Bringing Existing Resources Into CloudFormation Management
If you created an AWS resource outside of AWS CloudFormation management, you can bring
this existing
resource into AWS CloudFormation management using resource import. You can manage your
resources using AWS CloudFormation regardless of where they were created without having
to delete and
re-create them as part of a stack.
For a list of AWS resources that support import operations, see Resources that Support Import Operations.
Resource Import Overview
During an import operation, you create a change set that imports your existing resources into a stack or creates a new stack from your existing resources. You provide the following during import.
-
A template that describes the entire stack, including both the original stack resources and the resources you're importing. Each resource to import must have a DeletionPolicy attribute.
-
Identifiers for the resources to import. You provide two values to identify each target resource.
-
An identifier property. This is a resource property that can be used to identify each resource type. For example, an
AWS::S3::Bucketresource can be identified using itsBucketName. -
An identifier value. This is the target resource's actual property value. For example, the actual value for the
BucketNameproperty might beMyS3Bucket.
-
Resource Import Validation
During an import operation, AWS CloudFormation performs the following validations.
-
The resource to import exists.
-
The properties and configuration values for each resource to import adhere to the resource type schema, which defines its accepted properties, required properties, and supported property values.
-
The required properties are specified in the template. Required properties for each resource type are listed in the Resource and Property Reference.
-
The resource to import does not belong to another stack in the same Region.
AWS CloudFormation does not check that the template configuration matches the actual configuration of resource properties.
Resource Import Status Codes
This table describes the various status types used with resource import.
| Import Operation Status | Description |
|---|---|
|
|
The import operation is currently in progress. |
|
|
The import operation successfully completed for all resources in the
stack that support |
|
|
Import will roll back to the previous template configuration. |
|
|
The import rollback operation failed for at least one resource in the stack. Results will be available for the resources CloudFormation successfully imported. |
|
|
Import successfully rolled back to the previous template configuration. |
Considerations During an Import Operation
-
After the import is complete and before performing subsequent stack operations, we recommend running drift detection on imported resources. Drift detection ensures that the template configuration matches the actual configuration.
-
Import operations don't allow new resource creations, resource deletions, or changes to property configurations.
-
Each resource to import must have a
DeletionPolicyattribute for the import operation to succeed. TheDeletionPolicycan be set to any possible value. Only target resources need aDeletionPolicy. Resources that are already part of the stack don't need aDeletionPolicy. -
You cannot import the same resource into multiple stacks.
-
You can use the
cloudformation:ImportResourceTypesIAM policy condition to control which resource types IAM users can work with during an import operation. -
The AWS CloudFormation stack limits apply when importing resources. For more information on limits, see AWS CloudFormation Limits.
-
Resource importis available in the US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), and South America (São Paulo) Regions.
Getting Started with Resource Import
