Release history

The following table describes important changes in each release of the AWS CloudFormation User Guide after May 2018. For notification about updates to this documentation, you can subscribe to an RSS feed.

Change	Description	Date
Updated resources	The following resources were updated: AWS::Route53Resolver::ResolverEndpoint AWS::Route53Resolver::ResolverEndpoint IpAddressRequest, and AWS::Route53Resolver::ResolverRule TargetAddress AWS::Route53Resolver::ResolverEndpoint Use the ResolverEndpointType property to specify Resolver endpoint IP address type. AWS::Route53Resolver::ResolverEndpoint IpAddressRequest Added the Ipv6 property to support IPv6 IP addresses. AWS::Route53Resolver::ResolverRule TargetAddress Added the Ipv6 property to support IPv6 IP addresses.	March 23, 2023
Updated resource	The following resource was updated: AWS::OpenSearchService::Domain. AWS::OpenSearchService::Domain Use the SoftwareUpdateOptions, OffPeakWindowOptions, WindowStartTime, and OffPeakWindow properties to configure an off-peak window for the domain.	March 23, 2023
Updated resource	The following resource was updated: AWS::S3ObjectLambda::AccessPoint. AWS::S3ObjectLambda::AccessPoint Add the Alias attribute to the return values. The Alias return value is the alias of the Object Lambda Access Point.	March 23, 2023
Updated resource	The following resource was updated: AWS::Cassandra::Table. AWS::Cassandra::Table.ClientSideTimestampsEnabled Use the AWS::Cassandra::Table.ClientSideTimestampsEnabled property to turn on client-side timestamps for a table in Amazon Keyspaces (for Apache Cassandra).	March 16, 2023
Updated resource	The following resource was updated: AWS::RUM::AppMonitor. AWS::RUM::AppMonitor The Namespace property was added to the AWS::RUM::AppMonitor resource to support Amazon CloudWatch RUM custom metrics. For more information, see Custom metrics and extended metrics that you can send to CloudWatch and CloudWatch Evidently.	March 16, 2023
New resource	The following new resource was added: AWS::Comprehend::Flywheel. Use the AWS::Comprehend::Flywheel resource to create a flywheel for an Amazon Comprehend model.	March 16, 2023
Updated resource	The following resource was updated: AWS::Logs::LogGroup. AWS::Wisdom::KnowledgeBase The AppIntegrationsConfiguration:ObjectFields parameter is optional if ObjectConfiguration is included in the provided DataIntegration.	March 13, 2023
updated resources	The following resources were updated: AWS::Pinpoint::ApplicationSettings Limits and AWS::Pinpoint::Campaign Limits. AWS::Pinpoint::ApplicationSettings Limits The MessagesPerSecond field minimum values was changed from 50 to 1. AWS::Pinpoint::Campaign Limits The MessagesPerSecond field minimum values was changed from 50 to 1.	March 9, 2023
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProduct. AWS::ServiceCatalog::CloudFormationProduct Use the ProvisioningArtifactProperties property to specify information about a provisioning artifact (also known as a version) for a product. Use the SourceConnection property to specify details about the product’s connection.	March 9, 2023
Updated resources	The following resource was updated: AWS::WAFv2::WebACLAssociation. AWS::WAFv2::WebACLAssociation The ResourceArn property now accepts AWS::AppRunner::Service ARNs.	March 6, 2023
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping Use the DocumentDBEventSourceConfig property to define specific configuration settings for a DocumentDB event source, such as the database name.	March 2, 2023
Updated resource	The following resource was updated: AWS::WAFv2::WebACL. AWS::WAFv2::WebACL Use the AWSManagedRulesATPRuleSet property to configure your use of the Fraud Control account takeover prevention (ATP) managed rule group in a managed rule group reference statement. For protected CloudFront distributions, in addition to inspecting login requests, you can now use ATP to block new login attempts from clients that have recently submitted too many failed login attempts.	March 2, 2023
New resources	The following resources were added: AWS::IVSChat::Room and AWS::IVSChat::LoggingConfiguration AWS::IVSChat::Room Use the AWS::IVSChat::Room resource to specify and Amazon IVS Chat Room. AWS::IVSChat::LoggingConfiguration Use the AWS::IVSChat::LoggingConfiguration resource to specify and Amazon IVS Chat Logging Configuration, which stores configuration information related to loggin your chat session to a data store.	March 2, 2023
New resource	The following resource was released: AWS::SystemsManagerSAP::Application. Use AWS::SystemsManagerSAP::Application to register an SAP application with AWS Systems Manager for SAP.	March 2, 2023
Updated resource	The following resource was updated: AWS::IoT::JobTemplate. AWS::IoT::JobTemplate The AWS::IoT::JobTemplate resource adds MaintenaceWindows, StartTime, and DurationInMinutes properties.	February 23, 2023
New resource	A new resource was added to Network Manager: AWS::NetworkManager::TransitGatewayRouteTableAttachment AWS::NetworkManager::TransitGatewayRouteTableAttachment. Use AWS::NetworkManager::TransitGatewayRouteTableAttachment to create a transit gateway route table attachment.	February 23, 2023
Updated resource	The following resource was updated: AWS::FMS::Policy. AWS::FMS::Policy Use the PolicyDescription property to establish default actions to take on a packet that doesn't match any stateful rules when using strict rule ordering. Use the ResourceSetIds property to configure the resources to include in a resource set.	February 17, 2023
New resource	The following resource was added: AWS::FMS::ResourceSet. AWS::FMS::ResourceSet Use the AWS::FMS::ResourceSet resource to import resources into your firewall policy from another AWS service.	February 17, 2023
New resource	The following resource was added: AWS::Organizations::ResourcePolicy. AWS::Organizations::ResourcePolicy Use the AWS::Organizations::ResourcePolicy resource to create or update a resource-based delegation policy that delegates policy management for AWS Organizations to specified member accounts to perform policy actions that are by default available only to the organization management account.	February 16, 2023
Updated resource	The following resource was updated: AWS::DataSync::LocationObjectStorage. AWS::DataSync::LocationObjectStorage Use the ServerCertificate property to specify a certificate for authenticating with an object storage system that uses a private or self-signed certificate authority (CA).	February 9, 2023
Updated resource	The following resource was added: AWS::SageMaker::Space. AWS::SageMaker::Space Use the AWS::SageMaker::Space resource to create a new shared space for use in a Domain.	February 9, 2023
Updated resource	The following resource was updated: AWS::SNS::Topic. AWS::SNS::Topic Use the TracingConfig property vend X-Ray segment data to a topic owner account. Only supported on standard topics.	February 8, 2023
New resources	The following resources were added: AWS::Omics::Workflow, AWS::Omics::RunGroup, AWS::Omics::AnnotationStore, AWS::Omics::ReferenceStore, AWS::Omics::VariantStore, and AWS::Omics::SequenceStore. WS::Omics::Workflow Use the AWS::Omics::Workflow resource to specify a workflow in Amazon Omics. AWS::Omics::RunGroup Use the AWS::Omics::RunGroup resource to specify a run group in Amazon Omics. AWS::Omics::ReferenceStore Use the AWS::Omics::ReferenceStore resource to specify a reference store in Amazon Omics. AWS::Omics::RunGroup Use the AWS::Omics::SequenceStore resource to specify a sequence store in Amazon Omics. AWS::Omics::ReferenceStore Use the AWS::Omics::ReferenceStore resource to specify a reference store in Amazon Omics. AWS::Omics::RunGroup Use the AWS::Omics::SequenceStore resource to specify a sequence store in Amazon Omics.	February 3, 2023
Updated resource	The following resources were updated: AWS::AppSync::DataSource AWS::AppSync::DataSource Use the EventBridgeConfig property to add custom events to your Amazon EventBridge bus.	February 2, 2023
Updated resource	The following resource was updated: AWS::DataSync::LocationS3. AWS::DataSync::LocationS3 Use the S3StorageClass property to specify the S3 Glacier Instant Retrieval storage class (GLACIER_INSTANT_RETRIEVAL) for data transferred to your S3 bucket.	February 2, 2023
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance Use CertificateDetails property for the details of the DB instance's server certificate.	February 2, 2023
Updated resource	The following resource was added: AWS::SageMaker::ModelCard. AWS::SageMaker::ModelCard Use the AWS::SageMaker::ModelCard resource to create an Amazon SageMaker Model Card.	February 2, 2023
New resources	The following new resources were added: AWS::CloudTrail::Channel and AWS::CloudTrail::ResourcePolicy AWS::CloudTrail::Channel Use the Channel resource to specify a channel for logging events from outside AWS in CloudTrail Lake. Channels are used by partner event sources, or your custom event sources, to send events to CloudTrail Lake. For more information, see Working with CloudTrail Lake in the AWS CloudTrail User Guide. AWS::CloudTrail::Channel.Channel Use the Channel property to specify the name and ARN of a channel that you use with integrations in CloudTrail Lake. For more information, see Working with CloudTrail Lake in the AWS CloudTrail User Guide. AWS::CloudTrail::Channel.Destination Use the Destination property to specify destination event data stores for events that arrive over a channel in CloudTrail Lake. For more information, see Working with CloudTrail Lake in the AWS CloudTrail User Guide. AWS::CloudTrail::ResourcePolicy Use the ResourcePolicy resource to attach a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of AWS. For more information about resource-based policies, see CloudTrail resource-based policy examples in the CloudTrail User Guide. AWS::CloudTrail::ResourcePolicy.ResourceArn Use the ResourceArn property to specify the Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN: arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel. AWS::CloudTrail::ResourcePolicy.ResourcePolicy Use the ResourcePolicy property to specify the JSON-formatted string that contains the resource-based policy to attach to the CloudTrail channel.	February 2, 2023
New resource	The following resource was added: AWS::Connect::IntegrationAssociation AWS::Connect::IntegrationAssociation Use the AWS::Connect::IntegrationAssociation resource to associate Lex bots (both v1 and v2) and Lambda functions with an instance.	February 2, 2023
New resource	The following resource was added: AWS::Connect::ApprovedOrigin AWS::Connect::ApprovedOrigin Use the AWS::Connect::ApprovedOrigin resource to associate Approved Origin with an instance.	February 2, 2023
New resource	The following resource was added: AWS::Connect::SecurityKey AWS::Connect::SecurityKey Use the AWS::Connect::SecurityKey resource to associate Security Key with an instance.	February 2, 2023
New resource	The following resource was added: AWS::SimSpaceWeaver::Simulation. AWS::SimSpaceWeaver::Simulation Use the AWS::SimSpaceWeaver::Simulation resource to specify a simulation in the AWS Cloud, in your AWS account.	February 2, 2023
Updated resource	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function Use the RuntimeManagementConfig to define how your function gets runtime version updates. Lambda releases new runtime versions that include security updates, bug fixes, and new features. You can now control when your functions get updated to the new runtime versions.	January 26, 2023
Updated resource	The following resource was updated: AWS::OpenSearchService::Domain. AWS::OpenSearchService::Domain Use the SAMLOptions property within AdvancedSecurityOptions to configure SAML authentication for the domain.	January 26, 2023
New resource	A new resource was added to Network Manager: AWS::NetworkManager::TransitGatewayPeering AWS::NetworkManager::TransitGatewayPeering. Use AWS::NetworkManager::TransitGatewayPeering to create a transit gateway peering.	January 26, 2023
Updated resource	The following resource was updated: AWS::KendraRanking::ExecutionPlan AWS::KendraRanking::ExecutionPlan Create a rescore execution plan, which is an Amazon Kendra Intelligent Ranking resource used for provisioning the Rescore API. Amazon Kendra Intelligent Ranking rescores or re-ranks a search service's results using semantic search.	January 20, 2023
Updated resource	The following resource was updated: AWS::CloudWatch::MetricStream. AWS::CloudWatch::MetricStream In the MetricStream resource, use IncludeLinkedAccountsMetrics to specify whether the metric stream should metric streams from source accounts, if the metric stream is created in a monitoring account.	January 19, 2023
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping Use the ScalingConfig property to specify a scaling configuration for an Amazon SQS event source.	January 19, 2023
Updated resource	The following resource was updated: AWS::AuditManager::Assessment AWS::AuditManager::Assessment Use the Delegations property to specify a delegation for an assessment.	January 12, 2023
Updated resource	The following resource was updated: AWS::RDS::DBCluster AWS::RDS::DBCluster The ManageMasterUserPassword property indicates whether to manage the master user password with AWS Secrets Manager. The MasterUserSecret property 4has the secret managed by RDS in AWS Secrets Manager for the master user password.	January 12, 2023
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance The ManageMasterUserPassword property indicates whether to manage the master user password with AWS Secrets Manager. The MasterUserSecret property 4has the secret managed by RDS in AWS Secrets Manager for the master user password.	January 12, 2023
Updated resource	The following resource was updated: AWS::CloudFront::ResponseHeadersPolicy. AWS::CloudFront::ResponseHeadersPolicy In the ResponseHeadersPolicyConfig use the RemoveHeadersConfig to specify a list of headers that CloudFront removes from HTTP responses that it sends to viewers. For more information, see Adding or removing response headers in the Amazon CloudFront Developer Guide.	January 5, 2023
Updated resource	The following resource was updated: AWS::MWAA::Environment AirflowVersion The AirflowVersion property has been updated to include a new valid value for Apache Airflow version 2.4.3.	January 5, 2023
Updated resource	The following resource was updated: AWS::AppRunner::Service AWS::AppRunner::Service.ImageConfiguration.RuntimeEnvironmentSecrets New property. To add runtime environment variables as secrets in Image Configuration in App Runner service.	December 30, 2022
Updated resource	The following resource was updated: AWS::AppRunner::Service AWS::AppRunner::Service.CodeConfigurationValues.RuntimeEnvironmentSecrets New property. To add runtime environment variables as secrets in Code Configuration values in App Runner service.	December 30, 2022
Updated resource	The following property type was updated: AWS::Lex::Bot. AWS::Lex::Bot Use the AllowedInputTypes property to specify the allowed input types. Use the AudioSpecification property to specify the audio input specifications. Use the AudioAndDTMFInputSpecification property to specify the audio and DTMF input specification. Use the Condition property to provide an expression that evaluates to true or false. Use the ConditionalBranch property to configure a set of actions that Amazon Lex should run if the condition is matched. Use the ConditionalSpecification property to provide a list of conditional branches. Use the DefaultConditionalBranch property to configure a set of actions that Amazon Lex should run if none of the other conditions are met. Use the DialogAction property to define the action that the bot executes at runtime. Use the DialogCodeHookInvocationSetting property to specify the dialog code hook that is called by Amazon Lex at a step of the conversation. Use the DialogState property to configure the current state of the conversation with the user. Use the DTMFSpecification property to specify the DTMF input specifications. Use the ElicitationCodeHookInvocationSetting property to specify the dialog code hook that is called by Amazon Lex between eliciting slot values. Use the InitialResponseSetting property to configure settings for a response sent to the user before Amazon Lex starts eliciting slots. Use the Intent property to configure how Amazon Lex handles intents. Use the IntentClosingSetting property to configure the statement that Amazon Lex conveys to the user when the intent is successfully fulfilled. Use the IntentConfirmationSetting property to provide a prompt for making sure that the user is ready for the intent to be fulfilled. Use the IntentOverride property to override settings to configure the intent state. Use the PostDialogCodeHookInvocationSpecification property to specify next steps to run after the dialog code hook finishes. Use the PostFulfillmentStatusSpecification property to configure the settings of the post-fulfillment response that is sent to the user. Use the PromptAttemptSpecification property to specify the settings on a prompt attempt. Use the PromptSpecification property to specify a list of message groups that Amazon Lex sends to a user to elicit a response. Use the SessionAttribute property to specify session-specific context information. Use the SlotCaptureSetting property to configure the settings that are used when Amazon Lex successfully captures a slot value from a user. Use the SlotValue property to set values in a slot. Use the SlotValueElicitationSetting property to specify the settings for eliciting a slot value. Use the SlotValueOverride property to set slot values in a dialog step. Use the SlotValueOverrideMap property to map slot names to a SlotValueOVerride object. Use the TextInputSpecification property to specify the text input specifications. Use the VoiceSettings property to specify the Amazon Polly voice used for audio interaction with the user.	December 30, 2022
Updated resource	The following resource was updated: AWS::FSx::Filesystem AWS::FSx::Filesystem The AWS::FSx::FileSystem resource returns a file system's Amazon Resource Name (ARN).	December 29, 2022
Updated resource	The following resource was updated: AWS::FSx::Volume AWS::FSx::Volume Use the CopyTagsToBackups AWS::FSx::Volume OntapConfiguration property to specify whether an ONTAP volume's tags get copied to backups.	December 29, 2022
Updated resource	The following resource was updated: AWS::FSx::Volume AWS::FSx::Volume Use the OntapVolumeType AWS::FSx::Volume OntapConfiguration property to specify the type of ONTAP volume to create.	December 29, 2022
Updated resource	The following resource was updated: AWS::FSx::Volume AWS::FSx::Volume Use the SnapshotPolicy AWS::FSx::Volume OntapConfiguration property to specify the snapshot policy for the volume you are creating.	December 29, 2022
Updated resources	The following resources were updated: AWS::NetworkFirewall::FirewallPolicy and AWS::NetworkFirewall::RuleGroup AWS::NetworkFirewall::FirewallPolicy Use the StatefulDefaultActions property to establish default actions to take on a packet that doesn't match any stateful rules when using strict rule ordering. Use the StatefulEngineOptions property to govern how Network Firewall handles stateful rules. AWS::NetworkFirewall::RuleGroup The StatefulRuleGroupReference property now includes Priority and StatefulRuleGroupOverride fields. Use the StatefulRuleOptions property to govern how Network Firewall handles stateful rules. Use the ReferenceSets property to configure IP set references for your stateful rules.	December 22, 2022
Updated resource	The following resource was updated: AWS::Grafana::Workspace. AWS::Grafana::Workspace Use the vpcConfiguration property of the AWS::Grafana::Workspace resource to configure a connection to a private VPC from your Amazon Managed Grafana workspace.	December 22, 2022
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance The Endpoint property specifies the connection endpoint. The DBSystemId return value is the Oracle system ID (Oracle SID) for a container database (CDB).	December 22, 2022
Updated resource	The following resource was added: AWS::SageMaker::Project. AWS::SageMaker::FeatureGroup Use the AWS::SageMaker::FeatureGroup resource to create a new feature group using either an Apache Iceberg or Glue table format.	December 22, 2022
Updated resources	The following resources were updated: AWS::M2::Application and AWS::M2::Environment. AWS::M2::Application Use the KmsKeyId property to specify a customer managed key. AWS::M2::Environment Use the KmsKeyId property to specify a customer managed key.	December 15, 2022
Updated resources	The following resources were updated: AWS::RefactorSpaces::Application, AWS::RefactorSpaces::Environment, AWS::RefactorSpaces::Route, AWS::RefactorSpaces::Service. AWS::RefactorSpaces::Application The EnvironmentIdentifier property was changed to Required: Yes. The Name property was changed to Required: Yes. The ProxyType property was changed to Required: Yes. The VpcId property was changed to Required: Yes. AWS::RefactorSpaces::Environment The Name property was changed to Required: Yes. The NetworkFabricType property was changed to Required: Yes. AWS::RefactorSpaces::Route The RouteType property was changed to Required: Yes. In the DefaultRouteInput property type, the ActivationState property was changed to Required: No. In the UriPathRouteInput property type, the SourcePath property was changed to Required: Yes. AWS::RefactorSpaces::Service The Name property was changed to Required: Yes. In the LambdaEndpointInput property type, the Arn property description was updated.	December 15, 2022
Updated resource	The following resource was updated: AWS::SSMIncidents::AWS::SSMIncidents::ReplicationSet AWS::SSMIncidents::ReplicationSet Use the Tags resource to add a list of tags to the replication set.	December 15, 2022
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance Use the DBClusterSnapshotIdentifier property as the identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from. Use the RestoreTime property to specify the date and time to restore from. Use the SourceDbiResourceId property to specify the resource ID of the source DB instance from which to restore. Use the SourceDBInstanceAutomatedBackupsArn property to specify the Amazon Resource Name (ARN) of the replicated automated backups from which to restore. Use the UseLatestRestorableTime property to specify a value that indicates whether the DB instance is restored from the latest backup time.	December 15, 2022
Updated resource	The following resource was updated: AWS::RDS::DBCluster AWS::RDS::DBCluster Use the SecondsBeforeTimeout value in ScalingConfiguration property syntax to define the amount of time (seconds) that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The DBSystemId property is reserved for future use.	December 15, 2022
New resource	The following resources were added: AWS::DocDBElastic::Cluster. AWS::DocDBElastic::Cluster Use the AWS::DocDBElastic::Cluster resource to create an elastic cluster in the Amazon DocumentDB database service.	December 15, 2022
New resources	A property was added to VpcOptions in Network Manager: AWS::NetworkManager::VpcAttachment VpcOptions AWS::NetworkManager::VpcAttachment VpcOptions You can enable or disable appliance mode for VPC attachments in VpcOptions by using the ApplianceModeSupport Boolean.	December 14, 2022
New resource	The following resource was added: AWS::Connect::Rule AWS::Connect::Rule Use the AWS::Connect::Rule resource to create an instance.	December 12, 2022
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL Use the ChallengeConfig property to configure request evaluations for rules that use the Challenge action. Use the TokenDomains property to specify additional domains to accept in web request tokens. Use the RuleActionOverride property in rule group reference statements to override individual rule actions to any valid action. This replaces the ExcludedRule property, which only allows override to Count. Use the AWSManagedRulesBotControlRuleSet property to configure your use of the Bot Control managed rule group in a managed rule group reference statement. AWS::WAFv2::RuleGroup Use the ChallengeConfig property to configure request evaluations for rules that use the Challenge action.	December 8, 2022
New resources	The following resources were added: AWS::Grafana::Workspace. AWS::Grafana::Workspace Use the AWS::Grafana::Workspace resource to create an Amazon Managed Grafana workspace in your AWS account. An Amazon Managed Grafana workspace allows you to view and monitor metrics and alerts for your system.	December 8, 2022
New resource	The following resources were added: AWS::OpenSearchServerless::AccessPolicy, AWS::OpenSearchServerless::Collection, AWS::OpenSearchServerless::SecurityConfig, AWS::OpenSearchServerless::SecurityPolicy, AWS::OpenSearchServerless::VpcEndpoint. AWS::OpenSearchServerless::AccessPolicy Use the AWS::OpenSearchServerless::AccessPolicy resource to create data access policies for Amazon OpenSearch Serverless. AWS::OpenSearchServerless::Collection Use the AWS::OpenSearchServerless::Collection resource to create collections in Amazon OpenSearch Serverless. AWS::OpenSearchServerless::SecurityConfig Use the AWS::OpenSearchServerless::SecurityConfig resource to specify SAML providers for Amazon OpenSearch Serverless. AWS::OpenSearchServerless::SecurityPolicy Use the AWS::OpenSearchServerless::SecurityPolicy resource to specify network and encryption policies for Amazon OpenSearch Serverless. AWS::OpenSearchServerless::VpcEndpoint Use the AWS::OpenSearchServerless::VpcEndpoint resource to specify Amazon OpenSearch Serverless-managed VPC endpoints.	December 8, 2022
New resources	The following resource was added: AWS::IoTTwinMaker::SyncJob. AWS::IoTTwinMaker::SyncJob Use the AWS::IoTTwinMaker::SyncJob respurce to create a new sync job request.	December 6, 2022
Updated resources	The following resources were updated: AWS::ECS::TaskDefinition. AWS::ECS::TaskDefinition PortMappings Use the Name property to specify the port mapping name. Use the AppProtocol property to specify the port mapping's application protocol.	December 2, 2022
Updated resource	The following resource was updated: AWS::Logs::LogGroup. AWS::Logs::LogGroup The AWS::Logs::LogGroup resource now supports the DataProtectionPolicy parameter, to support the masking of sensitive data in log events in the log group. For more information, see Protect sensitive log data with masking.	December 2, 2022
Updated resource	The following resource was updated: AWS::SSMIncidents::ResponsePlan AWS::SSMIncidents::ResponsePlan Use the Integration resource to specify information about third-party services integrated into the response plan, such as PagerDuty. Use the PagerDuty resource to provide details about the PagerDuty configuration for a response plan.	December 2, 2022
Updated resource	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function Use the SnapStart property to specify the function's AWS Lambda SnapStart setting. SnapStart creates a snapshot of the initialized execution environment when you publish a function version.	December 2, 2022
New resources	The following resources were added: AWS::ECS::Cluster ServiceConnectDefaults, AWS::ECS::Service ServiceConnectClientAlias, and AWS::ECS::Service ServiceConnectConfiguration. AWS::ECS::Cluster ServiceConnectDefaults Use the AWS::ECS::Cluster ServiceConnectDefaults resource to specify a default Service Connect namespace for new services in the cluster. AWS::ECS::Service ServiceConnectClientAlias Use the AWS::ECS::Service ServiceConnectClientAlias resource to specify an endpoint in the Service Connect configuration for the service. AWS::ECS::Service ServiceConnectConfiguration Use the AWS::ECS::Service ServiceConnectConfiguration resource to specify the Service Connect configuration for the service.	December 2, 2022
New resources	The following resources were added: AWS::Pipes::Pipe. AWS::Pipes::Pipe Use the AWS::Pipes::Pipe resource to specify a new Amazon EventBridge Pipes pipe.	December 2, 2022
New resource	The following resource was added: AWS::EC2::NetworkPerformanceMetricSubscription. AWS::EC2::NetworkPerformanceMetricSubscription Returns a list of Infrastructure Performance subscriptions for AWS CloudWatch.	December 2, 2022
New resource	The following resource was added: AWS::IoT::TopicRule RepublishActionHeaders. AWS::IoT::TopicRule RepublishActionHeaders Use AWS::IoT::TopicRule RepublishActionHeaders to specify MQTT Version 5.0 headers information.	December 2, 2022
Updated resource	The following resource was updated: AWS::S3::AccessPoint. AWS::S3::AccessPoint Use AWS::S3::AccessPoint BucketAccountId to specify which AWS account is associated with the S3 bucket associated with an access point.	November 30, 2022
Updated resources	The following properties were added: AWS::IoTTwinMaker::ComponentType.PropertyGroups, and Entity.PropertyGroup. AWS::IoTTwinMaker::ComponentType.PropertyGroups Use the AWS::IoTTwinMaker::ComponentType.PropertyGroups property to declare a ComponentType propertyGroup. Entity.PropertyGroup Use the AWS::IoTTwinMaker::Entity.PropertyGroup to declare an entity PropertyGroup.	November 17, 2022
Updated resources	The following resources were updated: AWS::Amplify::App and AWS::Amplify::Branch AWS::Amplify::App Use the Platform property to specify the platform type for the Amplify app. AWS::Amplify::Branch Use the Framework property to specify the framework for the Amplify app.	November 17, 2022
Updated resource	The following resources were updated: AWS::AppSync::Resolver and AWS::AppSync::FunctionConfiguration AWS::AppSync::Resolver Use the Code property to specify the request and response functions. AWS::AppSync::Resolver Use the Runtime property to specify the runtime type to be used with a pipeline resolver or function AWS::AppSync::Resolver Use the AppSyncRuntime to specify the name and version of your runtime property. AWS::AppSync::FunctionConfiguration Use the Code property to specify the request and response functions. AWS::AppSync::FunctionConfiguration Use the Runtime property to specify the runtime type to be used with a pipeline resolver or function AWS::AppSync::FunctionConfiguration Use the AppSyncRuntime to specify the name and version of your runtime property.	November 17, 2022
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the DistributionConfig use the ContinuousDeploymentPolicyId to specify a continuous deployment policy to associate with the distribution. For more information, see Using CloudFront continuous deployment to safely test CDN configuration changes in the Amazon CloudFront Developer Guide.	November 17, 2022
Updated resource	The following resource was updated: AWS::CloudTrail::EventDataStore AWS::CloudTrail::EventDataStore Use the KmsKeyId property to specify the AWS KMS key ID to use to encrypt the events delivered by CloudTrail.	November 17, 2022
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup InstanceRequirements Use the AllowedInstanceTypes and NetworkBandwidthGbpsRequest properties when using attribute-based instance type selection.	November 17, 2022
Updated resource	The following resource was updated: AWS::IVS::RecordingConfiguration AWS::IVS::RecordingConfiguration Use the RecordingReconnectWindowSeconds property to control when multiple streams from the same broadcast are merged together.	November 17, 2022
Updated resource	The following resource was updated: AWS::S3::StorageLens. AWS::S3::StorageLens AdvancedCostOptimizationMetrics Use AWS::S3::StorageLens AdvancedCostOptimizationMetrics to enable advanced cost optimization metrics for S3 Storage Lens. AWS::S3::StorageLens AdvancedDataProtectionMetrics Use AWS::S3::StorageLens AdvancedDataProtectionMetrics to enable advanced data protection metrics for S3 Storage Lens. AWS::S3::StorageLens DetailedStatusCodesMetrics Use AWS::S3::StorageLens DetailedStatusCodesMetrics to enable detailed status code metrics for S3 Storage Lens.	November 17, 2022
New resources	The following resources were added: AWS::Organizations::Account, AWS::Organizations::OrganizationalUnit, and AWS::Organizations::Policy. AWS::Organizations::Account Use the AWS::Organizations::Account resource to create an AWS account that is automatically a member of the organization whose credentials made the request. AWS::Organizations::OrganizationalUnit Use the AWS::Organizations::OrganizationalUnit resource to create an organizational unit (OU) within a root or parent OU in AWS Organizations. AWS::Organizations::Policy Use the AWS::Organizations::Policy resource to create a policy of a specified type that you can attach to a root, an organizational unit (OU), or an individual AWS account in AWS Organizations.	November 17, 2022
New resource	The following resource was added: AWS::EMRServerless::Application:Architecture. AWS::EMRServerless::Application:Architecture Use the AWS::EMRServerless::Application:Architecture resource to specify the CPU architecture type of the application.	November 17, 2022
New Resource	The following resource was added: AWS::CloudFront::ContinuousDeploymentPolicy. AWS::CloudFront::ContinuousDeploymentPolicy Use the AWS::CloudFront::ContinuousDeploymentPolicy resource in a CloudFront continuous deployment workflow. For more information, see Using CloudFront continuous deployment to safely test CDN configuration changes in the Amazon CloudFront Developer Guide.	November 17, 2022
New property	The following property was added: AWS::GreengrassV2::Deployment.ParentTargetArn. AWS::GreengrassV2::Deployment Use the AWS::GreengrassV2::Deployment.ParentTargetArn property to set the parent deployment of a subdeployment.	November 15, 2022
New resources for Amazon EventBridge Scheduler	The following resources were added: AWS::Scheduler::Schedule, AWS::Scheduler::ScheduleGroups. AWS::Scheduler::Schedule Use the Schedule resource to create a new schedule. AWS::Scheduler::ScheduleGroups Use the Schedule resource to create a new schedule group to tag and organize your schedules.	November 11, 2022
Updated resources	The following resources were updated: AWS::AppStream::DirectoryConfig AWS::AppStream::DirectoryConfig RSS Use the CertificateBasedAuthProperties property to specify the certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances.	November 10, 2022
Updated resources	The following resources were updated: AWS::Batch::ComputeEnvironment and AWS::Batch::JobDefinition AWS::Batch::ComputeEnvironment Use the EksConfiguration property to specify the details for the EKS cluster that supports the compute environment. AWS::Batch::JobDefinition Use the EksProperty property to specify properties for Amazon EKS based jobs.	November 10, 2022
Updated resources	The following resources were updated: AWS::EC2::SpotFleet, AWS::EC2::EC2Fleet, and AWS::EC2::LaunchTemplate. AWS::EC2::SpotFleet InstanceRequirementsRequest Use the AllowedInstanceTypes and NetworkBandwidthGbps properties when using attribute-based instance type selection. AWS::EC2::EC2Fleet InstanceRequirementsRequest Use the AllowedInstanceTypes and NetworkBandwidthGbps properties when using attribute-based instance type selection. AWS::EC2::LaunchTemplate InstanceRequirements Use the AllowedInstanceTypes and NetworkBandwidthGbps properties when using attribute-based instance type selection.	November 10, 2022
Updated resources	The following resource was updated: AWS::EC2::LaunchTemplate. AWS::EC2::LaunchTemplate MaintenanceOptions Use the AutoRecovery property to disable the automatic recovery of your instance or set it to default. AWS::EC2::LaunchTemplate Placement Use the GroupId property to launch an instance in a shared placement group.	November 10, 2022
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup MixedInstancesPolicy Use the SpotAllocationStrategy property to specify price-capacity-optimized as the allocation strategy for your Spot capacity.	November 10, 2022
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance Use the StorageThroughput property to specify the storage throughput value for the DB instance. This setting is applicable only for gp3 storage type.	November 10, 2022
New resources	The following resources were added: AWS::MemoryDB::Cluster.DataTiering AWS::MemoryDB::Cluster.DataTiering The data-tiering-enabled parameter enables data tiering. Data tiering is only supported for clusters using the r6gd node type. For more information, see Data tiering.	November 10, 2022
Launch of Resource Explorer	Initially added the resources for AWS Resource Explorer. AWS::ResourceExplorer2::Index Use the AWS::ResourceExplorer2::Index resource to turn on Resource Explorer in an AWS Region by creating an index. AWS::ResourceExplorer2::View Use the AWS::ResourceExplorer2::View resource to create a view that your users can use to search. AWS::ResourceExplorer2::DefaultViewAssociation Use the AWS::ResourceExplorer2::DefaultViewAssociation resource to designate a view as the default for its AWS Region in the account.	November 7, 2022
Updated resource	The following resource was updated: AWS::RDS::DBCluster AWS::RDS::DBCluster Use the TimeoutAction value in ScalingConfiguration property syntax to define the action to take when the timeout is reached. The DBClusterArn return value is the Amazon Resource Name (ARN) for the DB cluster. The DBClusterResourceId return value is the AWS Region-unique, immutable identifier for the DB cluster.	November 3, 2022
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance Use the ReplicaMode property to define the open mode of an Oracle read replica. The DBInstanceArn return value is the Amazon Resource Name (ARN) for the your instance. The DbiResourceId return value is the AWS Region-unique, immutable identifier for the DB instance.	November 3, 2022
Updated resource	The following resource was updated: AWS::RDS::DBClusterParameterGroup AWS::RDS::DBClusterParameterGroup Use the DBClusterParameterGroupName property to specify the name of the DB cluster parameter group.	November 3, 2022
Updated resource	The following resource was updated: AWS::RDS::OptionGroup AWS::RDS::OptionGroup Use the OptionGroupName property to specify the name of the new option group.	November 3, 2022
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBParameterGroup Use the DBParameterGroupName property to specify the name of the DB parameter group.	November 3, 2022
New resource	The following resource and properties were added: AWS::SES::VdmAttributes, AWS::SES::ConfigurationSet VdmOptions . AWS::SES::VdmAttributes Use the VdmAttributes resource to specify the Virtual Deliverability Manager (VDM) attributes that apply to your Amazon SES account. AWS::SES::ConfigurationSet VdmOptions Use the VdmOptions property to specify the VDM properties that apply to a configuration set.	November 3, 2022
New resource	The following resource was added: AWS::SupportApp::SlackWorkspaceConfiguration. AWS::SupportApp::SlackWorkspaceConfiguration Use the AWS::SupportApp::SlackWorkspaceConfiguration resource to specify your configuration for the AWS Support App in Slack.	November 3, 2022
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup Use the DefaultInstanceWarmup property to unify all the warm-up and cooldown settings for an Auto Scaling group and optimize the performance of scaling policies that scale continuously, such as target tracking and step scaling policies.	November 2, 2022
Updated resource	The following resource was updated: AWS::AppRunner::Service AWS::AppRunner::Service.IngressConfiguration New property. The ingress configuration of the App Runner service.	October 31, 2022
New resource	The following resource was added: AWS::AppRunner::VpcIngressConnection AWS::AppRunner::VpcIngressConnection Use the AWS::AppRunner::VpcIngressConnection resource to create or update an AWS App Runner VPC Ingress Connection.	October 31, 2022
New resource	The following resource was added: AWS::IoT::TopicRule LocationAction. AWS::IoT::TopicRule LocationAction The AWS::IoT::TopicRule LocationAction resource to specify a Location Action.	October 31, 2022
Updated resource	The following resource was updated: AWS::Connect::User UserIdentityInfo AWS::Connect::User UserIdentityInfo Use the Mobile property to specify the user's mobile number. Use the SecondaryEmail property to specify the user's secondary email address.	October 27, 2022
Updated resource	The following resource was updated: AWS::RUM::AppMonitor. AWS::RUM::AppMonitor The MetricDestination and MetricDefinition properties were added to the AWS::RUM::AppMonitor resource to support Amazon CloudWatch extended metrics. For more information, see Custom metrics and extended metrics that you can send to CloudWatch and CloudWatch Evidently.	October 27, 2022
Updated resource	The following resource was updated: AWS::Cognito::UserPoolClient AWS::Cognito::UserPool The DeletionProtection property of a user pool prevents accidental deletion of user pools.	October 24, 2022
Updated resource	The following property was added to the AWS::SES::DedicatedIpPool resource: AWS::SES::DedicatedIpPool Use the ScalingMode property to specify the scaling mode of a dedicated IP pool.	October 20, 2022
New resource	The following new resource was added: AWS::FSx::DataRepositoryAssociation AWS::FSx::DataRepositoryAssociation Use the DataRepositoryAssociation resource to link an FSx for Lustre file system to an Amazon S3 data repository.	October 20, 2022
Updated resource	The following resource was updated: AWS::RDS::DBCluster AWS::RDS::DBCluster Use the Domain property to specify the directory ID of the Active Directory to create the DB cluster. Use the DomainIAMRoleName property to specify the name of the IAM role to use when making API calls to the Directory Service. Use the NetworkType property to indicate the network type of the DB cluster. The following properties now supported for Multi-AZ DB clusters: AllocatedStorage, AutoMinorVersionUpgrade, BackupRetentionPeriod, CopyTagsToSnapshot, DatabaseName, DBClusterIdentifier, DBClusterInstanceClass, DBClusterParameterGroupName, DBSubnetGroupName, DeletionProtection, EnableCloudwatchLogsExports, Engine, EngineVersion, Iops, KmsKeyId, MasterUsername, MasterUserPassword, MonitoringInterval, MonitoringRoleArn, PerformanceInsightsEnabled, PerformanceInsightsKmsKeyId, PerformanceInsightsRetentionPeriod, Port, PreferredBackupWindow, PreferredMaintenanceWindow, PubliclyAccessible, StorageEncrypted, StorageType, Tags, and VpcSecurityGroupIds	October 13, 2022
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance Use the NetworkType property to indicate the network type of the DB cluster.	October 13, 2022
Updated resource	The following resource was updated: AWS::Connect::PhoneNumber AWS::Connect::PhoneNumber Use the AWS::Connect::PhoneNumber resource to claim a phone number to an Amazon Connect instance or traffic distribution group.	October 10, 2022
New resource	The following resources were added: AWS::GreengrassV2::Deployment. AWS::GreengrassV2::Deployment Use the AWS::GreengrassV2::Deployment resource to create a new deployment to your core devices in AWS IoT Greengrass.	October 6, 2022
New and updated resources	The following resources were added: AWS::Transfer::Agreement, AWS::Transfer::Connector, AWS::Transfer::Certificate, and AWS::Transfer::Profile. The following resource was updated: AWS::Transfer::Server WorkflowDetails AWS::Transfer::Agreement Use the Agreement resource to specify an agreement between trading partners in AWS Transfer Family. AWS::Transfer::Certificate Use the Certificate resource to import signing and encryption certificates for AS2 in AWS Transfer Family. AWS::Transfer::Connector Use the Connector resource to create an entity that captures the parameters for an outbound AS2 connection in AWS Transfer Family. AWS::Transfer::Profile Use the Profile resource to specify local and partner profiles for servers in AWS Transfer Family that use the AS2 protocol. AWS::Transfer::Server WorkflowDetails Use the OnPartialUpload parameter to trigger a workflow in the case a transfer is interrupted and does not complete.	October 6, 2022
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key If you change the value of an immutable property of an existing AWS::KMS::Key resource, the request to update the resource fails. Previously, changing the value of an immutable property caused the existing AWS::KMS::Key to be deleted and replaced. This change does not affect the AWS::KMS::Alias or AWS::KMS::ReplicaKey resources. If you change an immutable property of these resources, the resource is deleted and replaced.	September 30, 2022
Updated resource	The following resource was updated: AWS::RDS::DBCluster AWS::RDS::DBCluster Use the ServerlessV2ScalingConfiguration property to specify the scaling configuration of an Aurora Serverless V2 DB cluster. The DBClusterResourceId return value is the AWS Region-unique, immutable identifier for the DB cluster. Use the DBInstanceParameterGroupName property to specify the name of the DB parameter group to apply to all instances of the DB cluster.	September 29, 2022
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance Use the NcharCharacterSetName property to specify the name of the NCHAR character set for the Oracle DB instance. Use the CustomIAMInstanceProfile property to specify the instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.	September 29, 2022
New resources	The following resources were added: AWS::IdentityStore::Group and AWS::IdentityStore::GroupMembership. AWS::IdentityStore::Group Use the AWS::IdentityStore::Group resource to manage groups in an identity store. AWS::IdentityStore::GroupMembership Use the AWS::IdentityStore::GroupMembership resource to manage group membership in an identity store.	September 29, 2022
New resource	The following resource was added: AWS::CloudFront::MonitoringSubscription. AWS::CloudFront::MonitoringSubscription Use the AWS::CloudFront::MonitoringSubscription resource to enable additional CloudWatch metrics for the specified Amazon CloudFront distribution. For more information, see Viewing additional CloudFront distribution metrics in the Amazon CloudFront Developer Guide.	September 29, 2022
Updated resource	The following resource was updated: AWS::IoT::CACertificate. AWS::IoT::CACertificate The AWS::IoT::CACertificate resource adds RemoveAutoRegistration property.	September 22, 2022
New resource	The following resource was added: AWS::IoTFleetWise::Campaign AWS::IoTFleetWise::Campaign Use the AWS::IoTFleetWise::Campaign resource to specify a campaign in .	September 22, 2022
New resource	The following resource was added: AWS::IoTFleetWise::DecoderManifest AWS::IoTFleetWise::DecoderManifest Use the AWS::IoTFleetWise::DecoderManifest resource to specify a decoder manifest in .	September 22, 2022
New resource	The following resource was added: AWS::IoTFleetWise::Fleet AWS::IoTFleetWise::Fleet Use the AWS::IoTFleetWise::Fleet resource to specify a fleet in .	September 22, 2022
New resource	The following resource was added: AWS::IoTFleetWise::ModelManifest AWS::IoTFleetWise::ModelManifest Use the AWS::IoTFleetWise::ModelManifest resource to specify a model manifest in .	September 22, 2022
New resource	The following resource was added: AWS::IoTFleetWise::SignalCatalog AWS::IoTFleetWise::SignalCatalog Use the AWS::IoTFleetWise::SignalCatalog resource to specify a signal catalog in .	September 22, 2022
New resource	The following resource was added: AWS::IoTFleetWise::Vehicle AWS::IoTFleetWise::Vehicle Use the AWS::IoTFleetWise::Vehicle resource to specify a vehicle in .	September 22, 2022
Updated resource	The following resource was updated: AWS::Cognito::UserPoolClient AWS::Cognito::UserPoolClient The AuthSessionValidity property of a user pool client makes it possible to increase the duration of a prompt for authentication input like a password or MFA code.	September 15, 2022
Updated resource	The following property was updated: AWS::EKS::Cluster AWS::EKS::Cluster Use the OutpostConfig property to specify the configuration of your local Amazon EKS cluster on an Outpost.	September 15, 2022
New resource	A new parameter was added to the AWS::Evidently::Project. Evidently resource type reference The AppConfigResource property was added to the AWS::Evidently::Project resource to enable you to use Client-side evaluation - powered by AWS AppConfig in your projects. For more information, see Use client-side evaluation - powered by AWS AppConfig.	September 15, 2022
Updated resources	The following resource was updated: AWS::EC2::LaunchTemplate. AWS::EC2::LaunchTemplate A description for the first version of the launch template.	September 8, 2022
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Add full AWS::KMS::Key support to Middle East (UAE) Region (me-central-1), including support for using a CloudFormation template to create and manage asymmetric KMS keys and multi-Region KMS keys (primary or replica).	September 8, 2022
Updated resource	The following resource was updated: AWS::OpenSearchService::Domain. AWS::OpenSearchService::Domain Use the Throughput property to specify the throughput of the EBS volumes attached to data nodes. This propertly applies only to the gp3 volume type.	September 8, 2022
Updated resource	The following resource was updated: AWS::SNS::Topic. AWS::SNS::Topic Use the DataProtectionPolicy property to attach a DataProtectionPolicy to an SNS topic.	September 8, 2022
New resource	The following resource was added: AWS::CloudFront::OriginAccessControl. AWS::CloudFront::OriginAccessControl Use the AWS::CloudFront::OriginAccessControl resource to create a new origin access control in Amazon CloudFront. For more information, see Restricting access to an Amazon S3 origin in the Amazon CloudFront Developer Guide.	September 8, 2022
New resource	The following resource was added: AWS::Connect::InstanceStorageConfig AWS::Connect::InstanceStorageConfig Use the AWS::Connect::InstanceStorageConfig resource to configure instance storage.	September 1, 2022
New resource	The following resource was added: AWS::ControlTower::EnabledControl. AWS::ControlTower::EnabledControl Use the AWS::ControlTower::EnabledControl resource to specify an asynchronous operation that manages a control.	September 1, 2022
New resource	The following resource was added: AWS::Macie::AllowList. AWS::Macie::AllowList Use the AWS::Macie::AllowList resource to specify text or a text pattern for Amazon Macie to ignore when it inspects data sources for sensitive data.	September 1, 2022
Updated resources	The following resources were updated: AWS::AppMesh::VirtualNode, AWS::AppMesh::VirtualGateway, AWS::AppMesh::GatewayRoute and AWS::AppMesh::Route AWS::AppMesh::VirtualNode Use the Format property to represent the specified format for the logs. The format is either json_format or text_format. Use the JsonFormatRef resource to represent object that represents the key value pairs for the JSON. Use the LoggingFormat resource to represent object that represents the format for the logs. AWS::AppMesh::VirtualGateway Use the VirtualGatewayFileAccessLogFormat property to represent the specified format for the logs. The format is either json_format or text_format. Use the JsonFormatRef resource to represent object that represents the key value pairs for the JSON. Use the LoggingFormat resource to represent object that represents the format for the logs. AWS::AppMesh::GatewayRoute Use the Port property to represent the port number of the gateway route target. AWS::AppMesh::Route Use the Port property to represent the port number of the gateway route target. Use the Port property to represent an object that is the criteria for determining a request match. Use the TcpRouteMatch resource to represent an object that is the TCP route to match.	August 25, 2022
Updated resource	The following resource was updated: AWS::MediaPackage::OriginEndpoint. AWS::MediaPackage::OriginEndpoint.> Use the DVB_DASH_2014 property to select the DVB_DASH_2014 profile for the output.	August 25, 2022
New resource	The following resource was added: AWS::Connect::Instance AWS::Connect::Instance Use the AWS::Connect::Instance resource to create an instance.	August 25, 2022
New resource	The following resource was added: AWS::SupportApp::SlackChannelConfiguration. AWS::SupportApp::SlackChannelConfiguration Use the AWS::SupportApp::SlackChannelConfiguration resource to specify your configuration for the AWS Support App in Slack.	August 25, 2022
New resource	The following resource was added: AWS::SupportApp::AccountAlias. AWS::SupportApp::AccountAlias Use the AWS::SupportApp::AccountAlias resource to specify your alias name. You can use this alias to identify your AWS account in the AWS Support App.	August 25, 2022
Fn::ToJsonString intrinsic function	The Fn::ToJsonString intrinsic function converts an object or array to its corresponding JSON string. For more information, see Fn::ToJsonString.	August 24, 2022
Fn::Length intrinsic function	The Fn::Length intrinsic function returns the number of elements within an array or an intrinsic function that returns an array. For more information, see Fn::Length.	August 24, 2022
AWS::LanguageExtensions transform	The AWS::LanguageExtensions transform is a macro hosted by AWS CloudFormation that lets you use intrinsic functions and other functionalities not included by default in AWS CloudFormation. For more information, see AWS::LanguageExtensions transform.	August 24, 2022
Updated resources	The following resource was updated: AWS::WAFv2::WebACLAssociation. AWS::WAFv2::WebACLAssociation The ResourceArn property now accepts AWS::Cognito::UserPool ARNs.	August 23, 2022
Updated resource	The following resource was updated: AWS::FMS::Policy. AWS::FMS::Policy The AWS::FMS::Policy resource now allows you to manage third-party firewalls, as well as AWS Network Firewall policies that use centralized or distributed deployment models.	August 18, 2022
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping Use the SelfManagedKafkaEventSourceConfig property to define specific configuration settings for a self-managed Kafka event source, such as the consumer group ID. Use the AmazonManagedKafkaEventSourceConfig property to define specific configuration settings for an MSK event source, such as the consumer group ID.	August 18, 2022
New resource	The following resource was added: AWS::DynamoDB::Table.ImportSourceSpecification AWS::DynamoDB::Table.ImportSourceSpecification Use the AWS::DynamoDB::Table.ImportSourceSpecification resource to import from S3 into DynamoDB.	August 18, 2022
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the HttpVersion property, use the http2and3 and http3 values to specify the maximum HTTP version(s) that you want viewers to use to communicate with Amazon CloudFront. For more information, see Supported HTTP versions in the Amazon CloudFront Developer Guide.	August 15, 2022
Updated resource	The following resources were updated: AWS::GuardDuty::Filter, AWS::GuardDuty::IPSet, and AWS::GuardDuty::ThreatIntelSet AWS::GuardDuty::Filter Use Tags property to specify metadata to add to a new filter resource. Use Rank property to specify position of the filter in the list of the current filters. AWS::GuardDuty::IPSet Use Tags property to specify metadata to add to a new IP set resource. AWS::GuardDuty::ThreatIntelSet Use Tags property to specify metadata to add to a new threat list resource.	August 15, 2022
New resources	The following resources were added: AWS::M2::Application and AWS::M2::Environment. AWS::M2::Application Use the AWS::M2::Application resource to specify an application in the AWS Mainframe Modernization service. AWS::M2::Environment Use the AWS::M2::Environment resource to specify a runtime environment in the AWS Mainframe Modernization service.	August 11, 2022
New resource	The following resource was added: AWS::MSK::ServerlessCluster AWS::MSK::ServerlessCluster This resource represents an Amazon MSK Serverless cluster.	August 11, 2022
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL In the SqliMatchStatement property type, use the SensitivityLevel property to specify the sensitivity that you want to use to inspect for SQL injection attacks. AWS::WAFv2::RuleGroup In the SqliMatchStatement property type, use the SensitivityLevel property to specify the sensitivity that you want to use to inspect for SQL injection attacks.	August 4, 2022
Updated resource	The following resource was updated: AWS::GuardDuty::Detector AWS::GuardDuty::Detector Use the CFNDataSourceConfigurations property to specify the data source when detector is created. Use the CFNMalwareProtectionConfiguration property to specify enabling Malware Protection data source. Use the CFNScanEc2InstanceWithFindingsConfiguration property to specify enabling data source as Malware Protection for EC2 findings.	August 4, 2022
Updated resource	The following resource was updated: AWS::IoT::CACertificate. AWS::IoT::CACertificate The AWS::IoT::CACertificate resource adds RegistrationConfig type in RegistrationConfig property.	August 4, 2022
Updated resource	The following resource was updated: AWS::IoT::ProvisioningTemplate. AWS::IoT::ProvisioningTemplate The AWS::IoT::ProvisioningTemplate resource now supports TemplateType property.	August 4, 2022
Updated resource	The following resource was updated: AWS::RedshiftServerless::Workgroup AWS::RedshiftServerless::Workgroup The additionalinfo parameter was removed from AWS::RedshiftServerless::Workgroup.	July 28, 2022
Updated resource	The following resource was updated: AWS::Transfer::Server ProtocolDetails Use the As2Transports property to indicate the transport method for the AS2 messages.	July 28, 2022
Updates to resource	The following resource was updated: AWS::SSO::PermissionSet. AWS::SSO::PermissionSet Use the CustomerManagedPolicyReferences and PermissionsBoundary properties of the AWS::SSO::PermissionSet resource to assign customer managed policies and permissions boundaries in IAM Identity Center.	July 21, 2022
Updated resources	The following resource was updated: AWS::EC2::PlacementGroup. AWS::EC2::PlacementGroup Use the SpreadLevel parameter to determine how placement groups spread instances.	July 21, 2022
New resource	The following resource was added: AWS::Synthetics::Group. AWS::Synthetics::Group Use the AWS::Synthetics::Group resource to create a group. You can use groups to associate canaries with each other, including cross-Region canaries. Using groups can help you with managing and automating your canaries, and you can also view aggregated run results and statistics for all canaries in a group.	July 21, 2022
New resource	The AWS::Evidently::Segment resource was added. Evidently resource type reference Use a segment to define a portion of your audience that share one or more characteristics. For more information, see Use segments to focus your audience.	July 21, 2022
Managing events with AWS CloudFormation and Amazon EventBridge	Receive notifications when specific AWS CloudFormation events such as object creation or deletion occur in an AWS CloudFormation with EventBridge. For more information, see Managing events with Amazon EventBridge.	July 20, 2022
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Added support for SM2 key pairs (China Regions only), including the SM2 value for the KeySpec property.	July 14, 2022
Updated resource	The following resource was updated: AWS::SageMaker::NotebookInstance AWS::SageMaker::NotebookInstance Use the InstanceMetadataServiceConfiguration property to specify information about the IMDS configuration of the notebook instance. Use the InstanceMetadataServiceConfiguration.MinimumInstanceMetadataServiceVersion property to specify the minimum IMDS version that the notebook instance supports.	July 14, 2022
New resources	Use these resources to manage your Amazon Redshift Serverless instance. AWS::RedshiftServerless::Workgroup Use the AWS::RedshiftServerless::Workgroup resource to manage compute resources in Amazon Redshift Serverless. AWS::RedshiftServerless::Namespace Use the AWS::RedshiftServerless::Namespace resource to manage database objects and users in Amazon Redshift Serverless.	July 12, 2022
Account level	AWS CloudFormation announces the general availability of account filter type, a feature that allows customers to limit deployment targets to individual accounts or include additional accounts with provided OUs. For more information, see Account level targets.	July 7, 2022
Updated resource	The following resource was updated: AWS::RefactorSpaces::Route. AWS::RefactorSpaces::Route In the DefaultRouteInput property type, use the ActivationState property to specify the activation state of the route. In the UriPathRouteInput property type, use the ActivationState property to specify the activation state of the route.	June 30, 2022
New resources	The following resources were added: AWS::LakeFormation::DataCellsFilter, AWS::LakeFormation::TagAssociation, documentation target="AWS::LakeFormation::Tag, AWS::LakeFormation::PrincipalPermissions AWS::LakeFormation::DataCellsfilter Use the DataCellsFilter resource to specify a structure for a data cell filter. AWS::LakeFormation::PrincipalPermissions Use the AWS::LakeFormation::PrincipalPermissions resource to specify the permissions that a principal has on an resource. AWS::LakeFormation::Tag Use the AWS::LakeFormation::Tag resource to specify an LF-tag, which consists of a key and one or more possible values for the key. AWS::LakeFormation::TagAssociation Use the AWS::LakeFormation::TagAssociation resource to assign an LF-tag to a Data Catalog resource.	June 30, 2022
New resource	The following resource was added: AWS::DataSync::LocationFSxONTAP. AWS::DataSync::LocationFSxONTAP Use the AWS::DataSync::LocationFSxONTAP resource to create a location for an Amazon FSx for ONTAP file system.	June 30, 2022
New resource	The following resource was added: AWS::IoT::CACertificate AWS::IoT::CACertificate Use the AWS::IoT::CACertificateto specify a CA certificate.	June 30, 2022
New resource	The following resource was added: AWS::SES::DedicatedIpPool. AWS::SES::DedicatedIpPool Use the DedicatedIpPool resource to create a new pool of dedicated IP addresses.	June 30, 2022
New resource	The following resource and properties were added: AWS::SES::EmailIdentity, AWS::SES::EmailIdentity ConfigurationSetAttributes, AWS::SES::EmailIdentity DkimAttributes, AWS::SES::EmailIdentity DkimSigningAttributes, AWS::SES::EmailIdentity FeedbackAttributes, and AWS::SES::EmailIdentity MailFromAttributes. AWS::SES::EmailIdentity Use the EmailIdentity resource to specify an identity, such as an email address or domain, for using within SES. AWS::SES::EmailIdentity ConfigurationSetAttributes Use the ConfigurationSetAttributes property to associate a configuration set with an email identity. AWS::SES::EmailIdentity DkimAttributes Use the DkimAttributes property to enable or disable DKIM authentication for an email identity. AWS::SES::EmailIdentity DkimSigningAttributes Use the DkimSigningAttributes property to configure or change the DKIM authentication settings for an email domain identity. AWS::SES::EmailIdentity FeedbackAttributes Use the FeedbackAttributes property to enable or disable feedback forwarding for an identity. AWS::SES::EmailIdentity MailFromAttributes Use the MailFromAttributes property to enable or disable the custom Mail-From domain configuration for an email identity.	June 30, 2022
Updated resources	The following resources were updated: AWS::AppStream::Stack AWS::AppStream::Stack Use the StreamingExperienceSettings property to specify the streaming protocol you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.	June 28, 2022
New resource	The following resource was added: AWS::CloudTrail::EventDataStore AWS::CloudTrail::EventDataStore Use the EventDataStore resource to specify an event data store in CloudTrail Lake. Event data stores are immutable collections of events based on criteria that you select by applying advanced event selectors. For more information, see Working with CloudTrail Lake in the AWS CloudTrail User Guide. AWS::CloudTrail::EventDataStore.AdvancedEventSelector Use the AdvancedEventSelector property to specify fine-grained event properties for data events that you want to log to an event data store. For more information, see Data events in the AWS CloudTrail User Guide. AWS::CloudTrail::EventDataStore.AdvancedFieldSelector Use the AdvancedFieldSelector property to specify fine-grained event properties for data events that you want to log to an event data store. An AdvancedFieldSelector is a single selector statement within an advanced event selector. For more information, see Data events in the AWS CloudTrail User Guide.	June 23, 2022
New resource	The following resources were added: AWS::ConnectCampaigns::Campaign AWS::ConnectCampaigns::Campaign Use the AWS::ConnectCampaigns::Campaign resource to create a high-volume outbound campaign.	June 23, 2022
Updated resources	The following resource updated: AWS::MediaTailor::PlaybackConfiguration. AWS::MediaTailor::PlaybackConfiguration Added DashConfiguration.ManifestEndpointPrefix, HlsConfiguration.ManifestEndpointPrefix, PlaybackConfigurationArn, PlaybackEndpointPrefix, and SessionInitializationEndpointPrefix return values.	June 16, 2022
New resources	The following resource and properties were added: AWS::Route53::CidrCollection, AWS::Route53::RecordSet.CidrRoutingConfig, and AWS::Route53::RecordSetGroup CidrRoutingConfig AWS::Route53::CidrCollection Use the AWS::Route53::CidrCollection resource to create a CIDR collection for IP-based DNS routing. AWS::Route53::RecordSet.CidrRoutingConfig Use the AWS::Route53::RecordSet.CidrRoutingConfig property to update IP-routing information for the DNS record that you want to create. AWS::Route53::RecordSetGroup CidrRoutingConfig Use the AWS::Route53::RecordSetGroup CidrRoutingConfig property to link a resource record set to a CIDR location.	June 16, 2022
Updated resources	The following resource was updated: AWS::EC2::LaunchTemplate. AWS::EC2::LaunchTemplate LaunchTemplateData Use the DisableApiStop parameter to enable or disable an instance for stop protection.	June 9, 2022
Updated resource	The following resource was updated: AWS::DataSync::LocationEFS. AWS::DataSync::LocationEFS Use the AccessPointArn property to specify an access point for your Amazon EFS file system. Use the FileSystemAccessRoleArn property to specify an IAM role that DataSync assumes when mounting your file system. Use the InTransitEncryption property to specify whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it copies data to or from your file system.	June 9, 2022
Updated resource	The following property was added to the AWS::SES::ConfigurationSetEventDestination resource: AWS::SES::ConfigurationSetEventDestination SnsDestination Use the SnsDestination property to specify an Amazon Simple Notification Service (Amazon SNS) event destination to publish email sending events.	June 9, 2022
Updated resource	The following properties were updated to SES API v2 for the AWS::SES::ConfigurationSet resource: AWS::SES::ConfigurationSet DeliveryOptions Use the DeliveryOptions property to assign a dedicated IP pool to this configuration set. AWS::SES::ConfigurationSet ReputationOptions Use the ReputationOptions property to enable or disable collection of reputation metrics for emails sent with this configuration set. AWS::SES::ConfigurationSet SendingOptions Use the SendingOptions property to enable or disable email sending for messages that use this configuration set. AWS::SES::ConfigurationSet SuppressionOptions Use the SuppressionOptions property to specify a list that contains the reasons that email addresses are automatically added to the suppression list. AWS::SES::ConfigurationSet TrackingOptions Use the TrackingOptions property to specify a custom domain to use for open and click tracking elements in emails that you send from this configuration set.	June 9, 2022
New resource	The following resources were added: AWS::Connect::TaskTemplate AWS::Connect::TaskTemplate Use the AWS::Connect::TaskTemplate resource to create a task template.	June 9, 2022
Updated resource	The following property was updated: AWS::IoTEvents::AlarmModel.IotSiteWise. AWS::IoTEvents::AlarmModel.IotSiteWise The following property is no longer required: PropertyValue.	May 26, 2022
Updated resource	The following resource was updated: AWS::Transfer::Server ProtocolDetails Use the SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket.	May 26, 2022
New resource	The following resource was added: AWS::EMRServerless::Application. AWS::EMRServerless::Application Use the AWS::EMRServerless::Application resource to specify an EMR Serverless application.	May 26, 2022
New resources	The following resources were added: AWS::IoTWireless::NetworkAnalyzerConfiguration AWS::IoTWireless::NetworkAnalyzerConfiguration Gets information about a network analyzer configuration.	May 25, 2022
Updated resource	The following resource was updated: AWS::Cognito::UserPoolClient AWS::Cognito::UserPoolClient The EnablePropagateAdditionalUserContextData property of a user pool client makes it possible to pass IP address information to advanced security features with unauthenticated API requests.	May 20, 2022
Updated resources	The following resources were updated: AWS::AppMesh::VirtualNode and AWS::AppMesh::Mesh AWS::AppMesh::VirtualNode Use the DnsServiceDiscovery property to represent the DNS service discovery information for your virtual node. Use the AwsCloudMapServiceDiscovery property to represent the AWS Cloud Map service discovery information for your virtual node. AWS::AppMesh::Mesh Use the MeshServiceDiscovery resource to represent the service discovery information for a service mesh.	May 19, 2022
Updated resources	The following resources were updated: AWS::Lightsail::LoadBalancer and AWS::Lightsail::LoadBalancerTlsCertificate AWS::Lightsail::LoadBalancer Use the tlsPolicyName property to specify a TLS security policy for the load balancer. AWS::Lightsail::LoadBalancerTlsCertificate Use the httpsRedirectionEnabled property to indicate whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.	May 19, 2022
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary The DeleteLambdaResourcesOnCanaryDeletion parameter was added. You can specify this parameter when you create or update a canary to have the canary's Lambda resources deleted when the canary is deleted.	May 12, 2022
Updated resource	The following resource was updated: AWS::DataSync::Task. AWS::DataSync::Task In the Options property type, use the ObjectTags property to specify whether object tags are maintained when transferring between object storage systems.	May 12, 2022
New resource	The following resource was added: AWS::IoT::RoleAlias AWS::IoT::RoleAlias Use the AWS::IoT::RoleAliasto specify a role alias.	May 12, 2022
New resources	New resources were added to Network Manager: AWS::NetworkManager::CoreNetwork, AWS::NetworkManager::ConnectAttachment, AWS::NetworkManager::ConnectPeer, AWS::NetworkManager::SiteToSiteVpnAttachment, and AWS::NetworkManager::VpcAttachment. AWS::NetworkManager::CoreNetwork Use the AWS::NetworkManager::CoreNetwork to create a core network. AWS::NetworkManager::ConnectAttachment Use the AWS::NetworkManager::CoreNetwork.ConnectAttachment to create a Connect attachment. AWS::NetworkManager::ConnectPeer Use the AWS::NetworkManager::ConnectPeer to create a Connect peer attachment. AWS::NetworkManager::SiteToSiteVpnAttachment Use the AWS::NetworkManager::SiteToSiteVpnAttachment to create a site-to-site VPN attachment. AWS::NetworkManager::VpcAttachment Use the AWS::NetworkManager::VpcAttachment to create a VPC attachment.	May 11, 2022
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL Use the Cookies property to specify that a rule statement should inspect the cookies in web requests. Use the CookieMatchPattern property to specify a subset of all cookies for inspection. Use the Headers property to specify that a rule statement should inspect the headers in web requests. Use the HeaderMatchPattern property to specify a subset of all headers for inspection. In the Body property type, use the OversizeHandling property to specify how to handle web requests that have oversize body contents. In the JsonBody property type, use the OversizeHandling property to specify how to handle web requests that have oversize body contents. AWS::WAFv2::RuleGroup Use the Cookies property to specify that a rule statement should inspect the cookies in web requests. Use the CookieMatchPattern property to specify a subset of all cookies for inspection. Use the Headers property to specify that a rule statement should inspect the headers in web requests. Use the HeaderMatchPattern property to specify a subset of all headers for inspection. In the Body property type, use the OversizeHandling property to specify how to handle web requests that have oversize body contents. In the JsonBody property type, use the OversizeHandling property to specify how to handle web requests that have oversize body contents.	May 5, 2022
New resource	The following resource was added: AWS::Rekognition::StreamProcessor. AWS::Rekognition::StreamProcessor The AWS::Rekognition::StreamProcessor type creates a stream processor used to detect and recognize faces or to detect connected home labels in a streaming video.	May 5, 2022
New resource	The following resources were added: AWS::VoiceID::Domain AWS::VoiceID::Domain Use the AWS::VoiceID::Domain resource to create a Voice ID domain.	May 5, 2022
New resource	The following resource was added: AWS::EC2::KeyPair. AWS::EC2::KeyPair Use the KeyPair resource to create or import a key pair.	April 28, 2022
Updated resources	The following resource was updated: AWS::Batch::ComputeEnvironment AWS::Batch::ComputeEnvironment Use the ReplaceComputeEnvironment property to specify whether the compute environment should be replaced if an update is made that requires replacing the instances in the compute environment. Use the UpdatePolicy property to specify the infrastructure update policy for the compute environment. AWS::Batch::JobDefinition Added a JobQueueArn attribute to the return values.	April 21, 2022
Updated resource	New parameters were added to AWS::Evidently::Experiment and AWS::Evidently::Launch Evidently resource type reference New parameters were added to AWS::Evidently::Experiment and AWS::Evidently::Launch to allow you to use AWS CloudFormation to start and stop experiments and launches.	April 21, 2022
New resources	The following resources were added: AWS::IoTTwinMaker::ComponentType, AWS::IoTTwinMaker::Entity, AWS::IoTTwinMaker::Scene, and AWS::IoTTwinMaker::Workspace AWS::IoTTwinMaker::ComponentType Use the AWS::IoTTwinMaker::ComponentType resource to declare a component type. AWS::IoTTwinMaker::Entity Use the AWS::IoTTwinMaker::Entity resource to declare an entity. AWS::IoTTwinMaker::Scene Use the AWS::IoTTwinMaker::Scene resource to declare a scene. CFNResource Use the AWS::IoTTwinMaker::Workspace resource to declare a workspace.	April 21, 2022
New resource	The following resources were added: AWS::Connect::PhoneNumber AWS::Connect::PhoneNumber Use the AWS::Connect::PhoneNumber resource to create a phone number.	April 21, 2022
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Added support for HMAC KMS keys, including new HMAC values for the KeySpec property and the GENERATE_VERIFY_MAC value for the KeyUsage property. You can also use the AWS::KMS::ReplicaKey resource to create a replica of a multi-Region HMAC key. However, the properties of this resource did not change.	April 19, 2022
Updated resources	The following resources were updated: AWS::AppStream::Fleet AWS::AppStream::Fleet Use the SessionScriptS3Location property to specify the S3 location of the session scripts configuration zip file. This only applies to Elastic fleets.	April 14, 2022
Updated resource	The following resource was updated: AWS::CloudWatch::MetricStream. AWS::CloudWatch::MetricStream In the MetricStream resource, use the MetricStreamStatisticsConfiguration to have the metric stream include additional statistics such as percentile statistics in the stream.	April 14, 2022
Updated resource	The following resource was updated: AWS::AppRunner::Service AWS::AppRunner::Service.ObservabilityConfiguration New property. The observability configuration of the App Runner service.	April 12, 2022
New resource	The following resource was added: AWS::AppRunner::ObservabilityConfiguration AWS::AppRunner::ObservabilityConfiguration Use the AWS::AppRunner::ObservabilityConfiguration resource to create or update an AWS App Runner observability configuration.	April 12, 2022
Updated resources	The following resource was updated: AWS::EC2::LaunchTemplate. AWS::EC2::LaunchTemplate NetworkInterface Use the Ipv4PrefixCount or Ipv4Prefixes properties to assign IPv4 prefixes to a network interface. Use the Ipv6PrefixCount or Ipv6Prefixes properties to assign IPv6 prefixes to a network interface.	April 7, 2022
New resource	The following resource was added: AWS::Events::Endpoint. AWS::Events::Endpoint Use the AWS::Events::Endpoint resource to create a Amazon EventBridge global endpoint and mae your application Regional-fault tolerant.	April 7, 2022
New resource	The following resource was added: AWS::Lambda::Url. AWS::Lambda::Url Use the Url resource to add a function URL endpoint to your Lambda function.	April 7, 2022
Updated resource	The following resources were updated: AWS::SageMaker::Domain, AWS::SageMaker::UserProfile AWS::SageMaker::Domain Use the UserSettings.RStudioServerProAppSettings property to configure user interaction with the RStudioServerPro app. Use the RStudioServerProAppSettings property to configure user interaction with the RStudioServerPro app. Use the RStudioServerProAppSettings.AccessStatus property to indicate whether the current user has access to the RStudioServerPro app. Use the RStudioServerProAppSettings.UserGroup property to indicate the level of permissions that the user has within the RStudioServerPro app. Use the RStudioServerProDomainSettings property to configure the RStudioServerPro Domain-level app. Use the RStudioServerProDomainSettings.DefaultResourceSpec property to define the default InstanceType, SageMakerImageArn and SageMakerImageVersionArn for the Domain. Use the RStudioServerProDomainSettings.DomainExecutionRoleArn property to indicate the ARN of the execution role for the RStudioServerPro Domain-level app. Use the RStudioServerProDomainSettings.RStudioConnectUrl property to indicate a URL pointing to an RStudio Connect server. Use the RStudioServerProDomainSettings.RStudioPackageManagerUrl property to indicate a URL pointing to an RStudio Package Manager server. Use the DomainSettings property to indicate a collection of settings that apply to the SageMaker Domain. Use the DomainSettings.RStudioServerProDomainSettings property to configure the RStudioServerPro Domain-level app. Use the DomainSettings.SecurityGroupIds property to indicate security groups for the Amazon Virtual Private Cloud (Amazon VPC) that the Domain uses for communication between Domain-level apps and user apps. AWS::SageMaker::UserProfile Use the UserSettings.RStudioServerProAppSettings property to configure user interaction with the RStudioServerPro app. Use the RStudioServerProAppSettings property to configure user interaction with the RStudioServerPro app. Use the RStudioServerProAppSettings.AccessStatus property to indicate whether the current user has access to the RStudioServerPro app. Use the RStudioServerProAppSettings.UserGroup property to indicate the level of permissions that the user has within the RStudioServerPro app.	March 31, 2022
New resource	The following resource was added: AWS::DataSync::LocationFSxOpenZFS. AWS::DataSync::LocationFSxOpenZFS Use the AWS::DataSync::LocationFSxOpenZFS resource to specify an Amazon FSx for OpenZFS file system.	March 31, 2022
Updated resource	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function Use the EphemeralStorage property to set the function's ephemeral (/tmp) storage to any any whole number between 512 and 10240 MB.	March 24, 2022
Updated resource	The following property type was updated: AWS::Lex::Bot. AWS::Lex::Bot Use the AudioLogSetting property to configure logging of audio conversation with your users. Use the AudioLogSetting property to configure the Lambda functions used for each of your bot's locales. Use the ConversationLogsSettings property to manage logging that saves audio, text, and metadata of the conversations with your users. Use the CustomVocabulary property to define custom vocabularies for your slot types. Use the LambdaCodeHook property to specify a Lambda function that verifies requests to the bot or fulfills the user's request. Use the S3BucketLogDestination property to configure the Amazon S3 bucket to hold audio conversation logs. Use the SlotValueSelectionSetting property to configure advanced settings for recognizing slot values. Use the TestBotAliasSettings property to configure the alias used for testing a bot. Use the TextLogSetting property to configure text logs for conversations.	March 24, 2022
New resource	The following resource was added: AWS::IoTEvents::AlarmModel. AWS::IoTEvents::AlarmModel Use the AlarmModel resource to monitor an AWS IoT Events input attribute.	March 24, 2022
Updated resource	The following resources were updated: AWS::ACMPCA::Certificate and AWS::ACMPCA::CertificateAuthority. AWS::ACMPCA::Certificate Use the CustomAttribute object to . Use the CustomExtension object to . AWS::ACMPCA::CertificateAuthority Use the CustomAttribute object to .	March 17, 2022
Updated resource	The following resource was updated: AWS::FSx::Filesystem AWS::FSx::Filesystem FSx for OpenZFS file system root volumes now support the LZ4 DataCompressionType.	March 17, 2022
Updated resource	The following resource was updated: AWS::FSx::Volume AWS::FSx::Volume FSx for OpenZFS volumes now support the LZ4 DataCompressionType.	March 17, 2022
Updated resource	The following resource was updated: AWS::FSx::Volume AWS::FSx::Volume FSx for OpenZFS volumes now support using the value 0 to un-set the StorageCapacityQuotaGiB for a volume.	March 17, 2022
Updated resource	The following resource was updated: AWS::FSx::Volume AWS::FSx::Volume FSx for OpenZFS volumes now support using the value 0 to un-set the StorageCapacityReservationGiB for a volume.	March 17, 2022
Updated resource	The following resource was updated: AWS::FSx::Volume AWS::FSx::Volume FSx for OpenZFS volumes now support setting the suggested block size for a volume.	March 17, 2022
Updated resource	The following resource was updated: AWS::FSx::Filesystem AWS::FSx::FileSystem FSx for ONTAP file systems now support lower ThroughputCapacity settings.	March 17, 2022
Updated resource	The following resource was updated: AWS::FIS::ExperimentTemplate. AWS::FIS::ExperimentTemplate Use the LogConfiguration property to configure experiment logging. Use the Parameters property to specify criteria used to identify target resources.	March 11, 2022
Updated resource	The following resource was updated: AWS::AutoScaling::ScalingPolicy. AWS::AutoScaling::ScalingPolicy Use the AWS::AutoScaling::ScalingPolicy property to specify custom metrics when you create predictive scaling policies. You can also use metric math to further customize the metrics that you include in your policy.	March 10, 2022
New resources	The following resources were added: AWS::Personalize::Dataset, AWS::Personalize::Dataset DatasetImportJob, AWS::Personalize::DatasetGroup, AWS::Personalize::Schema, AWS::Personalize::Solution, and AWS::Personalize::Solution SolutionConfig. AWS::Personalize::Dataset Use the AWS::Personalize::Dataset resource to specify a dataset in Amazon Personalize. AWS::Personalize::Dataset DatasetImportJob Use the AWS::Personalize::Dataset DatasetImportJob resource to specify a dataset import job in Amazon Personalize. AWS::Personalize::DatasetGroup Use the AWS::Personalize::DatasetGroup resource to specify a dataset group in Amazon Personalize. AWS::Personalize::Schema Use the AWS::Personalize::Schema resource to specify a schema in Amazon Personalize. AWS::Personalize::Solution Use the AWS::Personalize::Solution resource to specify a solution in Amazon Personalize. AWS::Personalize::Solution SolutionConfig Use the AWS::Personalize::Solution SolutionConfig resource to specify a solution configuration in Amazon Personalize.	March 10, 2022
Updated resources	The following resources were updated: AWS::RedshiftServerless::Workgroup and AWS::RedshiftServerless::Namespace AWS::RedshiftServerless::Workgroup Added a number of return values to the AWS::RedshiftServerless::Workgroup resource. AWS::RedshiftServerless::Namespace Added a number of return values to the AWS::RedshiftServerless::Namespace resource.	March 9, 2022
New resource	The following resource was added: AWS::EKS::IdentityProviderConfig AWS::EKS::IdentityProviderConfig Use the OidcIdentityProviderConfig property to specify an identity provider config and RequiredClaim to specify required claims.	March 7, 2022
Updated resources	The following resources were updated: AWS::DataBrew::Job AWS::DataBrew::Job Add MaxOutputFiles parameter to the Output data type to specify the maximum number of files to be generated by a profile job and written to the output folder.	March 3, 2022
Added resource	The following resource was added: AWS::ManagedBlockchain::Accessor AWS::ManagedBlockchain::Accessor Use the Accessor to create a new accessor for use with Managed Blockchain Ethereum nodes.	March 2, 2022
Updated resources	The following resources were updated: AWS::Batch::ComputeEnvironment, and AWS::Batch::JobQueue AWS::Batch::ComputeEnvironment Added a ComputeEnvironmentArn attribute to the return values. AWS::Batch::JobQueue Added a JobQueueArn attribute to the return values.	February 24, 2022
Updated resource	The following resource was updated: AWS::AutoScaling::WarmPool. AWS::AutoScaling::WarmPool Use the PoolState property to specify Hibernated to stop instances in a warm pool without deleting their RAM contents. Use the InstanceReusePolicy property to return instances to the warm pool on scale in, instead of always terminating instance capacity that you will need later.	February 24, 2022
Updated resource	The following resource was updated: AWS::Transfer::Server Use the PreAuthenticationLoginBanner property to specify a string to display when users connect to a server, before they authenticate. Use the PostAuthenticationLoginBanner property to specify a string to display when users connect to a server, after they authenticate.	February 24, 2022
New resource	The following resource was added: AWS::DataSync::LocationFSxLustre. AWS::DataSync::LocationFSxLustre Use the AWS::DataSync::LocationFSxLustre resource to specify an Amazon FSx for Lustre file system.	February 24, 2022
New resource	The following resource was added: AWS::MSK::BatchScramSecret AWS::MSK::BatchScramSecret This resource represents a secret stored in the Amazon Secrets Manager that can be used to authenticate with a cluster using a user name and a password.	February 24, 2022
New resource	The following resource was added: AWS::MSK::Configuration AWS::MSK::Configuration Represents an MSK configuration.	February 24, 2022
Updated resource	The following resource was updated: AWS::WAFv2::WebACL. AWS::WAFv2::WebACL You can now define ManagedRuleGroupConfigs for a ManagedRuleGroupStatement, to provide configuration specific to the managed rule group. This is required to use the managed rule group, AWSManagedRulesATPRuleSet.	February 17, 2022
New resources	The following new resources were added to Network Manager: AWS::NetworkManager::ConnectAttachment, AWS::NetworkManager::ConnectPeer, AWS::NetworkManager::CoreNetwork, AWS::NetworkManager::SiteToSiteVPNAttachment, and AWS::NetworkManager::VPCAttachment. AWS::NetworkManager::ConnectAttachment Use the AWS::NetworkManager::ConnectAttachment to create a core network Connect attachment. AWS::NetworkManager::ConnectPeer Use the AWS::NetworkManager::ConnectPeer create a core network Connect Peer attachment. AWS::NetworkManager::CoreNetwork Use the AWS::NetworkManager::CoreNetwork to create a core network. AWS::NetworkManager::SiteToSiteVPNAttachment Use the AWS::NetworkManager::SiteToSiteVPNAttachment create a core network site-to-site VPN attachment. AWS::NetworkManager::VPCAttachment Use the AWS::NetworkManager::VPCAttachment create a core network VPC attachment.	February 17, 2022
Updated resources	The following resource was updated: AWS::EC2::LaunchTemplate. AWS::EC2::LaunchTemplate PrivateDnsNameOptions Use the PrivateDnsNameOptions property to set options for instance hostnames. AWS::EC2::LaunchTemplate MetadataOptions Use the InstanceMetadataTags property to allow access to instance tags from the instance metadata.	February 10, 2022
New resources	The following resources were added: AWS::CloudFormation::HookDefaultVersion, AWS::CloudFormation::HookTypeConfig, and AWS::CloudFormation::HookVersion. AWS::CloudFormation::HookDefaultVersion Use the AWS::CloudFormation::HookDefaultVersion resource to specify the default version of the hook. AWS::CloudFormation::HookTypeConfig Use the AWS::CloudFormation::HookTypeConfig resource to specify the configuration of a hook. AWS::CloudFormation::HookVersion Use the AWS::CloudFormation::HookVersion resource to publish the hook version in the AWS CloudFormation registry.	February 10, 2022
New resources	The following resources were added: AWS::ECR::PullThroughCacheRule AWS::ECR::PullThroughCacheRule Use the AWS::ECR::PullThroughCacheRule property to create a pull through cache rule for your private registry. Pull through cache rules provide a way to cache images from an external public registry in your private registry	February 10, 2022
CloudFormation registry	AWS CloudFormation announces the general availability of hooks, a feature that allows customers to invoke custom logic to automate actions or inspect resource configurations prior to a create, update or delete stack operation. For more information, see Developing hooks in the User Guide for Extension Development.	February 10, 2022
Updated resource	The following resource was updated: AWS::AppRunner::Service AWS::AppRunner::Service.NetworkConfiguration New property. Configuration settings related to network traffic of the web application that the App Runner service runs.	February 8, 2022
New resource	The following resource was added: AWS::AppRunner::VpcConnector AWS::AppRunner::VpcConnector Use the AWS::AppRunner::VpcConnector resource to create or update an AWS App Runner VPC connector.	February 8, 2022
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule The Rule.SageMakerPipelineParameter.PipelineParameterList is a list of parameter names and values for SageMaker Model Building Pipeline execution. The Rule.SageMakerPipelineParameter.Name is the name of parameter to start execution of a SageMaker Model Building Pipeline. The Rule.SageMakerPipelineParameter.Value is the value of parameter to start execution of a SageMaker Model Building Pipeline.	February 3, 2022
New properties	The following properties were added under AWS::ApplicationInsights::Application.ConfigurationDetails: HANAPrometheusExporter Use the HANAPrometheusExporter property of the AWS::ApplicationInsights::Application resource to define the HANA DB Prometheus Exporter settings. HAClusterPrometheusExporter Use the HAClusterPrometheusExporter property of the AWS::ApplicationInsights::Application resource to define the HA Cluster Prometheus Exporter settings.	February 3, 2022
Updated resource	The following resource was updated: RotationRules AWS::SecretsManager::RotationSchedule RotationRules Use RotationRules to set a detailed schedule to rotate your secret.	January 31, 2022
Updated resources	The following resource was updated: AWS::CustomerProfiles::Integration. AWS::CustomerProfiles::Integration Use the AWS::CustomerProfiles::Integration resource to create a new integration in Amazon Connect Customer Profiles Service.	January 27, 2022
Updated resources	The following resources were updated: AWS::Location::GeofenceCollection, AWS::Location::Map, AWS::Location::PlaceIndex, AWS::Location::RouteCalculator, and AWS::Location::Tracker. AWS::Location::GeofenceCollection Updated the AWS::Location::GeofenceCollection resource to no longer use PricingPlan or PricingPlanDataSource. AWS::Location::Map Updated the AWS::Location::Map resource to no longer use PricingPlan. AWS::Location::PlaceIndex Updated the AWS::Location::PlaceIndex resource to no longer use PricingPlan. AWS::Location::RouteCalculator Update the AWS::Location::RouteCalculator resource to no longer use PricingPlan. AWS::Location::Tracker Update the AWS::Location::Tracker resource to no longer use PricingPlan or PricingPlanDataSource.	January 27, 2022
Updated resource	The following resource was updated: AWS::IVS::RecordingConfiguration AWS::IVS::RecordingConfiguration Use the ThumbnailConfiguration property to specify an Amazon IVS ThumbnailConfiguration, which stores configuration information related to generating thumbnail images for your live stream.	January 27, 2022
New resource	The following resource was added: AWS::AppIntegrations::DataIntegration AWS::AppIntegrations::DataIntegration Use the AWS::AppIntegrations::DataIntegration resource to create a DataIntegration.	January 27, 2022
New collection resource	The following resource was added: AWS::Rekognition::Collection. AWS::Rekognition::Collection The AWS::Rekognition::Collection type creates a server-side container called a collection. You can use a collection to store information about detected faces and search for known faces in images, stored videos, and streaming videos.	January 27, 2022
New resources	The following resources were added: AWS::Forecast::Dataset and AWS::Forecast::DatasetGroup. AWS::Forecast::Dataset Use the AWS::Forecast::Dataset resource to import a new or updated dataset in Amazon Forecast. AWS::Forecast::DatasetGroup Use the AWS::Forecast::DatasetGroup resource to create a Dataset Group in Amazon Forecast.	January 23, 2022
Updated resources	The following resources were updated: AWS::DataBrew::Job AWS::DataBrew::Job Add BucketOwner parameter to the S3Location data type to define the owner of the specified S3 bucket.	January 20, 2022
Updated resource	The following resources were updated: AWS::Location::Tracker, AWS::Location::Tracker Added AccuracyBased as a new value for PositionFiltering for trackers.	January 20, 2022
New resources	The following resources were added: AWS::Lightsail::Certificate, AWS::Lightsail::Container, and AWS::Lightsail::Distribution AWS::Lightsail::Certificate Use the AWS::Lightsail::Certificate resource to specify an Amazon Lightsail certificate that you can use with a Lightsail content delivery network (CDN) distribution and a container service. AWS::Lightsail::Container Use the AWS::Lightsail::Container resource to specify an Amazon Lightsail container service. AWS::Lightsail::Distribution Use the AWS::Lightsail::Distribution resource to specify an Amazon Lightsail CDN distribution.	January 20, 2022
New resource	The following resource was added: AWS::KafkaConnect::Connector AWS::KafkaConnect::Connector Creates an MSK Connect connector.	January 20, 2022
Updated resource	The following resources were updated: AWS::AppSync::Resolver and AWS::AppSync::FunctionConfiguration AWS::AppSync::Resolver Use the MaxBatchSize property to specify the maximum number of resolver request inputs that will be sent to a single AWS Lambda function in a BatchInvoke operation. AWS::AppSync::FunctionConfiguration Use the MaxBatchSize property to specify the maximum number of resolver request inputs that will be sent to a single AWS Lambda function in a BatchInvoke operation.	January 13, 2022
Updated resource	The following resource was updated: AWS::FMS::Policy. AWS::FMS::Policy The AWS::FMS::Policy resource now allows you to manage Shield Advanced automatic application layer DDoS mitigation for Shield Advanced policies that you use for Amazon CloudFront distributions.	January 7, 2022
Updated resource	The following property was updated: AWS::EKS::Cluster KubernetesNetworkConfig AWS::EKS::Cluster KubernetesNetworkConfig Use the IpFamily property to specify whether you want your version 1.21 or later cluster to assign IPv4 or IPv6 addresses to pods and services.	January 6, 2022
Updated resource	The following property type was updated: AWS::Lex::Bot. AWS::Lex::Bot In the ExternalSourceSetting property type, use the GrammarSlotTypeSetting property to specify that the slot type is defined by an external grammar. In the GrammarSlotTypeSetting property type, use the Source property to specify the location of a file that contains a grammar defining the slot type. In the GrammarSlotTypeSource property type, use the KmsKeyArn, S3BucketName, and S3ObjectKey properties to specify the S3 bucket location of a file that contains a grammar defining the slot type.	January 6, 2022
New resources	The following resources were added: AWS::Lightsail::Alarm, AWS::Lightsail::Bucket, AWS::Lightsail::LoadBalancer, and AWS::Lightsail::LoadBalancerTlsCertificate AWS::Lightsail::Alarm Use the AWS::Lightsail::Alarm resource to specify an Amazon Lightsail alarm. AWS::Lightsail::Bucket Use the AWS::Lightsail::Bucket resource to specify an Amazon Lightsail bucket. AWS::Lightsail::LoadBalancer Use the AWS::Lightsail::LoadBalancer resource to specify an Amazon Lightsail load balancer. AWS::Lightsail::LoadBalancerTlsCertificate Use the AWS::Lightsail::LoadBalancerTlsCertificate resource to specify a certificate that you can use with an Amazon Lightsail load balancer that is in the same AWS Region and Availability Zone.	January 6, 2022
New resource	The following resource was added: AWS::InspectorV2::Filter. AWS::InspectorV2::Filter Use the AWS::InspectorV2::Filter resource to specify a filter.	January 6, 2022
New resource	The following resource is new: AWS::IoT::JobTemplate AWS::IoT::JobTemplate Use the AWS::IoT::JobTemplate resource to specify a job template.	January 6, 2022
New resources	The following resources were added: AWS::AppStream::ApplicationEntitlementAssociation and AWS::AppStream::Entitlement AWS::AppStream::ApplicationEntitlementAssociation Use the AWS::AppStream::ApplicationEntitlementAssociation resource to specify an association between an application and entitlement. AWS::AppStream::Entitlement Use the AWS::AppStream::Entitlement resource to specify an entitlement.	January 5, 2022
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL You can now use single regular expression (regex) match statements with RegexMatchStatement. You can now specify a CAPTCHA rule action. AWS::WAFv2::RuleGroup You can now use single regular expression (regex) match statements with RegexMatchStatement. You can now specify a CAPTCHA rule action.	December 9, 2021
Updated resource	The following resource was updated: AWS::Kinesis::Stream. AWS::Kinesis::Stream Use the StreamModeDetails property to specify the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an on-demand capacity mode and a provisioned capacity mode for your data streams.	December 9, 2021
Properties updated	For the AWS::Chatbot::SlackChannelConfiguration resource, the GuardrailPolicies property was updated and the UserRoleRequired property was added. AWS::Chatbot::SlackChannelConfiguration Use the GuardrailPolicies property to list policy ARNs applied as channel guardrails for AWS Chatbot. AWS::Chatbot::SlackChannelConfiguration Use the UserRoleRequired property to enable the use of a user role requirement in AWS Chatbot configurations.	December 9, 2021
New resources	The following resources were added: AWS::Lex:Bot, AWS::Lex::BotAlias, AWS::Lex::BotVersion, and AWS::Lex::ResourcePolicy. AWS::Lex::Bot Use the AWS::Lex::Bot resource to specify an Amazon Lex chatbot. AWS::Lex::BotAlias Use the AWS::Lex::BotAlias resource to specify an alias for an Amazon Lex chatbot. AWS::Lex::BotVersion Use the AWS::Lex::BotVersion resource to specify a version of an Amazon Lex chatbot. AWS::Lex::ResourcePolicy Use the AWS::Lex::ResourcePolicy resource to specify a new resource policy for an Amazon Lex chatbot.	December 9, 2021
Updated resource	The following resources were updated: AWS::GameLift::GameSessionQueue, AWS::GameLift::MatchmakingConfiguration, AWS::GameLift::MatchmakingRuleSet, AWS::GameLift::Script AWS::GameLift::GameSessionQueue Use the Tags property to add a list of labels to new game session queue resources. AWS::GameLift::MatchmakingConfiguration Use the Tags property to add a list of labels to new matchmaking configurations. AWS::GameLift::MatchmakingRuleSet Use the Tags property to add a list of labels to new matchmaking rule sets. AWS::GameLift::Script Use the Tags property to add a list of labels to new scripts.	December 8, 2021
New resources	The following resources were added: AWS::AppSync::DomainName and AWS::AppSync::DomainNameApiAssociation AWS::AppSync::DomainName Use the AWS::AppSync::DomainName resource to specify the configuration for a custom domain. AWS::AppSync::DomainNameApiAssociation Use the AWS::AppSync::DomainNameApiAssociation property to specify the mapping of a custom domain name to an assigned API URL.	December 6, 2021
Updated resources	The following resource was updated: AWS::WAFv2::LoggingConfiguration. AWS::WAFv2::LoggingConfiguration You can now log web ACL traffic to an Amazon CloudWatch Logs log group or an Amazon Simple Storage Service (Amazon S3) bucket. These options are in addition to the existing option of logging to an Amazon Kinesis Data Firehose.	December 3, 2021
Updated resource	The following resource was updated: AWS::S3::StorageLens. AWS::S3::StorageLens CloudWatchMetrics Use the AWS::S3::StorageLens CloudWatchMetrics resource to enable the Amazon CloudWatch publishing option for S3 Storage Lens metrics.	December 3, 2021
Updated resource	The following resource was updated: AWS::S3::Bucket OwnershipControlsRule. AWS::S3::Bucket OwnershipControlsRule Updated ObjectOwnership property to add a new allowed value: BucketOwnerEnforced. You can apply this S3 Object Ownership setting to disable access control lists (ACLs) and take ownership of all the objects in your bucket.	December 3, 2021
Updated resource	The following resource was updated: AWS::SageMaker::EndpointConfig AWS::SageMaker::EndpointConfig Use the ServerlessConfig property to specify a serverless configuration for a serverless endpoint. Use the MaxConcurrency property to specify the maximum concurrent invocations for a serverless endpoint. Use the MemorySizeInMB property to specify the memory size (in MB) for a serverless endpoint.	December 3, 2021
New resources	The following resources were added: AWS::AmplifyUIBuilder::Component and AWS::AmplifyUIBuilder::Theme. AWS::AmplifyUIBuilder::Component Use the AWS::AmplifyUIBuilder::Component resource to specify a component within an Amplify app. AWS::AmplifyUIBuilder::Theme Use the AWS::AmplifyUIBuilder::Theme resource to specify a collection of style settings to apply globally to the components in an Amplify app.	December 3, 2021
New resources	The following resources were added: AWS::ResilienceHub::App Creates an AWS Resilience Hub application. AWS::ResilienceHub::ResiliencyPolicy Defines a resiliency policy.	December 3, 2021
New resource	The following resources were added: AWS::Connect::ContactFlow and AWS::Connect::ContactFlowModule AWS::Connect::ContactFlow Use the AWS::Connect::ContactFlow resource to create a flow. AWS::Connect::ContactFlowModule Use the AWS::Connect::ContactFlowModule resource to create a flow module.	December 3, 2021
New resource	The following resources were added: AWS::Evidently::Experiment, AWS::Evidently::Feature, AWS::Evidently::Launch, and AWS::Evidently::Project Evidently resource type reference Use Amazon CloudWatch Evidently to safely validate new features by serving them to a specified percentage of your users while you roll out the feature. You can monitor the performance of the new feature to help you decide when to ramp up traffic to your users. This helps you reduce risk and identify unintended consequences before you fully launch the feature. You can also conduct A/B experiments to make feature design decisions based on evidence and data. For more information, see Perform launches and A/B experiments with CloudWatch Evidently.	December 3, 2021
New resource	The following new resource was added: AWS::FSx::Snapshot AWS::FSx::Snapshot Use the Snapshot resource to create a snapshot of an FSx for ONTAP or Amazon FSx for OpenZFS volume.	December 3, 2021
New resource	The following new resource was added: AWS::FSx::StorageVirtualMachine AWS::FSx::StorageVirtualMachine Use the StorageVirtualMachine resource to create an FSx for ONTAP storage virtual machine.	December 3, 2021
New resource	The following new resource was added: AWS::FSx::Volume AWS::FSx::Volume Use the Volume resource to create an FSx for ONTAP or Amazon FSx for OpenZFS volume.	December 3, 2021
New resource	The following resource was added: AWS::RUM::AppMonitor. AWS::RUM::AppMonitor Use the AWS::RUM::AppMonitor resource to create or update an Amazon CloudWatch RUM app monitor. For more information, see Set up an application to use CloudWatch RUM.	December 3, 2021
New resource	The following resource was added: AWS::Timestream::ScheduledQuery. AWS::Timestream::ScheduledQuery Use the AWS::Timestream::ScheduledQuery resource to create a new scheduled query for an existing table in Amazon Timestream.	December 3, 2021
Updated resource	The following resource was updated: AWS::SES::ConfigurationSetEventDestination AWS::SES::ConfigurationSetEventDestination Use the new property SnsDestination with the ConfigurationSetEventDestination resource as an event destination associated with a configuration set which enables you to publish email sending events. In the property type EventDestination, new property SnsDestination specifies the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.	November 25, 2021
Updated resources	AWS::ElastiCache::ReplicationGroup. AWS::ElastiCache::ReplicationGroup The data-tiering-enabled parameter enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. If you elect not to use data-tiering, set the parameter to no-data-tiering-enabled. For more information, see Data tiering.	November 23, 2021
Updated resource	The following resource was updated: AWS::Logs::LogGroup. AWS::Logs::LogGroup The AWS::Logs::LogGroup resource now supports tags.	November 22, 2021
Updated resources	The following resources were updated: AWS::AppStream::Fleet AWS::AppStream::Fleet Use the FleetType property to specify an ELASTIC fleet. Use the Platform property to specify platform of the fleet. Use the MaxConcurrentSessions property to specify the maximum concurrent sessions of an Elastic fleet. Use the UsbDeviceFilterStrings property to specify the USB device filter strings for an Elastic fleet..	November 18, 2021
Updated resources	The following resources were updated: AWS::DataBrew::Job, AWS::DataBrew::Ruleset AWS::DataBrew::Job Updates to support the following features: handling personally identifiable information (PII), data quality rules, and custom SQL queries.	November 18, 2021
Updated resources	The following resources were updated: AWS::Transfer::Server Use the IdentityProviderType resource to specify a the identity provider to use with your AWS Transfer Family server. A new type, LAMBDA, was added.	November 18, 2021
Updated resource	The following resource was updated: AWS::FinSpace::Environment AWS::FinSpace::Environment Use the DataBundles property to specify a list of data bundles to install. Use the SuperuserParameters property to specify configuration information of the superuser.	November 18, 2021
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem Use ONTAP for the FileSystemType, to use an ONTAP file system. Use OntapConfiguration parameter to configure an Amazon FSx ONTAP file system.	November 18, 2021
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster You can now turn on public access to an MSK cluster's brokers.	November 18, 2021
New resources	The following resources were added: AWS::AppStream::Application, AWS::AppStream::AppBlock, and AWS::AppStream::ApplicationFleetAssociation AWS::AppStream::Application Use the AWS::AppStream::Application resource to specify an application. AWS::AppStream::AppBlock Use the AWS::AppStream::AppBlock resource to specify an app block. AWS::AppStream::ApplicationFleetAssociation Use the AWS::AppStream::ApplicationFleetAssociation resource to specify an association between an application and fleet.	November 18, 2021
New resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem Use the FileSystemTypeVersion attribute to specify the file system version of an Amazon FSx for Lustre file system.	November 18, 2021
New resource	The following resource was added: AWS::Transfer::Workflow Use the Workflow resource to specify a managed workflow for file processing using AWS Transfer Family.	November 18, 2021
New resource	The following resource was added: AWS::SSM::ResourcePolicy AWS::SSM::ResourcePolicy Creates or updates a Systems Manager resource policy. A resource policy helps you to define the IAM entity (for example, an AWS account) that can manage your Systems Manager resources. Currently, OpsItemGroup is the only resource that supports Systems Manager resource policies. The resource policy for OpsItemGroup enables AWS accounts to view and interact with OpsCenter operational work items (OpsItems). OpsCenter is a capability of Systems Manager. For more information about OpsCenter, see Systems Manager OpsCenter in the Systems Manager User Guide.	November 17, 2021
Updated resource	The following resource was updated: AWS::Location::Tracker AWS::Location::Tracker Use the PositionFiltering property to specify how you want positions in your tracker to be filtered.	November 12, 2021
Updated resources	The following resources were updated: AWS::Batch::ComputeEnvironment, AWS::Batch::JobDefinition, and AWS::Batch::JobQueue AWS::Batch::ComputeEnvironment Use the UnmanagedvCpus property to specify the maximum number of vCPUs for an unmanaged compute environment. AWS::Batch::JobDefinition Use the SchedulingPriority property to specify the scheduling priority for job definition. AWS::Batch::JobQueue Use the SchedulingPolicyArn property to specify the scheduling policy for a job queue.	November 11, 2021
Updated resources	The following resource was updated: AWS::SageMaker::Endpoint AWS::SageMaker::Endpoint Use the DeploymentConfig property to specify the deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations. Use the AutoRollbackConfig property to specify the the automatic rollback configuration for handling endpoint deployment failures and recovery. Use the Alarm property to specify a list of CloudWatch alarms that are configured to monitor metrics on an endpoint. Use the AlarmName property to specify the name of a CloudWatch alarm in your account. Use the BlueGreenUpdatePolicy property to specify the update policy for a blue/green deployment. Use the MaximumExecutionTimeoutInSeconds property to specify the maximum execution timeout for a blue/green deployment. Use the TerminationWaitInSeconds property to specify additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet Use the TrafficRoutingConfig property to specify the traffic routing strategy during a blue/green endpoint deployment. Use the CanarySize property to specify the batch size for the first step to turn on traffic on the new endpoint fleet. Use the LinearStepSize property to specify the batch size for each step to turn on traffic on the new endpoint fleet Use the Type property to specify the traffic routing strategy type (all at once, canary, or linear). Use the WaitIntervalInSeconds property to specify the waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet. Use the CapacitySize property to specify the endpoint capacity to activate for production. Use the Type property to specify the endpoint capacity type to use (instance count or capacity percent). Use the Value property to specify the capacity size, either as a number of instances or a capacity percentage. Use the RetainDeploymentConfig property to specify whether to reuse the last deployment configuration. The default value is false (the configuration is not reused)	November 11, 2021
New resources	The following resource was added: AWS::Batch::SchedulingPolicy AWS::Batch::SchedulingPolicy Use the AWS::Batch::SchedulingPriority resource to specify a scheduling policy.	November 11, 2021
New resources	The following resources were added: AWS::IoTWireless::FuotaTask, AWS::IoTWireless::MulticastGroup AWS::IoTWireless::FuotaTask Gets information about a FUOTA task. AWS::IoTWireless::MulticastGroup Gets information about a multicast group.	November 11, 2021
Updated resource	The following resource was updated: AWS::Backup::BackupSelection AWS::Backup::BackupSelection The BackupSelection resource type supports a number of new resource assignment options, including StringLike and the ability to exclude resources from your backup plans.	November 10, 2021
Updated resource	The following resource was updated: AWS::EKS::Cluster AWS::EKS::Cluster ClusterLogging Use the ClusterLogging property to specify the cluster control plane configuration for your cluster. AWS::EKS::Cluster Logging Use the Logging property to enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Log. AWS::EKS::Cluster LoggingTypeConfig Use the LoggingTypeConfig property to specify the enabled logging type. AWS::EKS::Cluster ResourcesVpcConfig Use the EndpointPrivateAccess property to enable or disable private access for your cluster's Kubernetes API server endpoint. Use the EndpointPublicAccess property to enable or disable public access to your cluster's Kubernetes API server endpoint. Use the PublicAccessCidrs property to specify the CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint.	November 10, 2021
Updated resources	The following resources were updated: AWS::EC2::SpotFleet and AWS::EC2::EC2Fleet. AWS::EC2::SpotFleet.SpotCapacityRebalance Use the TerminationDelay property type to specify a delay in termination of your Spot Instances that receive a rebalance notification. AWS::EC2::EC2Fleet.SpotOptionsRequest Use the MaintenanceStrategies property type to manage your Spot Instances that are at an elevated risk of being interrupted. AWS::EC2::EC2Fleet.CapacityRebalance Use the CapacityRebalance property to proactively augment your fleet with a new Spot Instance before a running Spot Instance is interrupted by Amazon EC2.	November 4, 2021
Updated resources	The following resources were updated: AWS::NetworkFirewall::FirewallPolicy and AWS::NetworkFirewall::RuleGroup AWS::NetworkFirewall::FirewallPolicy Use the StatefulDefaultActions property to establish default actions to take on a packet that doesn't match any stateful rules when using strict rule ordering. Use the StatefulEngineOptions property to govern how Network Firewall handles stateful rules. AWS::NetworkFirewall::RuleGroup Use the StatefulRuleOptions property to govern how Network Firewall handles stateful rules.	November 4, 2021
Updated resources	The following resource was updated: AWS::Pinpoint::Campaign. AWS::Pinpoint::Campaign InAppMessageBodyConfig Specifies the configuration of main body text of the in-app message. AWS::Pinpoint::Campaign InAppMessageButton Specifies the configuration of a button that appears in an in-app message. AWS::Pinpoint::Campaign InAppMessageContent Specifies the configuration and contents of an in-app message. AWS::Pinpoint::Campaign InAppMessageHeaderConfig Specifies the configuration and content of the header or title text of the in-app message.	November 4, 2021
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types, use the ResponseHeadersPolicyId property to specify a response headers policy to associate with the cache behavior. For more information, see Adding HTTP headers to CloudFront responses in the Amazon CloudFront Developer Guide.	November 4, 2021
Updated resource	The following resource was updated: AWS::MWAA::Environment TagMap The TagMap property has been removed the service resource specification.	November 4, 2021
Updated resource	The following resource was updated: AWS::Redshift. Amazon Redshift resource type reference AWS::Redshift::EndpointAccess to create a Amazon Redshift-managed VPC endpoint. Amazon Redshift resource type reference AWS::Redshift::EndpointAuthorization to describe an endpoint authorization for authorizing Amazon Redshift-managed VPC endpoint access to a cluster across AWS accounts. Amazon Redshift resource type reference AWS::Redshift::EventSubscription to create an event notification subscription. Amazon Redshift resource type reference AWS::Redshift::ScheduledAction to create a scheduled action to run an API operation.	November 4, 2021
New resources	The following resource was added: AWS::Pinpoint::InAppTemplate. AWS::Pinpoint::InAppTemplate Creates a message template that you can use to send in-app messages.	November 4, 2021
New resource	The following resource was added: AWS::CloudFront::ResponseHeadersPolicy. AWS::CloudFront::ResponseHeadersPolicy Use the AWS::CloudFront::ResponseHeadersPolicy resource to create a new response headers policy in Amazon CloudFront. For more information, see Adding HTTP headers to CloudFront responses in the Amazon CloudFront Developer Guide.	November 4, 2021
New resource	The following resource was added: AWS::DataSync::LocationHDFS. AWS::DataSync::LocationHDFS Use the AWS::DataSync::LocationHDFS resource to specify an endpoint for a Hadoop Distributed File System (HDFS).	November 4, 2021
New resource	The following resource was added: AWS::EC2::CapacityReservationFleet. AWS::EC2::CapacityReservationFleet Use the CapacityReservationFleet property to create a Capacity Reservation Fleet.	November 4, 2021
Updated resource	The following resource was updated: AWS::EC2::EC2Fleet. InstanceRequirementsRequest Use the InstanceRequirementsRequest property to specify instance attributes, which Amazon EC2 uses to identify instance types.	October 28, 2021
Updated resource	The following resource was updated: AWS::EC2::SpotFleet. InstanceRequirementsRequest Use the InstanceRequirementsRequest property to specify instance attributes, which Amazon EC2 uses to identify instance types.	October 28, 2021
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup MixedInstancesPolicy Use the OnDemandAllocationStrategy property to specify lowest-price as the allocation strategy for your On-Demand capacity. AWS::AutoScaling::AutoScalingGroup MixedInstancesPolicy Use the InstanceRequirements property to specify the instance attributes that Amazon EC2 Auto Scaling uses for selecting instance types to fulfill your On-Demand and Spot capacities.	October 28, 2021
New resources	The following resources were added: AWS::Lightsail::Database and AWS::Lightsail::StaticIp AWS::Lightsail::Database Use the AWS::Lightsail::Database resource to specify an Amazon Lightsail database. AWS::Lightsail::StaticIp Use the AWS::Lightsail::StaticIp resource to specify a static IP that can be attached to an Amazon Lightsail instance that is in the same AWS Region and Availability Zone.	October 28, 2021
Updated resource	The following resources were updated: AWS::MediaConnect::Flow.Source, AWS::MediaConnect::FlowOutput AWS::MediaConnect::Flow Source Use the AWS::MediaConnect::Flow.Source resource to specify the details of the sources of the flow. AWS::MediaConnect::FlowOutput Use the AWS::MediaConnect::FlowOutput resource to specify the destination address, protocol, and port to send the ingested video to.	October 27, 2021
Updated resource	The following resource was updated: AWS::FMS::Policy. AWS::FMS::Policy The AWS::FMS::Policy resource now allows you to automatically remove protections from resources that leave policy scope.	October 21, 2021
Updated resource	The following resource was updated: AWS::Cassandra::Table. AWS::Cassandra::Table.DefaultTimeToLive Use the AWS::Cassandra::Table.DefaultTimeToLive property to set a default Time to Live (TTL) value for a table in Amazon Keyspaces (for Apache Cassandra).	October 21, 2021
Updated resource	The following resource was updated: AWS::SageMaker::NotebookInstance AWS::SageMaker::NotebookInstance Use the PlatformIdentifier property to set the platform identifier of the notebook instance runtime environment.	October 21, 2021
New resources	Use these resources to deploy computer vision applications to an AWS Panorama Appliance. AWS::Panorama::ApplicationInstance Creates and deploys an application instance. AWS::Panorama::Package Creates an application package. AWS::Panorama::PackageVersion Registers an application version.	October 21, 2021
New resource	The following resource was added: AWS::Rekognition:Project. AWS::Rekognition:Project Use the Project resource to create an Amazon Rekognition Custom Labels project.	October 21, 2021
New resources	The following resources were added: AWS::DeviceFarm::DevicePool, AWS::DeviceFarm::InstanceProfile, AWS::DeviceFarm::NetworkProfile, AWS::DeviceFarm::Project AWS::DeviceFarm::TestGridProject, and AWS::DeviceFarm::VPCEConfiguration. AWS::DeviceFarm::DevicePool Use the AWS::DeviceFarm::DevicePool resource to specify a device pool operation. AWS::DeviceFarm::InstanceProfile Use the AWS::DeviceFarm::InstanceProfile resource to specify a profile that can be applied to one or more private fleet device instances. AWS::DeviceFarm::NetworkProfile Use the AWS::DeviceFarm::NetworkProfile resource to specify a network profile. AWS::DeviceFarm::Project Use the AWS::DeviceFarm::Project resource to specify a project. AWS::DeviceFarm::TestGridProject Use the AWS::DeviceFarm::TestGridProject resource to specify a Selenium testing project. AWS::DeviceFarm::VPCEConfiguration Use the AWS::DeviceFarm::VPCEConfiguration resource to specify a configuration record in Device Farm for your Amazon Virtual Private Cloud (VPC) endpoint service.	October 14, 2021
New resource	The following resources were added: AWS::Wisdom::Assistant, AWS::Wisdom::AssistantAssociation, and AWS::Wisdom::KnowledgeBase AWS::Wisdom::Assistant Use the AWS::Wisdom::Assistant resource to specify an Amazon Connect Wisdom assistant. AWS::Wisdom::AssistantAssociation Use the AWS::Wisdom::AssistantAssociation resource to specify an association between an Amazon Connect Wisdom assistant and another resource. AWS::Wisdom::KnowledgeBase Use the AWS::Wisdom::KnowledgeBase resource to specify a knowledge base.	October 14, 2021
Updated resource	The following resource was updated: AWS::CodeBuild::Project ProjectBuildBatchConfig AWS::CodeBuild::Project ProjectBuildBatchConfig The BatchReportMode property was added to specify the how batch build reports are sent to the source provider.	October 13, 2021
New resource	The following resources were added: AWS::Connect::HoursOfOperation, AWS::Connect::User, AWS::Connect::UserHierarchyGroup AWS::Connect::HoursOfOperation Use the AWS::Connect::HoursOfOperation resource to create an hours of operation. AWS::Connect::User Use the AWS::Connect::User resource to create a user. AWS::Connect::UserHierarchyGroup Use the AWS::Connect::UserHierarchyGroup resource to create a user hierarchy group.	October 12, 2021
Updated resource	The following resource was updated: AWS::Backup::BackupVault AWS::Backup::BackupVault Use the LockConfiguration property to specify the configuration of AWS Backup; Vault Lock. AWS::Backup::Framework Use the Framework property to specify the configuration of an AWS Backup; Audit Manager framework. AWS::Backup::ReportPlan Use the Report Plan property to specify the configuration of an AWS Backup; Audit Manager report plan.	October 7, 2021
New resources	The following resources were added: AWS::Lightsail::Disk and AWS::Lightsail::Instance AWS::Lightsail::Instance Use the AWS::Lightsail::Instance resource to specify an Amazon Lightsail instance. AWS::Lightsail::Disk Use the AWS::Lightsail::Disk resource to specify a disk that can be attached to an Amazon Lightsail instance that is in the same AWS Region and Availability Zone.	October 7, 2021
New resource	The following resource was added: AWS::IoT::JobTemplate. AWS::IoT::JobTemplate Use the AWS::IoT::DomainConfJobTemplateiguration resource to specify a job template in AWS IoT Core.	October 7, 2021
New resource	The following resource was added: AWS::Route53Resolver::ResolverConfig AWS::Route53Resolver::ResolverConfig Use the AWS::Route53Resolver::ResolverConfig resource to specify information about a Route 53 Resolver configuration for a VPC.	October 7, 2021
Updated resources	The following resources were updated: AWS::ECR::ReplicationConfiguration AWS::ECR::ReplicationConfiguration Use the AWS::ECR::ReplicationConfiguration property to configure replication for the contents of a private repository. Support has been added to specify repository filters on a replication rule.	September 30, 2021
Updated resource	The following resource was updated: AWS::KinesisFirehose::DeliveryStream. AWS::KinesisFirehose::DeliveryStream Use the AmazonopensearchserviceDestinationConfiguration property type to specify the destination in Amazon OpenSearch Service. You can specify only one destination.	September 30, 2021
Updated resource	The following resources were updated: AWS::Lambda::LayerVersion and AWS::Lambda::Function. AWS::Lambda::Function Use the Architectures property to set the instruction set architecture for the function.	September 30, 2021
Updated resource	The following resource was updated: AWS::APS::Workspace. AWS::APS::Workspace Use the AWS::APS::Workspace resource was updated to include the AlertManagerDefinition property. For more information, see Alert manager and templating.	September 30, 2021
New resource	The following resource was added: AWS::APS::RuleGroupsNamespace. AWS::APS::RuleGroupsNamespace Use the AWS::APS::RuleGroupsNamespace resource to create or update an Amazon Managed Service for Prometheus rule groups namespace. A rule groups namespace contains Prometheus recording rules and alerting rules. For more information, see Recording rules and alerting rules.	September 30, 2021
Updated resource	The following resource was updated: AWS::AppSync::DataSource AWS::AppSync::DataSource Use the OpenSearchServiceConfig property to specify the configuration for an Amazon OpenSearch Service domain for an AWS AppSync data source.	September 23, 2021
New resources	The following resources were added: AWS::MemoryDB::Cluster, AWS::MemoryDB::ACL, AWS::MemoryDB::ParameterGroup, AWS::MemoryDB::SubnetGroup, and AWS::MemoryDB::User. AWS::MemoryDB::Cluster Use the Cluster resource to specify a MemoryDB cluster. AWS::MemoryDB::ACL Use the ACL resource to specify a MemoryDB access control list and associate it with a cluster. AWS::MemoryDB::ParameterGroup Use the ParameterGroup resource to specify a MemoryDB parameter group and associate it with a cluster. AWS::MemoryDB::SubnetGroup Use the SubnetGroup resource to specify a MemoryDB subnet group and associate it with a cluster. AWS::MemoryDB::User Use the User resource to specify a MemoryDB user and add it to an access control list.	September 23, 2021
Updated resources	The following resource was updated: AWS::EMR::Studio. AWS::EMR::Studio Use the IdpAuthUrl property to specify the authentication endpoint of your identity provider (IdP) when you use IAM authentication and want to let federated users log in to an Amazon EMR Studio with the Studio URL and credentials from your IdP. Use the IdpRelayStateParameterName property to specify the name that your identity provider uses for its RelayState parameter. Use the UserRole property only when you set AuthMode to SSO.	September 17, 2021
Updated resource	The following resource was updated: AWS::S3::Bucket. Monitoring metrics with Amazon CloudWatch Use the AccessPointArn property in AWS::S3::Bucket MetricsConfiguration to filter CloudWatch request metrics by access point.	September 17, 2021
Updated resource	The following resource was added: AWS::ACMPCA::Permission. AWS::ACMPCA::Permission Use the AWS::ACMPCA::Permission object to grant permissions on a private CA to the AWS Certificate Manager (ACM) service principal (acm.amazonaws.com). These permissions allow ACM to issue and renew ACM certificates that reside in the same AWS account as the CA.	September 16, 2021
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster You can now update the authentication and encryption settings for an existing MSK cluster.	September 16, 2021
New resources	The following resource was added: AWS::OpenSearchService::Domain. AWS::OpenSearchService::Domain Use the AWS::OpenSearchService::Domain resource to create an Amazon OpenSearch Service domain.	September 16, 2021
New resource	The following resource was added: AWS::APS::Workspace. AWS::APS::Workspace Use the AWS::APS::Workspace resource to create an Amazon Managed Service for Prometheus workspace. For more information, see Create a workspace.	September 16, 2021
Updated resource	The following resource was updated: AWS::Cassandra::Table. AWS::Cassandra::Table Use the AWS::Cassandra::Table resource to add new regular columns to existing tables in Amazon Keyspaces (for Apache Cassandra).	September 3, 2021
Updated resources	The following resource was updated: AWS::Transfer::Server AWS::Transfer::Server WorkflowDetail Use the WorkflowDetail property to specify the steps and other details for a workflow. AWS::Transfer::Server WorkflowDetails Use the WorkflowDetails property as a container for the WorkflowDetails property.	September 2, 2021
Updated resource	The following resource was added: AWS::ACMPCA::CertificateAuthority OcspConfiguration. The following resource was updated: AWS::ACMPCA::CertificateAuthority RevocationConfiguration. AWS::ACMPCA::CertificateAuthority OcspConfiguration Use the AWS::ACMPCA::CertificateAuthority OcspConfiguration object to configure Online Certificate Status Protocol (OCSP) support on a CA.	September 2, 2021
Updated resource	The following resource was updated: AWS::DataSync::Task. AWS::DataSync::Task Use the Includes property to specify files to include in a task.	September 2, 2021
Updated resource	The following resource was Updated: AWS::EventSchemas::Discoverer. AWS::EventSchemas::Discoverer Use the CrossAccount property to allow event schemas from other accounts to be discovered.	September 2, 2021
Updated resource	The following resource was updated: AWS::KinesisFirehose::DeliveryStream. AWS::KinesisFirehose::DeliveryStream DynamicPartitioningConfiguration property type is now supported for the delivery streams in CloudFormation.	September 2, 2021
New resource	The following resource is new: AWS::IoT::FleetMetric AWS::IoT::FleetMetric Use the AWS::IoT::FleetMetric resource to specify a fleet metric.	September 2, 2021
New resource	The following resources were added: AWS::S3::MultiRegionAccessPoint and AWS::S3::MultiRegionAccessPointPolicy. AWS::S3::MultiRegionAccessPoint Use the AWS::S3::MultiRegionAccessPoint resource to create an S3 Multi-Region Access Point configuration. AWS::S3::MultiRegionAccessPointPolicy Use the AWS::S3::MultiRegionAccessPointPolicy resource to create an S3 Multi-Region Access Point Policy configuration.	September 2, 2021
Terminology change	AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term.	August 30, 2021
Stack failure options	You can iteratively develop your applications when provisioning failures are encountered by starting from the point of failure without rolling back successfully provisioned resources. By specifying stack failure options, you can troubleshoot resources in a CREATE_FAILED or UPDATE_FAILED status. You can provision failure options for all stack deployments and change set operations. For more information, see Stack failure options.	August 30, 2021
Updated resource	The following resource was updated: AWS::CodeBuild::Project AWS::CodeBuild::Project The ResourceAccessRole and Visibility properties were added to support public builds.	August 19, 2021
Updated resource	The following resource was updated: AWS::AutoScaling::ScalingPolicy. AWS::AutoScaling::ScalingPolicy Use the PredictiveScalingConfiguration property to specify a predictive scaling policy configuration for an Auto Scaling group.	August 19, 2021
Updated resource	The following resource was updated: AWS::SageMaker::EndpointConfig AWS::SageMaker::EndpointConfig In the AsyncInferenceClientConfig property type, use the MaxConcurrentInvocationsPerInstance property to set the maximum number of concurent requests. In the AsyncInferenceConfig property type, use the ClientConfig to configure the behavior of the client SageMaker uses. Use OutputConfig to spcify invocation outputs. In the AsyncInferenceNotificationConfig property, use the ErrorTopic and SuccessTopic to define Amazon SNS topics to post a notification if the inference fails or completes successfully, respectively. In the OutputConfig property type use the KmsKeyId to encrypt the asynchronous inference output. Use NotificationConfig to specify the notification configuration and S3OutputPath to specify the output location in S3.	August 19, 2021
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain Use the ColdStorageOptions property to specify whether to enable cold storage for the cluster.	August 17, 2021
Updated resources	The following resource was updated: AWS::WAFv2::WebACL. AWS::WAFv2::WebACL You can now specify the version to use for managed rule groups. For information, see ManagedRuleGroupStatement.	August 12, 2021
Updated resource	The following resource was updated: AWS::ApiGateway::DomainName. AWS::ApiGateway::DomainName Use the OwnershipVerificationCertificateArn property to specify the certificate ARN used to verify ownership of the domain using mutual TLS.	August 12, 2021
Updated resource	The following resource was updated: AWS::LookoutEquipment::InferenceScheduler AWS::LookoutEquipment::InferenceScheduler The ModelName property has changed so that an update requires replacement. The ServerSideKmsKeyId property has changed so that an update requires replacement.	August 12, 2021
Updated resource	The following resource was updated: AWS::SageMaker::Model. AWS::SageMaker::Model In the ImageConfig property type, use the RepositoryAuthConfig property to specify an authentication configuration for the private docker registry where your model image is hosted.	August 12, 2021
Updated resource	The following resource was added: AWS::WAFv2::LoggingConfiguration. AWS::WAFv2::LoggingConfiguration You can now define an association between Amazon Kinesis Data Firehose destinations and a web ACL resource, for logging.	August 12, 2021
Updated resource	The following resource was updated: AWS::AppSync::GraphQLApi AWS::AppSync::GraphQLApi Use the LambdaAuthorizerConfig property to specify the configuration for AWS Lambda function authorization.	August 5, 2021
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type, use the AuditLogConfiguration property to enable audit event logging of end-user accesses of files, folders, and file shares on an Amazon FSx Windows File Server instance.	August 5, 2021
New resource	The following resource was added: AWS::Athena::PreparedStatement AWS::Athena::PreparedStatement Use the AWS::Athena::PreparedStatement resource to specify a prepared statement for use with SQL queries in Athena. Use prepared statements for repeated execution of the same query with different query parameters. A prepared statement contains parameter placeholders whose values are supplied at execution time.	August 5, 2021
Updated resource	The following resource was updated: AWS::DataBrew::Job AWS::DataBrew::Job Use the AWS::DataBrew::Job.DatabaseOutputs property type to define the output destination for a DataBrew job to be written into. Use the AWS::DataBrew::Job.ProfileConfiguration property type to configure which statistics to include when running DataBrew profile jobs.	July 29, 2021
Updated resource	The following resource was updated: AWS::S3Outposts::EndPoint AWS::S3Outposts::EndPoint Use the AWS::S3Outposts::EndPoint.AccessType property to create an endpoint using customer owned IP (CoIP) addresses and access your Amazon S3 on AWS Outposts objects by creating a local gateway from your on-premises network.	July 29, 2021
New resource	The following resources were released: AWS::Route53RecoveryControl::Cluster, AWS::Route53RecoveryControl::ControlPanel, AWS::Route53RecoveryControl::RoutingControl, AWS::Route53RecoveryControl::SafetyRule AWS::Route53RecoveryControl::Cluster Use the AWS::Route53RecoveryControl::Cluster to host routing controls, which are simple on/off switches for routing traffic. AWS::Route53RecoveryControl::ControlPanel Use the AWS::Route53RecoveryControl::ControlPanel to define a group of routing controls that can be updated together in a single transaction. AWS::Route53RecoveryControl::RoutingControl Use the AWS::Route53RecoveryControl::RoutingControl to fail over traffic to an application replica, to recover your application across Availability Zones or Regions. AWS::Route53RecoveryControl::SafetyRule Use the AWS::Route53RecoveryControl::SafetyRule to configure safeguards for routing controls, to avoid a scenario like stopping all traffic flow by setting all routing controls to off.	July 29, 2021
New resource	The following resources were released: AWS::Route53RecoveryReadiness::Cell, AWS::Route53RecoveryReadiness::ReadinessCheck, AWS::Route53RecoveryReadiness::RecoveryGroup, AWS::Route53RecoveryReadiness::ResourceSet AWS::Route53RecoveryReadiness::Cell Use the AWS::Route53RecoveryReadiness::Cell to define a single cell for an application. AWS::Route53RecoveryReadiness::ReadinessCheck Use the AWS::Route53RecoveryReadiness::ReadinessCheck to check application readiness for failover. Amazon Route 53 Application Recovery Controller uses readiness checks to determine the readiness of the resources in a resource set. AWS::Route53RecoveryReadiness::RecoveryGroup Use the AWS::Route53RecoveryReadiness::RecoveryGroup to define a recovery group for an application. A recovery group models an application and includes cells that represent application replicas. AWS::Route53RecoveryReadiness::ResourceSet Use the AWS::Route53RecoveryReadiness::ResourceSet to define a group of resources of a single type that you can associate with a readiness check.	July 29, 2021
Import stacks to stack set	The AWS CloudFormation stack import operation can import existing stacks into new or existing stack sets, so that you can migrate existing stacks to a stack set in one operation. For more information, see Importing stacks into a stack set.	July 28, 2021
Updated resource	The following resource was updated: AWS::CloudWatch::Alarm. AWS::CloudWatch::Alarm In the MetricDataQuery property type, use the AccountId property to specify the ID of the account where the metrics are located, if this is a cross-account alarm.	July 22, 2021
Updated resource	The following resource was updated: AWS::QLDB::Ledger AWS::QLDB::Ledger Use the KmsKey property to specify a customer managed AWS KMS key to use for encryption at rest in the ledger.	July 22, 2021
New resources	The following resources were added: AWS::LookoutEquipment::InferenceScheduler AWS::LookoutEquipment::InferenceScheduler Use the AWS::LookoutEquipment::InferenceScheduler resource to set up a continuous real-time inference plan to analyze new measurement data.	July 22, 2021
Updated resource	The following resource was updated: AWS::EC2::VPCCidrBlock. AWS::EC2::VPCCidrBlock Use the Ipv6CidrBlock property to specify an IPv6 CIDR block from the IPv6 address pool. Use the Ipv6Pool property to specify the ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.	July 21, 2021
Updated resource	The following resource was updated: AWS::Cassandra::Table. AWS::Cassandra::Table.EncryptionSpecification Use the AWS::Cassandra::Table.EncryptionSpecification property to choose the encryption option for new or existing tables in Amazon Keyspaces (for Apache Cassandra).	July 21, 2021
New resource	The following resource was added : AWS::Logs::ResourcePolicy AWS::Logs::ResourcePolicy Use the AWS::Logs::ResourcePolicy resource to create a IAM policy that allows other AWS services to write log events to this account. For more information, see Logs sent to CloudWatch Logs.	July 15, 2021
Increased quota	The following AWS CloudFormation quota has been updated. You can now declare a defaulted maximum of 2000 stacks in your AWS CloudFormation account. For more information, see AWS CloudFormation quotas.	July 15, 2021
Updated resource	The following resource was updated: AWS::DataBrew::Job AWS::DataBrew::Job Use the AWS::DataBrew::Job.DataCatalogOutput property type to define outputs from DataBrew recipe jobs to the AWS Glue Data Catalog.	July 9, 2021
Updated resources	The following resources were updated: AWS::ServiceDiscovery::PrivateDnsNamespace and AWS::ServiceDiscovery::PublicDnsNamespace. AWS::ServiceDiscovery::PrivateDnsNamespace Use the Properties property to specify DNS properties for an AWS Cloud Map private DNS namespace. AWS::ServiceDiscovery::PublicDnsNamespace Use the Properties property to specify DNS properties for an AWS Cloud Map public DNS namespace.	July 8, 2021
Updated resources	The following resources were updated: AWS::CodeDeploy::Application, AWS::CodeDeploy::DeploymentConfig, and AWS::CodeDeploy::DeploymentGroup AWS::CodeDeploy::Application Use the Tags property to specify metadata to add to CodeDeploy applications. AWS::CodeDeploy::DeploymentConfig Use the TrafficRoutingConfig property to specify how deployment traffic is routed. Use the ComputePlatform property to specify the destination platform type for the deployment (Lambda, Server, or ECS). AWS::CodeDeploy::DeploymentGroup Use the BlueGreenDeploymentConfiguration property to specify information about blue/green deployment options for a deployment group. Use the ECSServices property to specify the target Amazon ECS services in the deployment group.	July 8, 2021
Updated resource	The following resource was updated: AWS::AutoScaling::LaunchConfiguration. AWS::AutoScaling::LaunchConfiguration Use the BlockDevice property to specify GP3 volumes in the block device mappings for launch configurations.	July 8, 2021
Updated resources	The following resources were updated: AWS::ImageBuilder::ContainerRecipe and AWS::ImageBuilder::DistributionConfiguration. AWS::ImageBuilder::DistributionConfiguration Use the LaunchTemplateConfiguration property to use an Amazon EC2 launch template for specified accounts where you distribute your Image Builder image. AWS::ImageBuilder::ContainerRecipe Retrieve the container recipe Name attribute with the GN::GetAtt function. Use the InstanceBlockDeviceMapping property to define block device mappings for the build instance used to configure your image.	July 1, 2021
China Rebrand Update	China rebrand updates	June 29, 2021
Updated resources	The following resource was updated: AWS::Transfer::Server ProtocolDetails AWS::Transfer::Server ProtocolDetails Use the ProtocolDetails property to specify the PassiveIp address for FTP and FTPS protocols.	June 24, 2021
Updated resource	The following resource was updated: AWS::DAX::Cluster AWS::DAX::Cluster Use the ClusterEndpointEncryptionType to specify the encryption type of the cluster's endpoint.	June 24, 2021
New resources	The following resources were added: AWS::CloudFormation::PublicTypeVersion, AWS::CloudFormation::Publisher, and AWS::CloudFormation::TypeActivation. AWS::CloudFormation::PublicTypeVersion Use the AWS::CloudFormation::PublicTypeVersion resource to test and publish a registered extension as a public, third-party extension. AWS::CloudFormation::Publisher Use the AWS::CloudFormation::Publisher resource to register your account as a publisher of public extensions in the CloudFormation registry. AWS::CloudFormation::TypeActivation Use the AWS::CloudFormation::TypeActivation resource to activate a public third-party extension, making it available for use in CloudFormation operations.	June 24, 2021
New resource	The following resource was added: AWS::Connect::QuickConnect AWS::Connect::QuickConnect Use the AWS::Connect::QuickConnect resource to create a quick connect.	June 24, 2021
Updated resource	The following resource was updated: AWS::MWAA::Environment Schedulers Use the Schedulers property to specify the number of Apache Airflow schedulers that run in an environment.	June 21, 2021
Publish public third-party extensions	Use public extensions provided by third-party publishers, just as you would extensions from AWS. For more information, see Using public extensions. For information about publishing third-party public extensions, see Publishing extensions in the CloudFormation CLI User Guide.	June 21, 2021
Updated resource	The following resource was updated: AWS::AutoScaling::ScheduledAction. AWS::AutoScaling::ScheduledAction Use the TimeZone property to create recurring scheduled actions in the local time zone. If your time zone observes Daylight Saving Time (DST), the recurring action automatically adjusts for Daylight Saving Time.	June 18, 2021
Updated resources	The following resources were updated: AWS::AppMesh::VirtualNode, AWS::AppMesh::GatewayRoute, and AWS::AppMesh::Route AWS::AppMesh::VirtualNode Use the DnsServiceDiscovery property to represent the DNS service discovery information for your virtual node. AWS::AppMesh::GatewayRoute Use the GatewayRouteHostnameMatch property to represent the gateway route hostname to match. Use the GatewayRouteHostnameRewrite property to represent the gateway route host name to rewrite. Use the GrpcGatewayRouteMetadata property to represent the metadata of the gateway route. Use the GrpcGatewayRouteRewrite property to represent the the gateway route to rewrite. Use the GrpcMetadataMatchMethod property to represent the method header to be matched. Use the HttpGatewayRouteHeader property to represent the HTTP header in the gateway route. Use the HttpGatewayRoutePathRewrite property to represent the path to rewrite. Use the HttpGatewayRoutePrefixRewrite property to represent the beginning characters of the route to rewrite. Use the HttpGatewayRouteRewrite property to represent the beginning characters of the route to rewrite. Use the HttpGatewayRoutePathRewrite property to represent the beginning characters of the route to rewrite. AWS::AppMesh::Route Use the HttpQueryParameter property to represent the query parameter in the request.	June 17, 2021
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Use the MultiRegionKey property to specify multi-Region primary keys.	June 17, 2021
New resource	The following resource was added: AWS::KMS::ReplicaKey. AWS::KMS::ReplicaKey Use the AWS::KMS::ReplicaKey resource to specify a replica of a specified multi-Region primary key.	June 17, 2021
Parallel Node Upgrade and Scale to Zero	In the NodegroupUpdateConfig, use either the MaxUnavailable and MaxUnavailablePercentage values to define the number of nodes to upgrade in parallel. In the scalingconfig, the minsize and desiredsize values can both be set to zero.	June 16, 2021
Updated resource	The following resource was updated: AWS::EC2::NatGateway AWS::EC2::NatGateway Use the ConnectivityType property to indicate whether the NAT gateway supports public or private connectivity.	June 11, 2021
Updated resources	The following resource was updated: AWS::RAM:ResourceShare AWS::RAM::ResourceShare Use the PermissionArns property to specify the Amazon Resource Names (ARNs) of the permissions to associate with the resource share.	June 10, 2021
Updated resource	The following resource was updated: AWS::KinesisAnalyticsV2::Application AWS::KinesisAnalyticsV2::Application ApplicationConfiguration You can use the ZeppelinApplicationConfiguration property to create Studio notebook applications that use Apache Zeppelin. You can use the notebook interactively, and you can deploy it as a continuously running streaming application with durable state and autoscaling features.	June 10, 2021
Updated resource	The following resource was updated: AWS::SQS::Queue AWS::SQS::Queue You can now use the DeduplicationScope and FifoThroughputLimitproperties to enable higher throughput for FIFO queues.	June 10, 2021
Updated resource	The following resource was updated: AWS::SSM::Document AWS::SSM::Document Use the Attachments property to specify a list of key and value pairs that describe attachments to a version of a document. Use the Requires property to specify a list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig. When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an ApplicationConfiguration document requires an ApplicationConfigurationSchema document for validation purposes. For more information, see Creating a configuration and a configuration profile in the AWS AppConfig User Guide.	June 10, 2021
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem Use the DNSName attribute to access the DNS name of your Amazon FSx file system.	June 7, 2021
New resource	The following resources were added: AWS::Location::GeofenceCollection, AWS::Location::Map, AWS::Location::PlaceIndex, AWS::Location::RouteCalculator, AWS::Location::Tracker, and AWS::Location::TrackerConsumer. AWS::Location::GeofenceCollection Use the AWS::Location::GeofenceCollection resource to specify the ability to detect and act when a tracked device enters or exits a defined geographical boundary. AWS::Location::Map Use the AWS::Location::Map resource to specify a map resource in your AWS account, which provides map tiles of different styles sourced from available data providers. AWS::Location::PlaceIndex Use the AWS::Location::PlaceIndex resource to specify a place index resource in your AWS account, which supports Places functions with geospatial data sourced from your chosen data provider. AWS::Location::RouteCalculator Use the AWS::Location::RouteCalculator resource to specify a route calculator resource in your AWS account. AWS::Location::Tracker Use the AWS::Location::Tracker resource to specify a tracker resource in your AWS account, which lets you receive current and historical location of devices. AWS::Location::TrackerConsumer Use the AWS::Location::TrackerConsumer resource to specify an association between a geofence collection and a tracker resource.	June 7, 2021
Updated resources	The following resources were updated: AWS::MediaPackage::Channel, AWS::MediaPackage::OriginEndpoint, AWS::MediaPackage::PackagingConfiguration, and AWS::MediaPackage::PackagingGroup. AWS::MediaPackage::Channel. Use the EgressAccessLogs property to specify egress access logs for your channel. Use the IngressAccessLogs property to specify ingress access logs for your channel. AWS::MediaPackage::OriginEndpoint. Use the CmafEncryption.ConstantInitializationVector property to specify an optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV). AWS::MediaPackage::PackagingConfiguration. Use the CmafPackage.IncludeEncoderConfigurationInSegments property to place your encoder's metadata into every video segment instead of the init fragment, which is the default behavior. This lets you use different SPS/PPS/VPS settings for your assets during content playback. AWS::MediaPackage::PackagingGroup. Use the EgressAccessLogs property to configure egress access logs for your packaging group.	May 27, 2021
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL You now have additional text transformation options. AWS::WAFv2::RuleGroup You now have additional text transformation options.	May 27, 2021
Updated resource	The following resource was updated: AWS::ACMPCA::CertificateAuthority. AWS::ACMPCA::CertificateAuthority Use the S3ObjectAcl property to restrict public access to your CRLs.	May 27, 2021
Updated resource	The following resource was updated: AWS::FraudDetector::Detector. AWS::FraudDetector::Detector Use the AssociatedModels property to associate models with the detector.	May 27, 2021
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type, use DataCompressionType to specify the type of data compression used by an Amazon FSx for Lustre file system.	May 27, 2021
Updated resource	The following resource was updated: AWS::MWAA::Environment ModuleLoggingConfiguration In the ModuleLoggingConfiguration property type, the CloudWatchLogGroupArn response property type for the CloudWatch Logs ARN where Apache Airflow DAG logs are published was removed from the request to enable logs, and is being returned in the response. AirflowConfigurationOptions In the AirflowConfigurationOptions property type, use a PrimitiveType of Json to add an Apache Airflow configuration option. MinWorkers Use the MinWorkers property to specify the minimum number of Apache Airflow workers that run in an environment.	May 27, 2021
Updated resource	The following resource was updated: AWS::QLDB::Ledger AWS::QLDB::Ledger The PermissionsMode property has changed so that an update requires no interruption.	May 27, 2021
New resource	The following resource was added: AWS::CUR::ReportDefinition AWS::CUR::ReportDefinition Use the AWS::CUR::ReportDefinition resource to define AWS Cost and Usage Report.	May 27, 2021
Region availability	The following resources were updated: AWS::AmazonMQ::Broker AWS::AmazonMQ::Broker Amazon MQ for RabbitMQ is now available in the Amazon Web Services China (Bejing) and the Amazon Web Services China (Ningxia) Regions.	May 26, 2021
New resources	The following resource was added: AWS::EC2::TransitGatewayPeeringAttachment. AWS::EC2::TransitGatewayPeeringAttachment Use the TransitGatewayPeeringAttachment resource to request transit gateway peering attachment between the specified transit gateway (requester) and a peer transit gateway (accepter).	May 20, 2021
New resource	The following resource was added: AWS::AppRunner::Service AWS::AppRunner::Service Use the AWS::AppRunner::Service resource to create or update an AWS App Runner service.	May 20, 2021
New resource	The following resource was added: AWS::IoTCoreDeviceAdvisor::SuiteDefinition SuiteDefinition Use the SuiteDefinition resource to create a new test suite configuration for Device Advisor.	May 20, 2021
Updated resources	The following resource was updated: AWS::CloudFormation::StackSet. AWS::CloudFormation::StackSet Use the CallAs property type to specify whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.	May 14, 2021
Updated resource	The following resource was updated: AWS::ECS::TaskDefinition. AWS::ECS::TaskDefinition EphemeralStorage Use the AWS::ECS::TaskDefinition EphemeralStorage resource to define a custom ephemeral storage setting for your Amazon ECS tasks that are hosted on AWS Fargate.	May 14, 2021
Updated resource	The following resource was updated: AWS::ECS::CapacityProvider. AWS::ECS::CapacityProvider ManagedScaling Use the AWS::ECS::CapacityProvider ManagedScaling.InstanceWarmupPeriod resource to set an instance warmup period for newly launched Amazon EC2 instances.	May 14, 2021
Updated resource	The following resource was updated: AWS::EKS::Nodegroup AWS::EKS::Nodegroup Use the Taints property to specify whether you want to have the effect of No_Schedule, Prefer_No_Schedule, or No_Execute applied to your node group.	May 14, 2021
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain Use the EncryptionAtRestOptions property to specify whether the domain should encrypt data at rest, and if so, the AWS Key Management Service (KMS) key to use. Use the NodeToNodeEncryptionOptions property to specify whether node-to-node encryption is enabled.	May 14, 2021
New resources	The following resources were added: AWS::SSMContacts::Contact and AWS::SSMContacts::ContactChannel AWS::SSMContacts::Contact Use the AWS::SSMContacts::Contact resource to specify an Incident Manager contact or escalation plan. AWS::SSMContacts::ContactChannel Use the AWS::SSMContacts::ContactChannel resource to specify a contact channel as the method that Incident Manager uses to engage your contact.	May 14, 2021
New resource	The following resource was added: AWS::DynamoDB::GlobalTable AWS::DynamoDB::GlobalTable Use the AWS::DynamoDB::GlobalTable resource to create DynamoDB global tables.	May 14, 2021
New resource	The following resources were added: AWS::SSMIncidents::ReplicationSet and AWS::SSMIncidents::ResponsePlan AWS::SSMIncidents::ReplicationSet Use the ReplicationSet resource to specify a set of Regions that Incident Manager data is replicated to and the KMS key used to encrypt the data. AWS::SSMIncidents::ResponsePlan Use the ResponsePlan resource to specify the details of the response plan that are used when creating an incident.	May 14, 2021
Updated resources	The following resources were updated: AWS::ECR::Repository AWS::ECR::Repository Use the AWS::ECR::Repository.EncryptionConfiguration property to configure encryption for the contents of a private repository.	May 13, 2021
Updated resource	The following resource was updated: AWS::S3::Bucket. AWS::S3::Bucket Use the ExpiredObjectDeleteMarker property to specify whether Amazon S3 will remove a delete marker with no noncurrent versions.	May 13, 2021
Updated resource	The following resource was updated: AWS::ACMPCA::CertificateAuthority. AWS::ACMPCA::CertificateAuthority Use the KeyStorageSecurityStandard property to specify the minimum FIPS key security standard.	May 6, 2021
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types, use the FunctionAssociations property to specify the CloudFront functions associated with the cache behavior. For more information, see Customizing with CloudFront Functions in the Amazon CloudFront Developer Guide.	May 6, 2021
Updated resource	The following resources were updated: AWS::GameLift:Fleet, AWS::GameLift::GameSessionQueue. AWS::GameLift::Fleet In the LocationCapacity property type, use DesiredEc2Instance to specify the number of desired EC2 instance and MinSize and MaxSize to specify the minimum and maximum capacity size. In the LocationConfiguration property type, use location Location to specify an AWS Region code and LocationConfiguration to specify resource capacity settings in a specified fleet. AWS::GameLift::GameSessionQueue Use the PriorityConfiguration property to specify priority destinations and locations for game session placements. Use the FilterConfiguration property to specify a list of locations where a queue is allowed to place new game sessions.	May 6, 2021
Updated resource	The following resource was updated: AWS::IoT::TopicRule AWS::IoT::TopicRule Use the CloudwatchLogsAction property to specify a Cloudwatch logs action. Use the TimestreamAction property to specify a timestream action. Use the KafkaAction property to specify a kafka action. In the S3Action property, use the CannedAcl value to specify a canned ACL action.	May 6, 2021
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster You can now create clusters with IAM access control. This enables you to authenticate clients, as well as to authorize Apache Kafka actions.	May 6, 2021
New resources	The following resources were added: AWS::FraudDetector::Detector, AWS::FraudDetector::EntityType, AWS::FraudDetector::EventType, AWS::FraudDetector::Label, AWS::FraudDetector::Outcome, and AWS::FraudDetector::Variable AWS::FraudDetector::Detector Use the AWS::FraudDetector::Detector resource to manage a detector or associated detector versions in Amazon Fraud Detector. AWS::FraudDetector::EntityType Use the AWS::FraudDetector::EntityType resource to create or update an entity type in Amazon Fraud Detector. AWS::FraudDetector::EventType Use the AWS::FraudDetector::EventType resource to create or update an event type in Amazon Fraud Detector. AWS::FraudDetector::Label Use the AWS::FraudDetector::Label resource to create or update label in Amazon Fraud Detector. AWS::FraudDetector::Outcome Use the AWS::FraudDetector::Outcome resource to create or update an outcome in Amazon Fraud Detector. AWS::FraudDetector::Variable Use the AWS::FraudDetector::Variable resource to create a variable in Amazon Fraud Detector.	May 6, 2021
New resources	The following resources were added: AWS::XRay::Group and AWS::XRay::SamplingRule. AWS::XRay::Group Use the AWS::XRay::Group resource to specify an X-Ray group. AWS::XRay::SamplingRule Use the AWS::XRay::SamplingRule resource to specify an X-Ray sampling rule.	May 6, 2021
New resource	The following resource was added: AWS::CloudFront::Function. AWS::CloudFront::Function Use the AWS::CloudFront::Function resource to create a function in CloudFront Functions. For more information, see Customizing with CloudFront Functions in the Amazon CloudFront Developer Guide.	May 6, 2021
New resource	The following resource was added: AWS::FinSpace::Environment AWS::FinSpace::Environment Use the AWS::FinSpace::Environment resource to specify an Amazon FinSpace environment.	May 6, 2021
Updated resource	The following resource was updated: AWS::Detective::Graph AWS::Detective::Graph Use the Tags property to assign tag values to the behavior graph.	April 29, 2021
New resource	The following resource was added: AWS::IoTFleetHub::Application AWS::IoTFleetHub::Application Use the AWS::IoTFleetHub::Application resource to create a Fleet Hub for AWS IoT Device Management web application.	April 29, 2021
New resource	The following resource was added: AWS::SES::ContactList AWS::SES::ContactList Use the AWS::SES::ContactList resource to create a list that contains contacts that have subscribed to a particular topic or topics.	April 29, 2021
Updated resource	The following resources were updated: AWS::IAM::InstanceProfile and AWS::IAM::ManagedPolicy. AWS::IAM::InstanceProfile Use the Tags property to specify a list of tags that you want to attach to the newly created instance profile. AWS::IAM::ManagedPolicy Use the Tags property to specify a list of tags that you want to attach to the newly created managed policy.	April 27, 2021
New resources	The following resources were added: AWS::IoTWireless::PartnerAccount, AWS::IoTWireless::TaskDefinition AWS::IoTWireless::PartnerAccount Gets information about a partner account. If PartnerAccountId and PartnerType are null, returns all partner accounts. AWS::IoTWireless::TaskDefinition Gets information about the gateway task definition for a wireless gateway.	April 26, 2021
New resources	The following resources were added: AWS::NimbleStudio::Studio, AWS::NimbleStudio::StudioComponent, AWS::NimbleStudio::StreamingImage, and AWS::NimbleStudio::LaunchProfile. AWS::NimbleStudio::Studio Use the AWS::NimbleStudio::Studio resource to specify a studio resource. AWS::NimbleStudio::StudioComponent Use the AWS::NimbleStudio::StudioComponent resource to configure studio components, including types of workstations, render farms, license servers, and shared file systems. AWS::NimbleStudio::StreamingImage Use the AWS::NimbleStudio::StreamingImage resource to configure a machine image, including operating system and software, that can be launched as a virtual workstation in a streaming session. AWS::NimbleStudio::LaunchProfile Use the AWS::NimbleStudio::LaunchProfile resource to specify user access permissions to studio components.	April 26, 2021
Updated resources	AWS::ElastiCache::CacheCluster, AWS::ElastiCache::ReplicationGroup. AWS::ElastiCache::CacheCluster You can now specify log delivery to a CloudWatch Logs or Kinesis Data Firehose destination. AWS::ElastiCache::ReplicationGroup You can now specify log delivery to a CloudWatch Logs or Kinesis Data Firehose destination.	April 22, 2021
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL You can now nest rule statements without using different names for statements at different levels. For example, instead of using AndStatementOne and AndStatementTwo to nest an AND rule statement inside another AND rule statement, you can use AndStatement for both. The new statement properties are AndStatement, NotStatement, OrStatement, RateBasedStatement, and Statement. AWS::WAFv2::RuleGroup You can now nest rule statements without using different names for statements at different levels. For example, instead of using AndStatementOne and AndStatementTwo to nest an AND rule statement inside another AND rule statement, you can use AndStatement for both. The new statement properties are AndStatement, NotStatement, OrStatement, RateBasedStatement, and Statement.	April 22, 2021
Updated resource	The following resource was updated: AWS::ResourceGroups::Group AWS::ResourceGroups::Group Use the Configuration property to specify settings for an AWS service that automatically apply to members of the resource group.	April 22, 2021
New resource	The following resource was added: AWS::AutoScaling::WarmPool. AWS::AutoScaling::WarmPool Use the AWS::AutoScaling::WarmPool resource to specify a warm pool for an Auto Scaling group.	April 22, 2021
Updated resources	The following resource was updated: AWS::CloudFormation::StackSet. AWS::CloudFormation::StackSet Use the RegionConcurrencyType property type to specify the concurrency type of deploying StackSets operations in Regions.	April 15, 2021
Updated resource	The following resource was updated: AWS::ApiGateway::RestApi. AWS::ApiGateway::RestApi Use the Mode property to specify how API Gateway handles resource updates when you use OpenAPI to define your REST API.	April 15, 2021
Updated resource	The following resource was updated: AWS::IVS::Channel AWS::IVS::Channel Use the RecordingConfiguration property to specify an Amazon IVS RecordingConfiguration, which stores configuration information related to recording your live stream to a data store.	April 15, 2021
New resources	The following resource was added: AWS::EC2::EnclaveCertificateIamRoleAssociation. AWS::EC2::EnclaveCertificateIamRoleAssociation Use the EnclaveCertificateIamRoleAssociation resource to associate an AWS Identity and Access Management (IAM) role with an AWS Certificate Manager (ACM) certificate.	April 15, 2021
New resource	The following resource was added: AWS::IVS::RecordingConfiguration AWS::IVS::RecordingConfiguration Use the AWS::IVS::RecordingConfiguration resource to specify an Amazon IVS RecordingConfiguration, which stores configuration information related to recording your live stream to a data store.	April 15, 2021
Reference macros in stack set templates	StackSets now supports creating or updating stack sets with self-managed permissions from templates that reference macros. For more information about macros, see Using AWS CloudFormation macros to perform custom processing on templates.	April 14, 2021
Use the latest value of an SSM parameter in a dynamic reference.	When using dynamic references, you can now have CloudFormation use the latest version of an SSM parameter whenever you create or update a stack. You are no longer required to specify a specific version. For more details, see SSM parameters.	April 13, 2021
Updated resources	AWS::ElastiCache::ParameterGroup, AWS::ElastiCache::SecurityGroup, AWS::ElastiCache::SubnetGroup. AWS::ElastiCache::ParameterGroup You can now add tags to the AWS::ElastiCache::ParameterGroup type. AWS::ElastiCache::SecurityGroup You can now add tags to the AWS::ElastiCache::SecurityGroup resource. AWS::ElastiCache::SubnetGroup You can now add tags to the AWS::ElastiCache::SubnetGroup resource.	April 8, 2021
Updated resource	The following resource was updated: AWS::DynamoDB::Table. AWS::DynamoDB::Table Use the KinesisStreamSpecification property to specify the Kinesis Data Streams configuration for a table.	April 8, 2021
Modules support using period delimiters in resource names	You can now use a period as a delimiter in specifying the fully-qualified logical name for a resource contained in a module. For more information, see Referencing resources in a module.	April 8, 2021
AWS CloudFormation StackSets now supports parallel region deployment	You can now choose to deploy StackSets into Regions sequentially or in parallel. For more information, see Stack set operation options.	April 6, 2021
Updated resources	The following resources were updated: AWS::DataBrew::Dataset and AWS::DataBrew::Job AWS::DataBrew::Dataset Use the CsvOptions property to define how DataBrew will read a comma-separated value (CSV) file when creating a dataset from that file. Use the DatabaseInputDefinition property to define connection information for dataset input files stored in a database. Use the DataCatalogInputDefinition property to define how metadata stored in the AWS Glue Data Catalog is defined in a DataBrew dataset. Use the DatasetParameter property to define the type and conditions for a parameter in the Amazon S3 path of the dataset. Use the DatetimeOptions property to define the correct interpretation of datetime parameters used in the Amazon S3 path of a dataset. Use the ExcelOptions property to define how DataBrew will interpret a Microsoft Excel file when creating a dataset from that file. Use the FilesLimit property to limit the number of Amazon S3 files that should be selected for a dataset from a connected Amazon S3 path. Use the FilterExpression property to define parameter conditions. Use the FilterValue property to define a single entry in the ValuesMap of a FilterExpression. Use the FormatOptions property to define the structure of either comma-separated value (CSV), Excel, or JSON input. Use the Input property to define how DataBrew can find data, in either the AWS Glue Data Catalog or Amazon S3. Use the JsonOptions property to define how input is to be interpreted by AWS Glue DataBrew. Use the PathOptions property to define how DataBrew selects files for a given Amazon S3 path in a dataset. Use the PathParameter property to define the file format of a dataset. Use the S3Location property to define a single entry in the path parameters of a dataset. AWS::DataBrew::Job Use the JobSample property to define the number of rows on which a profile job is run. Use the OutputLocation property to define the location in Amazon S3 where the job writes its output. Use the Recipe property to define the actions to be performed on a dataset.	April 1, 2021
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL You can now inspect a web request body as JSON. You can now add custom request and response handling to web ACL default action and rule action settings. You can now define labels for rules, which are added automatically to matching requests and that persist with requests during web ACL evaluation. You can match against labels using the new rule LabelMatchStatement. You can now add a scope-down statement to managed rule group statements. AWS::WAFv2::RuleGroup You can now inspect a web request body as JSON. You can now add custom request and response handling to rule action settings. You can now define labels for rules, which are added automatically to matching requests and that persist with requests during web ACL evaluation. You can match against labels using the new rule LabelMatchStatement.	April 1, 2021
Updated resource	The following resource was updated: AWS::Config::DeliveryChannel. AWS::Config::DeliveryChannel Use the S3KmsKeyArn property to specify the Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) customer managed key (CMK) used to encrypt objects delivered by AWS Config.	April 1, 2021
Updated resource	The following resource was updated: AWS::ApiGateway::RestApi. AWS::ApiGateway::RestApi Use the DisableExecuteApiEndpoint property to disable the default endpoint for a REST API.	April 1, 2021
Updated resource	The following resource was updated: AWS::Budgets::BudgetsAction AWS::Budgets::BudgetsAction Use the AWS::Budgets::BudgetsAction resource to take predefined actions that are initiated when a budget threshold has been exceeded.	April 1, 2021
Updated resource	The following resource was updated: AWS::Cloud9::EnvironmentEC2 AWS::Cloud9::EnvironmentEC2 Use the ImageId property to specify the Amazon Machine Image (AMI) that's used to create the EC2 instance.	April 1, 2021
Updated resource	The following resource was updated: AWS::EC2::LaunchTemplate. AWS::EC2::LaunchTemplate Use the TagSpecifications property to tag a launch template on creation.	April 1, 2021
Updated resource	The following resource was updated: AWS::ElasticBeanstalk::Environment. AWS::ElasticBeanstalk::Environment Use the OperationsRole property to specify the Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role.	April 1, 2021
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule The SageMakerPipelineParameter property is a Name / Value pair of a parameter to start execution of a SageMaker Model Building Pipeline to create an API destination. An API destination defines an HTTP invocation endpoint to use as the target of a rule. The SageMakerPipelineParameters contains the SageMaker Model Building Pipeline parameters to start execution of a SageMaker Model Building Pipeline.	April 1, 2021
Updated resource	The following resource was updated: AWS::FMS::Policy. AWS::FMS::Policy The AWS::FMS::Policy resource now allows you to manage DNS Firewall policies for Amazon Route 53 Resolver DNS Firewall.	April 1, 2021
Updated resource	The following resource was updated: AWS::GameLift::GameSessionQueue. AWS::GameLift::GameSessionQueue Use the NotificationTarget property to specify an SNS topic ARN to publish game session placement events that are emitted by the queue. Use the CustomEventData property to specify a string value to add to all game session placement events that are emitted by the queue.	April 1, 2021
New resources	The following resources were added: AWS::Route53Resolver::FirewallDomainList, AWS::Route53Resolver::FirewallRuleGroup, AWS::Route53Resolver::FirewallRuleGroupAssociation AWS::Route53Resolver::FirewallDomainList Use the AWS::Route53Resolver::FirewallDomainList resource to specify a domain list configuration for Route 53 Resolver DNS Firewall. AWS::Route53Resolver::FirewallRuleGroup Use the AWS::Route53Resolver::FirewallRuleGroup resource to specify a rule group configuration for Route 53 Resolver DNS Firewall. AWS::Route53Resolver::FirewallRuleGroupAssociation Use the AWS::Route53Resolver::FirewallRuleGroupAssociation resource to specify an association between a firewall rule group and a VPC.	April 1, 2021
New resource	The following resource was added: AWS::CloudWatch::MetricStream. AWS::CloudWatch::MetricStream Use the AWS::CloudWatch::MetricStream resource to create a metric stream of CloudWatch metric data to a destination of your choice. For more information, see Metric streams.	April 1, 2021
New resource	The following resource was added : AWS::Logs::QueryDefinition AWS::Logs::QueryDefinition Use the AWS::Logs::QueryDefinition resource to create a CloudWatch Logs Insights query definition. For more information, see Analyzing Log Data with CloudWatch Logs Insights.	April 1, 2021
Updated resource	The following resource was updated: AWS::Batch::JobDefinition AWS::Batch::JobDefinition In the Volumes property type, use the EfsVolumeConfiguration property to specify the Amazon EFS configuration for a job definition.	March 31, 2021
New resources	The following resources were added: AWS::LookoutMetrics::Alert AWS::LookoutMetrics::Alert Use the AWS::LookoutMetrics::Alert resource to specify an alert for an anomaly detector. AWS::LookoutMetrics::AnomalyDetector Use the AWS::LookoutMetrics::AnomalyDetector resource to specify an anomaly detector.	March 25, 2021
New resource	The following resource was added: AWS::AppIntegrations::EventIntegration AWS::AppIntegrations::EventIntegration Use the AWS::AppIntegrations::EventIntegration resource to create an EventIntegration.	March 25, 2021
New resources	The following resources were added: AWS::CustomerProfiles::Domain, AWS::CustomerProfiles::Integration and AWS::CustomerProfiles::ObjectType. AWS::CustomerProfiles::Domain Use the AWS::CustomerProfiles::Domain resource to create a new domain in Amazon Connect Customer Profiles Service. AWS::CustomerProfiles::Integration Use the AWS::CustomerProfiles::Integration resource to create a new integration in Amazon Connect Customer Profiles Service. AWS::CustomerProfiles::ObjectType Use the AWS::CustomerProfiles::ObjectType resource to create a new object type in Amazon Connect Customer Profiles Service.	March 24, 2021
Updated resource	The following resource was updated: AWS::ServiceDiscovery::Service. AWS::ServiceDiscovery::Service Use the Type property to allow service instances in a service in a public or private DNS namespace to only be discovered with the DiscoverInstances API operation.	March 18, 2021
New resource	The following resource was added: AWS::FIS::ExperimentTemplate. AWS::FIS::ExperimentTemplate Use the AWS::FIS::ExperimentTemplate resource to create an experiment template in AWS Fault Injection Simulator.	March 18, 2021
New resource	The following resources were added: AWS::S3ObjectLambda::AccessPoint and AWS::S3ObjectLambda::AccessPointPolicy AWS::S3ObjectLambda::AccessPoint Use the AWS::S3ObjectLambda::AccessPoint resource to create a S3 Object Lambda access point. AWS::S3ObjectLambda::AccessPointPolicy Use the AWS::S3ObjectLambda::AccessPointPolicy resource to create a policy for your S3 Object Lambda access point.	March 18, 2021
New resources	The following resources were updated: AWS::ECS::Service. AWS::ECS::Service Use the AWS::ECS::Service resource and the EnableExecuteCommand property to turn on ECS Exec for the tasks in a service.	March 16, 2021
New resources	The following resources were updated: AWS::ECS::Cluster ExecuteCommandLogConfiguration. AWS::ECS::Cluster ExecuteCommandLogConfiguration Use the AWS::ECS::Cluster ExecuteCommandLogConfiguration resource to define a logging configuration for the ECS Exec actions on the tasks in a cluster.	March 16, 2021
New resources	The following resources were updated: AWS::ECS::Cluster ExecuteCommandConfiguration. AWS::ECS::Cluster ExecuteCommandConfiguration Use the AWS::ECS::Cluster ExecuteCommandConfiguration resource to turn on ECS Exec for a cluster.	March 16, 2021
Updated resource	The following resource was updated: AWS::Detective::MemberInvitation AWS::Detective::MemberInvitation Use the DisableEmailNotification property to prevent the sending of invitation emails to member accounts. The term "master account" is changed to "administrator account."	March 15, 2021
Updated resources	The following resources were updated: AWS::ECR::PublicRepository AWS::ECR::PublicRepository Use the AWS::ECR::PublicRepository.Tags property to add tags to your public repositories.	March 11, 2021
Updated resource	The following resource was updated: AWS::CertificateManager::Account AWS::CertificateManager::Account Use the ExpiryEventsConfiguration property to specify options for certificate expiration events associated with an AWS account.	March 11, 2021
Updated resource	The following resource was updated: AWS::EFS::FileSystem AWS::EFS::FileSystem Use the AvailabilityZoneName property to create a file system that uses EFS One Zone storage classes, which store data redundantly within a single Availability Zone within an AWS Region.	March 11, 2021
New resources	The following resources were added: AWS::CE::AnomalySubscription and AWS::CE::AnomalyMonitor. AWS::CE::AnomalySubscription Use the AWS::CE::AnomalySubscription resource to deliver notifications about anomalies detected by a monitor that exceeds a threshold. AWS::CE::AnomalyMonitor Use the AWS::CE::AnomalyMonitor resource to continuously inspect your account's cost data for anomalies, based on MonitorType and MonitorSpecification.	March 11, 2021
New resources	The following resources were updated: AWS::ECS::ClusterCapacityProviderAssociations. AWS::ECS::ClusterCapacityProviderAssociations Use the AWS::ECS::ClusterCapacityProviderAssociations resource to associate capacity providers with a cluster.	March 11, 2021
New resource	The following resource was added: AWS::RDS::DBProxyEndpoint. AWS::RDS::DBProxyEndpoint Use the AWS::RDS::DBProxyEndpoint resource to create or update a custom DB proxy endpoint.	March 11, 2021
Updated resource	The following resource was updated: AWS::StepFunctions::StateMachine. AWS::StepFunctions::StateMachine The AWS::StepFunctions::StateMachine has a new Definition property that lets you define your state machine in the language of your template file.	March 10, 2021
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup MixedInstancesPolicy Use the SpotAllocationStrategy property to specify capacity-optimized-prioritized as the allocation strategy for your Spot capacity when you use a mixed instances policy.	March 8, 2021
Updated resource	The following new resource was updated: AWS::SecretsManager::Secret AWS::SecretsManager::Secret Use the ReplicaRegions property to replicate secrets into additional Regions for resiliency and disaster recovery.	March 4, 2021
New resource	The following resource was added: AWS::Events::ApiDestination. AWS::Events::ApiDestination Use the ApiDestination resource to create an API destination. An API destination defines an HTTP invocation endpoint to use as the target of a rule.	March 4, 2021
New resource	The following resource was added: AWS::Events::Connection. AWS::Events::Connection Use the Connection resource to create a connection to use with Api destinations. A connection defines the authorization method and parameters to use to connect to the HTTP invocation endpoint for an Api destination.	March 4, 2021
New resource	The following resources were added: AWS::IoT::AccountAuditConfiguration,AWS::IoT::CustomMetric, AWS::IoT::Dimension, AWS::IoT::MitigationAction, AWS::IoT::ScheduledAudit, AWS::IoT::SecurityProfile. AWS::IoT::AccountAuditConfiguration Use the AWS::IoT::AccountAuditConfiguration resource to specify an account audit configuration in AWS IoT Core. AWS::IoT::CustomMetric Use the AWS::IoT::CustomMetric resource to specify a custom metric in AWS IoT Core. AWS::IoT::Dimension Use the AWS::IoT::Dimension resource to specify a dimension in AWS IoT Core. AWS::IoT::MitigationAction Use the AWS::IoT::MitigationAction resource to specify a mitigation action in AWS IoT Core. AWS::IoT::ScheduledAudit Use the AWS::IoT::ScheduledAudit resource to specify a Scheduled Audit in AWS IoT Core. AWS::IoT::SecurityProfile Use the AWS::IoT::SecurityProfile resource to specify a security profile in AWS IoT Core.	March 4, 2021
New resource	The following resources were added: AWS::S3Outposts::Bucket, AWS::S3Outposts::BucketPolicy, AWS::S3Outposts::AccessPoint, and AWS::S3Outposts::EndPoint AWS::S3Outposts::Bucket Use the AWS::S3Outposts::Bucket resource to create an S3 on Outposts bucket. AWS::S3Outposts::BucketPolicy Use the AWS::S3Outposts::BucketPolicy resource to create a bucket policy for your S3 on Outposts bucket. AWS::S3Outposts::AccessPoint Use the AWS::S3Outposts::AccessPoint resource to create an access point for your S3 on Outposts bucket. AWS::S3Outposts::EndPoint Use the AWS::S3Outposts::EndPoint resource to create an endpoint for Amazon S3 on AWS Outposts.	March 4, 2021
Updated resource	The following resources were updated: AWS::IoTSiteWise::AccessPolicy and AWS::IoTSiteWise::Portal. AWS::IoTSiteWise::AccessPolicy Added the following properties: IamRole and IamUser. AWS::IoTSiteWise::Portal Added the following property: PortalAuthMode.	March 2, 2021
Updated resource	The following resource was updated: AWS::IoTSiteWise::AssetModel. AWS::IoTSiteWise::AssetModel Added the following property: AssetModelCompositeModel. You can use this property to define an alarm in AWS IoT SiteWise. For more information, see Monitoring data with alarms in the AWS IoT SiteWise User Guide.	March 1, 2021
Updated resource	The following resource was updated: AWS::DataBrew::Dataset Format. AWS::DataBrew::Dataset Format Use the Format property to define the file format of a dataset.	February 25, 2021
Updated resource	The following resource was updated: AWS::ManagedBlockchain::Node AWS::ManagedBlockchain::Node Use the NodeConfiguration property to create a node on an Ethereum network.	February 25, 2021
Updated resource	The following resource was updated: AWS::SageMaker::Model AWS::SageMaker::Model Use the InferenceExecutionConfig property to specify details of how containers in a multi-container endpoint are called.	February 25, 2021
New resources	The following resource was added: AWS::EC2::TransitGatewayConnect. AWS::EC2::TransitGatewayConnect Use the TransitGatewayConnect resource to create a Connect attachment from a specified transit gateway attachment.	February 25, 2021
New resources	The following resources were added: AWS::EMR::Studio and AWS::EMR::StudioSessionMapping. AWS::EMR::Studio Use the AWS::EMR::Studio resource to create a new Amazon EMR Studio. AWS::EMR::StudioSessionMapping Use the AWS::EMR::StudioSessionMapping resource to assign a user or group to an Amazon EMR Studio, and apply an IAM session policy to refine Studio permissions for that user or group.	February 25, 2021
New resources	The following resources were added: AWS::SageMaker::Image, AWS::SageMaker::ImageVersion. AWS::SageMaker::Image Use the AWS::SageMaker::Image resource to create a new Image in Amazon SageMaker. AWS::SageMaker::ImageVersion Use the AWS::SageMaker::ImageVersion resource to create a new ImageVersion in Amazon SageMaker.	February 25, 2021
New resource	The following resource was added: AWS::EKS::Addon. AWS::EKS::Addon Use the AWS::EKS::Addon resource to create an Amazon EKS add-on.	February 25, 2021
New resource	The following resources were added: AWS::IAM::OIDCProvider, AWS::IAM::SAMLProvider, AWS::IAM::ServerCertificate, and AWS::IAM::VirtualMFADevice. AWS::IAM::OIDCProvider Use the AWS::IAM::OIDCProvider resource to create an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). AWS::IAM::SAMLProvider Use the AWS::IAM::SAMLProvider resource to create an IAM resource that describes an identity provider (IdP) that supports SAML 2.0. AWS::IAM::ServerCertificate Use the AWS::IAM::ServerCertificate resource to retrieve information about the specified server certificate stored in IAM. AWS::IAM::VirtualMFADevice Use the AWS::IAM::VirtualMFADevice resource to create a new virtual MFA device for the AWS account.	February 25, 2021
New attributes	The following parameters were added for 10DLC support: EntityId, TemplateId, OriginationNumber. AWS::Pinpoint::Campaign CampaignSmsMessage Specifies the content and settings for an SMS message that's sent to recipients of a campaign.	February 24, 2021
Updated resource	The following resource was updated: AWS::DynamoDB::Table AWS::DynamoDB::Table Use the ContributorInsightsSpecification property to enable or disable CloudWatch Contributor Insights on a table or global secondary index.	February 22, 2021
Updated resource	The following resource was updated: AWS::CodeCommit::Repository Code AWS::CodeCommit::Repository Code The behavior of the BranchName property on update has changed to be consistent with all other aspects of AWS:CodeCommit:Repository Code. All properties of AWS:CodeCommit:Repository Code are ignored on update, as they only apply to initial resource creation.	February 19, 2021
Updated resources	The following resources were updated: AWS::AppMesh::VirtualNode and AWS::AppMesh::VirtualGateway AWS::AppMesh::VirtualNode Use the ClientTlsCertificate property to represent the client's certificate. Use the SubjectAlternativeNames property to represent the subject alternative names secured by the certificate. Use the TlsValidationContextSdsTrust property to represent a Transport Layer Security (TLS) Secret Discovery Service validation context trust. Use the ListenerTlsValidationContextTrust property to represent a listener's Transport Layer Security (TLS) validation context trust. Use the SubjectAlternativeNameMatchers property to represent the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched. Use the ListenerTlsSdsCertificate property to represent the listener's Secret Discovery Service certificate. Use the ListenerTlsValidationContext property to represent a listener's Transport Layer Security (TLS) validation context. AWS::AppMesh::VirtualGateway Use the VirtualGatewayListenerTlsValidationContextTrust property to specify validation context trust. Use the VirtualGatewayTlsValidationContextSdsTrust property to represent a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust. Use the SubjectAlternativeNames property represents the subject alternative names secured by the certificate. Use the VirtualGatewayListenerTlsSdsCertificate property to represent the virtual gateway's listener's Secret Discovery Service certificate. Use the VirtualGatewayClientTlsCertificate property to represent the virtual gateway's client's Transport Layer Security (TLS) certificate. Use the VirtualGatewayListenerTlsValidationContext property to represent a virtual gateway's listener's Transport Layer Security (TLS) validation context. Use the SubjectAlternativeNameMatchers property to represent the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.	February 18, 2021
Updated resources	The following resource was updated: AWS::IoTWireless::ServiceProfile AWS::IoTWireless::ServiceProfile Use the attributes of LoRaWANGetServiceProfileInfo with LoRaWANServiceProfile instead as ReadOnly properties that you can return using Fn::GetAtt.	February 18, 2021
Updated resources	The following resources were updated: AWS::Kendra::DataSource, AWS::Kendra::Index. AWS::Kendra::DataSource Use the ConfluenceConfiguration property of the resource to specify configuration information for indexing a Confluence data source. AWS::Kendra::DataSource Use the GoogleDriveConfiguration property of the resource to specify configuration information for indexing a Google Drive data source. AWS::Kendra::Index Use the UserContextPolicy and UserTokenConfiguration properties of the resource to specify how Amazon Kendra uses user tokens for access to the index.	February 18, 2021
Updated resource	The following resource was updated: AWS::DataBrew::Job JobSample. AWS::DataBrew::Job JobSample Use the JobSample property to define the sample configuration for profile jobs.	February 18, 2021
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type, use Aliases to specify one or more DNS alias names that you want to associate with the Amazon FSx file system.	February 18, 2021
Updated resource	The following resource was updated: AWS::IoTAnalytics::Dataset. AWS::IoTAnalytics::Dataset Added the following properties: LateDataRule and LateDataRuleConfiguration. You can use these properties to specify a late data rule for your dataset. The late data rule enables AWS IoT Analytics to send notifications through Amazon CloudWatch when late data arrives. For more information, see Getting late data notifications in the AWS IoT Analytics User Guide.	February 18, 2021
AWS CloudFormation StackSets now supports delegated administrator with AWS Organizations	In addition to the organization's management account, delegated administrator accounts can create and manage stack sets with service-managed permissions for their organization. For more information, see Register a delegated administrator and Create a stack set with service-managed permissions.	February 18, 2021
New resources	The following resources were added: AWS::EC2::TransitGatewayMulticastDomain, AWS::EC2::TransitGatewayMulticastDomainAssociation, AWS::EC2::TransitGatewayMulticastGroupMembers and AWS::EC2::TransitGatewayMulticastGroupSource. AWS::EC2::TransitGatewayMulticastDomain Use the TransitGatewayMulticastDomain resource to create a transit gateway multicast domain. AWS::EC2::TransitGatewayMulticastDomainAssociation Use the TransitGatewayMulticastDomainAssociation resource to associate the specified subnets and transit gateway attachments with the specified transit gateway multicast domain. AWS::EC2::TransitGatewayMulticastGroupMember Use the TransitGatewayMulticastGroupMembers resource to register members (network interfaces) with the transit gateway multicast group. AWS::EC2::TransitGatewayMulticastGroupSource Use the TransitGatewayMulticastGroupSource resource to register sources (network interfaces) with the specified transit gateway multicast group.	February 12, 2021
Updated resources	The following resources were updated: AWS::IoTWireless::Destination, AWS::IoTWireless::DeviceProfile, AWS::IoTWireless::ServiceProfile, AWS::IoTWireless::WirelessDevice, and AWS::IoTWireless::WirelessGateway. AWS::IoTWireless::Destination Use the ExpressionType property of the resource to specify whether to use a new value MqttTopic or to use RuleName. In addition, the property descriptions now list any maximum values, minimum values, and patterns. AWS::IoTWireless::DeviceProfile Use the new LoRaWAN property which is a renaming of the LoRaWANDeviceProfile property. The property type has not changed from LoRaWANDeviceProfile. In addition, the property descriptions now list any maximum values, minimum values, and patterns. AWS::IoTWireless::ServiceProfile Use the new LoRaWAN property which is a renaming of the LoRaWANServiceProfile property. The property type has not changed from LoRaWANServiceProfile. In addition, the property descriptions now list any maximum values, minimum values, and patterns. AWS::IoTWireless::WirelessDevice Use the new LoRaWAN property which is a renaming of the LoRaWANDevice property. The property type has not changed from LoRaWANDevice. In addition, the property descriptions now list any maximum values, minimum values, and patterns. AWS::IoTWireless::WirelessGateway Use the new LoRaWAN property which is a renaming of the LoRaWANGateway property. The property type has not changed from LoRaWANGateway. In addition, the property descriptions now list any maximum values, minimum values, and patterns.	February 11, 2021
Updated resource	The following resource was updated: AWS::DMS::Endpoint. AWS::DMS::Endpoint.MongoDbSettings Added SecretsManager attributes to MongoDbSettings. AWS::DMS::Endpoint.MySqlSettings Added SecretsManager attributes to MySqlSettings. AWS::DMS::Endpoint.RedshiftSettings Added SecretsManager attributes to RedshiftSettings. AWS::DMS::Endpoint.SybaseSettings Added SecretsManager attributes to SybaseSettings. AWS::DMS::Endpoint.PostgreSqlSettings Added SecretsManager attributes to PostgreSqlSettings. AWS::DMS::Endpoint.MicrosoftSqlServerSettings Added SecretsManager attributes to MicorsoftSqlServerSettings. AWS::DMS::Endpoint.IbmDb2Settings Added SecretsManager attributes to IbmDb2Settings. AWS::DMS::Endpoint.DocDbSettings Added SecretsManager attributes to DocDbSettings. AWS::DMS::Endpoint.OracleSettings Added SecretsManager attributes to OracleSettings.	February 11, 2021
Updated resource	The following resource was updated: AWS::GroundStation::Config. AWS::GroundStation::Config S3RecordingConfig CloudFormation property The S3RecordingConfig property sets the information for a S3 recording config object.	February 11, 2021
New resources	The following resources were added: AWS::CloudFormation::ResourceDefaultVersion and AWS::CloudFormation::ResourceVersion. AWS::CloudFormation::ResourceDefaultVersion Use the AWS::CloudFormation::ResourceDefaultVersion resource to specify the default resource version to be used in CloudFormation operations. AWS::CloudFormation::ResourceVersion Use the AWS::CloudFormation::ResourceVersion resource to specify a resource version with the CloudFormation service, making it available for use in CloudFormation operations.	February 11, 2021
New resources	The following resources were added: AWS::SageMaker::App, AWS::SageMaker::AppImageConfig, AWS::SageMaker::Domain, AWS::SageMaker::UserProfile. AWS::SageMaker::App Use the AWS::SageMaker::App resource to create a running app for a user profile in SageMaker Studio. AWS::SageMaker::AppImageConfig Use the AWS::SageMaker::AppImageConfig resource to create a configuration for running a SageMaker image as a KernelGateway app in SageMaker Studio. AWS::SageMaker::Domain Use the AWS::SageMaker::Domain resource to create a Domain used by SageMaker Studio. AWS::SageMaker::UserProfile Use the AWS::SageMaker::UserProfile resource to create a user profile used by SageMaker Studio.	February 11, 2021
New resources	The following resources were added: AWS::ServiceCatalog::ServiceAction and AWS::ServiceCatalog::ServiceActionAssociation. AWS::ServiceCatalog::ServiceAction Use this self-service action feature to create CloudFormation templates that create Service Actions. AWS::ServiceCatalog::ServiceActionAssociation Use this self-service action association feature to create AWS CloudFormation templates that create Service Actions.	February 11, 2021
AWS CloudFormation StackSets Region availability	AWS CloudFormation StackSets is now available in the Asia Pacific (Osaka) Region. For more information, see Working with AWS CloudFormation StackSets.	February 10, 2021
Updated resource	The following resource was updated: AWS::IoTAnalytics::Datastore. AWS::IoTAnalytics::Datastore Added the following properties: Column, FileFormatConfiguration, JsonConfiguration, ParquetConfiguration, and SchemaDefinition. You can use these properties to specify JSON or Parquet file format for your data store. For more information, see File formats in the AWS IoT Analytics User Guide.	February 5, 2021
Updated resources	The following resources were updated: AWS::ECR::ReplicationConfiguration AWS::ECR::ReplicationConfiguration Use the ReplicationConfiguration property to create or update the replication configuration for a private repository.	February 4, 2021
Updated resources	The following resources were updated: AWS::IoTWireless::DeviceProfile, AWS::IoTWireless::ServiceProfile, AWS::IoTWireless::WirelessDevice, and AWS::IoTWireless::WirelessGateway. AWS::IoTWireless::DeviceProfile Use the DeviceProfile resource to specify a device profile for a wireless device to use. AWS::IoTWireless::ServiceProfile Use the ServiceProfile resource to specify a service profile for a wireless device to use. AWS::IoTWireless::WirelessDevice Use the WirelessDevice resource to specify a wireless device in an AWS IoT Core for LoRaWAN solution. AWS::IoTWireless::WirelessGateway Use the WirelessGateway resource to specify a wireless gateway in an AWS IoT Core for LoRaWAN solution.	February 4, 2021
Updated resources	The following resources were updated: AWS::Cassandra::Keyspace and AWS::Cassandra::Table. AWS::Cassandra::Keyspace.Tags Use the AWS::Cassandra::Keyspace.Tags property to add tags to new or existing keyspaces in Amazon Keyspaces (for Apache Cassandra). AWS::Cassandra::Table.Tags Use the AWS::Cassandra::Table.Tags property to create and add tags to new or existing tables in Amazon Keyspaces (for Apache Cassandra). AWS::Cassandra::Table.PointInTimeRecoveryEnabled Use the AWS::Cassandra::Table.PointInTimeRecoveryEnabled property to enable point-in-time recovery in Amazon Keyspaces (for Apache Cassandra).	February 4, 2021
Updated resource	The following resource was updated: AWS::DataBrew::Job. AWS::DataBrew::Job Use the CsvOutputOptions property to define how DataBrew will write a CSV file. Use the OutputFormatOptions property to define the structure of CSV job output.	February 4, 2021
Updated resource	The following resource was updated: AWS::ElastiCache::GlobalReplicationGroup. AWS::ElastiCache::GlobalReplicationGroup Consists of a primary cluster that accepts writes and an associated secondary cluster that resides in a different Region. The secondary cluster accepts only reads. The primary cluster automatically replicates updates to the secondary cluster.	February 4, 2021
New resource	Added the following resource: AWS::ImageBuilder::ContainerRecipe. AWS::ImageBuilder::ContainerRecipe Use the AWS::ImageBuilder::ContainerRecipe resource to create a container recipe in the Image Builder service.	February 4, 2021
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Stage. AWS::ApiGatewayV2::Stage Added the attribute AccessPolicyId for internal use only.	January 28, 2021
New resource	The following resource was added: AWS::LookoutVision:Project. AWS::LookoutVision:Project Use the Project resource to create an Amazon Lookout for Vision project.	January 28, 2021
Updated resource	The following resource was updated: AWS::ACMPCA::Certificate. AWS::ACMPCA::Certificate Use the ApiPassthrough property to include parameters in certificates during issuance. Use the ValidityNotBefore property to customize the start of certificate validity.	January 21, 2021
Updated resource	The following resource was updated: AWS::MediaConnect::FlowVpcInterface. AWS::MediaConnect::FlowVpcInterface Use the FlowArn property to specify the ARN of the flow. Use the Name property to specify the name of the VPC Interface.	January 21, 2021
Updated resource	The following resources were updated: AWS::SageMaker::Device, AWS::SageMaker::DeviceFleet, and AWS::SageMaker::Model. AWS::SageMaker::Device Use the DeviceFleetName property to get the name of the fleet the device belongs to. Use the Device property to make the edge device you want to create. Use the Tags property to get the tags registered to a specific device. Use the Device.Device property/resource to get information about a particular device. Use the Device.Device.Description property/resource to get a description of the device. Use the Device.Device.DeviceName property/resource to get the device name. Use the Device.Device.IotThingName property/resource to get the IoT object name. AWS::SageMaker::DeviceFleet Use the DeviceFleet.Description property to get information about a fleet. Use the OutputConfig property to get the output configuration for the fleet. Use the RoleArn property to get the ARN of the IoT thing. Use the Tags property to get the tags registered to a specific fleet. Use the EdgeOutputConfig.KmsKeyId property/resource to set the KMS key ID. Use the EdgeOutputConfig.S3OutputLocation property/resource to set the S3 bucket URI. AWS::SageMaker::Model Use the MultiModelConfiguration property to specify configuration details for a multi-model endpoint.	January 21, 2021
New resources	The following resource was added: AWS::SageMaker::Project. AWS::SageMaker::Project Use the AWS::SageMaker::Project resource to create a new project in Amazon SageMaker.	January 21, 2021
Updated resource	The following resource was updated with examples: AWS::S3::AccessPoint Access Points Use the AWS::S3::AccessPoint resource to specify an S3 access point.	January 20, 2021
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster You can now change the broker type for an existing cluster.	January 15, 2021
New resource	The AWS::EMRContainers::VirtualCluster resource was added. AWS::EMRContainers::VirtualCluster The AWS::EMRContainers::VirtualCluster resource specifies a virtual cluster.	January 14, 2021
New resource	The following resource was added: AWS::QuickSight::DataSet and AWS::QuickSight::DataSource. AWS::QuickSight::DataSet Use the AWS::QuickSight::DataSet resource to create a dataset in Amazon QuickSight. AWS::QuickSight::DataSource Use the AWS::QuickSight::DataSource resource to create a data source in Amazon QuickSight.	January 14, 2021
New resource	The following resource was added: AWS::QuickSight::Analysis, AWS::QuickSight::Dashboard, AWS::QuickSight::Template, and AWS::QuickSight::Theme. AWS::QuickSight::Analysis Use the AWS::QuickSight::Analysis resource to create an analysis in Amazon QuickSight. AWS::QuickSight::Dashboard Use the AWS::QuickSight::Dashboard resource to create a dashboard from a template in Amazon QuickSight. AWS::QuickSight::Template Use the AWS::QuickSight::Template resource to create a template from an existing Amazon QuickSight analysis or template. AWS::QuickSight::Theme Use the AWS::QuickSight::Theme resource to create a theme in Amazon QuickSight.	January 14, 2021
Updates to resource	The following resource was updated: AWS::SSO::InstanceAccessControlAttributeConfiguration. AWS::SSO::InstanceAccessControlAttributeConfiguration Use the AWS::SSO::InstanceAccessControlAttributeConfiguration resource to configure attribute-based access control (ABAC) in IAM Identity Center.	January 7, 2021
Updated resources	The following resources were updated: AWS::IoTWireless::Destination, AWS::IoTWireless::DeviceProfile, AWS::IoTWireless::ServiceProfile, AWS::IoTWireless::WirelessDevice, and AWS::IoTWireless::WirelessGateway. AWS::IoTWireless::Destination Use the Destination resource to specify a destination for a wireless device to use. AWS::IoTWireless::DeviceProfile Use the DeviceProfile resource to specify a device profile for a wireless device to use. AWS::IoTWireless::ServiceProfile Use the ServiceProfile resource to specify a service profile for a wireless device to use. AWS::IoTWireless::WirelessDevice Use the WirelessDevice resource to specify a wireless device in an AWS IoT Core for LoRaWAN solution. AWS::IoTWireless::WirelessGateway Use the WirelessGateway resource to specify a wireless gateway in an AWS IoT Core for LoRaWAN solution.	January 7, 2021
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Integration. AWS::ApiGatewayV2::Integration Use the AWS::ApiGatewayV2::Integration resource to configure request and response parameter mapping for an HTTP API.	January 7, 2021
Updated resource	The following resource was updated: AWS::EC2::LaunchTemplate AWS::EC2::LaunchTemplate Use the Throughput property to specify the throughput to provision for gp3 volumes.	January 7, 2021
Updated resource	The following resources were updated: AWS::FMS::Policy. AWS::FMS::Policy The AWS::FMS::Policy resource now allows you to manage AWS Network Firewall policies.	January 7, 2021
New resources	The following resources were added: AWS::MediaConnect::Flow, AWS::MediaConnect::FlowEntitlement, AWS::MediaConnect::FlowOutput, AWS::MediaConnect::FlowSource, and AWS::MediaConnect::FlowVpcInterface. AWS::MediaConnect::Flow Use the AWS::MediaConnect::Flow resource to create a connection between one or more video sources and one or more outputs. AWS::MediaConnect::FlowEntitlement Use the AWS::MediaConnect::FlowEntitlement resource to grant permission to another AWS account to allow access to the content in a specific AWS Elemental MediaConnect flow. AWS::MediaConnect::FlowOutput Use the AWS::MediaConnect::FlowOutput resource to define the destination address, protocol, and port that you want MediaConnect to send the ingested video to. AWS::MediaConnect::FlowSource Use the AWS::MediaConnect::FlowSource resource to define where the external video content comes from. AWS::MediaConnect::FlowVpcInterface Use the AWS::MediaConnect::FlowVpcInterface resource to create a connection between your MediaConnect flow and a virtual private cloud (VPC) that you created using the Amazon Virtual Private Cloud service.	January 7, 2021
New resources	The following resources were added: AWS::Route53::DNSSEC and AWS::Route53::KeySigningKey. AWS::Route53::DNSSEC Use the AWS::Route53::DNSSEC resource to enable DNSSEC signing for a hosted zone. AWS::Route53::KeySigningKey Use the AWS::Route53::KeySigningKey resource to specify configuration settings for a key-signing key (KSK) that's associated with a hosted zone.	January 7, 2021
New Resources	The following resources were added: AWS::DataSync::Agent, AWS::DataSync::LocationEFS, AWS::DataSync::LocationFSxWindows, AWS::DataSync::LocationNFS, AWS::DataSync::LocationObjectStorage, AWS::DataSync::LocationS3, AWS::DataSync::LocationSMB, and AWS::DataSync::Task. AWS::DataSync::Agent Use the AWS::DataSync::Agent resource to specify an AWS DataSync agent. AWS::DataSync::LocationEFS Use the AWS::DataSync::LocationEFS resource to specify a location for an Amazon EFS location. AWS::DataSync::LocationFSxWindows Use the AWS::DataSync::LocationFSxWindows resource to specify an Amazon FSx for Windows Server file system. AWS::DataSync::LocationNFS Use the AWS::DataSync::LocationNFS resource to specify a file system on a Network File System (NFS) server. AWS::DataSync::LocationObjectStorage Use the AWS::DataSync::LocationObjectStorage resource to specify an endpoint for a self-managed object storage bucket. AWS::DataSync::LocationS3 Use the AWS::DataSync::LocationS3 resource to specify an endpoint for an Amazon S3 bucket. AWS::DataSync::LocationSMB Use the AWS::DataSync::LocationSMB resource to specify a Server Message Block (SMB) location. AWS::DataSync::Task Use the AWS::DataSync::Task resource to specify a task.	January 7, 2021
Updated resource	The following resource was updated: AWS::Glue::Table AWS::Glue::Table Use the SchemaReference property to specify an object that references a schema stored in the AWS Glue Schema Registry. Use the TableInput.TargetTable property to specify a TableIdentifier structure that describes a target table for resource linking. Use the Table.TableIdentifier property to specify a target table for resource linking.	December 22, 2020
Updated resource	The following resource was updated: AWS::Glue::Partition AWS::Glue::Partition Use the SchemaReference property to specify an object that references a schema stored in the AWS Glue Schema Registry.	December 22, 2020
Updated resource	The following resource was updated: AWS::Glue::Database AWS::Glue::Database Use the DatabaseInput.TargetDatabase property to specify a TableIdentifier structure that describes a target table for resource linking. Use the Database.DatabaseIdentifier property to specify a target database for resource linking.	December 22, 2020
Updated resource	The following resource was updated: AWS::Glue::MLTransform AWS::Glue::MLTransform Use the TransformEncryption property to specify the encryption-at-rest settings of the transform that apply to accessing user data. Use the MLUserDataEncryption property to specify the encryption mode and customer-provided KMS key ID.	December 22, 2020
Updated resource	The following resource was updated: AWS::NimbleStudio::LaunchProfile. AWS::NimbleStudio::LaunchProfile In the StreamConfiguration property type, use the MaxStoppedSessionLengthInMinutes property to specify if you can stop your sessions, and use the SessionStorage property to specify the upload storage for a streaming session. Use the StreamConfigurationSessionStorage property to specify a configuration for a streaming session’s upload storage. Use the StreamingSessionStorageRoot property to specify the upload storage root location that is a folder on streaming workstations where files are uploaded.	December 22, 2020
New resource	The following resource was added: AWS::MWAA::Environment AWS::MWAA::Environment Use the AWS::MWAA::Environment resource to create an Amazon Managed Workflows for Apache Airflow (MWAA) environment.	December 21, 2020
Updated resources	The following resources were updated: AWS::EC2::Instance, AWS::EC2::SpotFleet, AWS::EC2::Volume. AWS::EC2::Instance Use the EnclaveOptions property to indicate whether the instance is enabled for AWS Nitro Enclaves. AWS::EC2::SpotFleet SpotCapacityRebalance Use the SpotCapacityRebalance property when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. AWS::EC2::SpotFleet SpotMaintenanceStrategies Use the SpotMaintenanceStrategies property to manage your Spot Instances that are at an elevated risk of being interrupted. . AWS::EC2::Volume Use the Throughput property to specify the throughput that the volume supports, in MiB/s.	December 18, 2020
Updated resources	The following resources were updated: AWS::ECS::Service. AWS::ECS::Service Use the DeploymentCircuitBreaker property to turn on the deployment circuit breaker for a service.	December 18, 2020
Updated resources	The following resources were updated: AWS::ElastiCache::User AWS::ElastiCache::UserGroup and AWS::ElastiCache::ReplicationGroup. AWS::ElastiCache::User For Redis engine version 6.0 onwards: Creates a Redis user. For more information, see Using Role Based Access Control (RBAC) AWS::ElastiCache::UserGroup For Redis engine version 6.0 onwards: Creates a Redis user group. For more information, see Using Role Based Access Control (RBAC) AWS::ElastiCache::ReplicationGroup Use the UserGroupIds property to associate a list of user groups with the replication group.	December 18, 2020
Updated resource	The following resource was updated: AWS::Batch::JobDefinition AWS::Batch::JobDefinition Use the PlatformCapabilities property to specify whether the job requires EC2 or FARGATE resources. Use the PropagateTags property to specify whether to propagate tags from the job definition to the corresponding Amazon ECS task. In the ContainerProperties property type: Use the FargatePlatformConfiguration property to specify the Fargate platform version to use for jobs running on Fargate resources. Use the NetworkConfiguration property to specify the network configuration for jobs running on Fargate resources. AWS::Batch::JobDefinition In the ContainerProperties property type, use the FargatePlatformConfiguration property to define the version of the Fargate platform used for the job.	December 18, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem The StorageCapacity property was updated to "Required": conditional. In the WindowsConfiguration property type, the ThroughputCapacity property was updated to "Required": true.	December 18, 2020
Updated resource	The following resources were updated: AWS::S3::Bucket SourceSelectionCriteria Use the ReplicaModifications property in AWS::S3::Bucket SourceSelectionCriteria to filter modifications on replicas. Amazon S3 Bucket Keys Use the BucketKeyEnabled property to specify an S3 Bucket Key with default encryption using AWS Key Management Service.	December 18, 2020
New resources	The following resources were added: AWS::CloudFormation::ModuleDefaultVersion and AWS::CloudFormation::ModuleVersion. AWS::CloudFormation::ModuleDefaultVersion Use the AWS::CloudFormation::ModuleDefaultVersion resource to specify the default version of a module, which will be used in CloudFormation operations for this account and Region. AWS::CloudFormation::ModuleVersion Use the AWS::CloudFormation::ModuleVersion resource to register the specified version of the module with the CloudFormation service, making it available for use in CloudFormation templates in this account and Region.	December 18, 2020
New resources	The following resources were added: AWS::DevOpsGuru::NotificationChannel, AWS::DevOpsGuru::ResourceCollection AWS::DevOpsGuru::NotificationChannel Use the AWS::DevOpsGuru::NotificationChannel resource to add a notification channel to Amazon DevOps Guru. The notification channel is used to notify you about important events. For example, the creation of an insight or a change in an insight's severity. AWS::DevOpsGuru::ResourceCollection Use the AWS::DevOpsGuru::ResourceCollection resource to specify a collection of resources in your account that you want Amazon DevOps Guru to analyze. The specified resources are analyzed to generate insights that contain recommendations, related metrics, and operational data to help you improve the performance of your operational solutions.	December 18, 2020
New resources	The following resources were added: AWS::EC2::NetworkInsightsPath and AWS::EC2::NetworkInsightsAnalysis. AWS::EC2::NetworkInsightsPath Use the NetworkInsightsPath property to specify a path to analyze for reachability. AWS::EC2::NetworkInsightsAnalysis Use the NetworkInsightsAnalysis property to specify a network insights analysis.	December 18, 2020
New resources	The following resources were added: AWS::ECR::PublicRepository AWS::ECR::PublicRepository Use the PublicRepository property to create or update a public repository.	December 18, 2020
New resources	The following resources were added: AWS::LicenseManager::Grant and AWS::LicenseManager::License. AWS::LicenseManager::Grant Use the AWS::LicenseManager::Grant resource to specify a grant in the AWS License Manager service. AWS::LicenseManager::License Use the AWS::LicenseManager::License resource to specify a granted license in the AWS License Manager service.	December 18, 2020
New resources	The following resources were added: AWS::SageMaker::DataQualityJobDefinition, AWS::SageMaker::Device, AWS::SageMaker::DeviceFleet, AWS::SageMaker::ModelBiasJobDefinition, AWS::SageMaker::ModelExplainabilityJobDefinition, AWS::SageMaker::ModelQualityJobDefinition, AWS::SageMaker::ModelPackageGroup, and AWS::SageMaker::Pipeline. AWS::SageMaker::DataQualityJobDefinition Use the AWS::SageMaker::DataQualityJobDefinition resource to create a monitoring job that monitors drift in data quality. AWS::SageMaker::Device Use the AWS::SageMaker::Device resource to register your Devices against an existing SageMaker Edge Manager DeviceFleet. Each device must be listed individually in the CFN specification. AWS::SageMaker::DeviceFleet Use the AWS::SageMaker::DeviceFleet resource to create a DeviceFleet that manages your SageMaker Edge Manager Devices. You must register your devices against the DeviceFleet separately. AWS::SageMaker::ModelBiasJobDefinition Use the AWS::SageMaker::ModelBiasJobDefinition resource to create a monitoring job that monitors potential bias in your model. AWS::SageMaker::ModelExplainabilityJobDefinition Use the AWS::SageMaker::ModelExplainabilityJobDefinition resource to create a monitoring job that monitors feature attribution drift in your model. AWS::SageMaker::ModelQualityJobDefinition Use the AWS::SageMaker::ModelQualityJobDefinition resource to create a monitoring job that monitors quality drift in your model. AWS::SageMaker::ModelPackageGroup Use the AWS::SageMaker::ModelPackageGroup resource to create a group of related models. AWS::SageMaker::Pipeline Use the AWS::SageMaker::Pipeline resource to specify shell scripts that run when you create and/or start a SageMaker Pipeline. For information about SageMaker Pipelines, see SageMaker Pipelines in the Amazon SageMaker Developer Guide.	December 18, 2020
New resource	The following resource was added: AWS::AuditManager::Assessment AWS::AuditManager::Assessment Use the AWS::AuditManager::Assessment resource to specify a new assessment in AWS Audit Manager.	December 18, 2020
New resource	The following resources were added: AWS::GreengrassV2::ComponentVersion. AWS::GreengrassV2::ComponentVersion Use the AWS::GreengrassV2::ComponentVersion resource to create a new component version in AWS IoT Greengrass.	December 18, 2020
New resource	The following resources were added: AWS::IoTSitewise::AccessPolicy, AWS::IoTSiteWise::Dasboard, AWS::IoTSiteWise::Portal, and AWS::IoTSiteWise::Project. AWS::IoTSiteWise::AccessPolicy Use the AWS::IoTSiteWise::AccessPolicy resource to create a new access policy in AWS IoT SiteWise. AWS::IoTSiteWise::Dasboard Use the AWS::IoTSiteWise::Dasboard resource to create a new dashboard in AWS IoT SiteWise. AWS::IoTSiteWise::Portal Use the AWS::IoTSiteWise::Portal resource to create a new portal in AWS IoT SiteWise. AWS::IoTSiteWise::Project Use the AWS::IoTSiteWise::Project resource to create a new project in AWS IoT SiteWise.	December 18, 2020
New resource	The following resources were updated: AWS::Lambda::CreateEventSourceMapping and AWS::Lambda::Function. AWS::Lambda::EventSourceMapping Use the TumblingWindowInSeconds property to set the window size for SQS event sources. Lambda now supports a Self-Managed Apache Kafka cluster as an event source. AWS::Lambda::Function Lambda now supports functions deployed as container images. Use the ImageUri property to specify the container image location. In the Code property type, new property ImageUri specifies the image to associate with your Lambda function.	December 18, 2020
New resource	The following resource was added: AWS::SSO::InstanceAccessControlAttributeConfiguration. AWS::SSO::InstanceAccessControlAttributeConfiguration Use the AWS::SSO::InstanceAccessControlAttributeConfiguration resource to configure attribute-based access control (ABAC) in IAM Identity Center.	December 18, 2020
Updated resource	The following resource was updated to support specifying a capacity type for a node group: AWS::EKS::Nodegroup. AWS::EKS::Nodegroup Use the CapacityType property to specify whether you want to use Spot or On-Demand instance types for your node group.	December 17, 2020
Updated resource	The following resource was updated: AWS::GameLift::MatchmakingConfiguration. AWS::GameLift::MatchmakingConfiguration Use the FlexMatchMode property to specify that the matchmaker is for a standalone FlexMatch solution or for matchmaking with GameLift managed hosting.	November 24, 2020
Updated resource	The following resource was updated: AWS::Lambda::CreateEventSourceMapping. AWS::Lambda::EventSourceMapping.BatchSize The BatchSize has been increased for standard SQS queues, and allows for the use of a MaximumBatchingWindowInSeconds.	November 24, 2020
Modules	Modules are a way for you to package resource configurations for inclusion across stack templates, in a transparent, manageable, and repeatable way. Modules can encapsulate common service configurations and best practices as modular, customizable building blocks for you to include in your stack templates. For more information, see Using modules to encapsulate and reuse resource configurations.	November 24, 2020
New resource	The following resource was added: AWS::Lambda::CodeSigningConfig. AWS::Lambda::CodeSigningConfig Use the CodeSigningConfig resource to specify code-signing capability to your Lambda functions.	November 23, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types, use the TrustedKeyGroups property to specify a list of the key groups that CloudFront can use to verify signed URLs or signed cookies. For more information, see Serving private content in the Amazon CloudFront Developer Guide.	November 19, 2020
Updated resource	The following resources were updated: AWS::EC2::LaunchTemplate and AWS::EC2::ClientVpnEndpoint. AWS::EC2::ClientVpnEndpoint Use the ClientConnectOptions property to indicate whether client connect options are used for Client VPN. AWS::EC2::LaunchTemplate Use the AssociateCarrierIpAddress property to indicates whether to associate a Carrier IP address with eth0 for a new network interface. AWS::EC2::LaunchTemplate Use the EnclaveOptions property to indicate whether the instance is enabled for AWS Nitro Enclaves. AWS::EC2::LaunchTemplate Use the NetworkCardIndex property to specify the network card index.	November 19, 2020
Updated resource	The following resource was updated: AWS::Events::EventBusPolicy. AWS::Events::EventBusPolicy Added the Statement property. Use the Statement property to add a statement to the policy attached to an event bus.	November 19, 2020
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Added support for asymmetric KMS keys, including the KeySpec property and the SIGN_VERIFY value for the KeyUsage property.	November 19, 2020
New resources	The following resources were added: AWS::CloudFront::KeyGroup and AWS::CloudFront::PublicKey. AWS::CloudFront::KeyGroup Use the AWS::CloudFront::KeyGroup resource to create a key group in Amazon CloudFront to use with CloudFront signed URLs and signed cookies. For more information, see Serving private content in the Amazon CloudFront Developer Guide. AWS::CloudFront::PublicKey Use the AWS::CloudFront::PublicKey resource to create a public key in Amazon CloudFront to use with CloudFront signed URLs and signed cookies, or with field-level encryption. For more information, see Serving private content or Using field-level encryption to help protect sensitive data in the Amazon CloudFront Developer Guide.	November 19, 2020
New resource	The following resource was added: AWS::Glue::Registry AWS::Glue::Registry Use the AWS::Glue::Registry resource to manage registries in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource was added: AWS::Glue::Schema AWS::Glue::Schema Use the AWS::Glue::Schema resource to manage schemas in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource was added: AWS::Glue::SchemaVersion AWS::Glue::SchemaVersion Use the AWS::Glue::SchemaVersion resource to manage schema versions in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource was added: AWS::Glue::SchemaVersionMetadata AWS::Glue::SchemaVersionMetadata Use the AWS::Glue::SchemaVersionMetadata resource to manage schema version metadata in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource is new: AWS::IoT::TopicRuleDestination AWS::IoT::TopicRuleDestination Use the AWS::IoT::TopicRuleDestination to specify a topic rule destination.	November 19, 2020
New resource	The following resources were added: AWS::NetworkFirewall::Firewall, AWS::NetworkFirewall::FirewallPolicy, AWS::NetworkFirewall::LoggingConfiguration, and AWS::NetworkFirewall::RuleGroup AWS::NetworkFirewall::Firewall Use the AWS::NetworkFirewall::Firewall resource to specify stateful, managed, network firewall and intrusion detection and prevention for your VPCs in Amazon VPC. AWS::NetworkFirewall::FirewallPolicy Use the AWS::NetworkFirewall::FirewallPolicy resource to specify the stateless and stateful network traffic filtering behavior for your AWS::NetworkFirewall::Firewall. AWS::NetworkFirewall::LoggingConfiguration Use the AWS::NetworkFirewall::LoggingConfiguration resource to specify the destinations and logging options for an AWS::NetworkFirewall::Firewall. AWS::NetworkFirewall::RuleGroup Use the AWS::NetworkFirewall::RuleGroup resource to specify a reusable collection of stateless or stateful network traffic filtering rules for use in your AWS::NetworkFirewall::FirewallPolicy.	November 19, 2020
New resource	The following resource was added: AWS::S3::StorageLens S3 Storage Lens Use the AWS::S3::StorageLens resource to create a S3 Storage Lens configuration in the Amazon Simple Storage Service.	November 19, 2020
Change sets for nested stacks	With change sets for nested stacks you can preview the changes to your application and infrastructure resources across the entire nested stack hierarchy and proceed with updates when you've confirmed that all the changes are as intended. For more information, see Change sets for nested stacks.	November 18, 2020
Updated resources	The following resources were updated: AWS::AppMesh::VirtualNode and AWS::AppMesh::VirtualGateway AWS::AppMesh::VirtualNode Use the ConnectionPool property to specify the type of connection pool for the listener. Use the VirtualNodeHttp2ConnectionPool property to specify an http2 type of connection pool. Use the VirtualNodeGrpcConnectionPool property to specify a grpc type of connection pool. Use the VirtualNodeConnectionPool property to specify the type of virtual node connection pool. Use the VirtualNodeHttpConnectionPool property to specify an http type of connection pool. Use the OutlierDetection property to specify the type of outlier detection for the listener. Use the VirtualNodeTcpConnectionPool property to specify an http2 type of connection pool. AWS::AppMesh::VirtualGateway Use the ConnectionPool property to specify the type of connection pool for the listener. Use the VirtualGatewayHttpConnectionPool property to specify an http type of connection pool. Use the VirtualGatewayHttp2ConnectionPool property to specify an http2 type of connection pool. Use the VirtualGatewayConnectionPool property to specify the type of virtual gateway connection pool. Use the VirtualGatewayGrpcConnectionPool property to specify a grpc type of connection pool.	November 12, 2020
Updated resource	The following resources were updated: AWS::EC2::Route and AWS::EC2::VPCEndpointService. AWS::EC2::Route Use the VpcEndpointId property to create a route to a Gateway Load Balancer endpoint. AWS::EC2::VPCEndpointService Use the GatewayLoadBalancerArns property to specify a Gateway Load Balancer for your VPC endpoint service.	November 12, 2020
Updated resource	The following resource was updated: AWS::Kendra::DataSource. AWS::Kendra::DataSource Use the new CUSTOM value to specify the custom data sources.	November 12, 2020
New resources:	This is the first release of AWS Glue DataBrew.	November 12, 2020
Updated resource	The following resources were updated: AWS::S3::Bucket IntelligentTieringConfiguration Use the IntelligentTieringConfiguration property to specify an S3 Intelligent-Tiering configuration. OwnershipControls Use the OwnershipControls property to specify object ownership on a bucket.	November 9, 2020
Updated resources	The following resources were updated: AWS::CodeArtifact::Domain and AWS::CodeArtifact::Repository. AWS::CodeArtifact::Domain The AWS::CodeArtifact::Domain resource now supports tags. AWS::CodeArtifact::Repository The AWS::CodeArtifact::Repository resource now supports tags.	November 5, 2020
Updated resource	The following resource was updated: AWS::Batch::JobDefinition AWS::Batch::JobDefinition In the RetryStrategy property type, use the EvaluateOnExit property to specify a set of conditions to be met, and an action to take (RETRY or EXIT) if all conditions are met.	November 5, 2020
Updated resource	The following resource was updated: AWS::EC2::Route. AWS::EC2::Route Use the CarrierGatewayId property to create a route to a carrier gateway.	November 5, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. CapacityRebalance Use the CapacityRebalance property to indicate whether Capacity Rebalancing is enabled.	November 5, 2020
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping Use the Queues property to specify the Amazon MQ queue to stream to a Lambda function. Use the Source access configuration property to specify the Secrets Manager secret that stores your MQ broker credentials.	November 5, 2020
New resource	The following new resource was added: AWS::Events::Archive. AWS::Events::Archive Use the Archive resource to create an EventBridge archive to store events in.	November 5, 2020
New resource	The following resource was added: AWS::IoT::DomainConfiguration. AWS::IoT::DomainConfiguration Use the AWS::IoT::DomainConfiguration resource to specify a domain configuration in AWS IoT Core.	November 5, 2020
New resource	The following resource was added: AWS::RDS::GlobalCluster. AWS::RDS::GlobalCluster Use the AWS::RDS::GlobalCluster resource to create or update an Aurora global database cluster.	November 5, 2020
Updated resource	The following resources were updated: AWS::AmazonMQ::Broker, AWS::AmazonMQ::Configuration, AWS::AmazonMQ::ConfigurationAssociation AWS::AmazonMQ::Broker Amazon MQ now supports RabbitMQ broker engine.	November 4, 2020
Updated resource	The following resource was updated: AWS::GlobalAccelerator::EndpointGroup. AWS::GlobalAccelerator::EndpointGroup Use the PortOverride property to override the listener port used for routing traffic to endpoints.	October 29, 2020
New resources	The following resources were added: AWS::IVS::Channel, AWS::IVS::StreamKey, and AWS::IVS::PlaybackKeyPair AWS::IVS::Channel Use the AWS::IVS::Channel resource to specify an Amazon IVS Channel, which stores configuration information related to your live stream. AWS::IVS::StreamKey Use the AWS::IVS::StreamKey resource to specify an Amazon IVS Stream Key, which creates a stream key for the specified IVS Channel. Use a stream key to initiate a live stream. AWS::IVS::PlaybackKeyPair Use the AWS::IVS::PlaybackKeyPair resource to specify an Amazon IVS PlaybackKeyPair, which is used to sign and validate a playback authorization token for a private channel.	October 29, 2020
New resource	The following resources were added: AWS::IoTSitewise::Asset, AWS::IoTSiteWise::AssetModel, and AWS::IoTSiteWise::Gateway. AWS::IoTSiteWise::Asset Use the AWS::IoTSiteWise::Asset resource to create a new asset in AWS IoT SiteWise. AWS::IoTSiteWise::AssetModel Use the AWS::IoTSiteWise::AssetModel resource to create a new asset model in AWS IoT SiteWise. AWS::IoTSiteWise::Gateway Use the AWS::IoTSiteWise::Gateway resource to create a new gateway in AWS IoT SiteWise.	October 28, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup Use the NewInstancesProtectedFromScaleIn property to specify whether newly launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in.	October 26, 2020
Updated resources	The following resources were updated: AWS::Batch::ComputeEnvironment, AWS::Batch::JobDefinition, and AWS::Batch::JobQueue. AWS::Batch::ComputeEnvironment Use the Tags property to specify tags for the compute environment. AWS::Batch::JobDefinition Use the Tags property to specify tags for the job definition. AWS::Batch::JobQueue Use the Tags property to specify tags for the job queue.	October 22, 2020
Updated resource	The following resource was updated: AWS::AppSync::ApiKey. AWS::AppSync::ApiKey Use the ApiKeyId property to specify the API key ID.	October 22, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the Origin property type, use the OriginShield property to enable CloudFront Origin Shield. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.	October 22, 2020
Updated resource	The following resource was updated: AWS::EMR::Cluster. AWS::EMR::Cluster Use the LogEncryptionKmsKeyId property to specify the AWS KMS key used for encrypting log files. Use the ManagedScalingPolicy property to create a managed scaling policy for an Amazon EMR cluster. Use the StepConcurrencyLevel property to specify the number of steps that can be executed concurrently.	October 22, 2020
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule Added AWS::Events::Rule DeadLetterConfig Added AWS::Events::Rule RetryPolicy AWS::Events::Rule Target Added the DeadLetterConfig property of the Target property type. Added the RetryPolicy property of the Target property type.	October 22, 2020
Updated resource	Added a new property, FileFormat, to the FAQ resource. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html	October 22, 2020
Updated resource	The following resource was updated: AWS::KinesisFirehose::DeliveryStream. AWS::KinesisFirehose::DeliveryStream DeliveryStreamEncryptionConfigurationInput property type is now supported for the delivery streams in CloudFormation.	October 22, 2020
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain In the ElasticsearchClusterConfig property type: Use the WarmCount property to specify the number of warm nodes in the cluster. Use the WarmEnabled property to specify whether to enable warm storage for the cluster. Use the WarmType property to specify the instance type for the cluster's warm nodes.	October 22, 2020
New resources	The following resources were added: AWS::MediaPackage::Asset, AWS::MediaPackage::Channel, AWS::MediaPackage::OriginEndpoint, AWS::MediaPackage::PackagingConfiguration, and AWS::MediaPackage::PackagingGroup. AWS::MediaPackage::Asset. Use the AWS::MediaPackage::Asset to specify an asset to ingest VOD content. AWS::MediaPackage::Channel. Use the AWS::MediaPackage::Channel to specify a channel to receive content. AWS::MediaPackage::OriginEndpoint. Use the AWS::MediaPackage::OriginEndpoint to specify an endpoint on an AWS Elemental MediaPackage channel. AWS::MediaPackage::PackagingConfiguration. Use the AWS::MediaPackage::PackagingConfiguration to specify a packaging configuration in a packaging group. AWS::MediaPackage::PackagingGroup. Use the AWS::MediaPackage::PackagingGroup to specify a packaging group.	October 22, 2020
New resource	The following updated resource was added: BlockPublicPolicy AWS::SecretsManager::Resource Policies.BlockPublicPolicy Use the BlockPublicPolicy when adding resource policies to Secrets Manager.	October 22, 2020
Increased quotas	The following AWS CloudFormation quotas have been updated. You can now declare a maximum of 200 mappings in your AWS CloudFormation template. You can now declare a maximum of 200 mapping attributes for each mapping in your AWS CloudFormation template. You can now declare a maximum of 200 outputs in your AWS CloudFormation template. You can now declare a maximum of 200 parameters in your AWS CloudFormation template. You can now declare a maximum of 500 resources in your AWS CloudFormation template. You can now pass a template body with a maximum size of 1 MB in an Amazon S3 object.	October 22, 2020
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary The ArtifactConfig and S3Encryption parameters were added.	October 21, 2020
Updated resource	The following resource was updated: AWS::AmazonMQ::Broker. AWS::AmazonMQ::Broker Use the LdapServerMetadata property to to authenticate and authorize connections to a broker.	October 9, 2020
New resources	The following resources were added: AWS::CodeArtifact::Domain and AWS::CodeArtifact::Repository. AWS::CodeArtifact::Domain Use the AWS::CodeArtifact::Domain resource to create an AWS CodeArtifact domain. AWS::CodeArtifact::Repository Use the AWS::CodeArtifact::Repository resource to create an AWS CodeArtifact repository.	October 8, 2020
New resources	The following resources were added: AWS::Timestream::Table and AWS::Timestream::Database. AWS::Timestream::Table Use the AWS::Timestream::Table resource to create a new table in an existing database in Amazon Timestream. AWS::Timestream::Database Use the AWS::Timestream::Database resource to create a new database in Amazon Timestream.	October 8, 2020
Updated resources	The following resources were updated: AWS::ECS::Service. AWS::ECS::Service Use the CapacityProviderStrategy property to specify a custom capacity provider strategy when creating a service.	October 1, 2020
Updated resource	The following resource was updated: AWS::Batch::JobDefinition. These property types were added. LogConfiguration Use the LogConfiguration property type to specify the log configuration options to send to a custom log driver for the container. Secrets Use the Secrets property type to specify a secret to expose to the container. Tmpfs Use the Tmpfs property type to specify the details of a tmpfs mount. These property types were updated. ContainerProperties These properties were added. ExecutionRoleArn Specifies the execution role to be assumed for the job. LogConfiguration Specifies the log configuration for a custom log driver for the job. Secrets Specifies the secrets provided for the job. LinuxParameters These properties were added. InitProcessEnabled Indicates that an init process should be enabled inside the container that forwards signals and reaps processes. MaxSwap Specifies the total amount of swap memory (in MiB) a job can use. SharedMemorySize Specifies the size (in MiB) of the /dev/shm volume. Swappiness Specifies the job container's memory swappiness behavior. Tmpfs Specifies the details of the job's tmpfs mount.	October 1, 2020
Updated resource	The following resource was updated: AWS::CloudFront::CachePolicy. AWS::CloudFront::CachePolicy In the AWS::CloudFront::CachePolicy resource, some properties are now required that previously were not required. In the AWS::CloudFront::CachePolicy ParametersInCacheKeyAndForwardedToOrigin property type, use the EnableAcceptEncodingBrotli property to enable CloudFront to serve compressed objects to viewers that support the Brotli compression format. For more information, see Compression support in the Amazon CloudFront Developer Guide.	October 1, 2020
Updated resource	The following resource was updated to support specifying a custom CIDR for Kubernetes service IP address assignment: AWS::EKS::Cluster. AWS::EKS::Cluster Use the KubernetesNetworkConfig property to specify a Kubernetes network configuration. AWS::EKS::Cluster KubernetesNetworkConfig Use the ServiceIpv4Cidr property to specify the CIDR block that you want Kubernetes to assign service IP addresses from.	October 1, 2020
New resource	The following resource was added: AWS::WorkSpaces::ConnectionAlias AWS::WorkSpaces::ConnectionAlias Use the AWS::WorkSpaces::ConnectionAlias resource to specify a connection alias. Connection aliases are used for cross-Region redirection.	October 1, 2020
Drift detection for private resources	CloudFormation supports drift detection operations on an expanded list of AWS resources, as well as private resources that are defined as provisonable. In addition to the resources that previously supported drift detection, CloudFormation now supports drift detection on all resources defined as provisionable in the CloudFormation registry. For more information, see Resources that support import and drift detection operations.	October 1, 2020
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster Adding support for SASL/Scram (sign-in credentials client authentication.)	September 24, 2020
Updated resource	The following resource was updated: AWS::ApiGateway::DomainName. AWS::ApiGateway::DomainName Use the AWS::ApiGateway::DomainName resource to configure mutual TLS authentication for an API.	September 17, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::DomainName. AWS::ApiGatewayV2::DomainName Use the AWS::ApiGatewayV2::DomainName resource to configure mutual TLS authentication for an API.	September 17, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Api. AWS::ApiGatewayV2::Api Use the AWS::ApiGatewayV2::Api resource to disable the default endpoint for an HTTP API.	September 17, 2020
New resources	The following resources were added: AWS::AppFlow::Flow and AWS::AppFlow::ConnectorProfile. AWS::AppFlow::Flow Use the AWS::AppFlow::Flow resource to specify a new flow in Amazon AppFlow. AWS::AppFlow::ConnectorProfile Use the AWS::AppFlow::ConnectorProfile describe an instance of a connector in Amazon AppFlow.	September 17, 2020
New resource	The following resource was added: AWS::CloudFormation::StackSet. AWS::CloudFormation::StackSet Use the AWS::CloudFormation::StackSet resource to provision stacks into AWS accounts and across Regions by using a single CloudFormation template.	September 17, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Authorizer. AWS::ApiGatewayV2::Authorizer Use the AWS::ApiGatewayV2::Authorizer resource to create a Lambda authorizer for an HTTP API.	September 10, 2020
Updated resource	The following resource was updated: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the DeleteReports property to specify if any reports that belong to the report group should be deleted when the report group is deleted.	September 10, 2020
Updated resource	The following resource was updated: AWS::StepFunctions::StateMachine. AWS::StepFunctions::StateMachine The AWS::StepFunctions::StateMachine now supports X-Ray tracing. You can use the TracingConfiguration property to enable X-Ray tracing for your state machines.	September 10, 2020
New resources	This is the first release of Amazon Kendra in AWS CloudFormation.	September 10, 2020
New resources	The following resources were added: AWS::SSO::Assignment, AWS::SSO::PermissionSet. AWS::SSO::Assignment Use the AWS::SSO::Assignment resource to assign access to a principal for a specified AWS account using a specified permission set. AWS::SSO::PermissionSet Use the AWS::SSO::PermissionSet resource to create a permission set within a specified IAM Identity Center instance.	September 10, 2020
Update resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types, use the RealtimeLogConfigArn property to specify the Amazon Resource Name (ARN) of the real-time log configuration for the cache behavior. For more information, see Real-time logs in the Amazon CloudFront Developer Guide.	September 3, 2020
New resources	The following resources were added: AWS::CloudFront::CachePolicy, AWS::CloudFront::OriginRequestPolicy, and AWS::CloudFront::RealtimeLogConfig. AWS::CloudFront::CachePolicy Use the AWS::CloudFront::CachePolicy resource to create a new cache policy in Amazon CloudFront. AWS::CloudFront::OriginRequestPolicy Use the AWS::CloudFront::OriginRequestPolicy resource to create a new origin request policy in Amazon CloudFront. AWS::CloudFront::RealtimeLogConfig Use the AWS::CloudFront::RealtimeLogConfig resource to create a new real-time log configuration in Amazon CloudFront.	September 3, 2020
New resource	The following resource was added: AWS::CodeGuruReviewer::RepositoryAssociation AWS::CodeGuruReviewer::RepositoryAssociation The AWS::CodeGuruReviewer::RepositoryAssociation resource describes an associated repository that contains source code to be analyzed by AWS CodeGuru Reviewer. For more information, see RespositoryAssociation in the AWS CodeGuru Reviewer API Reference.	September 3, 2020
New resource	The following resource was added: AWS::EKS::FargateProfile. AWS::EKS::FargateProfile Use the AWS::EKS::FargateProfile resource to create an AWS Fargate profile.	September 3, 2020
Updated resource	The following resource was updated: AWS::CodeCommit::Repository Code AWS::CodeCommit::Repository Code Use the BranchName property to specify a branch name to be used as the default branch when importing code into a repository.	August 31, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProvisionedProduct. AWS::ServiceCatalog::CloudFormationProvisionedProduct The PathName property is now available as an alternative to PathId.	August 27, 2020
New resources	The following resources were added: AWS::GameLift::GameServerGroup AWS::GameLift::GameServerGroup Use the AWS::GameLift::GameServerGroup resource to create a GameLift FleetIQ game server group to run low-cost game hosting on your Amazon EC2 instances.	August 27, 2020
New resources	The following resources were added: AWS::Route53Resolver::ResolverQueryLoggingConfig and AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation. AWS::Route53Resolver::ResolverQueryLoggingConfig Use the AWS::Route53Resolver::ResolverQueryLoggingConfig resource to specify settings for a query logging configuration. AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation Use the AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation resource to configure DNS query logging.	August 27, 2020
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Added a KeyId attribute to the return values.	August 26, 2020
Updated resource	The following resource was updated to support use of a launch template: AWS::EKS::Nodegroup. AWS::EKS::Nodegroup Use the LaunchTemplate property to specify a launch template specification that can be used to deploy or update a managed node group. If you use a launch template to deploy a node group, some settings that you normally set for a node group must be moved into the launch template. The text for affected settings has been updated to note that.	August 20, 2020
Updated resources	The following resources were updated: AWS::ECS::TaskDefinition. AWS::ECS::TaskDefinition Use the EnvironmentFiles property to specify a list of files containing the environment variables to pass to a container.	August 13, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type, use DriveCacheType to specify the type of drive cache used by PERSISTENT_1 file systems that are provisioned with HDD storage devices.	August 13, 2020
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping Use the Topics property to specify the Amazon MSK topics to stream to a Lambda function.	August 13, 2020
New resource	The following resource was added: AWS::ApplicationInsights::Application AWS::ApplicationInsights::Application Use the AWS::ApplicationInsights::Application resource to add an application that is created from a resource group.	August 13, 2020
New resource	The following resource was added: AWS::EC2::CarrierGateway. AWS::EC2::CarrierGateway Use the CarrierGateway resource to create a carrier gateway.	August 13, 2020
Updated permissions required for registering resource providers	Registering a resource provider in your account now requires you have permission to access the schema handler package uploaded to an S3 bucket for that resource provider. For more information, see Registering resource providers in CloudFormation.	August 7, 2020
Updated resource	The following resource was updated: AWS::CodeBuild::Project AWS::CodeBuild::Project Use the BuildBatchConfig property to specify configuration information for a batch build.	August 6, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type, AutoImportPolicyType was changed to AutoImportPolicy. Use AutoImportPolicy to configure your Amazon FSx for Lustre file system to automatically import metadata of objects that are added to or changed in your linked S3 bucket after file system creation.	August 6, 2020
Updated resources	The following resources were updated: AWS::ECS::TaskDefinition. AWS::ECS::TaskDefinition Use the EFSVolumeConfiguration property to specify an Amazon Elastic File System file system for task storage.	July 30, 2020
Updated resource	The following resource was updated: AWS::EC2::FlowLog. AWS::EC2::FlowLog Use the LogFormat property to specify the fields for the flow log record. Use the MaxAggregationInterval property to specify the maximum interval for capturing and aggregating flows. Use the Tags property to specify tags for the flow log.	July 30, 2020
Updated resource	The following resource was updated: AWS::GroundStation::DataflowEndpointGroup. MTU property The MTU property sets the maximum transmission unit used for a dataflow endpoint.	July 30, 2020
New resources	The following resources were added: AWS::AppMesh::VirtualGateway and AWS::AppMesh::GatewayRoute AWS::AppMesh::VirtualGateway Use the AWS::AppMesh::VirtualGateway resource to create a virtual gateway that allows resources outside of your mesh to communicate to resources that are inside of your mesh. AWS::AppMesh::GatewayRoute Use the AWS::AppMesh::GatewayRoute resource to create a gateway route that routes traffic to a virtual service.	July 30, 2020
New resources	The following resource was added: AWS::SageMaker::MonitoringSchedule AWS::SageMaker::MonitoringSchedule Use the AWS::SageMaker::MonitoringSchedule resource to create a monitoring schedule to regularly start an Amazon SageMaker processing job to monitor the data captured for a SageMaker endpoint.	July 30, 2020
New property	The following properties were added: AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration and AWS::CodeGuruProfiler::ProfilingGroup.Tags. AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration Use the AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration property to configure notifications for your profiling group. AWS::CodeGuruProfiler::ProfilingGroup.Tags Use the AWS::CodeGuruProfiler::ProfilingGroup.Tags property to add tags to a profiling group.	July 30, 2020
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup. AWS::WAFv2::WebACL Rule statements that use IP addresses now support using IP addresses that are forwarded in an HTTP header in the web request, instead of using the IP address that's reported by the web request origin. This option is available for all rule statements that use an IP address: GeoMatchStatement, RateBasedStatement, and IPSetReferenceStatement. The following new properties support this functionality: IPSetForwardedIPConfiguration and ForwardedIPConfiguration. AWS::WAFv2::RuleGroup Rule statements that use IP addresses now support using IP addresses that are forwarded in an HTTP header in the web request, instead of using the IP address that's reported by the web request origin. This option is available for all rule statements that use an IP address: GeoMatchStatement, RateBasedStatement, and IPSetReferenceStatement. The following new properties support this functionality: IPSetForwardedIPConfiguration and ForwardedIPConfiguration.	July 23, 2020
Updated resource	The following resource was updated: AWS::EFS::FileSystem AWS::EFS::FileSystem Use the BackupPolicy property to turn automatic backups on or off for your Amazon EFS file system.	July 23, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types: Use the CachePolicyId property to specify the ID of the cache policy for the cache behavior. Use the OriginRequestPolicyId property to specify the ID of the origin request policy for the cache behavior. For more information, see Working with policies in the Amazon CloudFront Developer Guide.	July 23, 2020
Updated resource	The following resource was updated: AWS::CodeStarConnections::Connection AWS::CodeStarConnections::Connection Use the HostArn property to specify the host associated with connections you want to make to an installed provider.	July 23, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type, use AutoImportPolicyType to configure how FSx imports new files and file changes in the linked data repository into the file system.	July 23, 2020
Updated resource	The following resource was updated: EndpointConfig AWS::SageMaker::EndpointConfig Use the CaptureContentTypeHeader property to specify content types (JSON and/or CSV) to capture. Use the CaptureOption property to specify whether to capture input data, output data, or both. Use the DataCaptureConfig resource/property to configure how the endpoint captures data.	July 23, 2020
New resource	The following resource was added: AWS::SecretsManager::RotationSchedule.HostedRotationLambda. AWS::SecretsManager::RotationSchedule Use the HostedRotationLambda property type to create a rotation Lambda.	July 23, 2020
Updated resource	The following resource was updated: AWS::Amplify::App AWS::Amplify::App Use the EnableBranchAutoDeletion property to automatically disconnect a branch in the Amplify Console when you delete a branch from your Git repository.	July 9, 2020
Updated resource	The following resource was updated: AWS::Amplify::Domain AWS::Amplify::Domain Use the AutoSubDomainCreationPatterns property to set branch patterns for automatic subdomain creation. Use the AutoSubDomainIAMRole property to specify the required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains. Use the EnableAutoSubDomain property to enable the automated creation of subdomains for branches.	July 9, 2020
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary The MemoryInMB parameter was added. Also, the RunConfig parameter is no longer required, and DurationInSeconds is no longer required.	July 9, 2020
Updated resource	The following resource was updated: AWS::ElasticLoadBalancingV2::Listener. AWS::ElasticLoadBalancingV2::Listener Use the AlpnPolicy property to specify the name of the Application-Layer Protocol Negotiation (ALPN) policy for TLS listeners.	July 9, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem The StorageCapacity property has changed so that an update requires no interruption. In the WindowsConfiguration property type, the ThroughputCapacity property has changed so that an update requires no interruption. In the LustreConfiguration property type: Use the DailyAutomaticBackupStartTime property to specify the time that the daily automatic backup window starts. Use the CopyTagsToBackups boolean property to copy file system tags to its backups. Use the AutomaticBackupRetentionDays property to set the number of days to retain file system backups.	July 9, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProvisionedProduct. AWS::ServiceCatalog::CloudFormationProvisionedProduct Use the Outputs property to view the output of the product you are provisioning.	July 9, 2020
New resource	The following resource was added: AWS::Athena::DataCatalog AWS::Athena::DataCatalog Use the AWS::Athena::DataCatalog resource to register external data sources with Athena.	July 9, 2020
New resource	The following resource was added: AWS::EC2::PrefixList. AWS::EC2::PrefixList Use the PrefixList resource to create a prefix list.	July 9, 2020
New resource	The following resource was added: AWS::QLDB::Stream AWS::QLDB::Stream Use the AWS::QLDB::Stream resource to specify a new journal stream for a given Amazon Quantum Ledger Database (Amazon QLDB) ledger.	July 9, 2020
New property	The following property was added to AWS::CodeBuild::Project Source: BuildStatusConfig AWS::CodeBuild::Project Source Use the buildStatusConfig property to specify build status information to the source provider.	July 9, 2020
New property	The following resource was added: AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform. AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform Use AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform to specify the compute platform of the profiling group.	July 9, 2020
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule In the Target property type, use the HttpParameters property to specify the HTTP parameters to use when the target is a API Gateway REST endpoint.	July 6, 2020
Updated resource	The following resource was updated: AWS::ApplicationAutoScaling::ScalableTarget. AWS::ApplicationAutoScaling::ScalableTarget In the ScheduledAction property type, use the Timezone property to create scheduled actions in the local time zone. If your time zone observes Daylight Saving Time (DST), it automatically adjusts for Daylight Saving Time.	July 1, 2020
New resource	The following resource was added: AWS::AppConfig::HostedConfigurationVersion AWS::AppConfig::HostedConfigurationVersion This resource lets you create a new configuration in the AWS AppConfig hosted configuration store.	June 25, 2020
Updated resources	The following resources were updated: AWS::ServiceDiscovery::HttpNamespace, AWS::ServiceDiscovery::PrivateDnsNamespace, AWS::ServiceDiscovery::PublicDnsNamespace, AWS::ServiceDiscovery::Service. AWS::ServiceDiscovery::HttpNamespace Use the Tags property to add tag keys and values to an AWS Cloud Map HTTP namespace. AWS::ServiceDiscovery::PrivateDnsNamespace Use the Tags property to add tag keys and values to an AWS Cloud Map private DNS namespace. AWS::ServiceDiscovery::PublicDnsNamespace Use the Tags property to add tag keys and values to an AWS Cloud Map public DNS namespace. AWS::ServiceDiscovery::Service Use the Tags property to add tag keys and values to an AWS Cloud Map service.	June 22, 2020
Updated resources	The following resources were updated: AWS::ECS::Cluster. AWS::ECS::Cluster Use the CapacityProviderStrategyItem property to specify the capacity provider strategy when creating a cluster.	June 18, 2020
Updated resource	The following resources were updated: AWS::FMS::Policy IEMap. AWS::FMS::Policy IEMap The AWS::FMS::Policy IEMap resource now allows you to specify accounts using AWS Organizations organizational units (OUs), in addition to account IDs.	June 18, 2020
New resources	The following resources were added: AWS::ECS::CapacityProvider. AWS::ECS::CapacityProvider Use the AWS::ECS::CapacityProvider resource to create a new capacity provider.	June 18, 2020
Updated resource	The following resource was updated: AWS::EFS::FileSystem AWS::EFS::FileSystem Use the FileSystemPolicy property to create a new resource policy to control NFS access to your Amazon EFS file system.	June 16, 2020
Updated resource	The following resource was updated: AWS::EFS::AccessPoint AWS::EFS::AccessPoint Fn::GetAtt now returns the AccessPointId and Arn attributes.	June 16, 2020
Updated resource	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function Use the FileSystemConfigs property to specify connection settings for an Amazon EFS file system.	June 16, 2020
Updated resources	The following resource was updated: AWS::EC2::Volume. AWS::EC2::Volume Use the OutpostArn property to specify the Amazon Resource Name (ARN) of the Outpost.	June 11, 2020
Updated resource	The following resource was updated: AWS::CertificateManager::Certificate AWS::CertificateManager::Certificate Use the CertificateAuthorityArn property to specify the Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. Use the CertificateTransparencyLoggingPreference property to enable or disable certificate transparency logging.	June 11, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the Origin property type, use the ConnectionAttempts property to specify the number of times that CloudFront attempts to connect to the origin. In the Origin property type, use the ConnectionTimeout property to specify the number of seconds that CloudFront waits when trying to establish a connection to the origin.	June 11, 2020
Updated resource	The following resource was updated: AWS::ElasticLoadBalancingV2::LoadBalancer. AWS::ElasticLoadBalancingV2::LoadBalancer Use the SubnetMapping attribute to specify a subnet to attach to a load balancer.	June 11, 2020
Updated resource	The following resource was updated: AWS::ElastiCache::ReplicationGroup. AWS::ElastiCache::ReplicationGroup Use the MultiAZEnabled attribute to indicate if you have Multi-AZ enabled.	June 11, 2020
New resource	The following resources were added: AWS::RDS::DBProxy and AWS::RDS::DBProxyTargetGroup. AWS::RDS::DBProxy Use the AWS::RDS::DBProxy resource to create or update a DB proxy. Use the AWS::RDS::DBProxyTargetGroup resource to specify a set of RDS DB instances, Aurora DB clusters, or both that a proxy can connect to.	June 4, 2020
Resource import supports provisionable private resource types	Import operations now support private resource types that are provisionable; that is, whose provisioning type is either FULLY_MUTABLE or IMMUTABLE. For more information, see Resources that support import operations.	June 3, 2020
New property	The following property was added: AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions. AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions The AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions property shows the agent permissions attached to this profiling group.	June 3, 2020
Updated resource	The following resource was updated: AWS::EC2::ClientVpnEndpoint AWS::EC2::ClientVpnEndpoint ClientAuthenticationRequest Use the FederatedAuthentication property to specify an IAM SAML identity provider for your Client VPN endpoint.	May 28, 2020
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster You can now update an existing MSK cluster to a newer version of Apache Kafka. You can't update it to an older version.	May 28, 2020
Updated resource	The following resource was updated: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the tags property to specify the name and value of any tags that you want supporting AWS services to use for a report group.	May 21, 2020
Updated resource	The following resource was updated: AWS::StepFunctions::StateMachine. AWS::StepFunctions::StateMachine The AWS::StepFunctions::StateMachine has two new properties. You can use the DefinitionS3Location property to reference a state machine JSON definition file stored in an S3 bucket. You can use the DefinitionSubstitutions property to pass variables into the state machine definition file referenced by DefinitionS3Location.	May 21, 2020
Updated resource	The following resource was updated: AWS::SSM::Parameter AWS::SSM::Parameter When you create a String parameter, you can now specify a DataType value as aws:ec2:image to ensure that the parameter value you enter is a valid Amazon Machine Image (AMI) ID format. Support for AMI ID formats lets you avoid updating all your scripts and templates with a new ID each time the AMI that you want to use in your processes changes. You can create a parameter with the data type aws:ec2:image, and for its value, enter the ID of an AMI. This is the AMI from which you currently want new instances to be created. You then reference this parameter in your templates and commands. When you’re ready to use a different AMI, update the parameter value. Parameter Store validates the new AMI ID, and you don’t need to update your scripts and templates.	May 21, 2020
ECS blue/green deployments through CodeDeploy	You can now use CloudFormation to perform ECS blue/green deployments through CodeDeploy. Blue/green deployments are a safe deployment strategy provided by AWS CodeDeploy for minimizing interruptions caused by changing application versions. For more information, see Performing ECS blue/green deployments through CodeDeploy using AWS CloudFormation.	May 19, 2020
AWS CloudFormation StackSets Region availability	AWS CloudFormation StackSets is now available in the AWS GovCloud (US-West) Region.	May 18, 2020
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary The RunConfig parameter is required.	May 14, 2020
Updated resource	The following resource was updated: AWS::CodeStarConnections::Connection AWS::CodeStarConnections::Connection Use the Tags property to specify the tags applied to your connections resource.	May 14, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProduct. AWS::ServiceCatalog::CloudFormationProduct Use the ReplaceProvisioningArtifacts property to choose whether provisioning artifact identifiers are replaced when you update a product.	May 14, 2020
New resources	The following resources were added: AWS::GlobalAccelerator::Accelerator, AWS::GlobalAccelerator::EndpointGroup, and AWS::GlobalAccelerator::Listener AWS::GlobalAccelerator::Accelerator Use the AWS::GlobalAccelerator::Accelerator resource to create or update an accelerator for AWS Global Accelerator. AWS::GlobalAccelerator::EndpointGroup Use the AWS::GlobalAccelerator::EndpointGroup resource to create or update an endpoint group for AWS Global Accelerator. AWS::GlobalAccelerator::Listener Use the AWS::GlobalAccelerator::Listener resource to create or update a listener for AWS Global Accelerator.	May 14, 2020
New resources	The following resources were added: AWS::Macie::CustomDataIdentifier, AWS::Macie::FindingsFilter, and AWS::Macie::Session AWS::Macie::CustomDataIdentifier Use the AWS::Macie::CustomDataIdentifier resource to create a custom data identifier in Amazon Macie. AWS::Macie::FindingsFilter Use the AWS::Macie::FindingsFilter resource to create a custom filter for findings in Amazon Macie. AWS::Macie::Session Use the AWS::Macie::Session resource to enable Amazon Macie.	May 14, 2020
Updated resource	The following resource was updated: AWS::IoTEvents::DetectorModel. AWS::IoTEvents::DetectorModel Added the following properties: AssetPropertyTimestamp, AssetPropertyValue, AssetPropertyVariant, DynamoDB, DynamoDBv2, IotSiteWise, and Payload. Updated the following property: SetTimer.	May 7, 2020
Updated resource	The following resource was updated: AWS::SSM::Association AWS::SSM::Association Use the WaitForSuccessTimeoutSeconds property to specify the number of seconds the service should wait for the association status to show "Success" before proceeding with the stack execution. If the association status doesn't show "Success" after the specified number of seconds, then stack creation fails.	May 7, 2020
New resource	The following resource was added: AWS::ImageBuilder::Image. AWS::ImageBuilder::Image Use the AWS::ImageBuilder::Image resource to create an image in the Image Builder service.	May 7, 2020
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary Use the Name property to specify the name for this canary.	April 30, 2020
New resource	The following resource was added: AWS::EventSchemas::RegistryPolicy. AWS::EventSchemas::RegistryPolicy Use the AWS::EventSchemas::RegistryPolicy resource to specify a resource-based policy associated with a schema registry.	April 30, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem Use the LustreMountName attribute when mounting an Amazon FSx for Lustre file system.	April 23, 2020
New resources	The following resources were added: AWS::ImageBuilder::Component, AWS::ImageBuilder::DistributionConfiguration, AWS::ImageBuilder::ImagePipeline, AWS::ImageBuilder::ImageRecipe, and AWS::ImageBuilder::InfrastructureConfiguration. AWS::ImageBuilder::Component Use the AWS::ImageBuilder::Component resource to create a component in the Image Builder service. AWS::ImageBuilder::DistributionConfiguration Use the AWS::ImageBuilder::DistributionConfiguration resource to create a distribution configuration in the Image Builder service. AWS::ImageBuilder::ImagePipeline Use the AWS::ImageBuilder::ImagePipeline resource to create an image pipeline in the Image Builder service. AWS::ImageBuilder::ImageRecipe Use the AWS::ImageBuilder::ImageRecipe resource to create an image recipe in the Image Builder service. AWS::ImageBuilder::InfrastructureConfiguration Use the AWS::ImageBuilder::InfrastructureConfiguration resource to create an infrastructure configuration in the Image Builder service.	April 23, 2020
New resource	The following resource was added: AWS::Synthetics::Canary. AWS::Synthetics::Canary Use the AWS::Synthetics::Canary resource to create a canary. Canaries are configurable scripts that run on a schedule and monitor your endpoints and APIs. By using canaries, you can discover issues before your customers do.	April 23, 2020
New resource	The following resource was added: AWS::CE::CostCategory AWS::CE::CostCategory Use the AWS::CE::CostCategory resource to create groupings of costs that you can use across products in the AWS Billing and Cost Management console.	April 23, 2020
Updated resource	The following resource was updated: AWS::Glue::DevEndpoint AWS::Glue::DevEndpoint Use the PublicKeys property to specify a list of public keys to be used by a development endpoint for authentication.	April 16, 2020
Updated resource	The following resource was updated: AWS::Glue::MLTransform AWS::Glue::MLTransform Use the Tags property to specify the AWS resource tags to use to manage access to a machine learning transform.	April 16, 2020
New resource	The following resource was added: AWS::ResourceGroups::Group AWS::ResourceGroups::Group Use the AWS::ResourceGroups::Group resource to create a resource group with the specified name, description, and resource query.	April 16, 2020
Updated resource	The following resource was updated: AWS::CloudWatch::InsightRule. AWS::CloudWatch::InsightRule The AWS::CloudWatch::InsightRule resource now supports tags. Use the AWS::CloudWatch::InsightRule resource to create Contributor Insights rules. For more information, see Using Contributor Insights to Analyze High-Cardinality Data.	April 2, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem Use the StorageType property to specify the type of storage for the file system, either solid state drive, SSD or hard disk drive, HDD. In the WindowsConfiguration property type, use the DeploymentType property to specify a new Amazon FSx for Windows File Server file system deployment type, SINGLE_AZ_2, the latest generation of Single-AZ file systems.	April 2, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::LaunchRoleConstraint. AWS::ServiceCatalog::LaunchRoleConstraint Use the LocalRoleName property to specify an IAM role to use when an account uses a launch constraint.	April 2, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Integration. AWS::ApiGatewayV2::Integration Use the AWS::ApiGatewayV2::Integration resource to create a private integration for an HTTP API.	March 26, 2020
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Use the UsernameConfiguration property to set case sensitivity on the username input for the selected sign-in option.	March 26, 2020
Updated resource	The following resource was updated: AWS::EC2::Volume AWS::EC2::Volume Use the MultiAttachEnabled property to indicate whether Amazon EBS Multi-Attach is enabled.	March 26, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup Use the MaxInstanceLifetime property to specify the maximum amount of time, in seconds, that an instance can be in service.	March 26, 2020
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance The AWS::RDS::DBInstance resource now supports Read Replica across multiple Availability Zone deployments.	March 26, 2020
New resources	The following resources were added: AWS::Detective::Graph and AWS::Detective::MemberInvitation AWS::Detective::Graph Use the AWS::Detective::Graph resource to specify a Detective behavior graph. AWS::Detective::MemberInvitation Use the AWS::Detective::MemberInvitation resource to send an invitation to join a Detective behavior graph.	March 26, 2020
Updated resource	The following resource was updated: AWS::EC2::ClientVpnEndpoint. AWS::EC2::ClientVpnEndpoint Use the VpcId and SecurityGroupIds properties to assign security groups to your Client VPN endpoint.	March 19, 2020
New resources	The following resources were added: AWS::NetworkManager::CustomerGatewayAssociation, AWS::NetworkManager::Device, AWS::NetworkManager::GlobalNetwork, AWS::NetworkManager::Link, AWS::NetworkManager::LinkAssociation, AWS::NetworkManager::Site, and AWS::NetworkManager::TransitGatewayRegistration AWS::NetworkManager::CustomerGatewayAssociation Use the AWS::NetworkManager::CustomerGatewayAssociation resource to specify an association between a customer gateway, device, and link. AWS::NetworkManager::Device Use the AWS::NetworkManager::Device resource to specify a device in a global network. AWS::NetworkManager::GlobalNetwork Use the AWS::NetworkManager::GlobalNetwork resource to specify a global network. AWS::NetworkManager::Link Use the AWS::NetworkManager::Link resource to specify a link for a site. AWS::NetworkManager::LinkAssociation Use the AWS::NetworkManager::LinkAssociation resource to specify an association between a device and a link. AWS::NetworkManager::Site Use the AWS::NetworkManager::Site resource to specify a site in a global network. AWS::NetworkManager::TransitGatewayRegistration Use the AWS::NetworkManager::TransitGatewayRegistration resource to specify the registration of a transit gateway in a global network.	March 19, 2020
New resource	The following resource was added: AWS::CodeGuruProfiler::ProfilingGroup. AWS::CodeGuruProfiler::ProfilingGroup Use the AWS::CodeGuruProfiler::ProfilingGroup resource to create a profiling group.	March 19, 2020
New resources	The following resources were added: AWS::Cassandra::Keyspace and AWS::Cassandra::Table. AWS::Cassandra::Keyspace Use the AWS::Cassandra::Keyspace resource to create a new keyspace in Amazon Keyspaces (for Apache Cassandra). AWS::Cassandra::Table Use the AWS::Cassandra::Table resource to create a new table in Amazon Keyspaces (for Apache Cassandra).	March 16, 2020
Updated resource	The following resources were updated: AWS::AppMesh::VirtualNode, AWS::AppMesh::VirtualRouter, AWS::AppMesh::VirtualService, and AWS::AppMesh::Route AWS::AppMesh::VirtualNode Use the MeshOwner property to specify the account ID that owns a shared mesh. AWS::AppMesh::Route Use the MeshOwner property to specify the account ID that owns a shared mesh. AWS::AppMesh::VirtualRouter Use the MeshOwner property to specify the account ID that owns a shared mesh. AWS::AppMesh::VirtualService Use the MeshOwner property to specify the account ID that owns a shared mesh.	March 12, 2020
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster Use LoggingInfo to stream broker logs to one or more of the following destination types: Amazon CloudWatch Logs, Amazon S3, Kinesis Data Firehose.	March 12, 2020
New and updated resources	The following resources were added or updated: AWS::ApiGatewayV2::ApiGatewayManagedOverrides, AWS::ApiGatewayV2::Integration, and AWS::ApiGatewayV2::VpcLink. AWS::ApiGatewayV2::ApiGatewayManagedOverrides Use the AWS::ApiGatewayV2::ApiGatewayManagedOverrides resource to override the default properties of API Gateway managed resources. AWS::ApiGatewayV2::Integration Use the AWS::ApiGatewayV2::Integration resource to create a private integration for an HTTP API. AWS::ApiGatewayV2::VpcLink Use the AWS::ApiGatewayV2::VpcLink resource to create a VPC link for an HTTP API.	March 12, 2020
Updated resources	The following resources were updated: AWS::Greengrass::ResourceDefinition and AWS::Greengrass::ResourceDefinitionVersion AWS::Greengrass::ResourceDefinition In the S3MachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource. In the SageMakerMachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource. AWS::Greengrass::ResourceDefinitionVersion In the S3MachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource. In the SageMakerMachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource.	March 9, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the DistributionConfig property type, use the OriginGroups property to specify information about origin groups for this distribution.	March 5, 2020
Updated resource	The following resource was updated to support envelope encryption of secrets with AWS Key Management Service: AWS::EKS::Cluster AWS::EKS::Cluster EncryptionConfig Use the AWS::EKS::Cluster EncryptionConfig property to specify the encryption configuration for an Amazon EKS cluster. AWS::EKS::Cluster Provider Use the AWS::EKS::Cluster Provider property to specify the AWS Key Management Service customer master key (CMK) used to encrypt the secrets for an Amazon EKS cluster.	March 5, 2020
New resource	The following resource was added: AWS::Athena::WorkGroup AWS::Athena::WorkGroup Use the AWS::Athena::WorkGroup resource to separate users, teams, applications, or workloads, set limits on the amount of data the workgroup or its queries can process, and track costs.	March 5, 2020
New resource	The following resource was added: AWS::Chatbot::SlackChannelConfiguration AWS::Chatbot::SlackChannelConfiguration Use the AWS::Chatbot::SlackChannelConfiguration resource to configure a Slack channel with AWS Chatbot.	March 5, 2020
New resource	The following resource was added: AWS::CodeStarConnections::Connection AWS::CodeStarConnections::Connection Use the AWS::CodeStarConnections::Connection resource to specify Connection.	March 5, 2020
New resource	The following resource was added: AWS::CloudWatch::CompositeAlarm. AWS::CloudWatch::CompositeAlarm Use the AWS::CloudWatch::CompositeAlarm property to create a composite alarm. Composite alarms evaluate their alarm state based on the alarm states of other CloudWatchrules.	March 2, 2020
Updated resource	The following resource was updated: AWS::AppMesh::VirtualNode AWS::AppMesh::VirtualNode Use the BackendDefaults property to specify a client policy for a backend. Use the ClientPolicy property to specify a client policy. Use the ClientPolicyTls property to specify a Transport Layer Security (TLS) client policy. Use the ListenerTls property to specify a TLS listener. Use the ListenerTlsCertificate property to specify the type of certificate to use for a client policy. Use the ListenerTlsAcmCertificate property to specify an AWS Certificate Manager certificate. Use the ListenerTlsFileCertificate property to specify properties of a local file certificate. Use the TlsValidationContext property to specify a TLS validation context trust. Use the TlsValidationContextAcmTrust property to specify a context trust for an AWS Certificate Manager certificate. Use the TlsValidationContextFileTrust property to specify a file that contains the certificate trust chain for a local file certificate. Use the TlsValidationContextTrust property to specify a TLS validation context trust. Use the VirtualNodeSpec property to specify BackendDefaults. Use the Listener property to specify a ListenerTls.	February 27, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type: Use the DeploymentType property to specify the Amazon FSx for Lustre file system deployment type, either PERSISTENT_1, SCRATCH_2, or SCRATCH_1. Use the PerUnitStorageThroughput property to specify the throughput in MB/s/TiB for a PERSISTENT_1 Amazon FSx for Lustre file system deployment type.	February 27, 2020
New resources	The following resources were added: AWS::GroundStation::Config, AWS::GroundStation::DataflowEndpointGroup, and AWS::GroundStation::MissionProfile AWS::GroundStation::Config Use the AWS::GroundStation::Config resource to specify a Config with the specified parameters. AWS::GroundStation::DataflowEndpointGroup Use the AWS::GroundStation::DataflowEndpointGroup resource to specify a Dataflow Endpoint Group request. AWS::GroundStation::MissionProfile Use the AWS::GroundStation::MissionProfile resource to specify parameters and provide references to config objects to define how Ground Station lists and executes contacts.	February 27, 2020
Updated resource	The following resources was updated: AWS::CodeBuild::Project AWS::CodeBuild::Project Use the ProjectFileSystemLocation property to specify a file system that your AWS CodeBuild build project mounts. You use Amazon Elastic File System (EFS) to create the file system. For more information, see Amazon Elastic File System Sample for CodeBuild.	February 20, 2020
Updated resource	The following resource was updated: AWS::Neptune::DBCluster AWS::Neptune::DBCluster Use the DeletionProtection property to help prevent inadvertent deletion of your DB cluster. Use the EngineVersion property to specify the engine version that your new DB cluster will use. Warning When you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.	February 18, 2020
New resources	The following resources were added: AWS::EC2::LocalGatewayRoute and AWS::EC2::LocalGatewayRouteTableVPCAssociation. AWS::EC2::LocalGatewayRoute Use the LocalGatewayRoute resource to associate the specified VPC with the specified local gateway route table. AWS::EC2::LocalGatewayRouteTableVPCAssociation Use the LocalGatewayRouteTableVPCAssociation resource to associate the specified VPC with the specified local gateway route table.	February 14, 2020
Updated resources	The following resource were updated: AWS::ElasticLoadBalancingV2::Listener and AWS::ElasticLoadBalancingV2::ListenerRule AWS::ElasticLoadBalancingV2::Listener In the Action property type, use the ForwardConfig property to specify an action that distributes requests among one or more target groups. AWS::ElasticLoadBalancingV2::ListenerRule In the Action property type, use the ForwardConfig property to specify an action that distributes requests among one or more target groups.	February 13, 2020
New resource	The following resource was added: AWS::Config::ConformancePack AWS::Config::ConformancePack Use the AWS::Config::ConformancePack resource to create a Conformance Pack that is a collection of AWS rules that can be easily deployed in an account and a region and across AWS Organizations.	February 13, 2020
New resource	The following resource was added: AWS::Config::OrganizationConformancePack AWS::Config::OrganizationConformancePack Use the AWS::Config::OrganizationConformancePack resource to create an OrganizationConformancePack that has information about conformance packs that AWS Config creates in the member accounts.	February 13, 2020
New resource	The following resources were added: AWS::FMS::NotificationChannel and AWS::FMS::Policy. AWS::FMS::NotificationChannel Use the AWS::FMS::NotificationChannel resource to designate the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager uses to record SNS logs. AWS::FMS::Policy Use the AWS::FMS::Policy resource to specify an AWS Firewall Manager policy.	February 13, 2020
AWS CloudFormation StackSets integrates with AWS Organizations	Use StackSets to centrally manage deployments to all the accounts in your organization or specific organizational units (OUs) in AWS Organizations. You can enable automatic deployments to any new accounts added to your organization or OUs. The permissions needed to deploy across accounts will automatically be handled by StackSets. For more information, see Working with AWS CloudFormation StackSets.	February 11, 2020
Updated resources	The following resources were updated: AWS::EC2::LaunchTemplate and AWS::EC2::ClientVpnEndpoint AWS::EC2::LaunchTemplate Use the MetadataOptions property to configure the Instance Metadata Service (IMDS) for the instance. Use the HostResourceGroupArn property to specify the ARN of the host resource group in which to launch the instances. Use the PartitionNumber property to specify a target partition in a partition placement group. Use the LaunchTemplateElasticInferenceAccelerator property to specify the number of elastic inference accelerators to attach to the instance. AWS::EC2::ClientVpnEndpoint Use the VpnPort property to assign a port number for TCP and UDP traffic.	February 6, 2020
Updated resource	The following resource was updated: AWS::AppSync::GraphQLApi. AWS::AppSync::GraphQLApi When the property XrayEnabled is set to TRUE, X-Ray tracing is enabled for this GraphqlApi.	February 6, 2020
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Added AccountRecoverySetting parameter to define which verified available method a user can use to recover their password.	February 6, 2020
Updated resource	The following resource was updated: AWS::OpsWorksCM::Server AWS::OpsWorksCM::Server Use the Tags property to add tag keys and values to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.	February 6, 2020
New resource	The following resource was added: AWS::WAFv2::WebACLAssociation. AWS WAFv2 Use the web ACL association to define an association between a web ACL and a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), Amazon API Gateway REST API, an AWS AppSync GraphQL API, or an Amazon Cognito user pool. For Amazon CloudFront distributions, you use AWS::CloudFront::Distribution to manage the association.	February 6, 2020
New resources	The following resources were added: AWS::ACMPCA::Certificate, AWS::ACMPCA::CertificateAuthority, AWS::ACMPCA::CertificateAuthorityActivation. AWS::ACMPCA::Certificate The AWS::ACMPCA::Certificate resource is used to issue a certificate using your private certificate authority. AWS::ACMPCA::CertificateAuthority Use the AWS::ACMPCA::CertificateAuthority resource to create a private CA. AWS::ACMPCA::CertificateAuthorityActivation The AWS::ACMPCA::CertificateAuthorityActivation resource creates and installs a CA certificate on a CA.	January 23, 2020
New resource	The following resources were added: AWS::AppConfig::Application, AWS::AppConfig::ConfigurationProfile, AWS::AppConfig::Deployment, AWS::AppConfig::Environment, and AWS::AppConfig::DeploymentStrategy AWS::AppConfig::Application The AWS::AppConfig::Application resource creates an application, which is a logical unit of code that provides capabilities for your customers. AWS::AppConfig::ConfigurationProfile The AWS::AppConfig::ConfigurationProfile resource creates a configuration profile that enables AWS AppConfig to access the configuration source. AWS::AppConfig::Deployment The AWS::AppConfig::Deployment resource starts a deployment. AWS::AppConfig::Environment The AWS::AppConfig::Environment resource creates an environment, which is a logical deployment group of AWS AppConfig targets, such as applications in a Beta or Production environment. AWS::AppConfig::DeploymentStrategy The AWS::AppConfig::DeploymentStrategy resource creates an AWS AppConfig deployment strategy.	January 23, 2020
Updated resource	The following resource was updated: AWS::Glue::Crawler AWS::Glue::Crawler Use the MongoDBTarget property to specify an Amazon DocumentDB or MongoDB data store to crawl. Use the RecrawlPolicy.RecrawlBehavior property to specify a new CRAWL_EVENT_MODE that specifies crawling only the changes identified by Amazon S3 events. Use the S3Target.SampleSize property to specify the number of files in each leaf folder to be crawled when crawling sample files in a dataset. Use the S3Target.EventQueueArn property to specify a valid Amazon SQS ARN. Use the S3Target.DlqEventQueueArn property to specify a valid Amazon dead-letter SQS ARN.	January 20, 2020
Updated resources	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function In the Code property type, ZipFile supports nodejs12.x for RunTime.	January 16, 2020
Updated resource	The following resource was updated: AWS::EC2::Instance. AWS::EC2::Instance Use the HibernationOptions property to indicate whether the instance is enabled for hibernation. Use the HostResourceGroupArn property to specify the ARN of the host resource group in which to launch the instances.	January 16, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup Use the WeightedCapacity property to specify the number of capacity units, which gives the instance type a proportional weight to other instance types.	January 16, 2020
Updated resource	The following resource was updated: AWS::LakeFormation::Permissions AWS::LakeFormation::Permissions Use the DataLocationResource property to specify a structure for a data location object where permissions are granted or revoked. Use the TableWithColumnsResource property to specify a structure for a table with columns object. This object is only used when granting a SELECT permission.	January 16, 2020
Updated resource	The following resource was updated: AWS::RDS::DBInstance. AWS::RDS::DBInstance Use the CACertificateIdentifier property to specify the identifier of the CA certificate for this DB instance.	January 16, 2020
Updated resource	The following resource was updated: AWS::SSM::ResourceDataSync AWS::SSM::ResourceDataSync Use the SyncType property with SyncFromSource to synchronize Systems Manager Explorer OpsItems and OpsData from AWS Organizations or from multiple AWS Regions.	January 16, 2020
Updated resources	The following resources were updated: AWS::MSK::Cluster, AWS::RDS::DBInstance, and AWS::SSM::Document AWS::MSK::Cluster Use the OpenMonitoring property to enable monitoring with Prometheus, an open-source monitoring system for time-series metric data. You can also use tools that are compatible with Prometheus-formatted metrics or tools that integrate with Amazon MSK Open Monitoring. AWS::SSM::Document Use the Name property to specify a name for the Systems Manager document. AWS::RDS::DBInstance Use the MaxAllocatedStorage property to specify the upper limit to which Amazon RDS can automatically scale the storage of the DB instance.	December 20, 2019
New resource	The following resource was added: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the AWS::CodeBuild::ReportGroup resource to specify information about a report group. When you specify a report group in a CodeBuild project, a build of the project creates reports in the report group that contain results from running test cases.	December 20, 2019
New resource	The following resource was added: AWS::EC2::GatewayRouteTableAssociation. AWS::EC2::GatewayRouteTableAssociation Use the AWS::EC2::GatewayRouteTableAssociation property to associate a virtual private gateway or internet gateway with a route table.	December 20, 2019
Updated resources	The following resource was updated: AWS::RDS::DBInstance. AWS::RDS::DBInstance Use the MaxAllocatedStorage property to specify the upper limit to which Amazon RDS can automatically scale the storage of the DB instance.	December 19, 2019
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type: Use the DeploymentType property to specify the Amazon FSx Windows file system deployment type. Use the PreferredSubnetId property to specify the subnet in which you want the preferred file server to be located for a MULTI_AZ_1 Amazon FSx for Windows file system deployment type.	December 19, 2019
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type: Use the DeploymentType property to specify the file system deployment type. Use the PreferredSubnetId property to specify the subnet in which you want the preferred file server to be located.	December 19, 2019
New resource	The following resource was added: AWS::EC2::GatewayRouteTableAssociation. AWS::EC2::GatewayRouteTableAssociation Use the AWS::EC2::GatewayRouteTableAssociation property to associate a virtual private gateway or internet gateway with a route table.	December 19, 2019
Updated resource	The following resource was updated: AWS::EC2::Instance. AWS::EC2::Instance In the ElasticInferenceAccelerator property type, use the Count property to specify the number of elastic inference accelerators to attach to the instance.	December 12, 2019
New resource	The following resource was added: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the AWS::CodeBuild::ReportGroup resource to specify information about a report group. When you specify a report group in a CodeBuild project, a build of the project creates reports in the report group that contain results from running test cases.	December 12, 2019
Updated resources	The following resources were updated: AWS::ApiGatewayV2::Api, AWS::ApiGatewayV2::Authorizer, AWS::ApiGatewayV2::Integration, AWS::ApiGatewayV2::Stage. AWS::ApiGatewayV2::Api Use the AWS::ApiGatewayV2::Api resource to create an HTTP API (beta). AWS::ApiGatewayV2::Authorizer Use the AWS::ApiGatewayV2::Authorizer resource to create a JWT authorizer for an HTTP API (beta). AWS::ApiGatewayV2::Integration Use the AWS::ApiGatewayV2::Integration resource to create an integration for an HTTP API (beta). AWS::ApiGatewayV2::Stage Use the AWS::ApiGatewayV2::Stage resource to create a stage for an HTTP API (beta).	December 4, 2019
Updated resources	The following resources were updated: AWS::Lambda::Alias and AWS::Lambda::Version. AWS::Lambda::Alias Use the ProvisionedConcurrencyConfiguration property to specify a provisioned concurrency configuration for a function's alias. AWS::Lambda::Version Use the ProvisionedConcurrencyConfiguration property to specify a provisioned concurrency configuration for a function's version.	December 3, 2019
Updated resource	The following resource was updated: AWS::StepFunctions::StateMachine. AWS::StepFunctions::StateMachine The AWS::StepFunctions::StateMachine now supports Express workflows using the new StateMachineType parameter. You can also configure CloudWatch Logging information for Express workflows using LoggingConfiguration, LogDestination, and CloudWatchLogsLogGroup.	December 3, 2019
New resource	The following resource was added: AWS::S3::AccessPoint Access Points Use the AWS::S3::AccessPoint resource to specify an S3 access point.	December 3, 2019
New resource	The following resource was added: AWS::AccessAnalyzer::Analyzer AWS::AccessAnalyzer::Analyzer Use the AWS::AccessAnalyzer::Analyzer resource to create an analyzer for IAM Access Analyzer.	December 2, 2019
New resource	The following resources were added: AWS::EventSchemas::Discoverer, AWS::EventSchemas::Registry, and AWS::EventSchemas::Schema. AWS::EventSchemas::Discoverer Use the AWS::EventSchemas::Discoverer resource to specify a discoverer that is associated with an event bus. A discoverer allows the Amazon EventBridge Schema Registry to automatically generate schemas based on events on an event bus. AWS::EventSchemas::Registry Use the AWS::EventSchemas::Registry to specify a schema registry. Schema registries are containers for Schemas. Registries collect and organize schemas so that your schemas are in logical groups. AWS::EventSchemas::Schema Use the AWS::EventSchemas::Schema resource to specify an event schema.	December 1, 2019
New resource	The following resource was added: AWS::Lambda::EventInvokeConfig AWS::Lambda::EventInvokeConfig Use the EventInvokeConfig resource to configure destinations and error handling for asynchronous invocation.	November 26, 2019
Updated resource	The following resource was updated: AWS::CloudWatch::Alarm. AWS::CloudWatch::Alarm In the MetricDataQuery property type, use the Period property to specify the granularity, in seconds, of the returned data points.	November 25, 2019
Updated resource	The following resource was updated: AWS::CodePipeline::Pipeline. AWS::CodePipeline::Pipeline In the ActionDeclaration property type, use the Namespace property to specify the variable namespace associated with the action. All variables produced as output by this action fall under this namespace.	November 25, 2019
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping For stream sources (DynamoDB and Kinesis), use the BisectBatchOnFunctionError property to split the batch in two and retry if the function returns an error. For stream sources (DynamoDB and Kinesis), use the DestinationConfig property to specify an Amazon SQS queue or Amazon SNS topic destination for discarded records. For stream sources (DynamoDB and Kinesis), use the MaximumRecordAgeInSeconds property to specify the maximum age of a record that Lambda sends to a function for processing. For stream sources (DynamoDB and Kinesis), use the MaximumRetryAttempts property to specify the maximum number of times to retry when the function returns an error. For stream sources (DynamoDB and Kinesis), use the ParallelizationFactor property to specify the number of batches to process from each shard concurrently.	November 25, 2019
Updated resource	The following resource was updated: AWS::CloudWatch::Alarm. AWS::CloudWatch::Alarm In the MetricDataQuery property type, use the Period property to specify the granularity, in seconds, of the returned data points.	November 25, 2019
New resources	The following resources were added: AWS::ECS::PrimaryTaskSet, AWS::ECS::TaskSet. AWS::ECS::PrimaryTaskSet Use the AWS::ECS::PrimaryTaskSet resource to specify which task set in a service is the primary task set. Any parameters that are updated on the primary task set in a service will transition to the service. This is used when a service uses the EXTERNAL deployment controller type. AWS::ECS::TaskSet Use the AWS::ECS::TaskSet resource to create a task set in the specified cluster and service. This is used when a service uses the EXTERNAL deployment controller type.	November 25, 2019
New resource	The following resource was added: AWS::CloudWatch::InsightRule. AWS::CloudWatch::InsightRule Use the AWS::CloudWatch::InsightRule property to create a Contributor Insights rule. Rules evaluate log events in a CloudWatch Logs log group, enabling you to find contributor data for the log events in that log group.	November 25, 2019
New resource	The following resource was added: AWS WAFv2. AWS WAFv2 This is the latest version of AWS WAF, a web application firewall that lets you monitor HTTP(S) requests that are forwarded to an Amazon API Gateway REST API, Amazon CloudFront, Application Load Balancer, an AWS AppSync GraphQL API, or an Amazon Cognito user pool. AWS WAF also lets you control access to your content.	November 25, 2019
Updated resources	The following resources were updated: AWS::AppSync::Resolver, AWS::AppSync::DataSource. AWS::AppSync::Resolver Use the CachingConfig property to specify the caching behavior of your AWS AppSync resolver. AWS::AppSync::Resolver Use the SyncConfig property to specify the conflict detection and resolution strategy of your AWS AppSync resolver. AWS::AppSync::Resolver Use the LambdaConflictHandlerConfig property to specify the ARN of the lambda that is used for handling conflicts in your AWS AppSync resolver. AWS::AppSync::DataSource Use the DeltaSyncConfig property to specify the delta sync configurations for your versioned AWS AppSync data source.	November 21, 2019
Updated resources	The following resources were updated: AWS::ECS::Cluster, AWS::ECS::Service, and AWS::ECS::TaskDefinition. AWS::ECS::Cluster Use the ClusterSettings property to specify the setting to use when creating a cluster. This parameter is used to use CloudWatch Container Insights for a cluster. AWS::ECS::Service Use the DeploymentController property to specify the deployment controller to use for the service. AWS::ECS::TaskDefinition In the ContainerDefinition property type, use the FirelensConfiguration property to specify the FireLens configuration for the container. This is used to specify and configure a log router for container logs. In the LinuxParameters property type: use the MaxSwap property to specify the total amount of swap memory (in MiB) a container can use. use the Swappiness property to tune a container's memory swappiness behavior. A swappiness value of 0 will cause swapping to not happen unless absolutely necessary. A swappiness value of 100 will cause pages to be swapped very aggressively.	November 21, 2019
Updated resources	The following resources were updated: AWS::RDS::DBCluster and AWS::RDS::DBInstance. AWS::RDS::DBCluster Use the EnableHttpEndpoint property to indicate whether to enable the HTTP endpoint for an Aurora Serverless DB cluster. By default, the HTTP endpoint is disabled. When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor. AWS::RDS::DBInstance For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance.	November 21, 2019
Updated resource	The following resource was updated: AWS::ApiGateway::RestApi. AWS::ApiGateway::RestApi Use the VpcEndpointIds property to specify VPC endpoint IDs of an API (AWS::ApiGateway::RestApi) against which to create Route53 ALIASes. It is only supported for PRIVATE endpoint type.	November 21, 2019
Updated resource	The following resource was updated: AWS::CertificateManager::Certificate AWS::CertificateManager::Certificate Use the CertificateTransparencyLoggingPreference property to enable or disable certificate transparency logging. Use the PrivateCertificateAuthorityArn property to specify a private certificate authority (CA) from AWS Private CA as certificate issuer. Use the GetAtt function to retrieve the CertificateARN of the AWS::CertificateManager::Certificate resource. Use the GetAtt function to retrieve the CertificateStatus of the AWS::CertificateManager::Certificate resource. In the DomainValidationOption property type, use the HostedZoneId property to validate a domain with a Route 53 hosted zone ID.	November 21, 2019
Updated resource	The following resources were updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Added ConfigurationSet and From properties to the EmailConfiguration parameter. AWS::Cognito::UserPoolClient Added PreventUserExistenceErrors parameter to help manage errors and responses when a user does not exist in the user pool. AWS::Cognito::UserPoolUser Use the ClientMetadata parameter to provide input to the AWS Lambda function that is invoked by the pre sign-up trigger.	November 21, 2019
Updated resource	The following resource was updated: AWS::EC2::EIP. AWS::EC2::EIP Use the Tags property to specify any tags for the Elastic IP address.	November 21, 2019
Updated resource	The following resource was updated: AWS::Glue::MLTransform AWS::Glue::MLTransform Use the GlueVersion property to specify which version of AWS Glue this machine learning transform is compatible with.	November 21, 2019
Updated resource	The following resource was updated: AWS::IAM::User. AWS::IAM::User Use the Tags property to specify a list of tags that you want to attach to the newly created user.	November 21, 2019
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain Use the CognitoOptions property to configure OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards. Use the EnableVersionUpgrade update policy to update the ElasticsearchVersion property without replacing the AWS::Elasticsearch::Domain resource.	November 21, 2019
Updated resource	The following resource was updated: AWS::OpsWorksCM::Server AWS::OpsWorksCM::Server Use the CustomDomain property to specify a custom domain on an AWS OpsWorks for Chef Automate Server running Chef Automate 2.0. Use the CustomCertificate property to specify a PEM-formatted HTTPS certificate for a server with a custom domain. Use the CustomPrivateKey property to specify a private key in PEM format for connecting to a server that uses a custom domain.	November 21, 2019
Updated resource	The following resource was updated: AWS::S3::Bucket. AWS::S3::Bucket In the Transition property type, the StorageClass property supports DEEP_ARCHIVE.	November 21, 2019
Updated resource	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function In the Code property type, ZipFile supports nodejs10.x for RunTime.	November 21, 2019
New resource	The following resource was added: AWS::AppSync::ApiCache. AWS::AppSync::ApiCache Use the AWS::AppSync::ApiCache resource to enable resolver caching with AWS AppSync.	November 21, 2019
Drift Detection for Stack Sets	You can now run drift detection on a stack set and all the stack instances it includes. When CloudFormation performs drift detection on a stack set, it performs drift detection on the stack associated with each stack instance in the stack set. For more details, see Detecting Unmanaged Configuration Changes in Stack Sets.	November 19, 2019
Updated resource	The following resource was updated to support Amazon EKS managed node groups: AWS::EKS::Cluster AWS::EKS::Cluster Use the AWS::EKS::Cluster resource to create a new Amazon EKS cluster.	November 18, 2019
New resource	The following resource was added: AWS::EKS::Nodegroup AWS::EKS::Nodegroup Use the AWS::EKS::Nodegroup resource to create a new Amazon EKS managed node group.	November 18, 2019
CloudFormation registry now available	Use the CloudFormation registry to view private and public resources that are available for use in your CloudFormation account. For more information, see Using the CloudFormation Registry	November 18, 2019
CloudFormation registry API actions	The following API actions for managing types in the CloudFormation registry are now available. For more information about the CloudFormation registry, see Using the CloudFormation Registry DeregisterType Removes a type or type version from active use in the CloudFormation registry. DescribeType Returns detailed information about a registered type. DescribeTypeRegistration Returns information about a type's registration, including its current status and type and version identifiers. ListTypeRegistrations Returns a list of registration request identifiers for the specified type. ListTypes Returns summary information about types that have been registered with CloudFormation. ListTypeVersions Returns summary information about the versions of a type. RegisterType Registers a type with the CloudFormation service. Registering a type makes it available for use in CloudFormation templates in your AWS account. SetTypeDefaultVersion Specify the default version of a type. The default version of a type will be used in CloudFormation operations.	November 18, 2019
Updated resources	The following resources were updated: AWS::GameLift::Build, AWS::GameLift::Fleet. AWS::GameLift::Build Use the OperatingSystem property to specify the operating system that the build files run on. AWS::GameLift::Fleet Use the CertificateConfiguration property to generate a TLS/SSL certificate for the new fleet. Use the FleetType property to specify use of On-Demand or Spot instances in the fleet. Use the InstanceRoleArn property to manage access to your non-GameLift AWS resources from GameLift fleet instances. Use the MetricGroups property to add fleet metrics to a CloudWatch metric group. Use the NewGameSessionProtectionPolicy property to prevent the fleet's active game sessions from being terminated during a scale down event. Use the PeerVpcAwsAccountId property when setting up VPC peering for the fleet. Use the PeerVpcId property when setting up VPC peering for the fleet. Use the ResourceCreationLimitPolicy property to limit an individual player's ability to use the fleet's available hosting resources. Use the RuntimeConfiguration property to configure what processes are run on each instance in the fleet. Use the ScriptId property to create a Realtime Servers fleet and configure it with a Realtime script.	November 14, 2019
New resources	The following resources were added: AWS::GameLift::Script, AWS::GameLift::GameSessionQueue, AWS::GameLift::MatchmakingConfiguration, AWS::GameLift::MatchmakingRuleSet. AWS::GameLift::Script Use the Script resource to upload a configuration script for a Realtime Servers fleet. AWS::GameLift::GameSessionQueue Use the GameSessionQueue resource to create a game session queue that processes player requests for new game sessions. AWS::GameLift::MatchmakingConfiguration Use the MatchmakingConfiguration resource to create a matchmaker that processes player requests for new matched game sessions. AWS::GameLift::MatchmakingRuleSet Use the MatchmakingRuleSet resource to create rules that specify how to form matches and evaluate players for inclusion in a match.	November 14, 2019
Resource import added	If you created an AWS resource outside of AWS CloudFormation management, you can bring this existing resource into CloudFormation management using resource import. For more information, see Bringing Existing Resources Into CloudFormation Management.	November 11, 2019
New resource	The following resource was added: AWS::CodeStarNotifications::NotificationRule AWS::CodeStarNotifications::NotificationRule Use the AWS::CodeStarNotifications::NotificationRule resource to create notification rules for resources in AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, and AWS CodePipeline.	November 7, 2019
New resource	The following resources were added: AWS::MediaConvert::JobTemplate, AWS::MediaConvert::Preset, AWS::MediaConvert::Queue AWS::MediaConvert::JobTemplate Use the AWS::MediaConvert::JobTemplate resource to specify a job template for transcoding jobs. AWS::MediaConvert::Preset Use the AWS::MediaConvert::Preset resource to specify an output preset as part of a transcoding job. AWS::MediaConvert::Queue Use the AWS::MediaConvert::Queue resource to specify an on-demand transcoding queue.	November 6, 2019
Updated resource	The following resource was updated: AWS::Glue::Crawler AWS::Glue::Crawler Use the DynamoDBTargets property to specify a list of Amazon DynamoDB targets. Use the CatalogTargets property to specify a list of AWS Glue Data Catalog targets.	November 4, 2019
Updated resources	The following resources were updated: AWS::ApiGateway::ApiKey, AWS::ApiGateway::ClientCertificate, AWS::ApiGateway::DomainName, AWS::ApiGateway::RestApi, and AWS::ApiGateway::UsagePlan. AWS::ApiGateway::ApiKey Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the API key. AWS::ApiGateway::ClientCertificate Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the client certificate. AWS::ApiGateway::DomainName Use the SecurityPolicy property to the Transport Layer Security (TLS) version + cipher suite for this domain name. Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the domain name. AWS::ApiGateway::RestApi Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the API. AWS::ApiGateway::UsagePlan Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the usage plan.	October 31, 2019
Updated resources	The following resources were updated: AWS::CodePipeline::CustomActionType, AWS::CodePipeline::Pipeline. AWS::CodePipeline::CustomActionType Use the Tags property to specify the tags for the custom action. AWS::CodePipeline::Pipeline Use the Tags property to specify the tags for the pipeline.	October 31, 2019
Updated resource	The following resource was updated: AWS::Amplify::App AWS::Amplify::App Use the EnablePullRequestPreview property to specify whether pull request previews are enabled for each branch that Amplify Console automatically creates for your app. Use the PullRequestEnvironmentName property to specify a dedicated backend environment for your pull request previews.	October 31, 2019
Updated resource	The following resource was updated: AWS::ECS::TaskDefinition. AWS::ECS::TaskDefinition Use the InferenceAccelerator property to specify the Elastic Inference accelerators to use for the containers in the task.	October 31, 2019
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule In the Target property type, use the BatchParameters property to specify the job definition, job name, and other parameters, if the event target is an AWS Batch job.	October 31, 2019
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain Use the LogPublishingOptions property to configure slow log publishing.	October 31, 2019
New resources	The following resources were added: AWS::Pinpoint::EmailTemplate, AWS::Pinpoint::PushTemplate, and AWS::Pinpoint::SmsTemplate. AWS::Pinpoint::EmailTemplate Use the AWS::Pinpoint::EmailTemplate resource to create a message template that you can use in messages that are sent through the email channel. AWS::Pinpoint::PushTemplate Use the AWS::Pinpoint::PushTemplate resource to create a message template that you can use in messages that are sent through a push notification channel. AWS::Pinpoint::SmsTemplate Use the AWS::Pinpoint::SmsTemplate resource to create a message template that you can use in messages that are sent through the SMS channel.	October 31, 2019
Updated resource	The following resource was updated: AWS::Amplify::Branch AWS::Amplify::Branch Use the EnablePullRequestPreview property to specify whether Amplify Console creates a preview for each pull request that is made for the branch. Use the PullRequestEnvironmentName property to specify a dedicated backend environment for your pull request previews.	October 24, 2019
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Use the Schema parameter to add or update schema attributes. AWS::Cognito::UserPool Use the AliasAttributes parameter to add or update an alias for the user pool. AWS::Cognito::UserPool Use the UsernameAttributes parameter to determine if email addresses or phone numbers can be used as user names when a user signs up.	October 24, 2019
Updated resources	The following resource was updated: AWS::MSK::Cluster. AWS::MSK::Cluster Use the NumberOfBrokerNodes property to submit an update to change the number of broker nodes in the cluster.	October 17, 2019
Updated resource	The following resource was updated: AWS::Cognito::IdentityPoolRoleAttachment AWS::Cognito::IdentityPoolRoleAttachment Use the IdentityProvider parameter to specify the identity provider for which the role is mapped.	October 17, 2019
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type, use the SelfManagedActiveDirectoryConfiguration property to join an Amazon FSx Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory.	October 17, 2019
Updated Resource	The following resource was updated: AWS::Batch::ComputeEnvironment ComputeResources In the ComputeResources property type, use the AllocationStrategy property to specify the strategy to use to select instance types.	October 17, 2019
Updated resources	The following resource were updated: AWS::Events::EventBusPolicy, AWS::Events::Rule AWS::Events::EventBusPolicy Use the EventBusName property to specify the name of the event bus to associate with this policy. AWS::Events::Rule Use the EventBusName property to specify the name of the event bus to associate with this rule.	October 3, 2019
Updated resources	The following resource was updated: AWS::Pinpoint::App, AWS::Pinpoint::Campaign, and AWS::Pinpoint::Segment. AWS::Pinpoint::App The ARN attribute returns the Amazon Resource Name (ARN) of the application. Use the Tags property to specify a string-to-string map of key-value pairs that defines the tags to associate with the application. AWS::Pinpoint::Campaign The ARN attribute returns the Amazon Resource Name (ARN) of the campaign. Use the Tags property to specify a string-to-string map of key-value pairs that defines the tags to associate with the campaign. AWS::Pinpoint::Segment The ARN attribute returns the Amazon Resource Name (ARN) of the segment. Use the Tags property to specify a string-to-string map of key-value pairs that defines the tags to associate with the segment.	October 3, 2019
Updated resource	The following resource was updated: AWS::Budgets::Budget AWS::Budgets::Budget In the BudgetData property type, use the PlannedBudgetLimits property to specify a map containing multiple budget limits, including current or future limits.	October 3, 2019
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Use the EnabledMfas parameter to enable MFA on a specified user pool.	October 3, 2019
New resources	The following resources were added: AWS::Cognito::UserPoolDomain, AWS::Cognito::UserPoolResourceServer, AWS::Cognito::UserPoolIdentityProvider, AWS::Cognito::RiskConfigurationAttachment, AWS::Cognito::UICustomizationAttachment. AWS::Cognito::UserPoolDomain Use the AWS::Cognito::UserPoolDomain resource to create a new domain for a user pool. AWS::Cognito::UserPoolResourceServer Use the AWS::Cognito::UserPoolResourceServer resource to create a new OAuth2.0 resource server and define custom scopes in it. AWS::Cognito::UserPoolIdentityProvider Use the AWS::Cognito::UserPoolIdentityProvider resource to create an identity provider for a user pool. AWS::Cognito::UserPoolRiskConfigurationAttachment Use the AWS::Cognito::UserPoolRiskConfigurationAttachment resource to set the risk configuration that is used for Amazon Cognito advanced security features. AWS::Cognito::UserPoolUICustomizationAttachment Use the AWS::Cognito::UserPoolUICustomizationAttachment resource to set the UI customization information for a user pool's built-in app UI.	October 3, 2019
New resources	The following resource were added: AWS::EC2::TrafficMirrorFilter, AWS::EC2::TrafficMirrorFilterRule, AWS::EC2::TrafficMirrorSession, and AWS::EC2::TrafficMirrorTarget AWS::EC2::TrafficMirrorFilter Use the AWS::EC2::TrafficMirrorFilter resource to specify a traffic mirror filter. AWS::EC2::TrafficMirrorFilterRule Use the AWS::EC2::TrafficMirrorFilterRule resource to manage traffic mirror filter rules. AWS::EC2::TrafficMirrorSession Use the AWS::EC2::TrafficMirrorSession resource to specify a traffic mirror session. AWS::EC2::TrafficMirrorTarget Use the AWS::EC2::TrafficMirrorTarget resource to specify a traffic mirror target.	October 3, 2019
New resource	The following resource was added: AWS::Events::EventBus AWS::Events::EventBus Use the EventBus resource to create or update a custom event bus or a partner event bus.	October 3, 2019
Updated resource	The following resource was updated: AWS::Glue::DevEndpoint AWS::Glue::DevEndpoint Use the WorkerType property to specify a type of predefined worked allocated to the development endpoint. Use the NumberOfWorkers property to specify the number of workers of a defined workerType that are allocated to the development endpoint. Use the GlueVersion property to specify the versions of Apache Spark and Python that AWS Glue supports for the development endpoint. Use the Arguments property to specify a map of arguments used to configure the DevEndpoint.	September 27, 2019
Updated resource	The following resource was updated: AWS::Glue::Job AWS::Glue::Job Use the Timeout property to specify the job timeout in minutes. Use the NotificationProperty property to specify the configuration properties of a notification. Use the NotifyDelayAfter property to specify the number of minutes to wait before sending a job run delay notification after a job run starts.	September 26, 2019
Updated resource	The following resource was updated: AWS::Glue::Trigger AWS::Glue::Trigger Use the StartOnCreation property to specify starting SCHEDULED and CONDITIONAL triggers when created. Use the WorkflowName property to specify the name of the workflow associated with the trigger.	September 26, 2019
Updated resource	The following resource was updated: AWS::DocDB::DBCluster. AWS::DocDB::DBCluster Use the EnableCloudwatchLogsExports property to specify the list of log types that need to be enabled for exporting to CloudWatch Logs.	September 26, 2019
New resource	The following resource was added: AWS::Glue::Workflow AWS::Glue::Workflow Use the AWS::Glue::Workflow resource to manage AWS Glue workflows.	September 26, 2019
Updated resource	The following resource was updated: AWS::Config::RemediationConfiguration. AWS::Config::RemediationConfiguration Use the ExecutionControls property to specify an ExecutionControls object.	September 12, 2019
New resource	The following resource was added: AWS::QLDB::Ledger AWS::QLDB::Ledger Use the AWS::QLDB::Ledger resource to specify a new Amazon Quantum Ledger Database (Amazon QLDB) ledger.	September 12, 2019
Updated resources	The following resources were updated: AWS::ApplicationAutoScaling::ScalableTarget, AWS::DynamoDB::Table, AWS::EC2::Instance, AWS::ECS::TaskDefinition, AWS::ElastiCache::ReplicationGroup, AWS::Events::Rule, AWS::IAM::Role, and AWS::Lambda::EventSourceMapping. AWS::ApplicationAutoScaling::ScalableTarget Use the SuspendedState property to suspend and resume automatic scaling. Setting the value of an attribute to true suspends the specified scaling activities. Setting it to false (default) resumes the specified scaling activities. AWS::DynamoDB::Table In the SSESpecification property type, use the SSEType property to specify server-side encryption type. AWS::EC2::Instance Use the CpuOptions property to specify the CPU options for the instance. In the Ebs property type, use the KmsKeyId property to specify an identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed key under which the EBS volume is encrypted. AWS::ECS::TaskDefinition Use the IpcMode property to specify the IPC resource namespace to use for the containers in the task. The valid values are host, task, or none. Use the PidMode property to specify the process namespace to use for the containers in the task. The valid values are host or task. In the ContainerDefinition property type: When the Interactive property is set to true, this allows you to deploy containerized applications that require stdin or a tty to be allocated. When the PseudoTerminal proprety is set to true, a TTY is allocated. Use the SystemControls property to specify a list of namespaced kernel parameters to set in the container. In the LogConfiguration property type, use the SecretOptions property to specify the secrets to pass to the log configuration. AWS::ElastiCache::ReplicationGroup Use the KmsKeyId property to specify the ID of the KMS key used to encrypt the disk on the cluster. AWS::Events::Rule In the EcsParameters property type: Use the Group property to specify an ECS task group for the task. Use the LaunchType property to specify the launch type on which your task is running. If the ECS task uses the awsvpc network mode, use the NetworkConfiguration property to specify the VPC subnets and security groups associated with the task and whether a public IP address is to be used. Use the PlatformVersion property to specify the platform version for the task. AWS::IAM::Role Use the Description property to provide a description for the role. Use the Tags property to specify a list of tags that are attached to the specified role. AWS::Lambda::EventSourceMapping Use the MaximumBatchingWindowInSeconds property to specify the maximum amount of time to gather records before invoking the function, in seconds.	August 29, 2019
Updated resources	The following resources were updated: AWS::RDS::DBCluster and AWS::RDS::DBInstance AWS::RDS::DBCluster Use the AssociatedRoles property to specify the AWS Identity and Access Management (IAM) roles associated with the DB instance. Use the RestoreType property to specify the type of restore to be performed. Use the SourceDBClusterIdentifier property to specify the identifier of the source DB cluster from which to restore. Use the UseLatestRestorableTime property to specify whether to restore the DB cluster to the latest restorable backup time. AWS::RDS::DBInstance Use the AssociatedRoles property to specify the AWS Identity and Access Management (IAM) roles associated with the DB instance.	August 29, 2019
Updated resource	The following resource was updated: AWS::CloudWatch::Alarm AWS::CloudWatch::Alarm Use the ThresholdMetricId property to specify the ID of the ANOMALY_DETECTION_BAND function used as the threshold for the alarm.	August 29, 2019
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain In the ElasticsearchClusterConfig property type, use the ZoneAwarenessConfig property to specify zone awareness configuration options.	August 29, 2019
New resource	The following resource was added: AWS::Config::OrganizationConfigRule AWS::Config::OrganizationConfigRule Use the AWS::Config::OrganizationConfigRule resource to create an OrganizationConfigRule that has information about config rules that AWS Config creates in the member accounts.	August 29, 2019
Updated resource	The following resource was updated: AWS::Neptune::DBCluster. AWS::Neptune::DBCluster Use the EnableCloudwatchLogsExports property to specify a list of log types that are enabled for export to CloudWatch Logs.	August 22, 2019
Updated resource	The following resource was updated: AWS::DMS::ReplicationTask AWS::DMS::ReplicationTask Use the CdcStartPosition property to indicate when you want a change data capture (CDC) operation to start. Use the CdcStopPosition property to indicate when you want a change data capture (CDC) operation to stop.	August 16, 2019
Updated resources	The following resources were updated: AWS::EC2::ClientVpnEndpoint, AWS::Greengrass::Group, AWS::Greengrass::ConnectorDefinition, AWS::Greengrass::CoreDefinition, AWS::Greengrass::DeviceDefinition, AWS::Greengrass::FunctionDefinition, AWS::Greengrass::LoggerDefinition, AWS::Greengrass::ResourceDefinition, and AWS::Greengrass::SubscriptionDefinition. AWS::EC2::ClientVpnEndpoint Use the SplitTunnel parameter to specify whether split-tunnel is enabled on the AWS Client VPN endpoint. AWS::Greengrass::ConnectorDefinition Use the Tags property to attach metadata to the AWS::Greengrass::ConnectorDefinition resource. AWS::Greengrass::CoreDefinition Use the Tags property to attach metadata to the AWS::Greengrass::CoreDefinition resource. AWS::Greengrass::DeviceDefinition Use the Tags property to attach metadata to the AWS::Greengrass::DeviceDefinition resource. AWS::Greengrass::FunctionDefinition Use the Tags property to attach metadata to the AWS::Greengrass::FunctionDefinition resource. AWS::Greengrass::Group Use the Tags property to attach metadata to the AWS::Greengrass::Group resource. AWS::Greengrass::LoggerDefinition Use the Tags property to attach metadata to the AWS::Greengrass::LoggerDefinition resource. AWS::Greengrass::ResourceDefinition Use the Tags property to attach metadata to the AWS::Greengrass::ResourceDefinition resource. AWS::Greengrass::SubscriptionDefinition Use the Tags property to attach metadata to the AWS::Greengrass::SubscriptionDefinition resource.	August 8, 2019
Updated resource	The following resource was updated: AWS::AppSync::GraphQLApi. AWS::AppSync::GraphQLApi In the LogConfig property type, when set to TRUE, the excludeVerboseContent property excludes sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.	August 8, 2019
New resources	The following resources were added: AWS::ManagedBlockchain::Member and AWS::ManagedBlockchain::Node. AWS::ManagedBlockchain::Member Use the Member resource to create the first member or an additional member of an Amazon Managed Blockchain network. AWS::ManagedBlockchain::Node Use the Node resource to create a peer node in a member of an Amazon Managed Blockchain network.	August 8, 2019
New resource	The following resource was added: AWS::Glue::MLTransform AWS::Glue::MLTransform Use the AWS::Glue::MLTransform resource to manage machine learning transforms.	August 8, 2019
New resource	The following resource was added: AWS::LakeFormation::DataLakeSettings AWS::LakeFormation::DataLakeSettings Use the AWS::LakeFormation::DataLakeSettings resource to manage data lake settings.	August 8, 2019
New resource	The following resource was added: AWS::LakeFormation::Permissions AWS::LakeFormation::Permissions Use the AWS::LakeFormation:Permissions resource to grant or revoke Lake Formation permissions.	August 8, 2019
New resource	The following resource was added: AWS::LakeFormation::Resource AWS::LakeFormation::Resource Use the AWS::LakeFormation::Resource resource to define the resources to which permissions are to be granted.	August 8, 2019
New resource	The following resource was added: AWS::CodeBuild::SourceCredential AWS::CodeBuild::SourceCredential Use the AWS::CodeBuild::SourceCredential resource to specify information about the credentials for a GitHub, GitHub Enterprise, or Bitbucket repository used in an AWS CodeBuild build project.	August 7, 2019
Updated resources	The following resources were updated: AWS::Batch::JobDefinition, AWS::Cognito::UserPool, AWS::Cognito::UserPoolClient, and AWS::Glue::Job. AWS::Batch::JobDefinition In the ContainerProperties property type, use the LinuxParameters property to specify Linux-specific modifications that are applied to the container, such as details for device mappings. AWS::Cognito::UserPool Use the UserPoolAddOns property to enable advanced security risk detection. Use the VerificationMessageTemplate property to define the template for verification messages. AWS::Cognito::UserPoolClient Use the AnalyticsConfiguration property to define the Amazon Pinpoint analytics configuration for collecting metrics for this user pool. <