AWS::Route53RecoveryControl::SafetyRule - AWS CloudFormation


List the safety rules (the assertion rules and gating rules) that you've defined for the routing controls in a control panel.


To declare this entity in your AWS CloudFormation template, use the following syntax:


{ "Type" : "AWS::Route53RecoveryControl::SafetyRule", "Properties" : { "AssertionRule" : AssertionRule, "ControlPanelArn" : String, "GatingRule" : GatingRule, "Name" : String, "RuleConfig" : RuleConfig, "Tags" : [ Tag, ... ] } }


Type: AWS::Route53RecoveryControl::SafetyRule Properties: AssertionRule: AssertionRule ControlPanelArn: String GatingRule: GatingRule Name: String RuleConfig: RuleConfig Tags: - Tag



An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is On after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.

Required: No

Type: AssertionRule

Update requires: No interruption


The Amazon Resource Name (ARN) for the control panel.

Required: Yes

Type: String

Update requires: Replacement


A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.

For example, if you specify one gating routing control and you set the Type in the rule configuration to OR, that indicates that you must set the gating routing control to On for the rule to evaluate as true; that is, for the gating control "switch" to be "On". When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.

Required: No

Type: GatingRule

Update requires: No interruption


The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) " (double quote) ; (semicolon)

Required: Yes

Type: String

Update requires: No interruption


The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be ON as the result of a transaction. For example, if you have three assertion controls, you might specify ATLEAST 2 for your rule configuration. This means that at least two assertion controls must be ON, so that at least two AWS Regions have traffic flowing to them.

Required: Yes

Type: RuleConfig

Update requires: Replacement


The value for a tag.

Required: No

Type: List of Tag

Update requires: Replacement

Return values


When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the SafetyRuleArn object.

For more information about using the Ref function, see Ref.


The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.


The Amazon Resource Name (ARN) of the safety rule.


The deployment status of the safety rule. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION.