Resources that support import and drift detection operations - AWS CloudFormation

Resources that support import and drift detection operations

AWS CloudFormation supports resource import and drift detection operations for the following public (AWS) resource types.

In addition, CloudFormation supports import and drift detection operations for private resource types that are provisionable; that is, whose provisioning type is either FULLY_MUTABLE or IMMUTABLE. To import or perform drift detection on a resource of a private resource type, the default version of the resource type that you have registered in your account must be provisionable. For more information on resource provision type, see the ProvisioningType parameter of the DescribeType action in the AWS CloudFormation API Reference and of the DescribeType command in the AWS CLI Command Reference.

For more information on drift detection, see Detecting unmanaged configuration changes to stacks and resources.

Service Resource
API Gateway

AWS::ApiGateway::Authorizer

AWS::ApiGateway::Deployment

AWS::ApiGateway::Method

AWS::ApiGateway::Model

AWS::ApiGateway::Resource

AWS::ApiGateway::RestApi

AWS::ApiGateway::RequestValidator

AWS::ApiGateway::Stage

AppConfig

AWS::AppConfig::Application

AWS::AppConfig::ConfigurationProfile

AWS::AppConfig::Deployment

AWS::AppConfig::DeploymentStrategy

AWS::AppConfig::Environment

AppFlow

AWS::AppFlow::Flow

AWS::AppFlow::ConnectorProfile

App Mesh

AWS::AppMesh::GatewayRoute

AWS::AppMesh::VirtualGateway

Athena

AWS::Athena::DataCatalog

AWS::Athena::NamedQuery

AWS::Athena::WorkGroup

Auto Scaling

AWS::AutoScaling::AutoScalingGroup

AWS::AutoScaling::LaunchConfiguration

AWS::AutoScaling::LifecycleHook

AWS::AutoScaling::ScalingPolicy

AWS::AutoScaling::ScheduledAction

AWS Billing and Cost Management

AWS::CE::CostCategory

AWS Certificate Manager

AWS::ACMPCA::Certificate

AWS::ACMPCA::CertificateAuthority

AWS::ACMPCA::CertificateAuthorityActivation

AWS Chatbot

AWS::Chatbot::SlackChannelConfiguration

CloudFormation

AWS::CloudFormation::Stack

AWS::CloudFormation::StackSet

CloudFront

AWS::CloudFront::CachePolicy

AWS::CloudFront::OriginRequestPolicy

AWS::CloudFront::RealtimeLogConfig

CloudTrail

AWS::CloudTrail::Trail

CloudWatch

AWS::ApplicationInsights::Application

AWS::CloudWatch::Alarm

AWS::CloudWatch::CompositeAlarm

AWS::Events::Rule

AWS::Logs::LogGroup

AWS::Logs::MetricFilter

AWS::Logs::SubscriptionFilter

AWS::Synthetics::Canary

CodeGuru Profiler

AWS::CodeGuruProfiler::ProfilingGroup

CodeGuru Reviewer

AWS::CodeGuruReviewer::RepositoryAssociation

AWS CodeStar

AWS::CodeStarConnections::Connection

AWS Config

AWS::Config::ConformancePack

AWS::Config::OrganizationConformancePack

Detective

AWS::Detective::Graph

AWS::Detective::MemberInvitation

DynamoDB

AWS::DynamoDB::Table

Amazon EC2

AWS::EC2::CarrierGateway

AWS::EC2::EIP

AWS::EC2::FlowLog

AWS::EC2::Instance

AWS::EC2::InternetGateway

AWS::EC2::LocalGatewayRoute

AWS::EC2::LocalGatewayRouteTableVPCAssociation

AWS::EC2::NatGateway

AWS::EC2::NetworkAcl

AWS::EC2::NetworkInterface

AWS::EC2::PrefixList

AWS::EC2::RouteTable

AWS::EC2::SecurityGroup

AWS::EC2::Subnet

AWS::EC2::Volume

AWS::EC2::VPC

EC2 Image Builder

AWS::ImageBuilder::Component

AWS::ImageBuilder::DistributionConfiguration

AWS::ImageBuilder::Image

AWS::ImageBuilder::ImagePipeline

AWS::ImageBuilder::ImageRecipe

AWS::ImageBuilder::InfrastructureConfiguration

Amazon ECS

AWS::ECS::CapacityProvider

AWS::ECS::Cluster

AWS::ECS::PrimaryTaskSet

AWS::ECS::Service

AWS::ECS::TaskDefinition

AWS::ECS::TaskSet

Amazon EFS

AWS::EFS::AccessPoint

AWS::EFS::FileSystem

Amazon EKS

AWS::EKS::FargateProfile

Elastic Load Balancing

AWS::ElasticLoadBalancing::LoadBalancer

AWS::ElasticLoadBalancingV2::Listener

AWS::ElasticLoadBalancingV2::ListenerRule

AWS::ElasticLoadBalancingV2::LoadBalancer

EventBridge

AWS::EventSchemas::RegistryPolicy

Firewall Manager

AWS::FMS::NotificationChannel

AWS::FMS::Policy

GameLift

AWS::GameLift::GameServerGroup

Global Accelerator

AWS::GlobalAccelerator::Accelerator

AWS::GlobalAccelerator::EndpointGroup

AWS::GlobalAccelerator::Listener

AWS Ground Station

AWS::GroundStation::Config

AWS::GroundStation::DataflowEndpointGroup

AWS::GroundStation::MissionProfile

IAM

AWS::IAM::Group

AWS::IAM::InstanceProfile

AWS::IAM::ManagedPolicy

AWS::IAM::Role

AWS::IAM::User

IAM Access Analyzer

AWS::AccessAnalyzer::Analyzer

AWS IoT

AWS::IoT::Authorizer

AWS::IoT::Certificate

AWS::IoT::Thing

AWS::IoT::ProvisioningTemplate

Amazon Kendra

AWS::Kendra::DataSource

AWS::Kendra::Faq

AWS::Kendra::Index

Kinesis

AWS::KinesisFirehose::DeliveryStream

Lambda

AWS::Lambda::Alias

AWS::Lambda::Function

AWS::Lambda::Version

AWS KMS

AWS::KMS::Key

Amazon Macie

AWS::Macie::CustomDataIdentifier

AWS::Macie::FindingsFilter

AWS::Macie::Session

Managed Apache Cassandra Service

AWS::Cassandra::Keyspace

AWS::Cassandra::Table

Network Manager

AWS::NetworkManager::CustomerGatewayAssociation

AWS::NetworkManager::Device

AWS::NetworkManager::GlobalNetwork

AWS::NetworkManager::Link

AWS::NetworkManager::LinkAssociation

AWS::NetworkManager::Site

AWS::NetworkManager::TransitGatewayRegistration

QLDB

AWS::QLDB::Stream

Resource Groups

AWS::ResourceGroups::Group

Amazon RDS

AWS::RDS::DBCluster

AWS::RDS::DBInstance

AWS::RDS::DBProxy

AWS::RDS::DBProxyTargetGroup

Route 53

AWS::Route53::HostedZone

AWS::Route53Resolver::ResolverQueryLoggingConfig

AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation

Amazon S3

AWS::S3::AccessPoint

AWS::S3::Bucket

SageMaker

AWS::SageMaker::MonitoringSchedule

Secrets Manager

AWS::SecretsManager::RotationSchedule

AWS Service Catalog

AWS::ServiceCatalog::CloudFormationProvisionedProduct

Amazon SES

AWS::SES::ConfigurationSet

Amazon SNS

AWS::SNS::Topic

Amazon SQS

AWS::SQS::Queue

SSM

AWS::SSM::Association

AWS SSO

AWS::SSO::Assignment

AWS::SSO::PermissionSet

AWS WAF

AWS::WAFv2::IPSet

AWS::WAFv2::RegexPatternSet

AWS::WAFv2::RuleGroup

AWS::WAFv2::WebACL

AWS::WAFv2::WebACLAssociation

Amazon WorkSpaces

AWS::Workspaces::ConnectionAlias