The following resource was added: AWS::IoT::DomainConfiguration.

AWS::IoT::DomainConfiguration

Use the AWS::IoT::DomainConfiguration resource to specify a domain configuration in AWS IoT Core.

November 5, 2020

New resource

The following resource was added: AWS::RDS::GlobalCluster.

AWS::RDS::GlobalCluster

Use the AWS::RDS::GlobalCluster resource to create or update an Aurora global database cluster.

November 5, 2020

New resource

The following resource was added: AWS::SES::ContactList

AWS::SES::ContactList

Use the ContactList resource to create a list that contains contacts that have subscribed to a particular topic or topics.

November 5, 2020

Updated resource

The following resources were updated: AWS::AmazonMQ::Broker, AWS::AmazonMQ::Configuration, AWS::AmazonMQ::ConfigurationAssociation

AWS::AmazonMQ::Broker

Amazon MQ now supports RabbitMQ broker engine.

November 4, 2020

New resources

The following resources were added: AWS::IVS::Channel, AWS::IVS::StreamKey, and AWS::IVS::PlaybackKeyPair

AWS::IVS::Channel

Use the AWS::IVS::Channel resource to specify an Amazon IVS Channel, which stores configuration information related to your live stream.

AWS::IVS::StreamKey

Use the AWS::IVS::StreamKey resource to specify an Amazon IVS Stream Key, which creates a stream key for the specified IVS Channel. Use a stream key to initiate a live stream.

AWS::IVS::PlaybackKeyPair

Use the AWS::IVS::PlaybackKeyPair resource to specify an Amazon IVS PlaybackKeyPair, which is used to sign and validate a playback authorization token for a private channel.

October 29, 2020

New resource

The following resources were added: AWS::IoTSitewise::Asset, AWS::IoTSiteWise::AssetModel, and AWS::IoTSiteWise::Gateway.

AWS::IoTSiteWise::Asset

Use the AWS::IoTSiteWise::Asset resource to create a new asset in AWS IoT SiteWise.

AWS::IoTSiteWise::AssetModel

Use the AWS::IoTSiteWise::AssetModel resource to create a new asset model in AWS IoT SiteWise.

AWS::IoTSiteWise::Gateway

Use the AWS::IoTSiteWise::Gateway resource to create a new gateway in AWS IoT SiteWise.

October 28, 2020

Updated resource

The following resource was updated: AWS::AutoScaling::AutoScalingGroup.

AWS::AutoScaling::AutoScalingGroup

Use the NewInstancesProtectedFromScaleIn property to specify whether newly launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in.

October 26, 2020

Updated resources

The following resources were updated: AWS::AppStream::Fleet and AWS::AppStream::ImageBuilder

AWS::AppStream::Fleet

Use the IAMRoleArn property to specify an ARN for the IAM role to apply to the fleet.

Use the StreamView property to specify the AppStream 2.0 view that is displayed to your users when they stream from the fleet.

AWS::AppStream::ImageBuilder

Use the IAMRoleArn property to specify an ARN for the IAM role to apply to the image builder.

October 22, 2020

Updated resources

The following resources were updated: AWS::Batch::ComputeEnvironment, AWS::Batch::JobDefinition, and AWS::Batch::JobQueue.

AWS::Batch::ComputeEnvironment

Use the Tags property to specify tags for the compute environment.

AWS::Batch::JobDefinition

Use the Tags property to specify tags for the job definition.

AWS::Batch::JobQueue

Use the Tags property to specify tags for the job queue.

October 22, 2020

Updated resource

The following resource was updated: AWS::AppSync::ApiKey.

AWS::AppSync::ApiKey

Use the ApiKeyID property to specify the API key ID.

October 22, 2020

Updated resource

The following resource was updated: AWS::CloudFront::Distribution.

AWS::CloudFront::Distribution

In the Origin property type, use the OriginShield property to enable CloudFront Origin Shield.

For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.

October 22, 2020

Updated resource

The following resource was updated: AWS::Elasticsearch::Domain.

AWS::Elasticsearch::Domain

In the ElasticsearchClusterConfig property type:

  • Use the WarmCount property to specify the number of warm nodes in the cluster.

  • Use the WarmEnabled property to specify whether to enable warm storage for the cluster.

  • Use the WarmType property to specify the instance type for the cluster's warm nodes.

October 22, 2020

Updated resource

The following resource was updated: AWS::EMR::Cluster.

AWS::EMR::Cluster

Use the LogEncryptionKmsKeyId property to specify the AWS KMS customer master key (CMK) used for encrypting log files.

Use the ManagedScalingPolicy property to create a managed scaling policy for an Amazon EMR cluster.

Use the StepConcurrencyLevel property to specify the number of steps that can be executed concurrently.

October 22, 2020

Updated resource

The following resource was updated: AWS::Events::Rule.

AWS::Events::Rule

Added AWS::Events::Rule DeadLetterConfig

Added AWS::Events::Rule RetryPolicy

AWS::Events::Rule Target

Added the DeadLetterConfig property of the Target property type.

Added the RetryPolicy property of the Target property type.

October 22, 2020

Updated resource

Added a new property, FileFormat, to the FAQ resource. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html

October 22, 2020

Updated resource

The following resource was updated: AWS::KinesisFirehose::DeliveryStream

AWS::KinesisFirehose::DeliveryStream

DeliveryStreamEncryptionConfigurationInput property type is now supported for the delivery streams in CloudFormation.

October 22, 2020

Updated resource

The following resource was updated: AWS::SNS::Topic.

AWS::SNS::Topic

Use the ContentBasedDeduplication property to enable content-based deduplication for FIFO topics.

Use the FifoTopic property to create a FIFO topic.

October 22, 2020

Updated resource

The following resource was updated: AWS::Transfer::Server.

AWS::Transfer::Server

In the EndpointDetails property type, use the SecurityGroupIds property to specify a list of security groups IDs that are available to attach to your server's endpoint.

October 22, 2020

New resources

The following resources were added: AWS::MediaPackage::Asset, AWS::MediaPackage::Channel, , AWS::MediaPackage::OriginEndpoint, AWS::MediaPackage::PackagingConfiguration, and AWS::MediaPackage::PackagingGroup.

AWS::MediaPackage::Asset.

Use the AWS::MediaPackage::Asset to specify an asset to ingest VOD content.

AWS::MediaPackage::Channel.

Use the AWS::MediaPackage::Channel to specify a channel to receive content.

AWS::MediaPackage::OriginEndpoint.

Use the AWS::MediaPackage::OriginEndpoint to specify an endpoint on an AWS Elemental MediaPackage channel.

AWS::MediaPackage::PackagingConfiguration.

Use the AWS::MediaPackage::PackagingConfiguration to specify a packaging configuration in a packaging group.

AWS::MediaPackage::PackagingGroup.

Use the AWS::MediaPackage::PackagingGroup to specify a packaging group.

October 22, 2020

New resource

The following updated resource was added: BlockPublicPolicy

AWS::SecretsManager::Resource Policies.BlockPublicPolicy

Use the BlockPublicPolicy when adding resource policies to Secrets Manager.

October 22, 2020

Increased quotas

The following AWS CloudFormation quotas have been updated.

  • You can now declare a maximum of 200 mappings in your AWS CloudFormation template.

  • You can now declare a maximum of 200 mapping attributes for each mapping in your AWS CloudFormation template.

  • You can now declare a maximum of 200 outputs in your AWS CloudFormation template.

  • You can now declare a maximum of 200 parameters in your AWS CloudFormation template.

  • You can now declare a maximum of 500 resources in your AWS CloudFormation template.

  • You can now pass a template body with a maximum size of 1 MB in an Amazon S3 object.

October 22, 2020

Updated resource

The following resource was updated: AWS::AmazonMQ::Broker.

AWS::AmazonMQ::Broker

Use the LdapServerMetadata property to to authenticate and authorize connections to a broker.

October 9, 2020

Updated resource

The following resource was updated: AWS::Backup::BackupPlan

AWS::Backup::BackupPlan

In the BackupPlanResourceType property type, use the AdvancedBackupSetting property to specify a list of backup options for each resource type you want to back up.

October 8, 2020

New resources

The following resources were added: AWS::CodeArtifact::Domain and AWS::CodeArtifact::Repository.

AWS::CodeArtifact::Domain

Use the AWS::CodeArtifact::Domain resource to create an AWS CodeArtifact domain.

AWS::CodeArtifact::Repository

Use the AWS::CodeArtifact::Repository resource to create an AWS CodeArtifact repository.

October 8, 2020

Updated resources

The following resources were updated: AWS::ECS::Service

AWS::ECS::Service

Use the CapacityProviderStrategy property to specify a custom capacity provider strategy when creating a service.

October 1, 2020

Updated resource

The following resource was updated: AWS::Batch::JobDefinition.

These property types were added.

LogConfiguration

Use the LogConfiguration property type to specify the log configuration options to send to a custom log driver for the container.

Secrets

Use the Secrets property type to specify a secret to expose to the container.

Tmpfs

Use the Tmpfs property type to specify the details of a tmpfs mount.

These property types were updated.

ContainerProperties

These properties were added.

ExecutionRoleArn

Specifies the execution role to be assumed for the job.

LogConfiguration

Specifies the log configuration for a custom log driver for the job.

Secrets

Specifies the secrets provided for the job.

LinuxParameters

These properties were added.

InitProcessEnabled

Indicates that an init process should be enabled inside the container that forwards signals and reaps processes.

MaxSwap

Specifies the total amount of swap memory (in MiB) a job can use.

SharedMemorySize

Specifies the size (in MiB) of the /dev/shm volume.

Swappiness

Specifies the job container's memory swappiness behavior.

Tmpfs

Specifies the details of the job's tmpfs mount.

October 1, 2020

Updated resource

The following resource was updated: AWS::CloudFront::CachePolicy.

AWS::CloudFront::CachePolicy

In the AWS::CloudFront::CachePolicy resource, some properties are now required that previously were not required.

In the AWS::CloudFront::CachePolicy ParametersInCacheKeyAndForwardedToOrigin property type, use the EnableAcceptEncodingBrotli property to enable CloudFront to serve compressed objects to viewers that support the Brotli compression format. For more information, see Compression support in the Amazon CloudFront Developer Guide.

October 1, 2020

Updated resource

The following resource was updated to support specifying a custom CIDR for Kubernetes service IP address assignment: AWS::EKS::Cluster.

AWS::EKS::Cluster

Use the KubernetesNetworkConfig property to specify a Kubernetes network configuration.

AWS::EKS::Cluster KubernetesNetworkConfig

Use the ServiceIpv4Cidr property to specify the CIDR block that you want Kubernetes to assign service IP addresses from.

October 1, 2020

New resource

The following resource was added: AWS::WorkSpaces::ConnectionAlias

AWS::WorkSpaces::ConnectionAlias

Use the AWS::WorkSpaces::ConnectionAlias resource to specify a connection alias. Connection aliases are used for cross-Region redirection.

October 1, 2020

Drift detection for private resources

CloudFormation supports drift detection operations on an expanded list of AWS resources, as well as private resources that are defined as provisonable.

In addition to the resources that previously supported drift detection, CloudFormation now supports drift detection on all resources defined as provisionable in the CloudFormation registry. For more information, see Resources that support import and drift detection operations.

October 1, 2020

Updated resource

The following resource was updated: AWS::MSK::Cluster

AWS::MSK::Cluster

Adding support for SASL/Scram (Username/ Password access to clusters.)

September 24, 2020

Updated resource

The following resource was updated: AWS::ApiGateway::DomainName.

AWS::ApiGateway::DomainName

Use the AWS::ApiGateway::DomainName resource to configure mutual TLS authentication for an API.

September 17, 2020

Updated resource

The following resource was updated: AWS::ApiGatewayV2::DomainName.

AWS::ApiGatewayV2::DomainName

Use the AWS::ApiGatewayV2::DomainName resource to configure mutual TLS authentication for an API.

September 17, 2020

Updated resource

The following resource was updated: AWS::ApiGatewayV2::Api.

AWS::ApiGatewayV2::Api

Use the AWS::ApiGatewayV2::Api resource to disable the default endpoint for an HTTP API.

September 17, 2020

New resources

The following resources were added: AWS::AppFlow::Flow and AWS::AppFlow::ConnectorProfile.

AWS::AppFlow::Flow

Use the AWS::AppFlow::Flow resource to specify a new flow in Amazon AppFlow.

AWS::AppFlow::ConnectorProfile

Use the AWS::AppFlow::ConnectorProfile describe an instance of a connector in Amazon AppFlow.

September 17, 2020

New resource

The following resource was added: AWS::CloudFormation::StackSet.

AWS::CloudFormation::StackSet

Use the AWS::CloudFormation::StackSet resource to provision stacks into AWS accounts and across Regions by using a single CloudFormation template.

September 17, 2020

Updated resource

The following resource was updated: AWS::ApiGatewayV2::Authorizer.

AWS::ApiGatewayV2::Authorizer

Use the AWS::ApiGatewayV2::Authorizer resource to create a Lambda authorizer for an HTTP API.

September 10, 2020

Updated resource

The following resource was updated: AWS::CodeBuild::ReportGroup

AWS::CodeBuild::ReportGroup

Use the DeleteReports property to specify if any reports that belong to the report group should be deleted when the report group is deleted.

September 10, 2020

Updated resource

The following resource was updated: AWS::StepFunctions::StateMachine.

AWS::StepFunctions::StateMachine

The AWS::StepFunctions::StateMachine now supports X-Ray tracing. You can use the TracingConfiguration property to enable X-Ray tracing for your state machines.

September 10, 2020

New resources

This is the first release of Amazon Kendra in AWS CloudFormation.

September 10, 2020

New resources

The following resources were added: AWS::SSO::Assignment, AWS::SSO::PermissionSet.

AWS::SSO::Assignment

Use the AWS::SSO::Assignment resource to assign access to a principal for a specified AWS account using a specified permission set.

AWS::SSO::PermissionSet

Use the AWS::SSO::PermissionSet resource to create a permission set within a specified SSO instance.

September 10, 2020

Update resource

The following resource was updated: AWS::CloudFront::Distribution.

AWS::CloudFront::Distribution

In the CacheBehavior and DefaultCacheBehavior property types, use the RealtimeLogConfigArn property to specify the Amazon Resource Name (ARN) of the real-time log configuration for the cache behavior.

For more information, see Real-time logs in the Amazon CloudFront Developer Guide.

September 3, 2020

New resources

The following resources were added: AWS::CloudFront::CachePolicy, AWS::CloudFront::OriginRequestPolicy, and AWS::CloudFront::RealtimeLogConfig.

AWS::CloudFront::CachePolicy

Use the AWS::CloudFront::CachePolicy resource to create a new cache policy in Amazon CloudFront.

AWS::CloudFront::OriginRequestPolicy

Use the AWS::CloudFront::OriginRequestPolicy resource to create a new origin request policy in Amazon CloudFront.

AWS::CloudFront::RealtimeLogConfig

Use the AWS::CloudFront::RealtimeLogConfig resource to create a new real-time log configuration in Amazon CloudFront.

September 3, 2020

New resource

The following resource was added: AWS::CodeGuruReviewer::RepositoryAssociation

AWS::CodeGuruReviewer::RepositoryAssociation

The AWS::CodeGuruReviewer::RepositoryAssociation resource describes an associated repository that contains source code to be analyzed by AWS CodeGuru Reviewer. For more information, see RespositoryAssociation in the AWS CodeGuru Reviewer API Reference.

September 3, 2020

New resource

The following resource was added: AWS::EKS::FargateProfile.

AWS::EKS::FargateProfile

Use the AWS::EKS::FargateProfile resource to create an AWS Fargate profile.

September 3, 2020

Updated resource

The following resource was updated: AWS::CodeCommit::Repository Code

AWS::CodeCommit::Repository Code

Use the BranchName property to specify a branch name to be used as the default branch when importing code into a repository.

August 31, 2020

Updated resource

The following resource was updated: AWS::ServiceCatalog::CloudFormationProvisionedProduct.

AWS::ServiceCatalog::CloudFormationProvisionedProduct

The PathName property is now available as an alternative to PathId.

August 27, 2020

New resources

The following resources were added: AWS::GameLift::GameServerGroup

AWS::GameLift::GameServerGroup

Use the AWS::GameLift::GameServerGroup resource to create a GameLift FleetIQ game server group to run low-cost game hosting on your Amazon EC2 instances.

August 27, 2020

New resources

The following resources were added: AWS::Route53Resolver::ResolverQueryLoggingConfig and AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation.

AWS::Route53Resolver::ResolverQueryLoggingConfig

Use the AWS::Route53Resolver::ResolverQueryLoggingConfig resource to specify settings for a query logging configuration.

AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation

Use the AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation resource to configure DNS query logging.

August 27, 2020

Updated resource

The following resource was updated: AWS::KMS::Key.

AWS::KMS::Key

Added a KeyId attribute to the return values.

August 26, 2020

Updated resource

The following resource was updated to support use of a launch template: AWS::EKS::Nodegroup.

AWS::EKS::Nodegroup

Use the LaunchTemplate property to specify a launch template specification that can be used to deploy or update a managed node group. If you use a launch template to deploy a node group, some settings that you normally set for a node group must be moved into the launch template. The text for affected settings has been updated to note that.

August 20, 2020

Updated resources

The following resources were updated: AWS::ECS::TaskDefinition

AWS::ECS::TaskDefinition

Use the EnvironmentFiles property to specify a list of files containing the environment variables to pass to a container.

August 13, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

In the LustreConfiguration property type, use DriveCacheType to specify the type of drive cache used by PERSISTENT_1 file systems that are provisioned with HDD storage devices.

August 13, 2020

Updated resource

The following resource was updated: AWS::Lambda::EventSourceMapping.

AWS::Lambda::EventSourceMapping

Use the Topics property to specify the Amazon MSK topics to stream to a Lambda function.

August 13, 2020

New resource

The following resource was added: AWS::ApplicationInsights::Application

AWS::ApplicationInsights::Application

Use the AWS::ApplicationInsights::Application resource to add an application that is created from a resource group.

August 13, 2020

New resource

The following resource was added: AWS::EC2::CarrierGateway.

AWS::EC2::CarrierGateway

Use the CarrierGateway resource to create a carrier gateway.

August 13, 2020

Updated permissions required for registering resource providers

Registering a resource provider in your account now requires you have permission to access the schema handler package uploaded to an S3 bucket for that resource provider.

For more information, see Registering resource providers in CloudFormation.

August 7, 2020

Updated resource

The following resource was updated: AWS::CodeBuild::Project

AWS::CodeBuild::Project

Use the BuildBatchConfig property to specify configuration information for a batch build.

August 6, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

In the LustreConfiguration property type, AutoImportPolicyType was changed to AutoImportPolicy. Use AutoImportPolicy to configure your Amazon FSx for Lustre file system to automatically import metadata of objects that are added to or changed in your linked S3 bucket after file system creation.

August 6, 2020

Updated resources

The following resources were updated: AWS::ECS::TaskDefinition

AWS::ECS::TaskDefinition

Use the EFSVolumeConfiguration property to specify an Amazon Elastic File System file system for task storage.

July 30, 2020

Updated resource

The following resource was updated: AWS::EC2::FlowLog.

AWS::EC2::FlowLog

Use the LogFormat property to specify the fields for the flow log record.

Use the MaxAggregationInterval property to specify the maximum interval for capturing and aggregating flows.

Use the Tags property to specify tags for the flow log.

July 30, 2020

Updated resource

The following resource was updated: AWS::GroundStation::DataflowEndpointGroup.

MTU property

The MTU property sets the maximum transmission unit used for a dataflow endpoint.

July 30, 2020

New resources

The following resources were added: AWS::AppMesh::VirtualGateway and AWS::AppMesh::GatewayRoute

AWS::AppMesh::VirtualGateway

Use the AWS::AppMesh::VirtualGateway resource to create a virtual gateway that allows resources outside of your mesh to communicate to resources that are inside of your mesh.

AWS::AppMesh::GatewayRoute

Use the AWS::AppMesh::GatewayRoute resource to create a gateway route that routes traffic to a virtual service.

July 30, 2020

New resources

The following resource was added: AWS::SageMaker::MonitoringSchedule

AWS::SageMaker::MonitoringSchedule

Use the AWS::SageMaker::MonitoringSchedule resource to create a monitoring schedule to regularly start an Amazon SageMaker processing job to monitor the data captured for a SageMaker endpoint.

July 30, 2020

New property

The following properties were added: AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration and AWS::CodeGuruProfiler::ProfilingGroup.Tags.

AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration

Use the AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration property to configure notifications for your profiling group.

AWS::CodeGuruProfiler::ProfilingGroup.Tags

Use the AWS::CodeGuruProfiler::ProfilingGroup.Tags property to add tags to a profiling group.

July 30, 2020

Updated resources

The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup

AWS::WAFv2::WebACL

Rule statements that use IP addresses now support using IP addresses that are forwarded in an HTTP header in the web request, instead of using the IP address that's reported by the web request origin. This option is available for all rule statements that use an IP address: GeoMatchStatement, RateBasedStatement, and IPSetReferenceStatement. The following new properties support this functionality: IPSetForwardedIPConfiguration and ForwardedIPConfiguration.

AWS::WAFv2::RuleGroup

Rule statements that use IP addresses now support using IP addresses that are forwarded in an HTTP header in the web request, instead of using the IP address that's reported by the web request origin. This option is available for all rule statements that use an IP address: GeoMatchStatement, RateBasedStatement, and IPSetReferenceStatement. The following new properties support this functionality: IPSetForwardedIPConfiguration and ForwardedIPConfiguration.

July 23, 2020

Updated resource

The following resource was updated: AWS::CloudFront::Distribution.

AWS::CloudFront::Distribution

In the CacheBehavior and DefaultCacheBehavior property types:

  • Use the CachePolicyId property to specify the ID of the cache policy for the cache behavior.

  • Use the OriginRequestPolicyId property to specify the ID of the origin request policy for the cache behavior.

For more information, see Working with policies in the Amazon CloudFront Developer Guide.

July 23, 2020

Updated resource

The following resource was updated: AWS::CodeStarConnections::Connection

AWS::CodeStarConnections::Connection

Use the HostArn property to specify the host associated with connections you want to make to an installed provider.

July 23, 2020

Updated resource

The following resource was updated: AWS::EFS::FileSystem

AWS::EFS::FileSystem

Use the BackupPolicy property to turn automatic backups on or off for your Amazon EFS file system.

July 23, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

In the LustreConfiguration property type, use AutoImportPolicyType to configure how FSx imports new files and file changes in the linked data repository into the file system.

July 23, 2020

Updated resource

The following resource was updated: EndpointConfig

AWS::SageMaker::EndpointConfig

Use the CaptureContentTypeHeader property to specify content types (JSON and/or CSV) to capture.

Use the CaptureOption property to specify whether to capture input data, output data, or both.

Use the DataCaptureConfig resource/property to configure how the endpoint captures data.

July 23, 2020

New resource

The following resource was added: AWS::SecretsManager::RotationSchedule.HostedRotationLambda.

AWS::SecretsManager::RotationSchedule

Use the RESOURCE AWS::SecretsManager::RotationSchedule.HostedRotationLambda to create a rotation Lambda.

July 23, 2020

Updated resource

The following resource was updated: AWS::Amplify::App

AWS::Amplify::App

Use the EnableBranchAutoDeletion property to automatically disconnect a branch in the Amplify Console when you delete a branch from your Git repository.

July 9, 2020

Updated resource

The following resource was updated: AWS::Amplify::Domain

AWS::Amplify::Domain

Use the AutoSubDomainCreationPatterns property to set branch patterns for automatic subdomain creation.

Use the AutoSubDomainIAMRole property to specify the required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.

Use the EnableAutoSubDomain property to enable the automated creation of subdomains for branches.

July 9, 2020

Updated resource

The following resource was updated: AWS::ElasticLoadBalancingV2::Listener.

AWS::ElasticLoadBalancingV2::Listener

Use the AlpnPolicy property to specify the name of the Application-Layer Protocol Negotiation (ALPN) policy for TLS listeners.

July 9, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

The StorageCapacity property has changed so that an update requires no interruption.

In the WindowsConfiguration property type, the ThroughputCapacity property has changed so that an update requires no interruption.

In the LustreConfiguration property type:

  • Use the DailyAutomaticBackupStartTime property to specify the time that the daily automatic backup window starts.

  • Use the CopyTagsToBackups boolean property to copy file system tags to its backups.

  • Use the AutomaticBackupRetentionDays property to set the number of days to retain file system backups.

July 9, 2020

Updated resource

The following resource was updated: AWS::ServiceCatalog::CloudFormationProvisionedProduct.

AWS::ServiceCatalog::CloudFormationProvisionedProduct

Use the Outputs property to view the output of the product you are provisioning.

July 9, 2020

Updated resource

The following resource was updated: AWS::Synthetics::Canary.

AWS::Synthetics::Canary

The MemoryInMB parameter was added. Also, the RunConfig parameter is no longer required, and DurationInSeconds is no longer required.

July 9, 2020

New resource

The following resource was added: AWS::Athena::DataCatalog

AWS::Athena::DataCatalog

Use the AWS::Athena::DataCatalog resource to register external data sources with Athena.

July 9, 2020

New resource

The following resource was added: AWS::EC2::PrefixList.

AWS::EC2::PrefixList

Use the PrefixList resource to create a prefix list.

July 9, 2020

New resource

The following resource was added: AWS::QLDB::Stream

AWS::QLDB::Stream

Use the AWS::QLDB::Stream resource to specify a new journal stream for a given Amazon Quantum Ledger Database (Amazon QLDB) ledger.

July 9, 2020

New property

The following property was added to AWS::CodeBuild::Project Source: BuildStatusConfig

AWS::CodeBuild::Project Source

Use the buildStatusConfig property to specify build status information to the source provider.

July 9, 2020

New property

The following resource was added: AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform.

AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform

Use AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform to specify the compute platform of the profiling group.

July 9, 2020

Updated resource

The following resource was updated: AWS::Events::Rule.

AWS::Events::Rule

In the Target property type, use the HttpParameters property to specify the HTTP parameters to use when the target is a API Gateway REST endpoint.

July 6, 2020

New resource

The following resource was added: AWS::AppConfig::HostedConfigurationVersion

AWS::AppConfig::HostedConfigurationVersion

This resource lets you create a new configuration in the AppConfig hosted configuration store.

June 25, 2020

Updated resources

The following resources were updated: AWS::ServiceDiscovery::HttpNamespace AWS::ServiceDiscovery::PrivateDnsNamespace AWS::ServiceDiscovery::PublicDnsNamespace AWS::ServiceDiscovery::Service

AWS::ServiceDiscovery::HttpNamespace

Use the Tags property to add tag keys and values to an AWS CloudMap HTTP namespace.

AWS::ServiceDiscovery::PrivateDnsNamespace

Use the Tags property to add tag keys and values to an AWS CloudMap private DNS namespace.

AWS::ServiceDiscovery::PublicDnsNamespace

Use the Tags property to add tag keys and values to an AWS CloudMap public DNS namespace.

AWS::ServiceDiscovery::Service

Use the Tags property to add tag keys and values to an AWS CloudMap service.

June 22, 2020

Updated resources

The following resources were updated: AWS::ECS::Cluster

AWS::ECS::Cluster

Use the CapacityProviderStrategyItem property to specify the capacity provider strategy when creating a cluster.

June 18, 2020

Updated resource

The following resources were updated: AWS::FMS::Policy IEMap

AWS::FMS::Policy IEMap

The AWS::FMS::Policy IEMap resource now allows you to specify accounts using AWS Organizations organizational units (OUs), in addition to account IDs.

June 18, 2020

New resources

The following resources were added: AWS::ECS::CapacityProvider.

AWS::ECS::CapacityProvider

Use the AWS::ECS::CapacityProvider resource to create a new capacity provider.

June 18, 2020

Updated resource

The following resource was updated: AWS::EFS::FileSystem

AWS::EFS::FileSystem

Use the FileSystemPolicy property to create a new resource policy to control NFS access to your Amazon EFS file system.

June 16, 2020

Updated resource

The following resource was updated: AWS::EFS::AccessPoint

AWS::EFS::AccessPoint

Fn::GetAtt now returns the AccessPointId and Arn attributes.

June 16, 2020

Updated resource

The following resource was updated: AWS::Lambda::Function.

AWS::Lambda::Function

Use the FileSystemConfigs property to specify connection settings for an Amazon EFS file system.

June 16, 2020

Updated resources

The following resource was updated: AWS::EC2::Volume.

AWS::EC2::Volume

Use the OutpostArn property to specify the Amazon Resource Name (ARN) of the Outpost.

June 11, 2020

Updated resource

The following resource was updated: AWS::CertificateManager::Certificate

AWS::CertificateManager::Certificate

Use the CertificateAuthorityArn property to specify the Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate.

Use the CertificateTransparencyLoggingPreference property to enable or disable certificate transparency logging.

June 11, 2020

Updated resource

The following resource was updated: AWS::CloudFront::Distribution.

AWS::CloudFront::Distribution

In the Origin property type, use the ConnectionAttempts property to specify the number of times that CloudFront attempts to connect to the origin.

In the Origin property type, use the ConnectionTimeout property to specify the number of seconds that CloudFront waits when trying to establish a connection to the origin.

June 11, 2020

Updated resource

The following resource was updated: AWS::ElastiCache::ReplicationGroup.

AWS::ElastiCache::ReplicationGroup

Use the MultiAZEnabled attribute to indicate if you have Multi-AZ enabled.

June 11, 2020

Updated resource

The following resource was updated: AWS::ElasticLoadBalancingV2::LoadBalancer.

AWS::ElasticLoadBalancingV2::LoadBalancer

Use the SubnetMapping attribute to specify a subnet to attach to a load balancer.

June 11, 2020

New resource

The following resources were added: AWS::RDS::DBProxy and AWS::RDS::DBProxyTargetGroup.

AWS::RDS::DBProxy

Use the AWS::RDS::DBProxy resource to create or update a DB proxy. Use the AWS::RDS::DBProxyTargetGroup resource to specify a set of RDS DB instances, Aurora DB clusters, or both that a proxy can connect to.

June 4, 2020

Resource import supports provisionable private resource types

Import operations now support private resource types that are provisionable; that is, whose provisioning type is either FULLY_MUTABLE or IMMUTABLE. For more information, see Resources that support import operations.

June 3, 2020

New property

The following property was added: AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions.

AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions

The AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions property shows the agent permissions attached to this profiling group.

June 3, 2020

Updated resource

The following resource was updated: AWS::EC2::ClientVpnEndpoint

AWS::EC2::ClientVpnEndpoint ClientAuthenticationRequest

Use the FederatedAuthentication property to specify an IAM SAML identity provider for your Client VPN endpoint.

May 28, 2020

Updated resource

The following resource was updated: AWS::MSK::Cluster

AWS::MSK::Cluster

You can now update an existing MSK cluster to a newer version of Apache Kafka. You can't update it to an older version.

May 28, 2020

Updated resource

The following resource was updated: AWS::CodeBuild::ReportGroup

AWS::CodeBuild::ReportGroup

Use the tags property to specify the name and value of any tags that you want supporting AWS services to use for a report group.

May 21, 2020

Updated resource

The following resource was updated: AWS::StepFunctions::StateMachine.

AWS::StepFunctions::StateMachine

The AWS::StepFunctions::StateMachine has two new properties. You can use the DefinitionS3Location property to reference a state machine JSON definition file stored in an S3 bucket. You can use the DefinitionSubstitutions property to pass variables into the state machine definition file referenced by DefinitionS3Location.

May 21, 2020

Updated resource

The following resource was updated: AWS::SSM::Parameter

AWS::SSM::Parameter

When you create a String parameter, you can now specify a DataType value as aws:ec2:image to ensure that the parameter value you enter is a valid Amazon Machine Image (AMI) ID format. Support for AMI ID formats lets you avoid updating all your scripts and templates with a new ID each time the AMI that you want to use in your processes changes. You can create a parameter with the data type aws:ec2:image, and for its value, enter the ID of an AMI. This is the AMI from which you currently want new instances to be created. You then reference this parameter in your templates and commands. When you’re ready to use a different AMI, update the parameter value. Parameter Store validates the new AMI ID, and you don’t need to update your scripts and templates.

May 21, 2020

ECS blue/green deployments through CodeDeploy

You can now use CloudFormation to perform ECS blue/green deployments through CodeDeploy. Blue/green deployments are a safe deployment strategy provided by AWS CodeDeploy for minimizing interruptions caused by changing application versions.

For more information, see Performing ECS blue/green deployments through CodeDeploy using AWS CloudFormation.

May 19, 2020

AWS CloudFormation StackSets Region availability

AWS CloudFormation StackSets is now available in the AWS GovCloud (US-West) Region.

May 18, 2020

Updated resource

The following resource was updated: AWS::CodeStarConnections::Connection

AWS::CodeStarConnections::Connection

Use the Tags property to specify the tags applied to your connections resource.

May 14, 2020

Updated resource

The following resource was updated: AWS::MediaStore::Container.

AWS::MediaStore::Container

Use the MetricPolicy property to enable metrics at the object level.

Use the Tags property to attach metadata to the AWS::MediaStore::Container resource.

May 14, 2020

Updated resource

The following resource was updated: AWS::ServiceCatalog::CloudFormationProduct.

AWS::ServiceCatalog::CloudFormationProduct

Use the ReplaceProvisioningArtifacts property to choose whether provisioning artifact identifiers are replaced when you update a product.

May 14, 2020

Updated resource

The following resource was updated: AWS::Synthetics::Canary.

AWS::Synthetics::Canary

The RunConfig parameter is required.

May 14, 2020

New resources

The following resources were added: AWS::GlobalAccelerator::Accelerator, AWS::GlobalAccelerator::EndpointGroup, and AWS::GlobalAccelerator::Listener

AWS::GlobalAccelerator::Accelerator

Use the AWS::GlobalAccelerator::Accelerator resource to create or update an accelerator for AWS Global Accelerator.

AWS::GlobalAccelerator::EndpointGroup

Use the AWS::GlobalAccelerator::EndpointGroup resource to create or update an endpoint group for AWS Global Accelerator.

AWS::GlobalAccelerator::Listener

Use the AWS::GlobalAccelerator::Listener resource to create or update a listener for AWS Global Accelerator.

May 14, 2020

New resources

The following resources were added: AWS::Macie::CustomDataIdentifier, AWS::Macie::FindingsFilter, and AWS::Macie::Session

AWS::Macie::CustomDataIdentifier

Use the AWS::Macie::CustomDataIdentifier resource to create a custom data identifier in Amazon Macie.

AWS::Macie::FindingsFilter

Use the AWS::Macie::FindingsFilter resource to create a custom filter for findings in Amazon Macie.

AWS::Macie::Session

Use the AWS::Macie::Session resource to enable Amazon Macie.

May 14, 2020

Updated resource

The following resource was updated: AWS::IoTEvents::DetectorModel.

AWS::IoTEvents::DetectorModel

Added the following properties: AssetPropertyTimestamp, AssetPropertyValue, AssetPropertyVariant, DynamoDB, DynamoDBv2, IotSiteWise, and Payload.

Updated the following property: SetTimer.

May 7, 2020

Updated resource

The following resource was updated: AWS::SSM::Association

AWS::SSM::Association

Use the WaitForSuccessTimeoutSeconds property to specify the number of seconds the service should wait for the association status to show "Success" before proceeding with the stack execution. If the association status doesn't show "Success" after the specified number of seconds, then stack creation fails.

May 7, 2020

New resource

The following resource was added: AWS::ImageBuilder::Image.

AWS::ImageBuilder::Image

Use the AWS::ImageBuilder::Image resource to create an image in the EC2 Image Builder service.

May 7, 2020

Updated resource

The following resource was updated: AWS::Synthetics::Canary.

AWS::Synthetics::Canary

Use the Name property to specify the name for this canary.

April 30, 2020

New resource

The following resource was added: AWS::EventSchemas::RegistryPolicy.

AWS::EventSchemas::RegistryPolicy

Use the AWS::EventSchemas::RegistryPolicy resource to specify a resource-based policy associated with a schema registry.

April 30, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

Use the LustreMountName attribute when mounting an Amazon FSx for Lustre file system.

April 23, 2020

New resources

The following resources were added: AWS::ImageBuilder::Component, AWS::ImageBuilder::DistributionConfiguration, AWS::ImageBuilder::ImagePipeline, AWS::ImageBuilder::ImageRecipe, and AWS::ImageBuilder::InfrastructureConfiguration.

AWS::ImageBuilder::Component

Use the AWS::ImageBuilder::Component resource to create a component in the EC2 Image Builder service.

AWS::ImageBuilder::DistributionConfiguration

Use the AWS::ImageBuilder::DistributionConfiguration resource to create a distribution configuration in the EC2 Image Builder service.

AWS::ImageBuilder::ImagePipeline

Use the AWS::ImageBuilder::ImagePipeline resource to create an image pipeline in the EC2 Image Builder service.

AWS::ImageBuilder::ImageRecipe

Use the AWS::ImageBuilder::ImageRecipe resource to create an image recipe in the EC2 Image Builder service.

AWS::ImageBuilder::InfrastructureConfiguration

Use the AWS::ImageBuilder::InfrastructureConfiguration resource to create an infrastructure configuration in the EC2 Image Builder service.

April 23, 2020

New resource

The following resource was added: AWS::CE::CostCategory

AWS::CE::CostCategory

Use the AWS::CE::CostCategory resource to create groupings of costs that you can use across products in the AWS Billing and Cost Management console.

April 23, 2020

New resource

The following resource was added: AWS::Synthetics::Canary.

AWS::Synthetics::Canary

Use the AWS::Synthetics::Canary resource to create a canary. Canaries are configurable scripts that run on a schedule and monitor your endpoints and APIs. By using canaries, you can discover issues before your customers do.

April 23, 2020

Updated resource

The following resource was updated: AWS::Glue::DevEndpoint

AWS::Glue::DevEndpoint

Use the PublicKeys property to specify a list of public keys to be used by a development endpoint for authentication.

April 16, 2020

Updated resource

The following resource was updated: AWS::Glue::MLTransform

AWS::Glue::MLTransform

Use the Tags property to specify the AWS resource tags to use to manage access to a machine learning transform.

April 16, 2020

New resource

The following resource was added: AWS::ResourceGroups::Group

AWS::ResourceGroups::Group

Use the AWS::ResourceGroups::Group resource to create a resource group with the specified name, description, and resource query.

April 16, 2020

Updated resource

The following resource was updated: AWS::CloudWatch::InsightRule.

AWS::CloudWatch::InsightRule

The AWS::CloudWatch::InsightRule resource now supports tags. Use the AWS::CloudWatch::InsightRule resource to create Contributor Insights rules. For more information, see Using Contributor Insights to Analyze High-Cardinality Data.

April 2, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

Use the StorageType property to specify the type of storage for the file system, either solid state drive, SSD or hard disk drive, HDD.

In the WindowsConfiguration property type, use the DeploymentType property to specify a new Amazon FSx for Windows File Server file system deployment type, SINGLE_AZ_2, the latest generation of Single-AZ file systems.

April 2, 2020

Updated resource

The following resource was updated: AWS::ServiceCatalog::LaunchRoleConstraint.

AWS::ServiceCatalog::LaunchRoleConstraint

Use the LocalRoleName property to specify an IAM role to use when an account uses a launch constraint.

April 2, 2020

Updated resource

The following resource was updated: AWS::ApiGatewayV2::Integration.

AWS::ApiGatewayV2::Integration

Use the AWS::ApiGatewayV2::Integration resource to create a private integration for an HTTP API.

March 26, 2020

Updated resource

The following resource was updated: AWS::AutoScaling::AutoScalingGroup.

AWS::AutoScaling::AutoScalingGroup

Use the MaxInstanceLifetime property to specify the maximum amount of time, in seconds, that an instance can be in service.

March 26, 2020

Updated resource

The following resource was updated: AWS::Cognito::UserPool

AWS::Cognito::UserPool

Use the UsernameConfiguration property to set case sensitivity on the username input for the selected sign-in option.

March 26, 2020

Updated resource

The following resource was updated: AWS::EC2::Volume

AWS::EC2::Volume

Use the MultiAttachEnabled property to indicate whether Amazon EBS Multi-Attach is enabled.

March 26, 2020

Updated resource

The following resource was updated: AWS::RDS::DBInstance

AWS::RDS::DBInstance

The AWS::RDS::DBInstance resource now supports Read Replica across multiple Availability Zone deployments.

March 26, 2020

New resources

The following resources were added: AWS::Detective::Graph and AWS::Detective::MemberInvitation

AWS::Detective::Graph

Use the AWS::Detective::Graph resource to specify a Detective behavior graph.

AWS::Detective::MemberInvitation

Use the AWS::Detective::MemberInvitation resource to send an invitation to join a Detective behavior graph.

March 26, 2020

Updated resource

The following resource was updated: AWS::EC2::ClientVpnEndpoint.

AWS::EC2::ClientVpnEndpoint

Use the VpcId and SecurityGroupIds properties to assign security groups to your Client VPN endpoint.

March 19, 2020

New resources

The following resources were added: AWS::NetworkManager::CustomerGatewayAssociation, AWS::NetworkManager::Device, AWS::NetworkManager::GlobalNetwork, AWS::NetworkManager::Link, AWS::NetworkManager::LinkAssociation, AWS::NetworkManager::Site, and AWS::NetworkManager::TransitGatewayRegistration

AWS::NetworkManager::CustomerGatewayAssociation

Use the AWS::NetworkManager::CustomerGatewayAssociation resource to specify an association between a customer gateway, device, and link.

AWS::NetworkManager::Device

Use the AWS::NetworkManager::Device resource to specify a device in a global network.

AWS::NetworkManager::GlobalNetwork

Use the AWS::NetworkManager::GlobalNetwork resource to specify a global network.

AWS::NetworkManager::Link

Use the AWS::NetworkManager::Link resource to specify a link for a site.

AWS::NetworkManager::LinkAssociation

Use the AWS::NetworkManager::LinkAssociation resource to specify an association between a device and a link.

AWS::NetworkManager::Site

Use the AWS::NetworkManager::Site resource to specify a site in a global network.

AWS::NetworkManager::TransitGatewayRegistration

Use the AWS::NetworkManager::TransitGatewayRegistration resource to specify the registration of a transit gateway in a global network.

March 19, 2020

New resource

The following resource was added: AWS::CodeGuruProfiler::ProfilingGroup.

AWS::CodeGuruProfiler::ProfilingGroup

Use the AWS::CodeGuruProfiler::ProfilingGroup resource to create a profiling group.

March 19, 2020

New resources

The following resources were added: AWS::Cassandra::Keyspace and AWS::Cassandra::Table.

AWS::Cassandra::Keyspace

Use the AWS::Cassandra::Keyspace resource to create a new keyspace in Amazon Keyspaces (for Apache Cassandra).

AWS::Cassandra::Table

Use the AWS::Cassandra::Table resource to create a new table in Amazon Keyspaces (for Apache Cassandra).

March 16, 2020

Updated resource

The following resources were updated: AWS::AppMesh::VirtualNode, AWS::AppMesh::VirtualRouter, AWS::AppMesh::VirtualService, and AWS::AppMesh::Route

AWS::AppMesh::VirtualNode

Use the MeshOwner property to specify the account ID that owns a shared mesh.

AWS::AppMesh::Route

Use the MeshOwner property to specify the account ID that owns a shared mesh.

AWS::AppMesh::VirtualRouter

Use the MeshOwner property to specify the account ID that owns a shared mesh.

AWS::AppMesh::VirtualService

Use the MeshOwner property to specify the account ID that owns a shared mesh.

March 12, 2020

Updated resource

The following resource was updated: AWS::MSK::Cluster

AWS::MSK::Cluster

Use the LoggingInfo to stream broker logs to one or more of the following destination types: Amazon CloudWatch Logs, Amazon S3, Amazon Kinesis Data Firehose.

March 12, 2020

New and updated resources

The following resources were added or updated: AWS::ApiGatewayV2::ApiGatewayManagedOverrides, AWS::ApiGatewayV2::Integration, and AWS::ApiGatewayV2::VpcLink.

AWS::ApiGatewayV2::ApiGatewayManagedOverrides

Use the AWS::ApiGatewayV2::ApiGatewayManagedOverrides resource to override the default properties of API Gateway managed resources.

AWS::ApiGatewayV2::Integration

Use the AWS::ApiGatewayV2::Integration resource to create a private integration for an HTTP API.

AWS::ApiGatewayV2::VpcLink

Use the AWS::ApiGatewayV2::VpcLink resource to create a VPC link for an HTTP API.

March 12, 2020

Updated resources

The following resources were updated: AWS::Greengrass::ResourceDefinition and AWS::Greengrass::ResourceDefinitionVersion

AWS::Greengrass::ResourceDefinition

In the S3MachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource.

In the SageMakerMachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource.

AWS::Greengrass::ResourceDefinitionVersion

In the S3MachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource.

In the SageMakerMachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource.

March 9, 2020

Updated resource

The following resource was updated: AWS::CloudFront::Distribution.

AWS::CloudFront::Distribution

In the DistributionConfig property type, use the OriginGroups property to specify information about origin groups for this distribution.

March 5, 2020

Updated resource

The following resource was updated to support envelope encryption of secrets with AWS KMS: AWS::EKS::Cluster

AWS::EKS::Cluster EncryptionConfig

Use the AWS::EKS::Cluster EncryptionConfig property to specify the encryption configuration for a Amazon EKS cluster.

AWS::EKS::Cluster Provider

Use the AWS::EKS::Cluster Provider property to specify the AWS Key Management Service (AWS KMS) customer master key (CMK) used to encrypt the secrets for a Amazon EKS cluster.

March 5, 2020

New resource

The following resource was added: AWS::Athena::WorkGroup

AWS::Athena::WorkGroup

Use the AWS::Athena::WorkGroup resource to separate users, teams, applications, or workloads, set limits on the amount of data the workgroup or its queries can process, and track costs.

March 5, 2020

New resource

The following resource was added: AWS::Chatbot::SlackChannelConfiguration

AWS::Chatbot::SlackChannelConfiguration

Use the AWS::Chatbot::SlackChannelConfiguration resource to configure a Slack channel with AWS Chatbot.

March 5, 2020

New resource

The following resource was added: AWS::CodeStarConnections::Connection

AWS::CodeStarConnections::Connection

Use the AWS::CodeStarConnections::Connection resource to specify Connection.

March 5, 2020

New resource

The following resource was added: AWS::CloudWatch::CompositeAlarm.

AWS::CloudWatch::CompositeAlarm

Use the AWS::CloudWatch::CompositeAlarm property to create a composite alarm. Composite alarms evaluate their alarm state based on the alarm states of other CloudWatch rules.

March 2, 2020

Updated resource

The following resource was updated: AWS::AppMesh::VirtualNode

AWS::AppMesh::VirtualNode

Use the BackendDefaults property to specify a client policy for a backend.

Use the ClientPolicy property to specify a client policy.

Use the ClientPolicyTls property to specify a Transport Layer Security (TLS) client policy.

Use the ListenerTls property to specify a TLS listener.

Use the ListenerTlsCertificate property to specify the type of certificate to use for a client policy.

Use the ListenerTlsAcmCertificate property to specify an AWS Certificate Manager certificate.

Use the ListenerTlsFileCertificate property to specify properties of a local file certificate.

Use the TlsValidationContext property to specify a TLS validation context trust.

Use the TlsValidationContextAcmTrust property to specify a context trust for an AWS Certificate Manager certificate.

Use the TlsValidationContextFileTrust property to specify a file that contains the certificate trust chain for a local file certificate.

Use the TlsValidationContextTrust property to specify a TLS validation context trust.

Use the VirtualNodeSpec property to specify BackendDefaults.

Use the Listener property to specify a ListenerTls.

February 27, 2020

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

In the LustreConfiguration property type:

  • Use the DeploymentType property to specify the Amazon FSx for Lustre file system deployment type, either PERSISTENT_1, SCRATCH_2, or SCRATCH_1.

  • Use the PerUnitStorageThroughput property to specify the throughput in MB/s/TiB for a PERSISTENT_1 Amazon FSx for Lustre file system deployment type.

February 27, 2020

New resources

The following resources were added: AWS::GroundStation::Config, AWS::GroundStation::DataflowEndpointGroup, and AWS::GroundStation::MissionProfile

AWS::GroundStation::Config

Use the AWS::GroundStation::Config resource to specify a Config with the specified parameters.

AWS::GroundStation::DataflowEndpointGroup

Use the AWS::GroundStation::DataflowEndpointGroup resource to specify a Dataflow Endpoint Group request.

AWS::GroundStation::MissionProfile

Use the AWS::GroundStation::MissionProfile resource to specify parameters and provide references to config objects to define how Ground Station lists and executes contacts.

February 27, 2020

Updated resource

The following resource was updated: AWS::ManagedBlockchain::Node

AWS::ManagedBlockchain::Node

Use the NodeConfiguration property to create a node on an Ethereum network.

February 25, 2020

Updated resource

The following resources was updated: AWS::CodeBuild::Project

AWS::CodeBuild::Project

Use the ProjectFileSystemLocation property to specify a file system that your AWS CodeBuild build project mounts. You use Amazon Elastic File System (EFS) to create the file system. For more information, see Amazon Elastic File System Sample for CodeBuild.

February 20, 2020

Updated resource

The following resource was updated: AWS::Neptune::DBCluster

AWS::Neptune::DBCluster

Use the DeletionProtection property to help prevent inadvertent deletion of your DB cluster.

Use the EngineVersion property to specify the engine version that your new DB cluster will use.

February 18, 2020

New resources

The following resources were added: AWS::EC2::LocalGatewayRoute and AWS::EC2::LocalGatewayRouteTableVPCAssociation.

AWS::EC2::LocalGatewayRoute

Use the LocalGatewayRoute resource to associate the specified VPC with the specified local gateway route table.

AWS::EC2::LocalGatewayRouteTableVPCAssociation

Use the LocalGatewayRouteTableVPCAssociation resource to associate the specified VPC with the specified local gateway route table.

February 14, 2020

Updated resources

The following resource were updated: AWS::ElasticLoadBalancingV2::Listener and AWS::ElasticLoadBalancingV2::ListenerRule

AWS::ElasticLoadBalancingV2::Listener

In the Action property type, use the ForwardConfig property to specify an action that distributes requests among one or more target groups.

AWS::ElasticLoadBalancingV2::ListenerRule

In the Action property type, use the ForwardConfig property to specify an action that distributes requests among one or more target groups.

February 13, 2020

New resource

The following resources was added: AWS::Config::ConformancePack

AWS::Config::ConformancePack

Use the AWS::Config::ConformancePack resource to create a Conformance Pack that is a collection of AWS Config rules that can be easily deployed in an account and a region and across AWS Organization.

February 13, 2020

New resource

The following resources was added: AWS::Config::OrganizationConformancePack

AWS::Config::OrganizationConformancePack

Use the AWS::Config::OrganizationConformancePack resource to create an OrganizationConformancePack that has information about conformance packs that AWS Config creates in the member accounts.

February 13, 2020

New resource

The following resources were added: AWS::FMS::NotificationChannel and AWS::FMS::Policy

AWS::FMS::NotificationChannel

Use the AWS::FMS::NotificationChannel resource to designate the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager uses to record SNS logs.

AWS::FMS::Policy

Use the AWS::FMS::Policy resource to specify an AWS Firewall Manager policy.

February 13, 2020

AWS CloudFormation StackSets integrates with AWS Organizations

Use StackSets to centrally manage deployments to all the accounts in your organization or specific organizational units (OUs) in AWS Organizations. You can enable automatic deployments to any new accounts added to your organization or OUs. The permissions needed to deploy across accounts will automatically be handled by StackSets. For more information, see Working with AWS CloudFormation StackSets.

February 11, 2020

Updated resources

The following resources were updated: AWS::EC2::LaunchTemplate and AWS::EC2::ClientVpnEndpoint

AWS::EC2::LaunchTemplate

Use the MetadataOptions property to configure the Instance Metadata Service (IMDS) for the instance.

Use the HostResourceGroupArn property to specify the ARN of the host resource group in which to launch the instances.

Use the PartitionNumber property to specify a target partition in a partition placement group.

Use the LaunchTemplateElasticInferenceAccelerator property to specify the number of elastic inference accelerators to attach to the instance.

AWS::EC2::ClientVpnEndpoint

Use the VpnPort property to assign a port number for TCP and UDP traffic.

February 6, 2020

Updated resource

The following resource was updated: AWS::AppSync::GraphQLApi.

AWS::AppSync::GraphQLApi

When the property xrayEnabled is set to TRUE, X-Ray tracing is enabled for this GraphqlApi.

February 6, 2020

Updated resource

The following resource was updated: AWS::Cognito::UserPool

AWS::Cognito::UserPool

Added AccountRecoverySetting parameter to define which verified available method a user can use to recover their password.

February 6, 2020

Updated resource

The following resource was updated: AWS::OpsWorksCM::Server

AWS::OpsWorksCM::Server

Use the Tags property to add tag keys and values to an AWS OpsWorks for Chef Automate or AWS OpsWorks for Puppet Enterprise server.

February 6, 2020

New resource

The following resource was added: AWS::WAFv2::WebACLAssociation.

AWS WAFv2

Use the web ACL association to define an association between a Web ACL and a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), Amazon API Gateway REST API, or an AWS AppSync GraphQL API. For CloudFront distributions, you use AWS::CloudFront::Distribution to manage the association.

February 6, 2020

New resources

The following resources were added: AWS::ACMPCA::Certificate, AWS::ACMPCA::CertificateAuthority, AWS::ACMPCA::CertificateAuthorityActivation.

AWS::ACMPCA::Certificate

The AWS::ACMPCA::Certificate resource is used to issue a certificate using your private certificate authority.

AWS::ACMPCA::CertificateAuthority

Use the AWS::ACMPCA::CertificateAuthority resource to create a private CA.

AWS::ACMPCA::CertificateAuthorityActivation

The AWS::ACMPCA::CertificateAuthorityActivation resource creates and installs a CA certificate on a CA.

January 23, 2020

New resource

The following resources were added: AWS::AppConfig::Application, AWS::AppConfig::ConfigurationProfile, AWS::AppConfig::Deployment, AWS::AppConfig::Environment, and AWS::AppConfig::DeploymentStrategy

AWS::AppConfig::Application

The AWS::AppConfig::Application resource creates an application, which is a logical unit of code that provides capabilities for your customers.

AWS::AppConfig::ConfigurationProfile

The AWS::AppConfig::ConfigurationProfile resource creates a configuration profile that enables AppConfig to access the configuration source.

AWS::AppConfig::Deployment

The AWS::AppConfig::Deployment resource starts a deployment.

AWS::AppConfig::Environment

The AWS::AppConfig::Environment resource creates an environment, which is a logical deployment group of AppConfig targets, such as applications in a Beta or Production environment.

AWS::AppConfig::DeploymentStrategy

The AWS::AppConfig::DeploymentStrategy resource creates an AppConfig deployment strategy.

January 23, 2020

Updated resources

The following resource was updated: AWS::Lambda::Function.

AWS::Lambda::Function

In the Code property type, ZipFile supports nodejs12.x for RunTime.

January 16, 2020

Updated resource

The following resource was updated: AWS::AutoScaling::AutoScalingGroup.

AWS::AutoScaling::AutoScalingGroup

Use the WeightedCapacity property to specify the number of capacity units, which gives the instance type a proportional weight to other instance types.

January 16, 2020

Updated resource

The following resource was updated: AWS::EC2::Instance.

AWS::EC2::Instance

Use the HibernationOptions property to indicate whether the instance is enabled for hibernation.

Use the HostResourceGroupArn property to specify the ARN of the host resource group in which to launch the instances.

January 16, 2020

Updated resource

The following resource was updated: AWS::LakeFormation::Permissions

AWS::LakeFormation::Permissions

Use the DataLocationResource property to specify a structure for a data location object where permissions are granted or revoked.

Use the TableWithColumnsResource property to specify a structure for a table with columns object. This object is only used when granting a SELECT permission.

January 16, 2020

Updated resource

The following resource was updated: AWS::RDS::DBInstance.

AWS::RDS::DBInstance

Use the CACertificateIdentifier property to specify the identifier of the CA certificate for this DB instance.

January 16, 2020

Updated resource

The following resource was updated: AWS::SSM::ResourceDataSync

AWS::SSM::ResourceDataSync

Use the SyncType property with SyncFromSource to synchronize Systems Manager Explorer OpsItems and OpsData from AWS Organizations or from multiple AWS Regions.

January 16, 2020

Updated resources

The following resources were updated: AWS::MSK::Cluster, AWS::RDS::DBInstance, and AWS::SSM::Document

AWS::MSK::Cluster

Use the OpenMonitoring property to enable monitoring with Prometheus, an open-source monitoring system for time-series metric data. You can also use tools that are compatible with Prometheus-formatted metrics or tools that integrate with Amazon MSK Open Monitoring.

AWS::SSM::Document

Use the Name property to specify a name for the Systems Manager document.

AWS::RDS::DBInstance

Use the MaxAllocatedStorage property to specify the upper limit to which Amazon RDS can automatically scale the storage of the DB instance.

December 20, 2019

New resource

The following resource was added: AWS::CodeBuild::ReportGroup

AWS::CodeBuild::ReportGroup

Use the AWS::CodeBuild::ReportGroup resource to specify information about a report group. When you specify a report group in a CodeBuild project, a build of the project creates reports in the report group that contain results from running test cases.

December 20, 2019

New resource

The following resource was added: AWS::EC2::GatewayRouteTableAssociation.

AWS::EC2::GatewayRouteTableAssociation

Use the AWS::EC2::GatewayRouteTableAssociation property to associate a virtual private gateway or internet gateway with a route table.

December 20, 2019

Updated resources

The following resource was updated: AWS::RDS::DBInstance.

AWS::RDS::DBInstance

Use the MaxAllocatedStorage property to specify the upper limit to which Amazon RDS can automatically scale the storage of the DB instance.

December 19, 2019

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

In the WindowsConfiguration property type:

  • Use the DeploymentType property to specify the Amazon FSx Windows file system deployment type.

  • Use the PreferredSubnetId property to specify the subnet in which you want the preferred file server to be located for a MULTI_AZ_1 Amazon FSx for Windows file system deployment type.

December 19, 2019

Updated resource

The following resource was updated: AWS::FSx::FileSystem

AWS::FSx::FileSystem

In the WindowsConfiguration property type:

  • Use the DeploymentType property to specify the file system deployment type.

  • Use the PreferredSubnetId property to specify the subnet in which you want the preferred file server to be located.

December 19, 2019

New resource

The following resource was added: AWS::EC2::GatewayRouteTableAssociation.

AWS::EC2::GatewayRouteTableAssociation

Use the AWS::EC2::GatewayRouteTableAssociation property to associate a virtual private gateway or internet gateway with a route table.

December 19, 2019

Updated resource

The following resource was updated: AWS::EC2::Instance.

AWS::EC2::Instance

In the ElasticInferenceAccelerator property type, use the Count property to specify the number of elastic inference accelerators to attach to the instance.

December 12, 2019

New resource

The following resource was added: AWS::CodeBuild::ReportGroup

AWS::CodeBuild::ReportGroup

Use the AWS::CodeBuild::ReportGroup resource to specify information about a report group. When you specify a report group in a CodeBuild project, a build of the project creates reports in the report group that contain results from running test cases.

December 12, 2019

Updated resources

The following resources were updated: AWS::ApiGatewayV2::Api, AWS::ApiGatewayV2::Authorizer, AWS::ApiGatewayV2::Integration, AWS::ApiGatewayV2::Stage.

AWS::ApiGatewayV2::Api

Use the AWS::ApiGatewayV2::Api resource to create an HTTP API (beta).

AWS::ApiGatewayV2::Authorizer

Use the AWS::ApiGatewayV2::Authorizer resource to create a JWT authorizer for an HTTP API (beta).

AWS::ApiGatewayV2::Integration

Use the AWS::ApiGatewayV2::Integration resource to create an integration for an HTTP API (beta).

AWS::ApiGatewayV2::Stage

Use the AWS::ApiGatewayV2::Stage resource to create a stage for an HTTP API (beta).

December 4, 2019

Updated resources

The following resources were updated: AWS::Lambda::Alias and AWS::Lambda::Version.

AWS::Lambda::Alias

Use the ProvisionedConcurrencyConfiguration property to specify a provisioned concurrency configuration for a function's alias.

AWS::Lambda::Version

Use the ProvisionedConcurrencyConfiguration property to specify a provisioned concurrency configuration for a function's version.

December 3, 2019

Updated resource

The following resource was updated: AWS::StepFunctions::StateMachine.

AWS::StepFunctions::StateMachine

The AWS::StepFunctions::StateMachine now supports Express workflows using the new StateMachineType parameter. You can also configure CloudWatch Logging information for Express workflows using LoggingConfiguration, LogDestination, and CloudWatchLogsLogGroup.

December 3, 2019

New resource

The following resource was added: AWS::S3::AccessPoint

Access Points

Use the AWS::S3::AccessPoint resource to specify an S3 access point.

December 3, 2019

New resource

The following resource was added: AWS::AccessAnalyzer::Analyzer

AWS::AccessAnalyzer::Analyzer

Use the AWS::AccessAnalyzer::Analyzer resource to create an analyzer for IAM Access Analyzer.

December 2, 2019

New resource

The following resources were added: AWS::EventSchemas::Discoverer, AWS::EventSchemas::Registry, and AWS::EventSchemas::Schema.

AWS::EventSchemas::Discoverer

Use the AWS::EventSchemas::Discoverer resource to specify a discoverer that is associated with an event bus. A discoverer allows the Amazon EventBridge Schema Registry to automatically generate schemas based on events on an event bus.

AWS::EventSchemas::Registry

Use the AWS::EventSchemas::Registry to specify a schema registry. Schema registries are containers for Schemas. Registries collect and organize schemas so that your schemas are in logical groups.

AWS::EventSchemas::Schema

Use the AWS::EventSchemas::Schema resource to specify an event schema.

December 1, 2019

New resource

The following resource was added: AWS::Lambda::EventInvokeConfig

AWS::Lambda::EventInvokeConfig

Use the EventInvokeConfig resource to configure destinations and error handling for asynchronous invocation.

November 26, 2019

Updated resource

The following resource was updated: AWS::CloudWatch::Alarm.

AWS::CloudWatch::Alarm

In the MetricDataQuery property type, use the Period property to specify the granularity, in seconds, of the returned data points.

November 25, 2019

Updated resource

The following resource was updated: AWS::CodePipeline::Pipeline.

AWS::CodePipeline::Pipeline

In the ActionDeclaration property type, use the Namespace property to specify the variable namespace associated with the action. All variables produced as output by this action fall under this namespace.

November 25, 2019

Updated resource

The following resource was updated: AWS::Lambda::EventSourceMapping.

AWS::Lambda::EventSourceMapping

For stream sources (DynamoDB and Kinesis), use the BisectBatchOnFunctionError property to split the batch in two and retry if the function returns an error.

For stream sources (DynamoDB and Kinesis), use the DestinationConfig property to specify an Amazon SQS queue or Amazon SNS topic destination for discarded records.

For stream sources (DynamoDB and Kinesis), use the MaximumRecordAgeInSeconds property to specify the maximum age of a record that Lambda sends to a function for processing.

For stream sources (DynamoDB and Kinesis), use the MaximumRetryAttempts property to specify the maximum number of times to retry when the function returns an error.

For stream sources (DynamoDB and Kinesis), use the ParallelizationFactor property to specify the number of batches to process from each shard concurrently.

November 25, 2019

Updated resource

The following resource was updated: AWS::CloudWatch::Alarm.

AWS::CloudWatch::Alarm

In the MetricDataQuery property type, use the Period property to specify the granularity, in seconds, of the returned data points.

November 25, 2019

New resources

The following resources were added: AWS::ECS::PrimaryTaskSet, AWS::ECS::TaskSet.

AWS::ECS::PrimaryTaskSet

Use the AWS::ECS::PrimaryTaskSet resource to specify which task set in a service is the primary task set. Any parameters that are updated on the primary task set in a service will transition to the service. This is used when a service uses the EXTERNAL deployment controller type.

AWS::ECS::TaskSet

Use the AWS::ECS::TaskSet resource to create a task set in the specified cluster and service. This is used when a service uses the EXTERNAL deployment controller type.

November 25, 2019

New resource

The following resource was added: AWS::CloudWatch::InsightRule.

AWS::CloudWatch::InsightRule

Use the AWS::CloudWatch::InsightRule property to create a Contributor Insights rule. Rules evaluate log events in a CloudWatch Logs log group, enabling you to find contributor data for the log events in that log group.

November 25, 2019

New resource

The following resource was added: AWS WAFv2

AWS WAFv2

This is the latest version of AWS WAF, a web application firewall that lets you monitor HTTP(S) requests that are forwarded to an Amazon API Gateway REST API, Amazon CloudFront, Application Load Balancer, or an AWS AppSync GraphQL API. AWS WAF also lets you control access to your content.

November 25, 2019

Updated resources

The following resource were updated: AWS::AppSync::Resolver, AWS::AppSync::DataSource.

AWS::AppSync::Resolver

Use the CachingConfig property to specify the caching behavior of your AWS AppSync resolver.

AWS::AppSync::Resolver

Use the SyncConfig property to specify the conflict detection and resolution strategy of your AWS AppSync resolver.

AWS::AppSync::Resolver

Use the LambdaConflictHandlerConfig property to specify the ARN of the lambda that is used for handling conflicts in your AWS AppSync resolver.

AWS::AppSync::DataSource

Use the DeltaSyncConfig property to specify the delta sync configurations for your versioned AWS AppSync data source.

November 21, 2019

Updated resources

The following resources were updated: AWS::ECS::Cluster, AWS::ECS::Service, and AWS::ECS::TaskDefinition.

AWS::ECS::Cluster

Use the ClusterSettings property to specify the setting to use when creating a cluster. This parameter is used to enable CloudWatch Container Insights for a cluster.

AWS::ECS::Service

Use the DeploymentController property to specify the deployment controller to use for the service.

AWS::ECS::TaskDefinition

In the ContainerDefinition property type, use the FirelensConfiguration property to specify the FireLens configuration for the container. This is used to specify and configure a log router for container logs.

In the LinuxParameters property type:

  • use the MaxSwap property to specify the total amount of swap memory (in MiB) a container can use.

  • use the Swappiness property to tune a container's memory swappiness behavior. A swappiness value of 0 will cause swapping to not happen unless absolutely necessary. A swappiness value of 100 will cause pages to be swapped very aggressively.

November 21, 2019

Updated resources

The following resources were updated: AWS::RDS::DBCluster and AWS::RDS::DBInstance.

AWS::RDS::DBCluster

Use the EnableHttpEndpoint property to indicate whether to enable the HTTP endpoint for an Aurora Serverless DB cluster. By default, the HTTP endpoint is disabled. When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor.

AWS::RDS::DBInstance

For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance.

November 21, 2019

Updated resource

The following resource was updated: AWS::ApiGateway::RestApi.

AWS::ApiGateway::RestApi

Use the VpcEndpointIds property to specify VPC endpoint IDs of an API (AWS::ApiGateway::RestApi) against which to create Route53 ALIASes. It is only supported for PRIVATE endpoint type.

November 21, 2019

Updated resource

The following resource was updated: AWS::CertificateManager::Certificate

AWS::CertificateManager::Certificate

Use the CertificateTransparencyLoggingPreference property to enable or disable certificate transparency logging.

Use the PrivateCertificateAuthorityArn property to specify an ACM Private CA as certificate issuer.

Use the GetAtt function to retrieve the CertificateARN of the AWS::CertificateManager::Certificate resource.

Use the GetAtt function to retrieve the CertificateStatus of the AWS::CertificateManager::Certificate resource.

In the DomainValidationOption property type, use the HostedZoneId property to validate a domain with a Route 53 hosted zone ID.

November 21, 2019

Updated resource

The following resources were updated: AWS::Cognito::UserPool

AWS::Cognito::UserPool

Added ConfigurationSet and From properties to the EmailConfiguration parameter.

AWS::Cognito::UserPoolClient

Added PreventUserExistenceErrors parameter to help manage errors and responses when a user does not exist in the user pool.

AWS::Cognito::UserPoolUser

Use the ClientMetadata parameter to provide input to the AWS Lambda function that is invoked by the pre sign-up trigger.

November 21, 2019

Updated resource

The following resource was updated: AWS::EC2::EIP.

AWS::EC2::EIP

Use the Tags property to specify any tags for the Elastic IP address.

November 21, 2019

Updated resource

The following resource was updated: AWS::Elasticsearch::Domain.

AWS::Elasticsearch::Domain

Use the CognitoOptions property to configure Amazon ES to use Amazon Cognito authentication for Kibana.

Use the EnableVersionUpgrade update policy to update the ElasticsearchVersion property without replacing the AWS::Elasticsearch::Domain resource.

November 21, 2019

Updated resource

The following resource was updated: AWS::Glue::MLTransform

AWS::Glue::MLTransform

Use the GlueVersion property to specify which version of AWS Glue this machine learning transform is compatible with.

November 21, 2019

Updated resource

The following resource was updated: AWS::IAM::User.

AWS::IAM::User

Use the Tags property to specify a list of tags that you want to attach to the newly created user.

November 21, 2019

Updated resource

The following resource was updated: AWS::OpsWorksCM::Server

AWS::OpsWorksCM::Server

Use the CustomDomain property to specify a custom domain on an OpsWorks for Chef Automate Server running Chef Automate 2.0.

Use the CustomCertificate property to specify a PEM-formatted HTTPS certificate for a server with a custom domain.

Use the CustomPrivateKey property to specify a private key in PEM format for connecting to a server that uses a custom domain.

November 21, 2019

Updated resource

The following resource was updated: AWS::S3::Bucket.

AWS::S3::Bucket

In the Transition property type, the StorageClass property supports DEEP_ARCHIVE.

November 21, 2019

Updated resource

The following resource was updated: AWS::Lambda::Function.

AWS::Lambda::Function

In the Code property type, ZipFile supports nodejs10.x for RunTime.

November 21, 2019

New resource

The following resource was added: AWS::AppSync::ApiCache.

AWS::AppSync::ApiCache

Use the AWS::AppSync::ApiCache resource to enable resolver caching with AWS AppSync.

November 21, 2019

Drift Detection for Stack Sets

You can now run drift detection on a stack set and all the stack instances it includes.

When CloudFormation performs drift detection on a stack set, it performs drift detection on the stack associated with each stack instance in the stack set. For more details, see Detecting Unmanaged Configuration Changes in Stack Sets.

November 19, 2019

Updated resource

The following resource was updated to support Amazon EKS managed node groups: AWS::EKS::Cluster

AWS::EKS::Cluster

Use the AWS::EKS::Cluster resource to create a new Amazon EKS cluster.

November 18, 2019

New resource

The following resource was added: AWS::EKS::Nodegroup

AWS::EKS::Nodegroup

Use the AWS::EKS::Nodegroup resource to create a new Amazon EKS managed node group.

November 18, 2019

CloudFormation registry now available

Use the CloudFormation registry to view private and public resources that are available for use in your CloudFormation account.

For more information, see Using the CloudFormation Registry

November 18, 2019

CloudFormation registry API actions

The following API actions for managing types in the CloudFormation registry are now available.

For more information about the CloudFormation registry, see Using the CloudFormation Registry

DeregisterType

Removes a type or type version from active use in the CloudFormation registry.

DescribeType

Returns detailed information about a registered type.

DescribeTypeRegistration

Returns information about a type's registration, including its current status and type and version identifiers.

ListTypeRegistrations

Returns a list of registration request identifiers for the specified type.

ListTypes

Returns summary information about types that have been registered with CloudFormation.

ListTypeVersions

Returns summary information about the versions of a type.

RegisterType

Registers a type with the CloudFormation service. Registering a type makes it available for use in CloudFormation templates in your AWS account.

SetTypeDefaultVersion

Specify the default version of a type. The default version of a type will be used in CloudFormation operations.

November 18, 2019

Updated resources

The following resources were updated: AWS::GameLift::Build, AWS::GameLift::Fleet.

AWS::GameLift::Build

Use the OperatingSystem property to specify the operating system that the build files run on.

AWS::GameLift::Fleet

Use the CertificateConfiguration property to generate a TLS/SSL certificate for the new fleet.

Use the FleetType property to specify use of On-Demand or Spot instances in the fleet.

Use the InstanceRoleArn property to manage access to your non-GameLift AWS resources from GameLift fleet instances.

Use the MetricGroups property to add fleet metrics to a CloudWatch metric group.

Use the NewGameSessionProtectionPolicy property to prevent the fleet's active game sessions from being terminated during a scale down event.

Use the PeerVpcAwsAccountId property when setting up VPC peering for the fleet.

Use the PeerVpcId property when setting up VPC peering for the fleet.

Use the ResourceCreationLimitPolicy property to limit an individual player's ability to use the fleet's available hosting resources.

Use the RuntimeConfiguration property to configure what processes are run on each instance in the fleet.

Use the ScriptId property to create a Realtime Servers fleet and configure it with a Realtime script.

November 14, 2019

New resources

The following resources were added: AWS::GameLift::Script, AWS::GameLift::GameSessionQueue, AWS::GameLift::MatchmakingConfiguration, AWS::GameLift::MatchmakingRuleSet.

AWS::GameLift::Script

Use the Script resource to upload a configuration script for a Realtime Servers fleet.

AWS::GameLift::GameSessionQueue

Use the GameSessionQueue resource to create a game session queue that processes player requests for new game sessions.

AWS::GameLift::MatchmakingConfiguration

Use the MatchmakingConfiguration resource to create a matchmaker that processes player requests for new matched game sessions.

AWS::GameLift::MatchmakingRuleSet

Use the MatchmakingRuleSet resource to create rules that specify how to form matches and evaluate players for inclusion in a match.

November 14, 2019

Resource import added

If you created an AWS resource outside of AWS CloudFormation management, you can bring this existing resource into CloudFormation management using resource import.

For more information, see Bringing Existing Resources Into CloudFormation Management.

November 11, 2019

New resource

The following resource was added: AWS::CodeStarNotifications::NotificationRule

AWS::CodeStarNotifications::NotificationRule

Use the AWS::CodeStarNotifications::NotificationRule resource to create notification rules for resources in AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, and AWS CodePipeline.

November 7, 2019

New resource

The following resources were added: AWS::MediaConvert::JobTemplate, AWS::MediaConvert::Preset, AWS::MediaConvert::Queue

AWS::MediaConvert::JobTemplate

Use the AWS::MediaConvert::JobTemplate resource to specify a job template for transcoding jobs.

AWS::MediaConvert::Preset

Use the AWS::MediaConvert::Preset resource to specify an output preset as part of a transcoding job.

AWS::MediaConvert::Queue

Use the AWS::MediaConvert::Queue resource to specify an on-demand transcoding queue.

November 6, 2019

Updated resource

The following resource was updated: AWS::Glue::Crawler

AWS::Glue::Crawler

Use the DynamoDBTargets property to specify a list of Amazon DynamoDB targets.

Use the CatalogTargets property to specify a list of AWS Glue Data Catalog targets.

November 4, 2019

Updated resources

The following resources were updated: AWS::ApiGateway::ApiKey, AWS::ApiGateway::ClientCertificate, AWS::ApiGateway::DomainName, AWS::ApiGateway::RestApi, and AWS::ApiGateway::UsagePlan.

AWS::ApiGateway::ApiKey

Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the API key.

AWS::ApiGateway::ClientCertificate

Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the client certificate.

AWS::ApiGateway::DomainName

Use the SecurityPolicy property to the Transport Layer Security (TLS) version + cipher suite for this domain name.

Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the domain name.

AWS::ApiGateway::RestApi

Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the API.

AWS::ApiGateway::UsagePlan

Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the usage plan.

October 31, 2019