Release history

The following table describes important changes in each release of the AWS CloudFormation User Guide after May 2018. For notification about updates to this documentation, you can subscribe to an RSS feed.

Change	Description	Date
New resource	The following resource was added: AWS::Lambda::CodeSigningConfig. AWS::Lambda::CodeSigningConfig Use the CodeSigningConfig resource to specify code-signing capability to your Lambda functions.	November 23, 2020
Updated resource	The following resource was updated: AWS::Amplify::App AWS::Amplify::App Use the CustomHeaders property to declare custom headers for each HTTP request made to your Amplify Apps.	November 19, 2020
Updated resource	The following resources were updated: AWS::EC2::LaunchTemplate and AWS::EC2::ClientVpnEndpoint. AWS::EC2::ClientVpnEndpoint Use the ClientConnectOptions property to indicate whether client connect options are used for Client VPN. AWS::EC2::LaunchTemplate Use the AssociateCarrierIpAddress property to indicates whether to associate a Carrier IP address with eth0 for a new network interface. AWS::EC2::LaunchTemplate Use the EnclaveOptions property to indicate whether the instance is enabled for AWS Nitro Enclaves. AWS::EC2::LaunchTemplate Use the NetworkCardIndex property to specify the network card index.	November 19, 2020
Updated resource	The following resource was updated: AWS::ElastiCache::GlobalReplicationGroup. AWS::ElastiCache::GlobalReplicationGroup Consists of a primary cluster that accepts writes and an associated secondary cluster that resides in a different AWS region. The secondary cluster accepts only reads. The primary cluster automatically replicates updates to the secondary cluster.	November 19, 2020
Updated resource	The following resource was upded: AWS::Events::EventBusPolicy. AWS::Events::EventBusPolicy Added the Statement property. Use the Statement property to add a statement to the policy attached to an event bus.	November 19, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type, use the Aliases property to associate up to 50 DNS aliases with a file system.	November 19, 2020
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Added support for asymmetric CMKs, including the KeySpec property and the SIGN_VERIFY value for the KeyUsage property.	November 19, 2020
Update resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types, use the TrustedKeyGroups property to specify a list of the key groups that CloudFront can use to verify signed URLs or signed cookies. For more information, see Serving private content in the Amazon CloudFront Developer Guide.	November 19, 2020
New resources	The following resources were added: AWS::CloudFront::KeyGroup and AWS::CloudFront::PublicKey. AWS::CloudFront::KeyGroup Use the AWS::CloudFront::KeyGroup resource to create a key group in Amazon CloudFront to use with CloudFront signed URLs and signed cookies. For more information, see Serving private content in the Amazon CloudFront Developer Guide. AWS::CloudFront::PublicKey Use the AWS::CloudFront::PublicKey resource to create a public key in Amazon CloudFront to use with CloudFront signed URLs and signed cookies, or with field-level encryption. For more information, see Serving private content or Using field-level encryption to help protect sensitive data in the Amazon CloudFront Developer Guide.	November 19, 2020
New resource	The following resource was added: AWS::Glue::Registry AWS::Glue::Registry Use the AWS::Glue::Registry resource to manage registries in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource was added: AWS::Glue::Schema AWS::Glue::Schema Use the AWS::Glue::Schema resource to manage schemas in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource was added: AWS::Glue::SchemaVersion AWS::Glue::SchemaVersion Use the AWS::Glue::SchemaVersion resource to manage schema versions in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource was added: AWS::Glue::SchemaVersionMetadata AWS::Glue::SchemaVersionMetadata Use the AWS::Glue::SchemaVersionMetadata resource to manage schema version metadata in the AWS Glue Schema Registry.	November 19, 2020
New resource	The following resource is new: AWS::IoT::TopicRuleDestination AWS::IoT::TopicRuleDestination Use the AWS::IoT::TopicRuleDestination to specify a topic rule destination.	November 19, 2020
New resource	The following resources were added: AWS::NetworkFirewall::Firewall, AWS::NetworkFirewall::FirewallPolicy, AWS::NetworkFirewall::LoggingConfiguration, and AWS::NetworkFirewall::RuleGroup AWS::NetworkFirewall::Firewall Use the AWS::NetworkFirewall::Firewall resource to specify stateful, managed, network firewall and intrusion detection and prevention for your VPCs in Amazon VPC. AWS::NetworkFirewall::FirewallPolicy Use the AWS::NetworkFirewall::FirewallPolicy resource to specify the stateless and stateful network traffic filtering behavior for your AWS::NetworkFirewall::Firewall. AWS::NetworkFirewall::LoggingConfiguration Use the AWS::NetworkFirewall::LoggingConfiguration resource to specify the destinations and logging options for an AWS::NetworkFirewall::Firewall. AWS::NetworkFirewall::RuleGroup Use the AWS::NetworkFirewall::RuleGroup resource to specify a reusable collection of stateless or stateful network traffic filtering rules for use in your AWS::NetworkFirewall::FirewallPolicy.	November 19, 2020
New resource	The following resource was added: AWS::S3::StorageLens S3 Storage Lens Use the AWS::S3::StorageLens resource to create a S3 Storage Lens configuration in the Amazon Simple Storage Service.	November 19, 2020
Change sets for nested stacks	With change sets for nested stacks you can preview the changes to your application and infrastructure resources across the entire nested stack hierarchy and proceed with updates when you’ve confirmed that all the changes are as intended. For more information, see Change sets for nested stacks.	November 18, 2020
Updated resource	The following resources were updated: AWS::EC2::Route and AWS::EC2::VPCEndpointService. AWS::EC2::Route Use the VpcEndpointId property to create a route to a Gateway Load Balancer endpoint. AWS::EC2::VPCEndpointService Use the GatewayLoadBalancerArns property to specify a Gateway Load Balancer for your VPC endpoint service.	November 12, 2020
Updated resource	The following resource was updated: AWS::Kendra::DataSource. AWS::Kendra::DataSource Use the new CUSTOM value to specify the custom data sources.	November 12, 2020
New resources: AWS Glue DataBrew	This is the first release of AWS Glue DataBrew.	November 12, 2020
New resource	The following resource was updated: AWS::AppMesh::VirtualNode and AWS::AppMesh::VirtualGateway AWS::AppMesh::VirtualNode Use the ConnectionPool property to specify the type of connection pool for the listener. Use the VirtualNodeHttp2ConnectionPool property to specify an http2 type of connection pool. Use the VirtualNodeGrpcConnectionPool property to specify a grpc type of connection pool. Use the VirtualNodeConnectionPool property to specify the type of virtual node connection pool. Use the VirtualNodeHttpConnectionPool property to specify an http type of connection pool. Use the OutlierDetection property to specify the type of outlier detection for the listener. Use the VirtualNodeTcpConnectionPool property to specify an http2 type of connection pool. AWS::AppMesh::VirtualGateway Use the ConnectionPool property to specify the type of connection pool for the listener. Use the VirtualGatewayHttpConnectionPool property to specify an http type of connection pool. Use the VirtualGatewayHttp2ConnectionPool property to specify an http2 type of connection pool. Use the VirtualGatewayConnectionPool property to specify the type of virtual gateway connection pool. Use the VirtualGatewayGrpcConnectionPool property to specify a grpc type of connection pool.	November 12, 2020
Updated resource	The following resources were updated: AWS::S3::Bucket IntelligentTieringConfiguration Use the IntelligentTieringConfiguration property to specify an S3 Intelligent-Tiering configuration. OwnershipControls Use the OwnershipControls property to specify object ownership on a bucket.	November 9, 2020
Updated resources	The following resources were updated: AWS::CodeArtifact::Domain and AWS::CodeArtifact::Repository. AWS::CodeArtifact::Domain The AWS::CodeArtifact::Domain resource now supports tags. AWS::CodeArtifact::Repository The AWS::CodeArtifact::Repository resource now supports tags.	November 5, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. CapacityRebalance Use the CapacityRebalance property to indicate whether Capacity Rebalancing is enabled.	November 5, 2020
Updated resource	The following resource was updated: AWS::Batch::JobDefinition AWS::Batch::JobDefinition In the RetryStrategy property type, use the EvaluateOnExit property to specify a set of conditions to be met, and an action to take (RETRY or EXIT) if all conditions are met.	November 5, 2020
Updated resource	The following resource was updated: AWS::EC2::Route. AWS::EC2::Route Use the CarrierGatewayId property to create a route to a carrier gateway.	November 5, 2020
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping Use the Queues property to specify the Amazon MQ queue to stream to a Lambda function. Use the Source access configuration property to specify the Secrets Manager secret that stores your MQ broker credentials.	November 5, 2020
New resource	The following new resource was added: AWS::Events::Archive. AWS::Events::Archive Use the Archive resource to create an EventBridge archive to store events in.	November 5, 2020
New resource	The following resource was added: AWS::IoT::DomainConfiguration. AWS::IoT::DomainConfiguration Use the AWS::IoT::DomainConfiguration resource to specify a domain configuration in AWS IoT Core.	November 5, 2020
New resource	The following resource was added: AWS::RDS::GlobalCluster. AWS::RDS::GlobalCluster Use the AWS::RDS::GlobalCluster resource to create or update an Aurora global database cluster.	November 5, 2020
New resource	The following resource was added: AWS::SES::ContactList AWS::SES::ContactList Use the ContactList resource to create a list that contains contacts that have subscribed to a particular topic or topics.	November 5, 2020
Updated resource	The following resources were updated: AWS::AmazonMQ::Broker, AWS::AmazonMQ::Configuration, AWS::AmazonMQ::ConfigurationAssociation AWS::AmazonMQ::Broker Amazon MQ now supports RabbitMQ broker engine.	November 4, 2020
Updated resource	The following resource was updated: AWS::GlobalAccelerator::EndpointGroup. AWS::GlobalAccelerator::EndpointGroup Use the PortOverride property to override the listener port used for routing traffic to endpoints.	October 29, 2020
New resources	The following resources were added: AWS::IVS::Channel, AWS::IVS::StreamKey, and AWS::IVS::PlaybackKeyPair AWS::IVS::Channel Use the AWS::IVS::Channel resource to specify an Amazon IVS Channel, which stores configuration information related to your live stream. AWS::IVS::StreamKey Use the AWS::IVS::StreamKey resource to specify an Amazon IVS Stream Key, which creates a stream key for the specified IVS Channel. Use a stream key to initiate a live stream. AWS::IVS::PlaybackKeyPair Use the AWS::IVS::PlaybackKeyPair resource to specify an Amazon IVS PlaybackKeyPair, which is used to sign and validate a playback authorization token for a private channel.	October 29, 2020
New resource	The following resources were added: AWS::IoTSitewise::Asset, AWS::IoTSiteWise::AssetModel, and AWS::IoTSiteWise::Gateway. AWS::IoTSiteWise::Asset Use the AWS::IoTSiteWise::Asset resource to create a new asset in AWS IoT SiteWise. AWS::IoTSiteWise::AssetModel Use the AWS::IoTSiteWise::AssetModel resource to create a new asset model in AWS IoT SiteWise. AWS::IoTSiteWise::Gateway Use the AWS::IoTSiteWise::Gateway resource to create a new gateway in AWS IoT SiteWise.	October 28, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup Use the NewInstancesProtectedFromScaleIn property to specify whether newly launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in.	October 26, 2020
Updated resources	The following resources were updated: AWS::AppStream::Fleet and AWS::AppStream::ImageBuilder AWS::AppStream::Fleet Use the IAMRoleArn property to specify an ARN for the IAM role to apply to the fleet. Use the StreamView property to specify the AppStream 2.0 view that is displayed to your users when they stream from the fleet. AWS::AppStream::ImageBuilder Use the IAMRoleArn property to specify an ARN for the IAM role to apply to the image builder.	October 22, 2020
Updated resources	The following resources were updated: AWS::Batch::ComputeEnvironment, AWS::Batch::JobDefinition, and AWS::Batch::JobQueue. AWS::Batch::ComputeEnvironment Use the Tags property to specify tags for the compute environment. AWS::Batch::JobDefinition Use the Tags property to specify tags for the job definition. AWS::Batch::JobQueue Use the Tags property to specify tags for the job queue.	October 22, 2020
Updated resource	The following resource was updated: AWS::AppSync::ApiKey. AWS::AppSync::ApiKey Use the ApiKeyID property to specify the API key ID.	October 22, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the Origin property type, use the OriginShield property to enable CloudFront Origin Shield. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.	October 22, 2020
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain In the ElasticsearchClusterConfig property type: Use the WarmCount property to specify the number of warm nodes in the cluster. Use the WarmEnabled property to specify whether to enable warm storage for the cluster. Use the WarmType property to specify the instance type for the cluster's warm nodes.	October 22, 2020
Updated resource	The following resource was updated: AWS::EMR::Cluster. AWS::EMR::Cluster Use the LogEncryptionKmsKeyId property to specify the AWS KMS customer master key (CMK) used for encrypting log files. Use the ManagedScalingPolicy property to create a managed scaling policy for an Amazon EMR cluster. Use the StepConcurrencyLevel property to specify the number of steps that can be executed concurrently.	October 22, 2020
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule Added AWS::Events::Rule DeadLetterConfig Added AWS::Events::Rule RetryPolicy AWS::Events::Rule Target Added the DeadLetterConfig property of the Target property type. Added the RetryPolicy property of the Target property type.	October 22, 2020
Updated resource	Added a new property, FileFormat, to the FAQ resource. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html	October 22, 2020
Updated resource	The following resource was updated: AWS::KinesisFirehose::DeliveryStream AWS::KinesisFirehose::DeliveryStream DeliveryStreamEncryptionConfigurationInput property type is now supported for the delivery streams in CloudFormation.	October 22, 2020
Updated resource	The following resource was updated: AWS::SNS::Topic. AWS::SNS::Topic Use the ContentBasedDeduplication property to enable content-based deduplication for FIFO topics. Use the FifoTopic property to create a FIFO topic.	October 22, 2020
Updated resource	The following resource was updated: AWS::Transfer::Server. AWS::Transfer::Server In the EndpointDetails property type, use the SecurityGroupIds property to specify a list of security groups IDs that are available to attach to your server's endpoint.	October 22, 2020
New resources	The following resources were added: AWS::MediaPackage::Asset, AWS::MediaPackage::Channel, , AWS::MediaPackage::OriginEndpoint, AWS::MediaPackage::PackagingConfiguration, and AWS::MediaPackage::PackagingGroup. AWS::MediaPackage::Asset. Use the AWS::MediaPackage::Asset to specify an asset to ingest VOD content. AWS::MediaPackage::Channel. Use the AWS::MediaPackage::Channel to specify a channel to receive content. AWS::MediaPackage::OriginEndpoint. Use the AWS::MediaPackage::OriginEndpoint to specify an endpoint on an AWS Elemental MediaPackage channel. AWS::MediaPackage::PackagingConfiguration. Use the AWS::MediaPackage::PackagingConfiguration to specify a packaging configuration in a packaging group. AWS::MediaPackage::PackagingGroup. Use the AWS::MediaPackage::PackagingGroup to specify a packaging group.	October 22, 2020
New resource	The following new resource was added: BlockPublicPolicy Resource Policies Use the BlockPublicPolicy when adding resource policies to Secrets Manager.	October 22, 2020
Increased quotas	The following AWS CloudFormation quotas have been updated. You can now declare a maximum of 200 mappings in your AWS CloudFormation template. You can now declare a maximum of 200 mapping attributes for each mapping in your AWS CloudFormation template. You can now declare a maximum of 200 outputs in your AWS CloudFormation template. You can now declare a maximum of 200 parameters in your AWS CloudFormation template. You can now declare a maximum of 500 resources in your AWS CloudFormation template. You can now pass a template body with a maximum size of 1 MB in an Amazon S3 object.	October 22, 2020
Updated resource	The following resource was updated: AWS::AmazonMQ::Broker. AWS::AmazonMQ::Broker Use the LdapServerMetadata property to to authenticate and authorize connections to a broker.	October 9, 2020
Updated resource	The following resource was updated: AWS::Backup::BackupPlan AWS::Backup::BackupPlan In the BackupPlanResourceType property type, use the AdvancedBackupSetting property to specify a list of backup options for each resource type you want to back up.	October 8, 2020
Updated resource	The following resource was: AWS::EKS::Cluster. AWS::EKS::Cluster Use the KubernetesNetworkConfig property to specify a Kubernetes network configuration. In the AWS::EKS::Cluster KubernetesNetworkConfig property type, use the ServiceIpv4Cidr property to specify the CIDR block that you want Kubernetes to assign service IP addresses from.	October 8, 2020
New resources	The following resources were added: AWS::CodeArtifact::Domain and AWS::CodeArtifact::Repository. AWS::CodeArtifact::Domain Use the AWS::CodeArtifact::Domain resource to create an AWS CodeArtifact domain. AWS::CodeArtifact::Repository Use the AWS::CodeArtifact::Repository resource to create an AWS CodeArtifact repository.	October 8, 2020
Updated resources	The following resources were updated: AWS::ECS::Service AWS::ECS::Service Use the CapacityProviderStrategy property to specify a custom capacity provider strategy when creating a service.	October 1, 2020
Updated resource	The following resource was updated: AWS::Batch::JobDefinition. These property types were added. LogConfiguration Use the LogConfiguration property type to specify the log configuration options to send to a custom log driver for the container. Secrets Use the Secrets property type to specify a secret to expose to the container. Tmpfs Use the Tmpfs property type to specify the details of a tmpfs mount. These property types were updated. ContainerProperties These properties were added. ExecutionRoleArn Specifies the execution role to be assumed for the job. LogConfiguration Specifies the log configuration for a custom log driver for the job. Secrets Specifies the secrets provided for the job. LinuxParameters These properties were added. InitProcessEnabled Indicates that an init process should be enabled inside the container that forwards signals and reaps processes. MaxSwap Specifies the total amount of swap memory (in MiB) a job can use. SharedMemorySize Specifies the size (in MiB) of the /dev/shm volume. Swappiness Specifies the job container's memory swappiness behavior. Tmpfs Specifies the details of the job's tmpfs mount.	October 1, 2020
Updated resource	The following resource was updated: AWS::CloudFront::CachePolicy. AWS::CloudFront::CachePolicy In the AWS::CloudFront::CachePolicy resource, some properties are now required that previously were not required. In the AWS::CloudFront::CachePolicy ParametersInCacheKeyAndForwardedToOrigin property type, use the EnableAcceptEncodingBrotli property to enable CloudFront to serve compressed objects to viewers that support the Brotli compression format. For more information, see Compression support in the Amazon CloudFront Developer Guide.	October 1, 2020
New resource	The following resource was added: AWS::WorkSpaces::ConnectionAlias AWS::WorkSpaces::ConnectionAlias Use the AWS::WorkSpaces::ConnectionAlias resource to specify a connection alias. Connection aliases are used for cross-Region redirection.	October 1, 2020
Drift detection for private resources	CloudFormation supports drift detection operations on an expanded list of AWS resources, as well as private resources that are defined as provisonable. In addition to the resources that previously supported drift detection, CloudFormation now supports drift detection on all resources defined as provisionable in the CloudFormation registry. For more information, see Resources that support import and drift detection operations.	October 1, 2020
Updated resource	The following resource was updated: AWS::ApiGateway::DomainName. AWS::ApiGateway::DomainName Use the AWS::ApiGateway::DomainName resource to configure mutual TLS authentication for an API.	September 17, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::DomainName. AWS::ApiGatewayV2::DomainName Use the AWS::ApiGatewayV2::DomainName resource to configure mutual TLS authentication for an API.	September 17, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Api. AWS::ApiGatewayV2::Api Use the AWS::ApiGatewayV2::Api resource to disable the default endpoint for an HTTP API.	September 17, 2020
New resources	The following resources were added: AWS::AppFlow::Flow and AWS::AppFlow::ConnectorProfile. AWS::AppFlow::Flow Use the AWS::AppFlow::Flow resource to specify a new flow in Amazon AppFlow. AWS::AppFlow::ConnectorProfile Use the AWS::AppFlow::ConnectorProfile describe an instance of a connector in Amazon AppFlow.	September 17, 2020
New resources	The following resource was added: AWS::CloudFormation::StackSet. AWS::CloudFormation::StackSet Use the AWS::CloudFormation::StackSet to provision stacks into AWS accounts and across Regions by using a single CloudFormation template.	September 17, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Authorizer. AWS::ApiGatewayV2::Authorizer Use the AWS::ApiGatewayV2::Authorizer resource to create a Lambda authorizer for an HTTP API.	September 10, 2020
Updated resource	The following resource was updated: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the DeleteReports property to specify if any reports that belong to the report group should be deleted when the report group is deleted.	September 10, 2020
Updated resource	The following resource was updated: AWS::StepFunctions::StateMachine. AWS::StepFunctions::StateMachine The AWS::StepFunctions::StateMachine now supports X-Ray tracing. You can use the TracingConfiguration property to enable X-Ray tracing for your state machines.	September 10, 2020
New resources	This is the first release of Amazon Kendra in AWS CloudFormation.	September 10, 2020
New resources	The following resources were added: AWS::SSO::Assignment, AWS::SSO::PermissionSet. AWS::SSO::Assignment Use the AWS::SSO::Assignment resource to assign access to a principal for a specified AWS account using a specified permission set. AWS::SSO::PermissionSet Use the AWS::SSO::PermissionSet resource to create a permission set within a specified SSO instance.	September 10, 2020
Update resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types, use the RealtimeLogConfigArn property to specify the Amazon Resource Name (ARN) of the real-time log configuration for the cache behavior. For more information, see Real-time logs in the Amazon CloudFront Developer Guide.	September 3, 2020
New resources	The following resources were added: AWS::CloudFront::CachePolicy, AWS::CloudFront::OriginRequestPolicy, and AWS::CloudFront::RealtimeLogConfig. AWS::CloudFront::CachePolicy Use the AWS::CloudFront::CachePolicy resource to create a new cache policy in Amazon CloudFront. AWS::CloudFront::OriginRequestPolicy Use the AWS::CloudFront::OriginRequestPolicy resource to create a new origin request policy in Amazon CloudFront. AWS::CloudFront::RealtimeLogConfig Use the AWS::CloudFront::RealtimeLogConfig resource to create a new real-time log configuration in Amazon CloudFront.	September 3, 2020
New resource	The following resource was added: AWS::CodeGuruReviewer::RepositoryAssociation AWS::CodeGuruReviewer::RepositoryAssociation The AWS::CodeGuruReviewer::RepositoryAssociation resource describes an associated repository that contains source code to be analyzed by AWS CodeGuru Reviewer. For more information, see RespositoryAssociation in the AWS CodeGuru Reviewer API Reference.	September 3, 2020
New resource	The following resource was added: AWS::EKS::FargateProfile. AWS::EKS::FargateProfile Use the AWS::EKS::FargateProfile resource to create an AWS Fargate profile.	September 3, 2020
Updated resource	The following resource was updated: AWS::CodeCommit::Repository Code AWS::CodeCommit::Repository Code Use the BranchName property to specify a branch name to be used as the default branch when importing code into a repository.	August 31, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProvisionedProduct. AWS::ServiceCatalog::CloudFormationProvisionedProduct The PathName property is now available as an alternative to PathId.	August 27, 2020
New resources	The following resources were added: AWS::GameLift::GameServerGroup AWS::GameLift::GameServerGroup Use the AWS::GameLift::GameServerGroup resource to create a GameLift FleetIQ game server group to run low-cost game hosting on your Amazon EC2 instances.	August 27, 2020
New resources	The following resources were added: AWS::Route53Resolver::ResolverQueryLoggingConfig and AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation. AWS::Route53Resolver::ResolverQueryLoggingConfig Use the AWS::Route53Resolver::ResolverQueryLoggingConfig resource to specify settings for a query logging configuration. AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation Use the AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation resource to configure DNS query logging.	August 27, 2020
Updated resource	The following resource was updated: AWS::KMS::Key. AWS::KMS::Key Added a KeyId attribute to the return values.	August 26, 2020
Updated resource	The following resource was updated to support use of a launch template: AWS::EKS::Nodegroup. AWS::EKS::Nodegroup Use the LaunchTemplate property to specify a launch template specification that can be used to deploy or update a managed node group. If you use a launch template to deploy a node group, some settings that you normally set for a node group must be moved into the launch template. The text for affected settings has been updated to note that.	August 20, 2020
Updated resources	The following resources were updated: AWS::ECS::TaskDefinition AWS::ECS::TaskDefinition Use the EnvironmentFiles property to specify a list of files containing the environment variables to pass to a container.	August 13, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type, use DriveCacheType to specify the type of drive cache used by PERSISTENT_1 file systems that are provisioned with HDD storage devices.	August 13, 2020
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping Use the Topics property to specify the Amazon MSK topics to stream to a Lambda function.	August 13, 2020
New resource	The following resource was added: AWS::ApplicationInsights::Application AWS::ApplicationInsights::Application Use the AWS::ApplicationInsights::Application resource to add an application that is created from a resource group.	August 13, 2020
New resource	The following resource was added: AWS::EC2::CarrierGateway. AWS::EC2::CarrierGateway Use the CarrierGateway resource to create a carrier gateway.	August 13, 2020
Updated permissions required for registering resource providers	Registering a resource provider in your account now requires you have permission to access the schema handler package uploaded to an S3 bucket for that resource provider. For more information, see Registering resource providers in CloudFormation.	August 7, 2020
Updated resource	The following resource was updated: AWS::CodeBuild::Project AWS::CodeBuild::Project Use the BuildBatchConfig property to specify configuration information for a batch build.	August 6, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type, AutoImportPolicyType was changed to AutoImportPolicy. Use AutoImportPolicy to configure your Amazon FSx for Lustre file system to automatically import metadata of objects that are added to or changed in your linked S3 bucket after file system creation.	August 6, 2020
Updated resources	The following resources were updated: AWS::ECS::TaskDefinition AWS::ECS::TaskDefinition Use the EFSVolumeConfiguration property to specify an Amazon Elastic File System file system for task storage.	July 30, 2020
Updated resource	The following resource was updated: AWS::EC2::FlowLog. AWS::EC2::FlowLog Use the LogFormat property to specify the fields for the flow log record. Use the MaxAggregationInterval property to specify the maximum interval for capturing and aggregating flows. Use the Tags property to specify tags for the flow log.	July 30, 2020
Updated resource	The following resource was updated: AWS::GroundStation::DataflowEndpointGroup. MTU property The MTU property sets the maximum transmission unit used for a dataflow endpoint.	July 30, 2020
New resources	The following resources were added: AWS::AppMesh::VirtualGateway and AWS::AppMesh::GatewayRoute AWS::AppMesh::VirtualGateway Use the AWS::AppMesh::VirtualGateway resource to create a virtual gateway that allows resources outside of your mesh to communicate to resources that are inside of your mesh. AWS::AppMesh::GatewayRoute Use the AWS::AppMesh::GatewayRoute resource to create a gateway route that routes traffic to a virtual service.	July 30, 2020
New resources	The following resource was added: AWS::SageMaker::MonitoringSchedule AWS::SageMaker::MonitoringSchedule Use the AWS::SageMaker::MonitoringSchedule resource to create a monitoring schedule to regularly start an Amazon SageMaker processing job to monitor the data captured for a SageMaker endpoint..	July 30, 2020
New property	The following properties were added: AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration and AWS::CodeGuruProfiler::ProfilingGroup.Tags. AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration Use the AWS::CodeGuruProfiler::ProfilingGroup.AnomalyDetectionNotificationConfiguration property to configure notifications for your profiling group. AWS::CodeGuruProfiler::ProfilingGroup.Tags Use the AWS::CodeGuruProfiler::ProfilingGroup.Tags property to add tags to a profiling group.	July 30, 2020
Updated resources	The following resources were updated: AWS::WAFv2::WebACL and AWS::WAFv2::RuleGroup AWS::WAFv2::WebACL Rule statements that use IP addresses now support using IP addresses that are forwarded in an HTTP header in the web request, instead of using the IP address that's reported by the web request origin. This option is available for all rule statements that use an IP address: GeoMatchStatement, RateBasedStatement, and IPSetReferenceStatement. The following new properties support this functionality: IPSetForwardedIPConfiguration and ForwardedIPConfiguration. AWS::WAFv2::RuleGroup Rule statements that use IP addresses now support using IP addresses that are forwarded in an HTTP header in the web request, instead of using the IP address that's reported by the web request origin. This option is available for all rule statements that use an IP address: GeoMatchStatement, RateBasedStatement, and IPSetReferenceStatement. The following new properties support this functionality: IPSetForwardedIPConfiguration and ForwardedIPConfiguration.	July 23, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the CacheBehavior and DefaultCacheBehavior property types: Use the CachePolicyId property to specify the ID of the cache policy for the cache behavior. Use the OriginRequestPolicyId property to specify the ID of the origin request policy for the cache behavior. For more information, see Working with policies in the Amazon CloudFront Developer Guide.	July 23, 2020
Updated resource	The following resource was updated: AWS::CodeStarConnections::Connection AWS::CodeStarConnections::Connection Use the HostArn property to specify the host associated with connections you want to make to an installed provider.	July 23, 2020
Updated resource	The following resource was updated: AWS::EFS::FileSystem AWS::EFS::FileSystem Use the BackupPolicy property to turn automatic backups on or off for your Amazon EFS file system.	July 23, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type, use AutoImportPolicyType to configure how FSx imports new files and file changes in the linked data repository into the file system.	July 23, 2020
Updated resource	The following resource was updated: EndpointConfig AWS::SageMaker::EndpointConfig Use the CaptureContentTypeHeader property to specify content types (JSON and/or CSV) to capture. Use the CaptureOption property to specify whether to capture input data, output data, or both. Use the DataCaptureConfig resource/property to configure how the endpoint captures data.	July 23, 2020
Updated resource	The following resource was updated: AWS::Amplify::App AWS::Amplify::App Use the EnableBranchAutoDeletion property to automatically disconnect a branch in the Amplify Console when you delete a branch from your Git repository.	July 9, 2020
Updated resource	The following resource was updated: AWS::Amplify::Domain AWS::Amplify::Domain Use the AutoSubDomainCreationPatterns property to set branch patterns for automatic subdomain creation. Use the AutoSubDomainIAMRole property to specify the required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains. Use the EnableAutoSubDomain property to enable the automated creation of subdomains for branches.	July 9, 2020
Updated resource	The following resource was updated: AWS::ElasticLoadBalancingV2::Listener. AWS::ElasticLoadBalancingV2::Listener Use the AlpnPolicy property to specify the name of the Application-Layer Protocol Negotiation (ALPN) policy for TLS listeners.	July 9, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem The StorageCapacity property has changed so that an update requires no interruption. In the WindowsConfiguration property type, the ThroughputCapacity property has changed so that an update requires no interruption. In the LustreConfiguration property type: Use the DailyAutomaticBackupStartTime property to specify the time that the daily automatic backup window starts. Use the CopyTagsToBackups boolean property to copy file system tags to its backups. Use the AutomaticBackupRetentionDays property to set the number of days to retain file system backups.	July 9, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProvisionedProduct. AWS::ServiceCatalog::CloudFormationProvisionedProduct Use the Outputs property to view the output of the product you are provisioning.	July 9, 2020
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary The MemoryInMB parameter was added. Also, the RunConfig parameter is no longer required, and DurationInSeconds is no longer required.	July 9, 2020
New resource	The following resource was added: AWS::Athena::DataCatalog AWS::Athena::DataCatalog Use the AWS::Athena::DataCatalog resource to register external data sources with Athena.	July 9, 2020
New resource	The following resource was added: AWS::EC2::PrefixList. AWS::EC2::PrefixList Use the PrefixList resource to create a prefix list.	July 9, 2020
New resource	The following resource was added: AWS::QLDB::Stream AWS::QLDB::Stream Use the AWS::QLDB::Stream resource to specify a new journal stream for a given Amazon Quantum Ledger Database (Amazon QLDB) ledger.	July 9, 2020
New property	The following property was added to AWS::CodeBuild::Project Source: BuildStatusConfig AWS::CodeBuild::Project Source Use the buildStatusConfig property to specify build status information to the source provider.	July 9, 2020
New property	The following resource was added: AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform. AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform Use AWS::CodeGuruProfiler::ProfilingGroup.ComputePlatform to specify the compute platform of the profiling group.	July 9, 2020
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule In the Target property type, use the HttpParameters property to specify the HTTP parameters to use when the target is a API Gateway REST endpoint.	July 6, 2020
New resource	The following resource was added: AWS::AppConfig::HostedConfigurationVersion AWS::AppConfig::HostedConfigurationVersion This resource lets you create a new configuration in the AppConfig hosted configuration store.	June 25, 2020
Updated resources	The following resources were updated: AWS::ServiceDiscovery::HttpNamespace AWS::ServiceDiscovery::PrivateDnsNamespace AWS::ServiceDiscovery::PublicDnsNamespace AWS::ServiceDiscovery::Service AWS::ServiceDiscovery::HttpNamespace Use the Tags property to add tag keys and values to an AWS CloudMap HTTP namespace. AWS::ServiceDiscovery::PrivateDnsNamespace Use the Tags property to add tag keys and values to an AWS CloudMap private DNS namespace. AWS::ServiceDiscovery::PublicDnsNamespace Use the Tags property to add tag keys and values to an AWS CloudMap public DNS namespace. AWS::ServiceDiscovery::Service Use the Tags property to add tag keys and values to an AWS CloudMap service.	June 22, 2020
Updated resources	The following resources were updated: AWS::ECS::Cluster AWS::ECS::Cluster Use the CapacityProviderStrategyItem property to specify the capacity provider strategy when creating a cluster.	June 18, 2020
Updated resource	The following resources were updated: AWS::FMS::Policy IEMap AWS::FMS::Policy IEMap The AWS::FMS::Policy IEMap resource now allows you to specify accounts using AWS Organizations organizational units (OUs), in addition to account IDs.	June 18, 2020
New resources	The following resources were added: AWS::ECS::CapacityProvider. AWS::ECS::CapacityProvider Use the AWS::ECS::CapacityProvider resource to create a new capacity provider.	June 18, 2020
Updated resource	The following resource was updated: AWS::EFS::FileSystem AWS::EFS::FileSystem Use the FileSystemPolicy property to create a new resource policy to control NFS access to your Amazon EFS file system.	June 16, 2020
Updated resource	The following resource was updated: AWS::EFS::AccessPoint AWS::EFS::AccessPoint Fn::GetAtt now returns the AccessPointId and Arn attributes.	June 16, 2020
Updated resource	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function Use the FileSystemConfigs property to specify connection settings for an Amazon EFS file system.	June 16, 2020
Updated resources	The following resource was updated: AWS::EC2::Volume. AWS::EC2::Volume Use the OutpostArn property to specify the Amazon Resource Name (ARN) of the Outpost.	June 11, 2020
Updated resource	The following resource was updated: AWS::CertificateManager::Certificate AWS::CertificateManager::Certificate Use the CertificateAuthorityArn property to specify the Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. Use the CertificateTransparencyLoggingPreference property to enable or disable certificate transparency logging.	June 11, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the Origin property type, use the ConnectionAttempts property to specify the number of times that CloudFront attempts to connect to the origin. In the Origin property type, use the ConnectionTimeout property to specify the number of seconds that CloudFront waits when trying to establish a connection to the origin.	June 11, 2020
Updated resource	The following resource was updated: AWS::ElastiCache::ReplicationGroup. AWS::ElastiCache::ReplicationGroup Use the MultiAZEnabled attribute to indicate if you have Multi-AZ enabled.	June 11, 2020
Updated resource	The following resource was updated: AWS::ElasticLoadBalancingV2::LoadBalancer. AWS::ElasticLoadBalancingV2::LoadBalancer Use the SubnetMapping attribute to specify a subnet to attach to an Application Load Balancer or a Network Load Balancer.	June 11, 2020
New resource	The following resources were added: AWS::RDS::DBProxy and AWS::RDS::DBProxyTargetGroup. AWS::RDS::DBProxy Use the AWS::RDS::DBProxy resource to create or update a DB proxy. Use the AWS::RDS::DBProxyTargetGroup resource to specify a set of RDS DB instances, Aurora DB clusters, or both that a proxy can connect to.	June 4, 2020
Resource import supports provisionable private resource types	Import operations now support private resource types that are provisionable; that is, whose provisioning type is either FULLY_MUTABLE or IMMUTABLE. For more information, see Resources that support import operations.	June 3, 2020
New property	The following property was added: AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions. AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions The AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions property shows the agent permissions attached to this profiling group.	June 3, 2020
Updated resource	The following resource was updated: AWS::EC2::ClientVpnEndpoint AWS::EC2::ClientVpnEndpoint ClientAuthenticationRequest Use the FederatedAuthentication property to specify an IAM SAML identity provider for your Client VPN endpoint.	May 28, 2020
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster You can now update an existing MSK cluster to a newer version of Apache Kafka. You can't update it to an older version.	May 28, 2020
Updated resource	The following resource was updated: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the tags property to specify the name and value of any tags that you want supporting AWS services to use for a report group.	May 21, 2020
Updated resource	The following resource was updated: AWS::StepFunctions::StateMachine. AWS::StepFunctions::StateMachine The AWS::StepFunctions::StateMachine has two new properties. You can use the DefinitionS3Location property to reference a state machine JSON definition file stored in an S3 bucket. You can use the DefinitionSubstitutions property to pass variables into the state machine definition file referenced by DefinitionS3Location.	May 21, 2020
Updated resource	The following resource was updated: AWS::SSM::Parameter AWS::SSM::Parameter When you create a String parameter, you can now specify a DataType value as aws:ec2:image to ensure that the parameter value you enter is a valid Amazon Machine Image (AMI) ID format. Support for AMI ID formats lets you avoid updating all your scripts and templates with a new ID each time the AMI that you want to use in your processes changes. You can create a parameter with the data type aws:ec2:image, and for its value, enter the ID of an AMI. This is the AMI from which you currently want new instances to be created. You then reference this parameter in your templates and commands. When you’re ready to use a different AMI, update the parameter value. Parameter Store validates the new AMI ID, and you don’t need to update your scripts and templates.	May 21, 2020
ECS blue/green deployments through CodeDeploy	You can now use CloudFormation to perform ECS blue/green deployments through CodeDeploy. Blue/green deployments are a safe deployment strategy provided by AWS CodeDeploy for minimizing interruptions caused by changing application versions. For more information, see Performing ECS blue/green deployments through CodeDeploy using AWS CloudFormation.	May 19, 2020
AWS CloudFormation StackSets Region availability	AWS CloudFormation StackSets is now available in the AWS GovCloud (US-West) Region.	May 18, 2020
Updated resource	The following resource was updated: AWS::CodeStarConnections::Connection AWS::CodeStarConnections::Connection Use the Tags property to specify the tags applied to your connections resource.	May 14, 2020
Updated resource	The following resource was updated: AWS::MediaStore::Container. AWS::MediaStore::Container Use the MetricPolicy property to enable metrics at the object level. Use the Tags property to attach metadata to the AWS::MediaStore::Container resource.	May 14, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProduct. AWS::ServiceCatalog::CloudFormationProduct Use the ReplaceProvisioningArtifacts property to choose whether provisioning artifact identifiers are replaced when you update a product.	May 14, 2020
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary The RunConfig parameter is required.	May 14, 2020
New resources	The following resources were added: AWS::Macie::CustomDataIdentifier, AWS::Macie::FindingsFilter, and AWS::Macie::Session AWS::Macie::CustomDataIdentifier Use the AWS::Macie::CustomDataIdentifier resource to create a custom data identifier in Amazon Macie. AWS::Macie::FindingsFilter Use the AWS::Macie::FindingsFilter resource to create a custom filter for findings in Amazon Macie. AWS::Macie::Session Use the AWS::Macie::Session resource to enable Amazon Macie.	May 14, 2020
Updated resource	The following resource was updated: AWS::IoTEvents::DetectorModel. AWS::IoTEvents::DetectorModel Added the following properties: AssetPropertyTimestamp, AssetPropertyValue, AssetPropertyVariant, DynamoDB, DynamoDBv2, IotSiteWise, and Payload. Updated the following property: SetTimer.	May 7, 2020
Updated resource	The following resource was updated: AWS::SSM::Association AWS::SSM::Association Use the WaitForSuccessTimeoutSeconds property to specify the number of seconds the service should wait for the association status to show "Success" before proceeding with the stack execution. If the association status doesn't show "Success" after the specified number of seconds, then stack creation fails.	May 7, 2020
New resource	The following resource was added: AWS::ImageBuilder::Image. AWS::ImageBuilder::Image Use the AWS::ImageBuilder::Image resource to create an image in the EC2 Image Builder service.	May 7, 2020
Updated resource	The following resource was updated: AWS::Synthetics::Canary. AWS::Synthetics::Canary Use the Name property to specify the name for this canary.	April 30, 2020
New resource	The following resource was added: AWS::EventSchemas::RegistryPolicy. AWS::EventSchemas::RegistryPolicy Use the AWS::EventSchemas::RegistryPolicy resource to specify a resource-based policy associated with a schema registry.	April 30, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem Use the LustreMountName attribute when mounting an Amazon FSx for Lustre file system.	April 23, 2020
New resources	The following resources were added: AWS::ImageBuilder::Component, AWS::ImageBuilder::DistributionConfiguration, AWS::ImageBuilder::ImagePipeline, AWS::ImageBuilder::ImageRecipe, and AWS::ImageBuilder::InfrastructureConfiguration. AWS::ImageBuilder::Component Use the AWS::ImageBuilder::Component resource to create a component in the EC2 Image Builder service. AWS::ImageBuilder::DistributionConfiguration Use the AWS::ImageBuilder::DistributionConfiguration resource to create a distribution configuration in the EC2 Image Builder service. AWS::ImageBuilder::ImagePipeline Use the AWS::ImageBuilder::ImagePipeline resource to create an image pipeline in the EC2 Image Builder service. AWS::ImageBuilder::ImageRecipe Use the AWS::ImageBuilder::ImageRecipe resource to create an image recipe in the EC2 Image Builder service. AWS::ImageBuilder::InfrastructureConfiguration Use the AWS::ImageBuilder::InfrastructureConfiguration resource to create an infrastructure configuration in the EC2 Image Builder service.	April 23, 2020
New resource	The following resource was added: AWS::CE::CostCategory AWS::CE::CostCategory Use the AWS::CE::CostCategory resource to create groupings of costs that you can use across products in the AWS Billing and Cost Management console.	April 23, 2020
New resource	The following resource was added: AWS::Synthetics::Canary. AWS::Synthetics::Canary Use the AWS::Synthetics::Canary resource to create a canary. Canaries are configurable scripts that run on a schedule and monitor your endpoints and APIs. By using canaries, you can discover issues before your customers do.	April 23, 2020
Updated resource	The following resource was updated: AWS::Glue::DevEndpoint AWS::Glue::DevEndpoint Use the PublicKeys property to specify a list of public keys to be used by a development endpoint for authentication.	April 16, 2020
Updated resource	The following resource was updated: AWS::Glue::MLTransform AWS::Glue::MLTransform Use the Tags property to specify the AWS resource tags to use to manage access to a machine learning transform.	April 16, 2020
New resource	The following resource was added: AWS::ResourceGroups::Group AWS::ResourceGroups::Group Use the AWS::ResourceGroups::Group resource to create a resource group with the specified name, description, and resource query.	April 16, 2020
Updated resource	The following resource was updated: AWS::CloudWatch::InsightRule. AWS::CloudWatch::InsightRule The AWS::CloudWatch::InsightRule resource now supports tags. Use the AWS::CloudWatch::InsightRule resource to create Contributor Insights rules. For more information, see Using Contributor Insights to Analyze High-Cardinality Data.	April 2, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem Use the StorageType property to specify the type of storage for the file system, either solid state drive, SSD or hard disk drive, HDD. In the WindowsConfiguration property type, use the DeploymentType property to specify a new Amazon FSx for Windows File Server file system deployment type, SINGLE_AZ_2, the latest generation of Single-AZ file systems.	April 2, 2020
Updated resource	The following resource was updated: AWS::ServiceCatalog::LaunchRoleConstraint. AWS::ServiceCatalog::LaunchRoleConstraint Use the LocalRoleName property to specify an IAM role to use when an account uses a launch constraint.	April 2, 2020
Updated resource	The following resource was updated: AWS::ApiGatewayV2::Integration. AWS::ApiGatewayV2::Integration Use the AWS::ApiGatewayV2::Integration resource to create a private integration for an HTTP API.	March 26, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup Use the MaxInstanceLifetime property to specify the maximum amount of time, in seconds, that an instance can be in service.	March 26, 2020
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Use the UsernameConfiguration property to set case sensitivity on the username input for the selected sign-in option.	March 26, 2020
Updated resource	The following resource was updated: AWS::EC2::Volume AWS::EC2::Volume Use the MultiAttachEnabled property to indicate whether Amazon EBS Multi-Attach is enabled.	March 26, 2020
Updated resource	The following resource was updated: AWS::RDS::DBInstance AWS::RDS::DBInstance The AWS::RDS::DBInstance resource now supports Read Replica across multiple Availability Zone deployments.	March 26, 2020
New resources	The following resources were added: AWS::Detective::Graph and AWS::Detective::MemberInvitation AWS::Detective::Graph Use the AWS::Detective::Graph resource to specify a Detective behavior graph. AWS::Detective::MemberInvitation Use the AWS::Detective::MemberInvitation resource to send an invitation to join a Detective behavior graph.	March 26, 2020
Updated resource	The following resource was updated: AWS::EC2::ClientVpnEndpoint. AWS::EC2::ClientVpnEndpoint Use the VpcId and SecurityGroupIds properties to assign security groups to your Client VPN endpoint.	March 19, 2020
New resources	The following resources were added: AWS::NetworkManager::CustomerGatewayAssociation, AWS::NetworkManager::Device, AWS::NetworkManager::GlobalNetwork, AWS::NetworkManager::Link, AWS::NetworkManager::LinkAssociation, AWS::NetworkManager::Site, and AWS::NetworkManager::TransitGatewayRegistration AWS::NetworkManager::CustomerGatewayAssociation Use the AWS::NetworkManager::CustomerGatewayAssociation resource to specify an association between a customer gateway, device, and link. AWS::NetworkManager::Device Use the AWS::NetworkManager::Device resource to specify a device in a global network. AWS::NetworkManager::GlobalNetwork Use the AWS::NetworkManager::GlobalNetwork resource to specify a global network. AWS::NetworkManager::Link Use the AWS::NetworkManager::Link resource to specify a link for a site. AWS::NetworkManager::LinkAssociation Use the AWS::NetworkManager::LinkAssociation resource to specify an association between a device and a link. AWS::NetworkManager::Site Use the AWS::NetworkManager::Site resource to specify a site in a global network. AWS::NetworkManager::TransitGatewayRegistration Use the AWS::NetworkManager::TransitGatewayRegistration resource to specify the registration of a transit gateway in a global network.	March 19, 2020
New resource	The following resource was added: AWS::CodeGuruProfiler::ProfilingGroup. AWS::CodeGuruProfiler::ProfilingGroup Use the AWS::CodeGuruProfiler::ProfilingGroup resource to create a profiling group.	March 19, 2020
New resources	The following resources were added: AWS::Cassandra::Keyspace and AWS::Cassandra::Table. AWS::Cassandra::Keyspace Use the AWS::Cassandra::Keyspace resource to create a new keyspace in Amazon Keyspaces (for Apache Cassandra). AWS::Cassandra::Table Use the AWS::Cassandra::Table resource to create a new table in Amazon Keyspaces (for Apache Cassandra).	March 16, 2020
Updated resource	The following resources were updated: AWS::AppMesh::VirtualNode, AWS::AppMesh::VirtualRouter, AWS::AppMesh::VirtualService, and AWS::AppMesh::Route AWS::AppMesh::VirtualNode Use the MeshOwner property to specify the account ID that owns a shared mesh. AWS::AppMesh::Route Use the MeshOwner property to specify the account ID that owns a shared mesh. AWS::AppMesh::VirtualRouter Use the MeshOwner property to specify the account ID that owns a shared mesh. AWS::AppMesh::VirtualService Use the MeshOwner property to specify the account ID that owns a shared mesh.	March 12, 2020
Updated resource	The following resource was updated: AWS::MSK::Cluster AWS::MSK::Cluster Use the LoggingInfo to stream broker logs to one or more of the following destination types: Amazon CloudWatch Logs, Amazon S3, Amazon Kinesis Data Firehose.	March 12, 2020
New and updated resources	The following resources were added or updated: AWS::ApiGatewayV2::ApiGatewayManagedOverrides, AWS::ApiGatewayV2::Integration, and AWS::ApiGatewayV2::VpcLink. AWS::ApiGatewayV2::ApiGatewayManagedOverrides Use the AWS::ApiGatewayV2::ApiGatewayManagedOverrides resource to override the default properties of API Gateway managed resources. AWS::ApiGatewayV2::Integration Use the AWS::ApiGatewayV2::Integration resource to create a private integration for an HTTP API. AWS::ApiGatewayV2::VpcLink Use the AWS::ApiGatewayV2::VpcLink resource to create a VPC link for an HTTP API.	March 12, 2020
Updated resources	The following resources were updated: AWS::Greengrass::ResourceDefinition and AWS::Greengrass::ResourceDefinitionVersion AWS::Greengrass::ResourceDefinition In the S3MachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource. In the SageMakerMachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource. AWS::Greengrass::ResourceDefinitionVersion In the S3MachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource. In the SageMakerMachineLearningModelResourceData property type that defines a resource instance, use the OwnerSetting property to specify the Linux OS group owner and permissions for the downloaded machine learning resource.	March 9, 2020
Updated resource	The following resource was updated: AWS::CloudFront::Distribution. AWS::CloudFront::Distribution In the DistributionConfig property type, use the OriginGroups property to specify information about origin groups for this distribution.	March 5, 2020
Updated resource	The following resource was updated to support envelope encryption of secrets with AWS KMS: AWS::EKS::Cluster AWS::EKS::Cluster EncryptionConfig Use the AWS::EKS::Cluster EncryptionConfig property to specify the encryption configuration for a Amazon EKS cluster. AWS::EKS::Cluster Provider Use the AWS::EKS::Cluster Provider property to specify the AWS Key Management Service (AWS KMS) customer master key (CMK) used to encrypt the secrets for a Amazon EKS cluster.	March 5, 2020
New resource	The following resource was added: AWS::Athena::WorkGroup AWS::Athena::WorkGroup Use the AWS::Athena::WorkGroup resource to separate users, teams, applications, or workloads, set limits on the amount of data the workgroup or its queries can process, and track costs.	March 5, 2020
New resource	The following resource was added: AWS::Chatbot::SlackChannelConfiguration AWS::Chatbot::SlackChannelConfiguration Use the AWS::Chatbot::SlackChannelConfiguration resource to configure a Slack channel with AWS Chatbot.	March 5, 2020
New resource	The following resource was added: AWS::CodeStarConnections::Connection AWS::CodeStarConnections::Connection Use the AWS::CodeStarConnections::Connection resource to specify Connection.	March 5, 2020
New resource	The following resource was added: AWS::CloudWatch::CompositeAlarm. AWS::CloudWatch::CompositeAlarm Use the AWS::CloudWatch::CompositeAlarm property to create a composite alarm. Composite alarms evaluate their alarm state based on the alarm states of other CloudWatch rules.	March 2, 2020
Updated resource	The following resource was updated: AWS::AppMesh::VirtualNode AWS::AppMesh::VirtualNode Use the BackendDefaults property to specify a client policy for a backend. Use the ClientPolicy property to specify a client policy. Use the ClientPolicyTls property to specify a Transport Layer Security (TLS) client policy. Use the ListenerTls property to specify a TLS listener. Use the ListenerTlsCertificate property to specify the type of certificate to use for a client policy. Use the ListenerTlsAcmCertificate property to specify an AWS Certificate Manager certificate. Use the ListenerTlsFileCertificate property to specify properties of a local file certificate. Use the TlsValidationContext property to specify a TLS validation context trust. Use the TlsValidationContextAcmTrust property to specify a context trust for an AWS Certificate Manager certificate. Use the TlsValidationContextFileTrust property to specify a file that contains the certificate trust chain for a local file certificate. Use the TlsValidationContextTrust property to specify a TLS validation context trust. Use the VirtualNodeSpec property to specify BackendDefaults. Use the Listener property to specify a ListenerTls.	February 27, 2020
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the LustreConfiguration property type: Use the DeploymentType property to specify the Amazon FSx for Lustre file system deployment type, either PERSISTENT_1, SCRATCH_2, or SCRATCH_1. Use the PerUnitStorageThroughput property to specify the throughput in MB/s/TiB for a PERSISTENT_1 Amazon FSx for Lustre file system deployment type.	February 27, 2020
New resources	The following resources were added: AWS::GroundStation::Config, AWS::GroundStation::DataflowEndpointGroup, and AWS::GroundStation::MissionProfile AWS::GroundStation::Config Use the AWS::GroundStation::Config resource to specify a Config with the specified parameters. AWS::GroundStation::DataflowEndpointGroup Use the AWS::GroundStation::DataflowEndpointGroup resource to specify a Dataflow Endpoint Group request. AWS::GroundStation::MissionProfile Use the AWS::GroundStation::MissionProfile resource to specify parameters and provide references to config objects to define how Ground Station lists and executes contacts.	February 27, 2020
Updated resource	The following resources was updated: AWS::CodeBuild::Project AWS::CodeBuild::Project Use the ProjectFileSystemLocation property to specify a file system that your AWS CodeBuild build project mounts. You use Amazon Elastic File System (EFS) to create the file system. For more information, see Amazon Elastic File System Sample for CodeBuild.	February 20, 2020
Updated resource	The following resource was updated: AWS::Neptune::DBCluster AWS::Neptune::DBCluster Use the DeletionProtection property to help prevent inadvertent deletion of your DB cluster. Use the EngineVersion property to specify the engine version that your new DB cluster will use.	February 18, 2020
New resources	The following resources were added: AWS::EC2::LocalGatewayRoute and AWS::EC2::LocalGatewayRouteTableVPCAssociation. AWS::EC2::LocalGatewayRoute Use the LocalGatewayRoute resource to associate the specified VPC with the specified local gateway route table. AWS::EC2::LocalGatewayRouteTableVPCAssociation Use the LocalGatewayRouteTableVPCAssociation resource to associate the specified VPC with the specified local gateway route table.	February 14, 2020
Updated resources	The following resource were updated: AWS::ElasticLoadBalancingV2::Listener and AWS::ElasticLoadBalancingV2::ListenerRule AWS::ElasticLoadBalancingV2::Listener In the Action property type, use the ForwardConfig property to specify an action that distributes requests among one or more target groups. AWS::ElasticLoadBalancingV2::ListenerRule In the Action property type, use the ForwardConfig property to specify an action that distributes requests among one or more target groups.	February 13, 2020
New resource	The following resources was added: AWS::Config::ConformancePack AWS::Config::ConformancePack Use the AWS::Config::ConformancePack resource to create a Conformance Pack that is a collection of AWS Config rules that can be easily deployed in an account and a region and across AWS Organization.	February 13, 2020
New resource	The following resources was added: AWS::Config::OrganizationConformancePack AWS::Config::OrganizationConformancePack Use the AWS::Config::OrganizationConformancePack resource to create an OrganizationConformancePack that has information about conformance packs that AWS Config creates in the member accounts.	February 13, 2020
New resource	The following resources were added: AWS::FMS::NotificationChannel and AWS::FMS::Policy AWS::FMS::NotificationChannel Use the AWS::FMS::NotificationChannel resource to designate the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager uses to record SNS logs. AWS::FMS::Policy Use the AWS::FMS::Policy resource to specify an AWS Firewall Manager policy.	February 13, 2020
AWS CloudFormation StackSets integrates with AWS Organizations	Use StackSets to centrally manage deployments to all the accounts in your organization or specific organizational units (OUs) in AWS Organizations. You can enable automatic deployments to any new accounts added to your organization or OUs. The permissions needed to deploy across accounts will automatically be handled by StackSets. For more information, see Working with AWS CloudFormation StackSets.	February 11, 2020
Updated resources	The following resources were updated: AWS::EC2::LaunchTemplate and AWS::EC2::ClientVpnEndpoint AWS::EC2::LaunchTemplate Use the MetadataOptions property to configure the Instance Metadata Service (IMDS) for the instance. Use the HostResourceGroupArn property to specify the ARN of the host resource group in which to launch the instances. Use the PartitionNumber property to specify a target partition in a partition placement group. Use the LaunchTemplateElasticInferenceAccelerator property to specify the number of elastic inference accelerators to attach to the instance. AWS::EC2::ClientVpnEndpoint Use the VpnPort property to assign a port number for TCP and UDP traffic.	February 6, 2020
Updated resource	The following resource was updated: AWS::AppSync::GraphQLApi. AWS::AppSync::GraphQLApi When the property xrayEnabled is set to TRUE, X-Ray tracing is enabled for this GraphqlApi.	February 6, 2020
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Added AccountRecoverySetting parameter to define which verified available method a user can use to recover their password.	February 6, 2020
Updated resource	The following resource was updated: AWS::OpsWorksCM::Server AWS::OpsWorksCM::Server Use the Tags property to add tag keys and values to an AWS OpsWorks for Chef Automate or AWS OpsWorks for Puppet Enterprise server.	February 6, 2020
New resource	The following resource was added: AWS::WAFv2::WebACLAssociation. AWS WAFv2 Use the web ACL association to define an association between a Web ACL and a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), Amazon API Gateway REST API, or an AWS AppSync GraphQL API. For CloudFront distributions, you use AWS::CloudFront::Distribution to manage the association.	February 6, 2020
Updated resources	The following resources were updated: AWS::Pinpoint::EmailTemplate, AWS::Pinpoint::PushTemplate, and AWS::Pinpoint::SmsTemplate AWS::Pinpoint::EmailTemplate Use the DefaultSubstitutions property to specify the default values to use for message variables in a message template. Use the TemplateDescription property to specify a custom description of a message template. AWS::Pinpoint::PushTemplate Use the DefaultSubstitutions property to specify the default values to use for message variables in a message template. Use the TemplateDescription property to specify a custom description of a message template. AWS::Pinpoint::SmsTemplate Use the DefaultSubstitutions property to specify the default values to use for message variables in a message template. Use the TemplateDescription property to specify a custom description of a message template.	January 23, 2020
New resources	The following resources were added: AWS::ACMPCA::Certificate, AWS::ACMPCA::CertificateAuthority, and AWS::ACMPCA::CertificateAuthorityActivation. AWS::ACMPCA::Certificate The AWS::ACMPCA::Certificate resource is used to issue a certificate using your private certificate authority. AWS::ACMPCA::CertificateAuthority Use the AWS::ACMPCA::CertificateAuthority resource to create a private CA. AWS::ACMPCA::CertificateAuthorityActivation The AWS::ACMPCA::CertificateAuthorityActivation resource creates and installs a CA certificate on a CA.	January 23, 2020
New resource	The following resources were added: AWS::AppConfig::Application, AWS::AppConfig::ConfigurationProfile, AWS::AppConfig::Deployment, AWS::AppConfig::Environment, and AWS::AppConfig::DeploymentStrategy AWS::AppConfig::Application The AWS::AppConfig::Application resource creates an application, which is a logical unit of code that provides capabilities for your customers. AWS::AppConfig::ConfigurationProfile The AWS::AppConfig::ConfigurationProfile resource creates a configuration profile that enables AppConfig to access the configuration source. AWS::AppConfig::Deployment The AWS::AppConfig::Deployment resource starts a deployment. AWS::AppConfig::Environment The AWS::AppConfig::Environment resource creates an environment, which is a logical deployment group of AppConfig targets, such as applications in a Beta or Production environment. AWS::AppConfig::DeploymentStrategy The AWS::AppConfig::DeploymentStrategy resource creates an AppConfig deployment strategy.	January 23, 2020
Updated resources	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function In the Code property type, ZipFile supports nodejs12.x for RunTime.	January 16, 2020
Updated resource	The following resource was updated: AWS::AutoScaling::AutoScalingGroup. AWS::AutoScaling::AutoScalingGroup Use the WeightedCapacity property to specify the number of capacity units, which gives the instance type a proportional weight to other instance types.	January 16, 2020
Updated resource	The following resource was updated: AWS::EC2::Instance. AWS::EC2::Instance Use the HibernationOptions property to indicate whether the instance is enabled for hibernation. Use the HostResourceGroupArn property to specify the ARN of the host resource group in which to launch the instances.	January 16, 2020
Updated resource	The following resource was updated: AWS::LakeFormation::Permissions AWS::LakeFormation::Permissions Use the DataLocationResource property to specify a structure for a data location object where permissions are granted or revoked. Use the TableWithColumnsResource property to specify a structure for a table with columns object. This object is only used when granting a SELECT permission.	January 16, 2020
Updated resource	The following resource was updated: AWS::RDS::DBInstance. AWS::RDS::DBInstance Use the CACertificateIdentifier property to specify the identifier of the CA certificate for this DB instance.	January 16, 2020
Updated resource	The following resource was updated: AWS::SSM::ResourceDataSync AWS::SSM::ResourceDataSync Use the SyncType property with SyncFromSource to synchronize Systems Manager Explorer OpsItems and OpsData from AWS Organizations or from multiple AWS Regions.	January 16, 2020
Updated resources	The following resources were updated: AWS::MSK::Cluster, AWS::RDS::DBInstance, and AWS::SSM::Document AWS::MSK::Cluster Use the OpenMonitoring property to enable monitoring with Prometheus, an open-source monitoring system for time-series metric data. You can also use tools that are compatible with Prometheus-formatted metrics or tools that integrate with Amazon MSK Open Monitoring. AWS::SSM::Document Use the Name property to specify a name for the Systems Manager document. AWS::RDS::DBInstance Use the MaxAllocatedStorage property to specify the upper limit to which Amazon RDS can automatically scale the storage of the DB instance.	December 20, 2019
New resource	The following resource was added: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the AWS::CodeBuild::ReportGroup resource to specify information about a report group. When you specify a report group in a CodeBuild project, a build of the project creates reports in the report group that contain results from running test cases.	December 20, 2019
New resource	The following resource was added: AWS::EC2::GatewayRouteTableAssociation. AWS::EC2::GatewayRouteTableAssociation Use the AWS::EC2::GatewayRouteTableAssociation property to associate a virtual private gateway or internet gateway with a route table.	December 20, 2019
Updated resources	The following resource was updated: AWS::RDS::DBInstance. AWS::RDS::DBInstance Use the MaxAllocatedStorage property to specify the upper limit to which Amazon RDS can automatically scale the storage of the DB instance.	December 19, 2019
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type: Use the DeploymentType property to specify the Amazon FSx Windows file system deployment type. Use the PreferredSubnetId property to specify the subnet in which you want the preferred file server to be located for a MULTI_AZ_1 Amazon FSx for Windows file system deployment type.	December 19, 2019
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type: Use the DeploymentType property to specify the file system deployment type. Use the PreferredSubnetId property to specify the subnet in which you want the preferred file server to be located.	December 19, 2019
New resource	The following resource was added: AWS::EC2::GatewayRouteTableAssociation. AWS::EC2::GatewayRouteTableAssociation Use the AWS::EC2::GatewayRouteTableAssociation property to associate a virtual private gateway or internet gateway with a route table.	December 19, 2019
Updated resource	The following resource was updated: AWS::EC2::Instance. AWS::EC2::Instance In the ElasticInferenceAccelerator property type, use the Count property to specify the number of elastic inference accelerators to attach to the instance.	December 12, 2019
New resource	The following resource was added: AWS::CodeBuild::ReportGroup AWS::CodeBuild::ReportGroup Use the AWS::CodeBuild::ReportGroup resource to specify information about a report group. When you specify a report group in a CodeBuild project, a build of the project creates reports in the report group that contain results from running test cases.	December 12, 2019
Updated resources	The following resources were updated: AWS::ApiGatewayV2::Api, AWS::ApiGatewayV2::Authorizer, AWS::ApiGatewayV2::Integration, AWS::ApiGatewayV2::Stage. AWS::ApiGatewayV2::Api Use the AWS::ApiGatewayV2::Api resource to create an HTTP API (beta). AWS::ApiGatewayV2::Authorizer Use the AWS::ApiGatewayV2::Authorizer resource to create a JWT authorizer for an HTTP API (beta). AWS::ApiGatewayV2::Integration Use the AWS::ApiGatewayV2::Integration resource to create an integration for an HTTP API (beta). AWS::ApiGatewayV2::Stage Use the AWS::ApiGatewayV2::Stage resource to create a stage for an HTTP API (beta).	December 4, 2019
Updated resources	The following resources were updated: AWS::Lambda::Alias and AWS::Lambda::Version. AWS::Lambda::Alias Use the ProvisionedConcurrencyConfiguration property to specify a provisioned concurrency configuration for a function's alias. AWS::Lambda::Version Use the ProvisionedConcurrencyConfiguration property to specify a provisioned concurrency configuration for a function's version.	December 3, 2019
Updated resource	The following resource was updated: AWS::StepFunctions::StateMachine. AWS::StepFunctions::StateMachine The AWS::StepFunctions::StateMachine now supports Express workflows using the new StateMachineType parameter. You can also configure CloudWatch Logging information for Express workflows using LoggingConfiguration, LogDestination, and CloudWatchLogsLogGroup.	December 3, 2019
New resource	The following resource was added: AWS::S3::AccessPoint Access Points Use the AWS::S3::AccessPoint resource to specify an S3 access point.	December 3, 2019
New resource	The following resource was added: AWS::AccessAnalyzer::Analyzer AWS::AccessAnalyzer::Analyzer Use the AWS::AccessAnalyzer::Analyzer resource to create an analyzer for IAM Access Analyzer.	December 2, 2019
New resource	The following resources were added: AWS::EventSchemas::Discoverer, AWS::EventSchemas::Registry, and AWS::EventSchemas::Schema. AWS::EventSchemas::Discoverer Use the AWS::EventSchemas::Discoverer resource to specify a discoverer that is associated with an event bus. A discoverer allows the Amazon EventBridge Schema Registry to automatically generate schemas based on events on an event bus. AWS::EventSchemas::Registry Use the AWS::EventSchemas::Registry to specify a schema registry. Schema registries are containers for Schemas. Registries collect and organize schemas so that your schemas are in logical groups. AWS::EventSchemas::Schema Use the AWS::EventSchemas::Schema resource to specify an event schema.	December 1, 2019
New resource	The following resource was added: AWS::Lambda::EventInvokeConfig AWS::Lambda::EventInvokeConfig Use the EventInvokeConfig resource to configure destinations and error handling for asynchronous invocation.	November 26, 2019
Updated resource	The following resource was updated: AWS::CloudWatch::Alarm. AWS::CloudWatch::Alarm In the MetricDataQuery property type, use the Period property to specify the granularity, in seconds, of the returned data points.	November 25, 2019
Updated resource	The following resource was updated: AWS::CodePipeline::Pipeline. AWS::CodePipeline::Pipeline In the ActionDeclaration property type, use the Namespace property to specify the variable namespace associated with the action. All variables produced as output by this action fall under this namespace.	November 25, 2019
Updated resource	The following resource was updated: AWS::Lambda::EventSourceMapping. AWS::Lambda::EventSourceMapping For stream sources (DynamoDB and Kinesis), use the BisectBatchOnFunctionError property to split the batch in two and retry if the function returns an error. For stream sources (DynamoDB and Kinesis), use the DestinationConfig property to specify an Amazon SQS queue or Amazon SNS topic destination for discarded records. For stream sources (DynamoDB and Kinesis), use the MaximumRecordAgeInSeconds property to specify the maximum age of a record that Lambda sends to a function for processing. For stream sources (DynamoDB and Kinesis), use the MaximumRetryAttempts property to specify the maximum number of times to retry when the function returns an error. For stream sources (DynamoDB and Kinesis), use the ParallelizationFactor property to specify the number of batches to process from each shard concurrently.	November 25, 2019
Updated resource	The following resource was updated: AWS::CloudWatch::Alarm. AWS::CloudWatch::Alarm In the MetricDataQuery property type, use the Period property to specify the granularity, in seconds, of the returned data points.	November 25, 2019
New resources	The following resources were added: AWS::ECS::PrimaryTaskSet, AWS::ECS::TaskSet. AWS::ECS::PrimaryTaskSet Use the AWS::ECS::PrimaryTaskSet resource to specify which task set in a service is the primary task set. Any parameters that are updated on the primary task set in a service will transition to the service. This is used when a service uses the EXTERNAL deployment controller type. AWS::ECS::TaskSet Use the AWS::ECS::TaskSet resource to create a task set in the specified cluster and service. This is used when a service uses the EXTERNAL deployment controller type.	November 25, 2019
New resource	The following resource was added: AWS::CloudWatch::InsightRule. AWS::CloudWatch::InsightRule Use the AWS::CloudWatch::InsightRule property to create a Contributor Insights rule. Rules evaluate log events in a CloudWatch Logs log group, enabling you to find contributor data for the log events in that log group.	November 25, 2019
New resource	The following resource was added: AWS WAFv2 AWS WAFv2 This is the latest version of AWS WAF, a web application firewall that lets you monitor HTTP(S) requests that are forwarded to an Amazon API Gateway REST API, Amazon CloudFront, Application Load Balancer, or an AWS AppSync GraphQL API. AWS WAF also lets you control access to your content.	November 25, 2019
Updated resources	The following resource were updated: AWS::AppSync::Resolver, AWS::AppSync::DataSource. AWS::AppSync::Resolver Use the CachingConfig property to specify the caching behavior of your AWS AppSync resolver. AWS::AppSync::Resolver Use the SyncConfig property to specify the conflict detection and resolution strategy of your AWS AppSync resolver. AWS::AppSync::Resolver Use the LambdaConflictHandlerConfig property to specify the ARN of the lambda that is used for handling conflicts in your AWS AppSync resolver. AWS::AppSync::DataSource Use the DeltaSyncConfig property to specify the delta sync configurations for your versioned AWS AppSync data source.	November 21, 2019
Updated resources	The following resources were updated: AWS::ECS::Cluster, AWS::ECS::Service, and AWS::ECS::TaskDefinition. AWS::ECS::Cluster Use the ClusterSettings property to specify the setting to use when creating a cluster. This parameter is used to enable CloudWatch Container Insights for a cluster. AWS::ECS::Service Use the DeploymentController property to specify the deployment controller to use for the service. AWS::ECS::TaskDefinition In the ContainerDefinition property type, use the FirelensConfiguration property to specify the FireLens configuration for the container. This is used to specify and configure a log router for container logs. In the LinuxParameters property type: use the MaxSwap property to specify the total amount of swap memory (in MiB) a container can use. use the Swappiness property to tune a container's memory swappiness behavior. A swappiness value of 0 will cause swapping to not happen unless absolutely necessary. A swappiness value of 100 will cause pages to be swapped very aggressively.	November 21, 2019
Updated resources	The following resources were updated: AWS::RDS::DBCluster and AWS::RDS::DBInstance. AWS::RDS::DBCluster Use the EnableHttpEndpoint property to indicate whether to enable the HTTP endpoint for an Aurora Serverless DB cluster. By default, the HTTP endpoint is disabled. When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor. AWS::RDS::DBInstance For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance.	November 21, 2019
Updated resource	The following resource was updated: AWS::ApiGateway::RestApi. AWS::ApiGateway::RestApi Use the VpcEndpointIds property to specify VPC endpoint IDs of an API (AWS::ApiGateway::RestApi) against which to create Route53 ALIASes. It is only supported for PRIVATE endpoint type.	November 21, 2019
Updated resource	The following resource was updated: AWS::CertificateManager::Certificate AWS::CertificateManager::Certificate Use the CertificateTransparencyLoggingPreference property to enable or disable certificate transparency logging. Use the PrivateCertificateAuthorityArn property to specify an ACM Private CA as certificate issuer. Use the GetAtt function to retrieve the CertificateARN of the AWS::CertificateManager::Certificate resource. Use the GetAtt function to retrieve the CertificateStatus of the AWS::CertificateManager::Certificate resource. In the DomainValidationOption property type, use the HostedZoneId property to validate a domain with a Route 53 hosted zone ID.	November 21, 2019
Updated resource	The following resources were updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Added ConfigurationSet and From properties to the EmailConfiguration parameter. AWS::Cognito::UserPoolClient Added PreventUserExistenceErrors parameter to help manage errors and responses when a user does not exist in the user pool. AWS::Cognito::UserPoolUser Use the ClientMetadata parameter to provide input to the AWS Lambda function that is invoked by the pre sign-up trigger.	November 21, 2019
Updated resource	The following resource was updated: AWS::EC2::EIP. AWS::EC2::EIP Use the Tags property to specify any tags for the Elastic IP address.	November 21, 2019
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain Use the CognitoOptions property to configure Amazon ES to use Amazon Cognito authentication for Kibana. Use the EnableVersionUpgrade update policy to update the ElasticsearchVersion property without replacing the AWS::Elasticsearch::Domain resource.	November 21, 2019
Updated resource	The following resource was updated: AWS::Glue::MLTransform AWS::Glue::MLTransform Use the GlueVersion property to specify which version of AWS Glue this machine learning transform is compatible with.	November 21, 2019
Updated resource	The following resource was updated: AWS::IAM::User. AWS::IAM::User Use the Tags property to specify a list of tags that you want to attach to the newly created user.	November 21, 2019
Updated resource	The following resource was updated: AWS::OpsWorksCM::Server AWS::OpsWorksCM::Server Use the CustomDomain property to specify a custom domain on an OpsWorks for Chef Automate Server running Chef Automate 2.0. Use the CustomCertificate property to specify a PEM-formatted HTTPS certificate for a server with a custom domain. Use the CustomPrivateKey property to specify a private key in PEM format for connecting to a server that uses a custom domain.	November 21, 2019
Updated resource	The following resource was updated: AWS::S3::Bucket. AWS::S3::Bucket In the Transition property type, the StorageClass property supports DEEP_ARCHIVE.	November 21, 2019
Updated resource	The following resource was updated: AWS::Lambda::Function. AWS::Lambda::Function In the Code property type, ZipFile supports nodejs10.x for RunTime.	November 21, 2019
New resource	The following resource was added: AWS::AppSync::ApiCache. AWS::AppSync::ApiCache Use the AWS::AppSync::ApiCache resource to enable resolver caching with AWS AppSync.	November 21, 2019
Drift Detection for Stack Sets	You can now run drift detection on a stack set and all the stack instances it includes. When CloudFormation performs drift detection on a stack set, it performs drift detection on the stack associated with each stack instance in the stack set. For more details, see Detecting Unmanaged Configuration Changes in Stack Sets.	November 19, 2019
Updated resource	The following resource was updated to support Amazon EKS managed node groups: AWS::EKS::Cluster AWS::EKS::Cluster Use the AWS::EKS::Cluster resource to create a new Amazon EKS cluster.	November 18, 2019
New resource	The following resource was added: AWS::EKS::Nodegroup AWS::EKS::Nodegroup Use the AWS::EKS::Nodegroup resource to create a new Amazon EKS managed node group.	November 18, 2019
CloudFormation registry now available	Use the CloudFormation registry to view private and public resources that are available for use in your CloudFormation account. For more information, see Using the CloudFormation Registry	November 18, 2019
CloudFormation registry API actions	The following API actions for managing types in the CloudFormation registry are now available. For more information about the CloudFormation registry, see Using the CloudFormation Registry DeregisterType Removes a type or type version from active use in the CloudFormation registry. DescribeType Returns detailed information about a registered type. DescribeTypeRegistration Returns information about a type's registration, including its current status and type and version identifiers. ListTypeRegistrations Returns a list of registration request identifiers for the specified type. ListTypes Returns summary information about types that have been registered with CloudFormation. ListTypeVersions Returns summary information about the versions of a type. RegisterType Registers a type with the CloudFormation service. Registering a type makes it available for use in CloudFormation templates in your AWS account. SetTypeDefaultVersion Specify the default version of a type. The default version of a type will be used in CloudFormation operations.	November 18, 2019
Updated resources	The following resources were updated: AWS::GameLift::Build, AWS::GameLift::Fleet. AWS::GameLift::Build Use the OperatingSystem property to specify the operating system that the build files run on. AWS::GameLift::Fleet Use the CertificateConfiguration property to generate a TLS/SSL certificate for the new fleet. Use the FleetType property to specify use of On-Demand or Spot instances in the fleet. Use the InstanceRoleArn property to manage access to your non-GameLift AWS resources from GameLift fleet instances. Use the MetricGroups property to add fleet metrics to a CoudWatch metric group. Use the NewGameSessionProtectionPolicy property to prevent the fleet's active game sessions from being terminated during a scaledown event. Use the PeerVpcAwsAccountId property when setting up VPC peering for the fleet. Use the PeerVpcId property when setting up VPC peering for the fleet. Use the ResourceCreationLimitPolicy property to limit an individual player's ability to use the fleet's available hosting resources. Use the RuntimeConfiguration property to configure what processes are run on each instance in the fleet. Use the ScriptId property to create a Realtime Servers fleet and configure it with a Realtime script.	November 14, 2019
New resources	The following resources were added: AWS::GameLift::Script, AWS::GameLift::GameSessionQueue, AWS::GameLift::MatchmakingConfiguration, AWS::GameLift::MatchmakingRuleSet. AWS::GameLift::Script Use the Script resource to upload a configuration script for a Realtime Servers fleet. AWS::GameLift::GameSessionQueue Use the GameSessionQueue resource to create a game session queue that processes player requests for new game sessions. AWS::GameLift::MatchmakingConfiguration Use the MatchmakingConfiguration resource to create a matchmaker that processes player requests for new matched game sessions. AWS::GameLift::MatchmakingRuleSet Use the MatchmakingRuleSet resource to create rules that specify how to form matches and evaluate players for inclusion in a match.	November 14, 2019
Resource import added	If you created an AWS resource outside of AWS CloudFormation management, you can bring this existing resource into CloudFormation management using resource import. For more information, see Bringing Existing Resources Into CloudFormation Management.	November 11, 2019
New resource	The following resource was added: AWS::CodeStarNotifications::NotificationRule AWS::CodeStarNotifications::NotificationRule Use the AWS::CodeStarNotifications::NotificationRule resource to create notification rules for resources in AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, and AWS CodePipeline.	November 7, 2019
New resource	The following resources were added: AWS::MediaConvert::JobTemplate, AWS::MediaConvert::Preset, AWS::MediaConvert::Queue AWS::MediaConvert::JobTemplate Use the AWS::MediaConvert::JobTemplate resource to specify a job template for transcoding jobs. AWS::MediaConvert::Preset Use the AWS::MediaConvert::Preset resource to specify an output preset as part of a transcoding job. AWS::MediaConvert::Queue Use the AWS::MediaConvert::Queue resource to specify an on-demand transcoding queue.	November 6, 2019
Updated resource	The following resource was updated: AWS::Glue::Crawler AWS::Glue::Crawler Use the DynamoDBTargets property to specify a list of Amazon DynamoDB targets. Use the CatalogTargets property to specify a list of AWS Glue Data Catalog targets.	November 4, 2019
Updated resources	The following resources were updated: AWS::ApiGateway::ApiKey, AWS::ApiGateway::ClientCertificate, AWS::ApiGateway::DomainName, AWS::ApiGateway::RestApi, and AWS::ApiGateway::UsagePlan. AWS::ApiGateway::ApiKey Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the API key. AWS::ApiGateway::ClientCertificate Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the client certificate. AWS::ApiGateway::DomainName Use the SecurityPolicy property to the Transport Layer Security (TLS) version + cipher suite for this domain name. Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the domain name. AWS::ApiGateway::RestApi Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the API. AWS::ApiGateway::UsagePlan Use the Tags property to specify an array of arbitrary tags (key-value pairs) to associate with the usage plan.	October 31, 2019
Updated resources	The following resources were updated: AWS::CodePipeline::CustomActionType, AWS::CodePipeline::Pipeline. AWS::CodePipeline::CustomActionType Use the Tags property to specify the tags for the custom action. AWS::CodePipeline::Pipeline Use the Tags property to specify the tags for the pipeline.	October 31, 2019
Updated resource	The following resource was updated: AWS::Amplify::App AWS::Amplify::App Use the EnablePullRequestPreview property to specify whether pull request previews are enabled for each branch that Amplify Console automatically creates for your app. Use the PullRequestEnvironmentName property to specify a dedicated backend environment for your pull request previews.	October 31, 2019
Updated resource	The following resource was updated: AWS::ECS::TaskDefinition. AWS::ECS::TaskDefinition Use the InferenceAccelerator property to specify the Elastic Inference accelerators to use for the containers in the task.	October 31, 2019
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain Use the LogPublishingOptions property to configure slow log publishing.	October 31, 2019
Updated resource	The following resource was updated: AWS::Events::Rule. AWS::Events::Rule In the Target property type, use the BatchParameters property to specify the job definition, job name, and other parameters, if the event target is an AWS Batch job.	October 31, 2019
New resources	The following resources were added: AWS::Pinpoint::EmailTemplate, AWS::Pinpoint::PushTemplate, and AWS::Pinpoint::SmsTemplate AWS::Pinpoint::EmailTemplate Use the AWS::Pinpoint::EmailTemplate resource to create a message template that you can use in messages that are sent through the email channel. AWS::Pinpoint::PushTemplate Use the AWS::Pinpoint::PushTemplate resource to create a message template that you can use in messages that are sent through a push notification channel. AWS::Pinpoint::SmsTemplate Use the AWS::Pinpoint::SmsTemplate resource to create a message template that you can use in messages that are sent through the SMS channel.	October 31, 2019
Updated resource	The following resource was updated: AWS::Amplify::Branch AWS::Amplify::Branch Use the EnablePullRequestPreview property to specify whether Amplify Console creates a preview for each pull request that is made for the branch. Use the PullRequestEnvironmentName property to specify a dedicated backend environment for your pull request previews.	October 24, 2019
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Use the Schema parameter to add or update schema attributes. AWS::Cognito::UserPool Use the AliasAttributes parameter to add or update an alias for the user pool. AWS::Cognito::UserPool Use the UsernameAttributes parameter to determine if email addresses or phone numbers can be used as user names when a user signs up.	October 24, 2019
Updated resources	The following resource was updated: AWS::MSK::Cluster. AWS::MSK::Cluster Use the NumberOfBrokerNodes property to submit an update to change the number of broker nodes in the cluster.	October 17, 2019
Updated resource	The following resource was updated: AWS::Cognito::IdentityPoolRoleAttachment AWS::Cognito::IdentityPoolRoleAttachment Use the IdentityProvider parameter to specify the identity provider for which the role is mapped.	October 17, 2019
Updated resource	The following resource was updated: AWS::FSx::FileSystem AWS::FSx::FileSystem In the WindowsConfiguration property type, use the SelfManagedActiveDirectoryConfiguration property to join an Amazon FSx Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory.	October 17, 2019
Updated Resource	The following resource was updated: AWS::Batch::ComputeEnvironment ComputeResources In the ComputeResources property type, use the AllocationStrategy property to specify the strategy to use to select instance types.	October 17, 2019
Updated resources	The following resource were updated: AWS::Events::EventBusPolicy, AWS::Events::Rule AWS::Events::EventBusPolicy Use the EventBusName property to specify the name of the event bus to associate with this policy. AWS::Events::Rule Use the EventBusName property to specify the name of the event bus to associate with this rule.	October 3, 2019
Updated resources	The following resources were updated: AWS::Pinpoint::App, AWS::Pinpoint::Campaign, and AWS::Pinpoint::Segment AWS::Pinpoint::App The ARN attribute returns the Amazon Resource Name (ARN) of the application. Use the Tags property to specify a string-to-string map of key-value pairs that defines the tags to associate with the application. AWS::Pinpoint::Campaign The ARN attribute returns the Amazon Resource Name (ARN) of the campaign. Use the Tags property to specify a string-to-string map of key-value pairs that defines the tags to associate with the campaign. AWS::Pinpoint::Segment The ARN attribute returns the Amazon Resource Name (ARN) of the segment. Use the Tags property to specify a string-to-string map of key-value pairs that defines the tags to associate with the segment.	October 3, 2019
Updated resource	The following resource was updated: AWS::Budgets::Budget AWS::Budgets::Budget In the BudgetData property type, use the PlannedBudgetLimits property to specify a map containing multiple budget limits, including current or future limits.	October 3, 2019
Updated resource	The following resource was updated: AWS::Cognito::UserPool AWS::Cognito::UserPool Use the EnabledMfas parameter to enable MFA on a specified user pool.	October 3, 2019
New resources	The following resources were added: AWS::Cognito::UserPoolDomain, AWS::Cognito::UserPoolResourceServer, AWS::Cognito::UserPoolIdentityProvider, AWS::Cognito::RiskConfigurationAttachment, AWS::Cognito::UICustomizationAttachment. AWS::Cognito::UserPoolDomain Use the AWS::Cognito::UserPoolDomain resource to create a new domain for a user pool. AWS::Cognito::UserPoolResourceServer Use the AWS::Cognito::UserPoolResourceServer resource to create a new OAuth2.0 resource server and define custom scopes in it. AWS::Cognito::UserPoolIdentityProvider Use the AWS::Cognito::UserPoolIdentityProvider resource to create an identity provider for a user pool. AWS::Cognito::UserPoolRiskConfigurationAttachment Use the AWS::Cognito::UserPoolRiskConfigurationAttachment resource to set the risk configuration that is used for Amazon Cognito advanced security features. AWS::Cognito::UserPoolUICustomizationAttachment Use the AWS::Cognito::UserPoolUICustomizationAttachment resource to set the UI customization information for a user pool's built-in app UI.	October 3, 2019
New resources	The following resource were added: AWS::EC2::TrafficMirrorFilter, AWS::EC2::TrafficMirrorFilterRule, AWS::EC2::TrafficMirrorSession, and AWS::EC2::TrafficMirrorTarget AWS::EC2::TrafficMirrorFilter Use the AWS::EC2::TrafficMirrorFilter resource to specify a traffic mirror filter. AWS::EC2::TrafficMirrorFilterRule Use the AWS::EC2::TrafficMirrorFilterRule resource to manage traffic mirror filter rules. AWS::EC2::TrafficMirrorSession Use the AWS::EC2::TrafficMirrorSession resource to specify a traffic mirror session. AWS::EC2::TrafficMirrorTarget Use the AWS::EC2::TrafficMirrorTarget resource to specify a traffic mirror target.	October 3, 2019
New resource	The following resource was added: AWS::Events::EventBus AWS::Events::EventBus Use the EventBus resource to create or update a custom event bus or a partner event bus.	October 3, 2019
Updated resource	The following resource was updated: AWS::Glue::DevEndpoint AWS::Glue::DevEndpoint Use the WorkerType property to specify a type of predefined worked allocated to the development endpoint. Use the NumberOfWorkers property to specify the number of workers of a defined workerType that are allocated to the development endpoint. Use the GlueVersion property to specify the versions of Apache Spark and Python that AWS Glue supports for the development endpoint. Use the Arguments property to specify a map of arguments used to configure the DevEndpoint.	September 27, 2019
Updated resource	The following resource was updated: AWS::Glue::Job AWS::Glue::Job Use the Timeout property to specify the job timeout in minutes. Use the NotificationProperty property to specify the configuration properties of a notification. Use the NotifyDelayAfter property to specify the number of minutes to wait before sending a job run delay notification after a job run starts.	September 26, 2019
Updated resource	The following resource was updated: AWS::Glue::Trigger AWS::Glue::Trigger Use the StartOnCreation property to specify starting SCHEDULED and CONDITIONAL triggers when created. Use the WorkflowName property to specify the name of the workflow associated with the trigger.	September 26, 2019
Updated resource	The following resource was updated: AWS::DocDB::DBCluster. AWS::DocDB::DBCluster Use the EnableCloudwatchLogsExports property to specify the list of log types that need to be enabled for exporting to CloudWatch Logs.	September 26, 2019
New resource	The following resource was added: AWS::Glue::Workflow AWS::Glue::Workflow Use the AWS::Glue::Workflow resource to manage AWS Glue workflows.	September 26, 2019
Updated resource	The following resource was updated: AWS::Config::RemediationConfiguration. AWS::Config::RemediationConfiguration Use the ExecutionControls property to specify an ExecutionControls object.	September 12, 2019
New resource	The following resource was added: AWS::QLDB::Ledger AWS::QLDB::Ledger Use the AWS::QLDB::Ledger resource to specify a new Amazon Quantum Ledger Database (Amazon QLDB) ledger.	September 12, 2019
Updated resources	The following resources were updated: AWS::ApplicationAutoScaling::ScalableTarget, AWS::DynamoDB::Table, AWS::EC2::Instance, AWS::ECS::TaskDefinition, AWS::ElastiCache::ReplicationGroup, AWS::Events::Rule, AWS::IAM::Role, and AWS::Lambda::EventSourceMapping. AWS::ApplicationAutoScaling::ScalableTarget Use the SuspendedState property to suspend and resume automatic scaling. Setting the value of an attribute to true suspends the specified scaling activities. Setting it to false (default) resumes the specified scaling activities. AWS::DynamoDB::Table In the SSESpecification property type, use the SSEType property to specify server-side encryption type. AWS::EC2::Instance Use the CpuOptions property to specify the CPU options for the instance. In the Ebs property type, use the KmsKeyId property to specify an identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed CMK under which the EBS volume is encrypted. AWS::ECS::TaskDefinition Use the IpcMode property to specify the IPC resource namespace to use for the containers in the task. The valid values are host, task, or none. Use the PidMode property to specify the process namespace to use for the containers in the task. The valid values are host or task. In the ContainerDefinition property type: When the Interactive property is set to true, this allows you to deploy containerized applications that require stdin or a tty to be allocated. When the PseudoTerminal proprety is set to true, a TTY is allocated. Use the SystemControls property to specify a list of namespaced kernel parameters to set in the container. In the LogConfiguration property type, use the SecretOptions property to specify the secrets to pass to the log configuration. AWS::ElastiCache::ReplicationGroup Use the KmsKeyId property to specify the ID of the KMS key used to encrypt the disk on the cluster. AWS::Events::Rule In the EcsParameters property type: Use the Group property to specify an ECS task group for the task. Use the LaunchType property to specify the launch type on which your task is running. If the ECS task uses the awsvpc network mode, use the NetworkConfiguration property to specify the VPC subnets and security groups associated with the task and whether a public IP address is to be used. Use the PlatformVersion property to specify the platform version for the task. AWS::IAM::Role Use the Description property to provide a description for the role. Use the Tags property to specify a list of tags that are attached to the specified role. AWS::Lambda::EventSourceMapping Use the MaximumBatchingWindowInSeconds property to specify the maximum amount of time to gather records before invoking the function, in seconds.	August 29, 2019
Updated resources	The following resources were updated: AWS::RDS::DBCluster and AWS::RDS::DBInstance AWS::RDS::DBCluster Use the AssociatedRoles property to specify the AWS Identity and Access Management (IAM) roles associated with the DB instance. Use the RestoreType property to specify the type of restore to be performed. Use the SourceDBClusterIdentifier property to specify the identifier of the source DB cluster from which to restore. Use the UseLatestRestorableTime property to specify whether to restore the DB cluster to the latest restorable backup time. AWS::RDS::DBInstance Use the AssociatedRoles property to specify the AWS Identity and Access Management (IAM) roles associated with the DB instance.	August 29, 2019
Updated resource	The following resource was updated: AWS::CloudWatch::Alarm AWS::CloudWatch::Alarm Use the ThresholdMetricId property to specify the ID of the ANOMALY_DETECTION_BAND function used as the threshold for the alarm.	August 29, 2019
Updated resource	The following resource was updated: AWS::Elasticsearch::Domain. AWS::Elasticsearch::Domain In the ElasticsearchClusterConfig property type, use the ZoneAwarenessConfig property to specify zone awareness configuration options.	August 29, 2019
New resource	The following resource was added: AWS::Config::OrganizationConfigRule AWS::Config::OrganizationConfigRule Use the AWS::Config::OrganizationConfigRule resource to create an OrganizationConfigRule that has information about config rules that AWS Config creates in the member accounts.	August 29, 2019
Updated resource	The following resource was updated: AWS::Neptune::DBCluster. AWS::Neptune::DBCluster Use the EnableCloudwatchLogsExports property to specify a list of log types that are enabled for export to CloudWatch Logs.	August 22, 2019
Updated resource	The following resource was updated: AWS::DMS::ReplicationTask AWS::DMS::ReplicationTask Use the CdcStartPosition property to indicate when you want a change data capture (CDC) operation to start. Use the CdcStopPosition property to indicate when you want a change data capture (CDC) operation to stop.	August 16, 2019
Updated resources	The following resources were updated: AWS::EC2::ClientVpnEndpoint, AWS::Greengrass::Group, AWS::Greengrass::ConnectorDefinition, AWS::Greengrass::CoreDefinition, AWS::Greengrass::DeviceDefinition, AWS::Greengrass::FunctionDefinition, AWS::Greengrass::LoggerDefinition, AWS::Greengrass::ResourceDefinition, and AWS::Greengrass::SubscriptionDefinition. AWS::EC2::ClientVpnEndpoint Use the SplitTunnel parameter to specify whether split-tunnel is enabled on the AWS Client VPN endpoint. AWS::Greengrass::ConnectorDefinition Use the Tags property to attach metadata to the AWS::Greengrass::ConnectorDefinition resource. AWS::Greengrass::CoreDefinition Use the Tags property to attach metadata to the AWS::Greengrass::CoreDefinition resource. AWS::Greengrass::DeviceDefinition Use the Tags property to attach metadata to the AWS::Greengrass::DeviceDefinition resource. AWS::Greengrass::FunctionDefinition Use the Tags property to attach metadata to the AWS::Greengrass::FunctionDefinition resource. AWS::Greengrass::Group Use the Tags property to attach metadata to the AWS::Greengrass::Group resource. AWS::Greengrass::LoggerDefinition Use the Tags property to attach metadata to the AWS::Greengrass::LoggerDefinition resource. AWS::Greengrass::ResourceDefinition Use the Tags property to attach metadata to the AWS::Greengrass::ResourceDefinition resource. AWS::Greengrass::SubscriptionDefinition Use the Tags property to attach metadata to the AWS::Greengrass::SubscriptionDefinition resource.	August 8, 2019
Updated resource	The following resource was updated: AWS::AppSync::GraphQLApi. AWS::AppSync::GraphQLApi In the LogConfig property type, when set to TRUE, the excludeVerboseContent property excludes sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.	August 8, 2019
New resources	The following resources were added: AWS::ManagedBlockchain::Member and AWS::ManagedBlockchain::Node. AWS::ManagedBlockchain::Member Use the Member resource to create the first member or an additional member of an Amazon Managed Blockchain network. AWS::ManagedBlockchain::Node Use the Node resource to create a peer node in a member of an Amazon Managed Blockchain network.	August 8, 2019
New resource	The following resource was added: AWS::Glue::MLTransform AWS::Glue::MLTransform Use the AWS::Glue::MLTransform resource to manage machine learning transforms.	August 8, 2019
New resource	The following resource was added: AWS::LakeFormation::DataLakeSettings AWS::LakeFormation::DataLakeSettings Use the AWS::LakeFormation::DataLakeSettings resource to manage data lake settings.	August 8, 2019
New resource	The following resource was added: AWS::LakeFormation::Permissions AWS::LakeFormation::Permissions Use the AWS::LakeFormation:Permissions resource to grant or revoke AWS Lake Formation permissions.	August 8, 2019
New resource	The following resource was added: AWS::LakeFormation::Resource AWS::LakeFormation::Resource Use the AWS::LakeFormation::Resource resource to define the resources to which permissions are to be granted.	August 8, 2019
New resource	The following resource was added: AWS::CodeBuild::SourceCredential AWS::CodeBuild::SourceCredential Use the AWS::CodeBuild::SourceCredential resource to specify information about the credentials for a GitHub, GitHub Enterprise, or Bitbucket repository used in an AWS CodeBuild build project.	August 7, 2019
Updated resources	The following resources were updated: AWS::Batch::JobDefinition, AWS::Cognito::UserPool, AWS::Cognito::UserPoolClient, and AWS::Glue::Job. AWS::Batch::JobDefinition In the ContainerProperties property type, use the LinuxParameters property to specify Linux-specific modifications that are applied to the container, such as details for device mappings. AWS::Cognito::UserPool Use the UserPoolAddOns property to enable advanced security risk detection. Use the VerificationMessageTemplate property to define the template for verification messages. AWS::Cognito::UserPoolClient Use the AnalyticsConfiguration property to define the Amazon Pinpoint analytics configuration for collecting metrics for this user pool. AWS::Glue::Job Use the GlueVersion property to determine the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark. Use the MaxCapacity property to specify the number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For the NumberofWorkers property, when you specify a Python shell job (JobCommand.Name="pythonshell"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU. When you specify an Apache Spark ETL job (JobCommand.Name="glueetl"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation. Use the WorkerType property to specify the type of predefined worker that is allocated when a job runs. In the JobCommand property type, use the PythonVersion property to specify the Python version being used to execute a Python shell job.	August 2, 2019
Stack set limit increases	You can now create a maximum of 100 stack sets in your administrator account, create a maximum of 2000 stack instances per stack set, and run a maximum of 3500 stack instance operations in each region at the same time, per administrator account. For more details, see AWS CloudFormation quotas.	August 2, 2019
New resource	The following resource was added: AWS::CodeStar::GitHubRepository. AWS::CodeStar::GitHubRepository Use the AWS::CodeStar::GitHubRepository resource to create a GitHub repository where you can store source code for use with AWS workflows. If provided, your source code is uploaded to the repository after it is created.	August 2, 2019
Updated resource	You can now add tags to a CodeCommit repository in your AWS CloudFormation template. AWS::CodeCommit::Repository Use the Tags property to provide information about one or more tag key-value pairs to use when tagging a repository.	July 25, 2019
Updated resources	The following resource was updated: AWS::AmazonMQ::Broker. AWS::AmazonMQ::Broker Use the encryptionOptions property to specify an AWS-owned CMK or a customer-managed CMK.	July 22, 2019
Updated resources	The following resources were updated: AWS::Amplify::App and AWS::Amplify::Branch. AWS::Amplify::App Use the AutoBranchCreationConfig property type to automatically create branches that match a certain pattern. AWS::Amplify::Branch Use the EnableAutoBuild property to enable automatic builds for a branch.	July 18, 2019
New resources	The following resources were added: AWS::IoTEvents::DetectorModel and AWS::IoTEvents::Input. AWS::IoTEvents::DetectorModel Use the DetectorModel resource to create a detector model. AWS::IoTEvents::Input Use the Input resource to create an input.	July 18, 2019
New resource	The following resource was added: AWS::CloudWatch::AnomalyDetector. AWS::CloudWatch::AnomalyDetector Use the AWS::CloudWatch::AnomalyDetector resource to specify an anomaly detection band for a certain metric and statistic. The band represents the expected "normal" range for the metric values.	July 12, 2019
Updated resources	The following resources were updated: AWS::IoTAnalytics::Channel and AWS::IoTAnalytics::Datastore. AWS::IoTAnalytics::Channel Use the ChannelStorage property to specify channel data is stored. AWS::IoTAnalytics::Datastore Use the DatastoreStorage property to specify where data store data is stored.	June 27, 2019
New resources	The following resources were added: AWS::MediaLive::Channel, AWS::MediaLive::Input, and AWS::MediaLive::InputSecurityGroup. AWS::MediaLive::Channel The AWS::MediaLive::Channel resource creates a channel. A MediaLive channel ingests and transcodes (decodes and encodes) source content from the inputs that are attached to that channel, and packages the new content into outputs. AWS::MediaLive::Input The AWS::MediaLive::Input resource creates an input. A MediaLive input holds information that describes how the MediaLive channel is connected to the upstream system that is providing the source content that is to be transcoded. AWS::MediaLive::InputSecurityGroup The AWS::MediaLive::InputSecurityGroup resource creates an input security group. A MediaLive input security group is associated with a MediaLive input. The input security group is an "allow list" of IP addresses that controls whether an external IP address can push content to the associated MediaLive input.	June 27, 2019
Updated resource	The following resource was updated: AWS::EC2::LaunchTemplate AWS::EC2::LaunchTemplate In the SpotOptions property type, use BlockDurationMinutes to specify the required duration for the Spot Instances, and use ValidUntil to specify the end date for the Spot request.	June 25, 2019
New resource	The following resource was added: AWS::SecurityHub::Hub AWS::SecurityHub::Hub Use the AWS::SecurityHub::Hub resource to specify the implementation of the AWS Security Hub service in your account.	June 25, 2019
Updated resources	The following resource were updated: AWS::AppStream::Fleet, AWS::ServiceCatalog::CloudFormationProvisionedProduct AWS::ServiceCatalog::CloudFormationProvisionedProduct Use the ProvisioningPreferences property to specify user-defined preferences that will be applied when updating a provisioned product. AWS::AppStream::Fleet Use the IdleDisconnectTimeoutInSeconds property to specify the amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the DisconnectTimeoutInSeconds time interval begins.	June 20, 2019
New resources	The following resource was added: AWS::Config::RemediationConfiguration, AWS::ServiceCatalog::StackSetConstraint AWS::Config::RemediationConfiguration Use the AWS::Config::RemediationConfiguration resource to specify the details about the remediation configuration, including the remediation action, parameters, and data to execute the action. AWS::ServiceCatalog::StackSetConstraint Use the AWS::ServiceCatalog::StackSetConstraint resource to specify a stack set constraint.	June 20, 2019
Updated resources	The following resources were updated: AWS::AppMesh::VirtualNode, AWS::CodeBuild::Project, AWS::EC2::Host, AWS::EC2::Route, AWS::EC2::VPNConnection, AWS::ECS::Cluster, AWS::ECS::Service, AWS::ECS::TaskDefinition, AWS::EFS::MountTarget, AWS::ElasticLoadBalancingV2::ListenerRule, AWS::EMR::Cluster, AWS::IoTAnalytics::Dataset, AWS::KinesisFirehose::DeliveryStream, AWS::S3::Bucket. AWS::AppMesh::VirtualNode Use ServiceDiscovery to specify whether to use AWSCloudMap or DNS for service discovery. If using AWS Cloud Map for service discovery, use AwsCloudMapServiceDiscovery to specify ServiceName, NamespaceName, and Attributes properties. Use AwsCloudMapInstanceAttribute to specify key and value pairs for AwsCloudMapServiceDiscovery. AWS::CodeBuild::Project Use the SecondarySourceVersions property to specify an array of ProjectSourceVersion objects. If secondarySourceVersions is specified at the build level, then they take over these secondarySourceVersions (at the project level). AWS::DLM::LifecyclePolicy In the PolicyDetails property type: Use the PolicyType property to determine the valid target resource types and actions a policy can manage. This field defaults to EBS_SNAPSHOT_MANAGEMENT if not present. Use the Parameters property to specify a set of optional parameters that can be provided by the policy. In the Schedule property type, use the VariableTags property to specify a collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: $(instance-id) or $(timestamp). Variable tags are only valid for EBS Snapshot Management – Instance policies. AWS::EC2::Host Use the HostRecovery property to indicates whether to enable or disable host recovery for the Dedicated Host. AWS::EC2::Route Use the TransitGatewayId property to specify the ID of a transit gateway. AWS::EC2::VPNConnection Use the TransitGatewayId property to specify the ID of the transit gateway associated with the VPN connection. Use the VpnGatewayId property to specify the ID of the virtual private gateway at the AWS side of the VPN connection. AWS::ECR::Repository Use the Tags property to specify an array of key-value pairs to apply to this resource. AWS::ECS::Cluster Use the Tags property to apply metadata to clusters to help you categorize and organize them. AWS::ECS::Service Use the EnableECSManagedTags property to specify whether to enable Amazon ECS managed tags for the tasks within the service. Use the PropagateTags property to specify whether to propagate the tags from the task definition or the service to the tasks in the service. Use the Tags property to apply metadata to services to help you categorize and organize them. AWS::ECS::TaskDefinition In the ContainerDefinition property type: Use the ResourceRequirements property to specify the type and amount of a resource to assign to a container. The only supported resource is a GPU. Use the Secrets property to specify the secrets to pass to the container. Use the Tags property to apply metadata to task definitions to help you categorize and organize them. AWS::EFS::FileSystem Use the LifecyclePolicies property to specify a list of policies used by EFS lifecycle management to transition files to the Infrequent Access (IA) storage class. AWS::EFS::MountTarget Use the IpAddress attribute to return the IPv4 address of the mount target. AWS::ElasticLoadBalancingV2::ListenerRule In the RuleCondition property type: Use the HostHeaderConfig property to specify information for a host header condition. Use the HttpHeaderConfig property to specify information for an HTTP header condition. Use the HttpRequestMethodConfig property to specify information for an HTTP method condition. Use the PathPatternConfig property to specify information for a path pattern condition. Use the QueryStringConfig property to specify information for a query string condition. Use the SourceIpConfig property to specify information for a source IP condition. AWS::EMR::Cluster In the JobFlowInstancesConfig property type, use the Ec2SubnetIds property to specify multiple EC2 subnet IDs. AWS::IoTAnalytics::Dataset When data set contents are created they are delivered to destinations specified in the ContentDeliveryRules property. Use the VersioningConfiguration property to specify how many versions of data set contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the "retentionPeriod" parameter. AWS::KinesisFirehose::DeliveryStream In the ExtendedS3DestinationConfiguration property type: Use the DataFormatConversionConfiguration property to specify the serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3. Use the ErrorOutputPrefix property to specify a prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. The Prefix property is no longer required. In the S3DestinationConfiguration property type, use the ErrorOutputPrefix property to specify a prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. AWS::S3::Bucket Use the ObjectLockConfiguration property to specify an object lock configuration for the specified bucket. Use the ObjectLockEnabled property to specify whether this bucket has an object lock configuration enabled.	June 13, 2019
New resources	The following resources were added: AWS::Amplify::App, AWS::Amplify::Branch, AWS::Amplify::Domain, AWS::EC2::ClientVpnAuthorizationRule, AWS::EC2::ClientVpnEndpoint, AWS::EC2::ClientVpnRoute, AWS::EC2::ClientVpnTargetNetworkAssociation, AWS::MSK::Cluster. AWS::Amplify::App Creates apps in AWS Amplify Console. An app is a collection of branches. AWS::Amplify::Branch Creates a new branch within an AWS Amplify Console app. AWS::Amplify::Domain Allows you to connect a custom domain to your AWS Amplify Console app. AWS::EC2::ClientVpnAuthorizationRule Specifies an ingress authorization rule to add to a Client VPN endpoint. Ingress authorization rules act as firewall rules that grant access to networks. AWS::EC2::ClientVpnEndpoint Specifies a Client VPN endpoint. A Client VPN endpoint is the resource you create and configure to enable and manage client VPN sessions. It is the destination endpoint at which all client VPN sessions are terminated. AWS::EC2::ClientVpnRoute Specifies a network route to add to a Client VPN endpoint. Each Client VPN endpoint has a route table that describes the available destination network routes. Each route in the route table specifies the path for traffic to specific resources or networks. AWS::EC2::ClientVpnTargetNetworkAssociation Specifies a target network to associate with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. AWS::MSK::Cluster Use the AWS::MSK::Cluster resource to create an Amazon MSK cluster.	June 13, 2019
Updated resources	The following resource was updated: AWS::SageMaker::NotebookInstance. AWS::SageMaker::NotebookInstance Use the AcceleratorTypes property to specify a list of Elastic Inference (EI) instance types to associate with this notebook instance. Use the AdditionalCodeRepositories property to specify an array of up to three Git repositories associated with the notebook instance. Use the DefaultCodeRepository property to specify the Git repository associated with the notebook instance as its default code repository.	June 3, 2019
New resources	The following resources were added: AWS::IoTThingsGraph::FlowTemplate, AWS::Pinpoint::ADMChannel, AWS::Pinpoint::APNSChannel, AWS::Pinpoint::APNSSandboxChannel, AWS::Pinpoint::APNSVoipChannel, AWS::Pinpoint::APNSVoipSandboxChannel, AWS::Pinpoint::App, AWS::Pinpoint::ApplicationSettings, AWS::Pinpoint::BaiduChannel, AWS::Pinpoint::Campaign, AWS::Pinpoint::EmailChannel, AWS::Pinpoint::EventStream, AWS::Pinpoint::GCMChannel, AWS::Pinpoint::SMSChannel, AWS::Pinpoint::Segment, AWS::Pinpoint::VoiceChannel, AWS::SageMaker::CodeRepository, and AWS::MSK::Cluster. AWS::IoTThingsGraph::FlowTemplate Use the AWS::IoTThingsGraph::FlowTemplate resource to specify a workflow template. AWS::Pinpoint::ADMChannel Use the AWS::Pinpoint::ADMChannel resource to specify an ADM channel. You can use the ADM channel to send push notifications through the Amazon Device Messaging (ADM) service to apps that run on Amazon devices, such as Kindle Fire tablets. AWS::Pinpoint::APNSChannel Use the AWS::Pinpoint::APNSChannel resource to specify an APNs channel. You can use the APNs channel to send push notification messages to the Apple Push Notification service (APNs). AWS::Pinpoint::APNSSandboxChannel Use the AWS::Pinpoint::APNSSandboxChannel resource to specify an APNs sandbox channel. You can use the APNs sandbox channel to send push notification messages to the sandbox environment of the Apple Push Notification service (APNs). AWS::Pinpoint::APNSVoipChannel Use the AWS::Pinpoint::APNSVoipChannel resource to specify an APNs VoIP channel. You can use the APNs VoIP channel to send VoIP notification messages to the Apple Push Notification service (APNs). AWS::Pinpoint::APNSVoipSandboxChannel Use the AWS::Pinpoint::APNSVoipSandboxChannel resource to specify an APNs VoIP sandbox channel. You can use the APNs VoIP sandbox channel to send VoIP notification messages to the sandbox environment of the Apple Push Notification service (APNs). AWS::Pinpoint::App Use the AWS::Pinpoint::App resource to specify an app. AWS::Pinpoint::ApplicationSettings Use the AWS::Pinpoint::ApplicationSettings resource to specify the settings for an Amazon Pinpoint app. AWS::Pinpoint::BaiduChannel Use the AWS::Pinpoint::BaiduChannel resource to update the settings of the Baidu channel for an application. AWS::Pinpoint::Campaign Use the AWS::Pinpoint::Campaign resource to update the settings for a campaign. AWS::Pinpoint::EmailChannel Use the AWS::Pinpoint::EmailChannel resource to update the status and settings of the email channel for an application. AWS::Pinpoint::EventStream Use the AWS::Pinpoint::EventStream resource to create a new event stream for an application or update the settings of an existing event stream for an application. AWS::Pinpoint::GCMChannel Use the AWS::Pinpoint::GCMChannel resource to specify a GCM channel. You can use the GCM channel to send push notification messages to the Firebase Cloud Messaging (FCM) service, which replaced the Google Cloud Messaging (GCM) service. AWS::Pinpoint::SMSChannel Use the AWS::Pinpoint::SMSChannel resource to specify an SMS channel. To send an SMS text message, you send the message through the SMS channel. AWS::Pinpoint::Segment Use the AWS::Pinpoint::Segment resource to create a new segment for an application or update the configuration, dimension, and other settings for an existing segment that's associated with an application. AWS::Pinpoint::VoiceChannel Use the AWS::Pinpoint::VoiceChannel resource to update the status and settings of the voice channel for an application. AWS::SageMaker::CodeRepository Use the AWS::SageMaker::CodeRepository resource to specify a Git repository as a resource in your SageMaker account.	June 3, 2019
Updated resources	The following resources were updated: AWS::CodeCommit::Repository and AWS::EC2::LaunchTemplate. Code Use the Code resource to provide information about code to be committed. S3 Use the S3 resource to provide information about the Amazon S3 bucket that contains the code that will be committed to the new repository. AWS::EC2::LaunchTemplate In the NetworkInterface property, use InterfaceType to specify the type of network interface.	May 23, 2019
New resources	The following resources were added: AWS::Backup::BackupPlan, AWS::Backup::BackupSelection, AWS::Backup::BackupVault, AWS::PinpointEmail::ConfigurationSet, AWS::PinpointEmail::ConfigurationSetEventDestination, AWS::PinpointEmail::DedicatedIpPool, AWS::PinpointEmail::Identity, AWS::Transfer::Server, AWS::Transfer::User, AWS::WAFRegional::GeoMatchSet, AWS::WAFRegional::RateBasedRule, and AWS::WAFRegional::RegexPatternSet. AWS::Backup::BackupPlan Contains an optional backup plan display name and an array of BackupRule objects, each of which specifies a backup rule. Each rule in a backup plan is a separate scheduled task and can back up a different selection of AWS resources. AWS::Backup::BackupSelection Specifies a set of resources to assign to a backup plan. AWS::Backup::BackupVault Creates a logical container where backups are stored. A CreateBackupVault request includes a name, optionally one or more resource tags, an encryption key, and a request ID. AWS::PinpointEmail::ConfigurationSet Use the AWS::PinpointEmail::ConfigurationSet resource to specify configuration sets for the Amazon Pinpoint Email API. AWS::PinpointEmail::ConfigurationSetEventDestination Use the AWS::PinpointEmail::ConfigurationSetEventDestination resource to specify destinations for events related to sending email in the Amazon Pinpoint Email API. AWS::PinpointEmail::DedicatedIpPool Use the AWS::PinpointEmail::DedicatedIpPool resource to specify groups of dedicated IP addresses in the Amazon Pinpoint Email API. AWS::PinpointEmail::Identity Use the AWS::PinpointEmail::Identity resource to specify identities (email addresses or domains) for sending email through the Amazon Pinpoint Email API. AWS::Transfer::Server Creates an autoscaling virtual server based on Secure File Transfer Protocol (SFTP) in AWS. AWS::Transfer::User Creates a user and associates them with an existing Secure File Transfer Protocol (SFTP) server. AWS::WafRegional::GeoMatchSet The AWS::WAFRegional::GeoMatchSet resource contains one or more countries that AWS WAF will search for. AWS::WafRegional::RateBasedRule The AWS::WAFRegional::RateBasedRule resource is identical to a regular Rule, with one addition: a RateBasedRule counts the number of requests that arrive from a specified IP address every five minutes. AWS::WafRegional::RegexPatternSet The AWS::WAFRegional::RegexPatternSet resource specifies the regular expression (regex) pattern that you want AWS WAF to search for.	May 23, 2019
Updated resources	The following resources were updated: AWS::AppSync::GraphQLApi, AWS::Cognito::UserPool, AWS::Glue::Classifier, AWS::Glue::Crawler, AWS::Glue::DevEndpoint, AWS::Glue::Job, and AWS::Glue::Trigger. AWS::AppSync::GraphQLApi Use the AdditionalAuthenticationProviders property to specify a list of additional authentication providers for the GraphqlApi API. Use the Tags property to specify an arbitrary set of tags (key-value pairs) for this GraphQL API. AWS::Cognito::UserPool In the PasswordPolicy property type, use the TemporaryPasswordValidityDays property to specify the number of days a temporary password is valid. If the user does not sign-in during this time, their password will need to be reset by an administrator. Note When you set TemporaryPasswordValidityDays for a user pool, you will no longer be able to set the deprecated UnusedAccountValidityDays value for that user pool. AWS::Glue::Classifier Use the CsvClassifier property to specify a classifier for comma-separated values (CSV). AWS::Glue::Crawler Use the CrawlerSecurityConfiguration property to specify the name of the SecurityConfiguration structure to be used by this crawler. Use the Tags property to specify the tags to use with this crawler request. You can use tags to limit access to the crawler. AWS::Glue::DevEndpoint Use the SecurityConfiguration property to specify the name of the SecurityConfiguration structure to be used by this DevEndpoint. Use the Tags property to specify the tags to use with this DevEndpoint. You can use tags to limit access to the DevEndpoint. AWS::Glue::Job Use the SecurityConfiguration property to specify the name of the SecurityConfiguration structure to be used with this job. Use the Tags property to specify the tags to use with this job. You can use tags to limit access to the job. AWS::Glue::Trigger Use the Tags property to specify the tags to use with this trigger. You can use tags to limit access to the trigger.	May 17, 2019
New resources	The following resources were added: AWS::Glue::DataCatalogEncryptionSettings, AWS::Glue::SecurityConfiguration, and AWS::MediaStore::Container. AWS::Glue::DataCatalogEncryptionSettings Sets the security configuration for a specified catalog. After the configuration has been set, the specified encryption is applied to every catalog write thereafter. AWS::Glue::SecurityConfiguration Creates a new security configuration. AWS::MediaStore::Container The AWS::MediaStore::Container resource specifies a storage container to hold objects. A container is similar to a bucket in Amazon S3. When you create a container using AWS CloudFormation, the template manages data for five API actions: creating a container, setting access logging, updating the default container policy, adding a cross-origin resource sharing (CORS) policy, and adding an object lifecycle policy.	May 17, 2019
Updated resource	The following resource was updated: AWS::ServiceCatalog::CloudFormationProduct. AWS::ServiceCatalog::CloudFormationProduct In the ProvisioningArtifactProperties property type, if DisableTemplateValidation is set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.	May 3, 2019
New resources	The following resources were added: AWS::ApiGatewayV2::ApiMapping and AWS::ApiGatewayV2::DomainName. AWS::ApiGatewayV2::ApiMapping The AWS CloudFormation AWS::ApiGatewayV2::ApiMapping resource contains an API mapping. AWS::ApiGatewayV2::DomainName Use the AWS CloudFormation AWS::ApiGatewayV2::DomainName resource to specify a custom, friendly URL for your API in API Gateway.	May 3, 2019
Limit for resources in concurrent stack operations	CloudFormation now enforces an account limit for the number of resources in concurrent stack operations. This limit is determined by region. For more information, see AWS CloudFormation quotas	April 30, 2019
Updated resources	The following resources were updated: AWS::Greengrass::FunctionDefinition and AWS::Greengrass::FunctionDefinitionVersion. AWS::Greengrass::FunctionDefinition In the FunctionConfiguration property type, the MemorySize and Timeout properties are no longer required. AWS::Greengrass::FunctionDefinitionVersion In the FunctionConfiguration property type, the MemorySize and Timeout properties are no longer required.	April 25, 2019
Updated resources	The following resources were updated: AWS::ECS::TaskDefinition, AWS::ElasticLoadBalancingV2::TargetGroup AWS::ECS::TaskDefinition Use the ProxyConfiguration property to specify the configuration details for an App Mesh proxy. In the ContainerDefinition property type: Use the DependsOn property to specify the dependencies defined for container startup and shutdown. Use the StartTimeout property to specify the time duration to wait before giving up on resolving dependencies for a container. Use the StopTimeout property to specify the time duration to wait before the container is forcefully killed if it doesn't exit normally on its own. AWS::ElasticLoadBalancingV2::TargetGroup Use the HealthCheckEnabled property to indicate whether health checks are enabled. The Port, Protocol, and VpcId properties are now required only if the target type is instance or ip.	April 18, 2019
New resource	The following resource was added: AWS::EC2::CapacityReservation. AWS::EC2::CapacityReservation Use the AWS::EC2::CapacityReservation resource to create a Capacity Reservation.	April 18, 2019
Updated resources	The following resource was updated: AWS::Batch::JobDefinition and AWS::ServiceCatalog::CloudFormationProvisionedProduct. AWS::Batch::JobDefinition Use the ResourceRequirement property type to specify the type and amount of a resource to assign to a container. Currently, the only supported resource type is GPU.