Fn::GetAtt
The Fn::GetAtt intrinsic function returns the value of an attribute from a
resource in the template.
Declaration
JSON
{ "Fn::GetAtt" : [ "logicalNameOfResource", "attributeName" ] }
YAML
Syntax for the full function name:
Fn::GetAtt: [logicalNameOfResource,attributeName]
Syntax for the short form:
!GetAttlogicalNameOfResource.attributeName
Parameters
logicalNameOfResource-
The logical name (also called logical ID) of the resource that contains the attribute that you want.
attributeName-
The name of the resource-specific attribute whose value you want. See the resource's reference page for details about the attributes available for that resource type.
Return Value
The attribute value.
Examples
Return a String
This example snippet returns a string containing the DNS name of the load balancer
with
the logical name myELB.
JSON
"Fn::GetAtt" : [ "myELB" , "DNSName" ]
YAML
!GetAtt myELB.DNSName
Return Multiple Strings
The following example template returns the SourceSecurityGroup.OwnerAlias
and SourceSecurityGroup.GroupName of the load balancer with the logical name
myELB.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "myELB": { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", "Properties": { "AvailabilityZones": [ "eu-west-1a" ], "Listeners": [ { "LoadBalancerPort": "80", "InstancePort": "80", "Protocol": "HTTP" } ] } }, "myELBIngressGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "ELB ingress group", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "SourceSecurityGroupOwnerId": { "Fn::GetAtt": [ "myELB", "SourceSecurityGroup.OwnerAlias" ] }, "SourceSecurityGroupName": { "Fn::GetAtt": [ "myELB", "SourceSecurityGroup.GroupName" ] } } ] } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Resources: myELB: Type: AWS::ElasticLoadBalancing::LoadBalancer Properties: AvailabilityZones: - eu-west-1a Listeners: - LoadBalancerPort: '80' InstancePort: '80' Protocol: HTTP myELBIngressGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: ELB ingress group SecurityGroupIngress: - IpProtocol: tcp FromPort: '80' ToPort: '80' SourceSecurityGroupOwnerId: !GetAtt myELB.SourceSecurityGroup.OwnerAlias SourceSecurityGroupName: !GetAtt myELB.SourceSecurityGroup.GroupName
Supported Functions
For the Fn::GetAtt logical resource name, you cannot use functions. You must
specify a string that is a resource's logical ID.
For the Fn::GetAtt attribute name, you can use the Ref
function.
Attributes
You can retrieve the following attributes using Fn::GetAtt.
| Resource TypeName | Attribute | Description |
|---|---|---|
| AWS::AmazonMQ::Broker | Arn |
The Amazon Resource Name (ARN) of the Amazon MQ broker. Example:arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9 |
| AWS::AmazonMQ::Broker | ConfigurationId |
The unique ID that Amazon MQ generates for the configuration. Example:c-1234a5b6-78cd-901e-2fgh-3i45j6k178l9 |
| AWS::AmazonMQ::Broker | ConfigurationRevision |
The revision number of the Amazon MQ configuration. Example:1 |
| AWS::AmazonMQ::Configuration | Arn |
The Amazon Resource Name (ARN) of the Amazon MQ configuration. Example:arn:aws:mq:us-east-2:123456789012:configuration:MyConfigurationDevelopment:c-1234a5b6-78cd-901e-2fgh-3i45j6k178l9 |
| AWS::AmazonMQ::Configuration | Revision |
The revision number of the Amazon MQ configuration. Example:1 |
|
|
The Amazon CloudFront distribution domain name that is mapped to the custom domain name. Example: |
|
|
|
The root resource ID for a Example: |
|
|
|
The URL to start an Amazon AppStream 2.0 image builder streaming session |
|
|
|
The Amazon Resource Name (ARN) of the AWS Cloud9 development environment. Example:
|
|
|
|
The name of the AWS Cloud9 development environment. Example: |
|
|
|
A JSON-format string containing the Example of a wait condition with two signals:
|
|
|
|
The output value from the nested stack that you specified, where
|
|
|
|
Example: |
|
|
|
Example: |
|
|
|
Example:
|
|
|
|
The Amazon Resource Name (ARN) of the Amazon SNS topic that is associated with the CloudTrail trail. Example:
|
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
The pipeline version. Example: |
|
|
|
Example: |
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
Example: |
|
|
|
Example:
|
|
|
|
Example:
|
|
|
AWS::DirectoryService::MicrosoftAD and AWS::DirectoryService::SimpleAD |
|
The alias for a directory. Examples: |
|
AWS::DirectoryService::MicrosoftAD and AWS::DirectoryService::SimpleAD |
|
The IP addresses of the DNS servers for the directory. Example: |
|
|
Example:
|
|
|
|
The resource id for the DB cluster. The cluster ID uniquely identifies the cluster and is used in things like IAM authentication policies. Example: |
|
|
|
The connection endpoint for the DB cluster. Example: |
|
|
|
The port number on which the DB cluster accepts connections. Example: |
|
|
|
The read-only connection endpoint for the cluster. Example: |
|
|
|
The connection endpoint for the DB instance. Example: |
|
|
|
The port number on which the DB cluster accepts connections. Example: |
|
|
|
Example:
|
|
|
|
The Amazon Resource Name (ARN) of the DynamoDB table stream. To use this attribute,
you must specify the DynamoDB table Example:
|
|
|
|
The ID that AWS assigns to represent the allocation of the address for use with Amazon VPC. It is returned only for VPC Elastic IP addresses. Example: |
|
|
|
The Availability Zone where the instance that you specified is launched. Example: |
|
|
|
The private DNS name of the instance that you specified. Example: |
|
|
|
The public DNS name of the instance that you specified. Example: |
|
|
|
The private IP address of the instance that you specified. Example: |
|
|
|
The public IP address of the instance that you specified. Example: |
|
|
|
The primary private IP address of the network interface that you specified. Example: |
|
|
|
The secondary private IP addresses of the network interface that you specified. Example: |
|
|
|
The group ID of the specified security group. Example: |
|
|
|
The ID of the VPC. Example: |
|
|
|
The Availability Zone of the subnet. Example: |
|
|
|
A list of IPv6 CIDR blocks that are associated with the subnet. Example: |
|
|
|
The ID of the network ACL that is associated with the subnet's VPC. Example: |
|
|
|
The ID of the subnet's VPC. Example: |
|
|
|
The |
|
|
|
The set of IP addresses for the VPC. Example: |
|
|
|
A list of IPv4 CIDR block association IDs for the VPC. Example: |
|
|
|
The default network ACL ID that is associated with the VPC, which AWS creates when you create a VPC. Example: |
|
|
|
The default security group ID that is associated with the VPC, which AWS creates when you create a VPC. Example: |
|
|
|
A list of IPv6 CIDR blocks that are associated with the VPC. Example: |
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
The name of an Amazon Elastic Container Service service. Example: |
|
|
|
The ARN of the cluster. Example:
|
|
|
|
The |
|
|
|
The endpoint for your Kubernetes API server. Example:
|
|
|
|
The DNS address of the configuration endpoint for the Memcached cache cluster. Example: |
|
|
|
The port number of the configuration endpoint for the Memcached cache cluster. |
|
|
|
The DNS address of the configuration endpoint for the Redis cache cluster. Example: |
|
|
|
The port number of the configuration endpoint for the Redis cache cluster. |
|
|
|
The DNS hostname of the cache node. |
|
|
|
The port number that the cache engine is listening on. |
|
|
|
The DNS address of the primary read-write cache node. |
|
|
|
The port number that the primary read-write cache engine is listening on. |
|
|
|
A string with a list of endpoints for the read-only replicas. The order of the
addresses maps to the order of the ports from the Example: |
|
|
|
A string with a list of ports for the read-only replicas. The order of the ports
maps to the order of the addresses from the Example: |
|
|
|
A list of endpoints for the read-only replicas. Example: |
|
|
|
A list of ports for the read-only replicas. Example: |
|
|
|
The URL to the load balancer for this environment. Example:
|
|
|
|
The name of the Route 53-hosted zone that is associated with the load balancer. Example:
|
|
|
|
The ID of the Route 53 hosted zone name that is associated with the l oad balancer. Example: |
|
|
|
The DNS name for the load balancer. Example:
|
|
|
|
The security group that you can use as part of your inbound rules for your load balancer's back-end Amazon EC2 application instances. Example: |
|
|
|
The owner of the source security group. Example: |
|
|
|
The DNS name for the application load balancer. Example:
|
|
|
|
The ID of the Amazon Route 53-hosted zone name that is associated with the load balancer. Example: |
|
|
|
The full name of the application load balancer. Example: |
|
|
|
The name of the application load balancer. Example: |
|
|
|
The IDs of the security groups for the application load balancer. Example: |
|
|
|
The Amazon Resource Names (ARNs) of the load balancers that route traffic to this target group. Example: |
|
|
|
The full name of the target group.
Example:
|
|
|
|
The name of the target group.
Example:
|
|
|
|
The Amazon Resource Name (ARN) of the domain. Example:
|
|
|
|
The domain-specific endpoint that is used to submit index, search, and data upload requests to an Amazon Elasticsearch Service domain. Example:
|
|
|
|
The public DNS name of the master node (instance). Example: |
|
|
|
Example:
|
|
|
|
The secret access key for the specified Example: |
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
Example:
|
|
Arn |
Example:
arn:aws:iot:ap-southeast-2:123456789012:cert/a1234567b89c012d3e4fg567hij8k9l01mno1p23q45678901rs234567890t1u2 |
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
The ARN of the AWS IoT 1-Click compatible device. Example:
|
|
|
|
The user specified device ID. Example: |
|
|
|
A Boolean value indicating if the device is enabled ( Example: |
|
|
|
The placement name associated with a project. Example: |
|
|
|
The name of the project for a given placement. Example: |
|
|
|
The name of the project. Example: |
|
|
|
The ARN of the project. Example:
|
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
Example: |
|
|
|
Example: |
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
The version of a Lambda function. Example: |
|
|
|
Example:
|
|
|
|
Example:
|
|
|
|
The Availability Zone of an AWS OpsWorks instance. Example: |
|
|
|
The private DNS name of an AWS OpsWorks instance. |
|
|
|
The private IP address of an AWS OpsWorks instance. |
|
|
|
The public DNS name of an AWS OpsWorks instance. |
|
|
|
The public IP address of an AWS OpsWorks instance. Note To use this attribute, the AWS OpsWorks instance must be in an AWS OpsWorks layer that auto-assigns public IP addresses. Example: |
|
|
|
The SSH user name of an AWS OpsWorks instance. |
|
|
|
The connection endpoint for the cluster. Example:
|
|
|
|
The connection port for the cluster. Example: |
|
| AWS::RDS::DBCluster |
|
The connection endpoint for the DB cluster. Example:
|
|
|
The port number on which the DB cluster accepts connections. Example: |
|
|
|
The reader endpoint for the DB cluster. Example:
|
|
|
|
The connection endpoint for the database. Example:
|
|
|
|
The port number on which the database accepts connections. Example: |
|
|
|
The set of name servers for the specific hosted zone. Example: This attribute is not supported for private hosted zones. |
|
|
|
The ARN for the inbound or outbound endpoint. Example: |
|
|
|
Whether this is an inbound or outbound endpoint. Example: |
|
|
|
The ID of the VPC that you want to create the resolver endpoint in. Example: |
|
|
|
The number of IP addresses that the resolver endpoint can use for DNS queries. Example: |
|
|
|
The name for the inbound or outbound endpoint. Example: |
|
|
|
The ID that Resolver assigned to the endpoint when you created it. Example: |
|
|
|
The ARN for the rule. Example: |
|
|
|
The domain name for outbound DNS queries that you want to forward to DNS resolvers in your network. Example: |
|
|
|
The ID of the endpoint that the rule is associated with. Example: |
|
|
|
The ID that Resolver assigned to the rule when you created it. Example: |
|
|
|
The IPv4 IP addresses that you want Resolver to forward DNS queries to. Example: |
|
|
|
The name of an association between a resolver rule and a VPC. Example: |
|
|
|
The ID of the resolver rule association that you want to get information about. Example: |
|
|
|
The ID of the resolver rule that you associated with the VPC that is specified by
Example: |
|
|
|
The ID of the VPC that you associated the resolver rule with. Example: |
|
|
|
Example: |
|
|
|
The DNS name of the specified bucket. Example: |
|
|
|
The IPv6 DNS name of the specified bucket. Example:
|
|
|
|
The Amazon S3 website endpoint for the specified bucket. Example:
|
|
|
|
The ARN of an |
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
Example:
|
|
|
|
Example: |
|
|
|
Example: |
|
| AWS::SNS::Topic | TopicName |
The name of an Amazon SNS topic. Example: |
| AWS::StepFunctions::Activity | Name |
The name of the AWS Step Functions activity. |
| AWS::StepFunctions::StateMachine | Name |
The name of the Step Functions state machine. |
|
|
Example:
|
|
|
|
The name of an Amazon SQS queue. Example: |
