Posted On: Nov 8, 2013

We are pleased to announce that AWS CloudFormation now supports fine-grained policies for controlling stack and resource modifications, and has introduced some new language features for writing versatile templates. AWS CloudFormation gives developers and systems administrators an easy way to create and manage collections of AWS resources.

Policies for controlling stack and resource modifications

You can now define IAM Policies for CloudFormation Stacks. By granting users permissions to modify or delete specific stacks, you can now protect critical stacks from accidental modification by users in your account. Learn more.

You can now set a stack policy to specify which stack resources should not be updated or replaced during a stack update. For example, using a stack policy, you could update web servers in a stack update but ensure database servers in the same stack will not be updated or replaced during the stack update.

Language features for writing versatile templates

You can now write a template that creates a resource or assigns a property value only if a specified condition is met. For example, you could use the same template for both a production and a development environment that would create a CloudWatch alarm only in the production environment. Learn more about Conditions.

You can now specify a name of your choice for several AWS resources (CloudWatch alarms, DynamoDB tables, Elastic Beanstalk applications and environments, S3 buckets, SNS topics, and SQS queues). This can make it easier to identify which resources you create. By default, CloudFormation auto-generates unique resource names. See AWS Resource Types Reference to learn more.

Lastly, you can now refer to the AWS AccountID inside CloudFormation templates by referring to the new pseudo parameter AWS::AccountID.

To learn more about the CloudFormation service, visit the CloudFormation detail page, documentation or watch this introductory video. We also have a large collection of sample templates that makes it easy to get started with CloudFormation within minutes.