Posted On: Nov 9, 2018
CloudFormation has added support for the following new resources:
AWS::SecretsManager::ResourcePolicy
Use the AWS::SecretsManager::ResourcePolicy resource to define a resource-based policy and attach it to a secret that's stored in Secrets Manager.
AWS::SecretsManager::RotationSchedule
Use the AWS::SecretsManager::RotationSchedule resource to configure rotation for a secret.
AWS::SecretsManager::Secret
Use the AWS::SecretsManager::Secret resource to create a secret and stores it in Secrets Manager.
AWS::SecretsManager::SecretTargetAttachment
Use the AWS::SecretsManager::SecretTargetAttachmentresource to complete the final link between a Secrets Manager secret and its associated database.
AWS::DLM::LifecyclePolicy
Use the AWS::DLM::LifecyclePolicy resource to create a lifecycle policy for Amazon Data Lifecycle Manager.
Secrets Manager Dynamic reference:
Use the secretsmanager dynamic reference to retrieve entire secrets or secret values that are stored in AWS Secrets Manager for use in your templates.
CloudFormation has updated support of following resource types:
AWS::ApiGateway::Deployment
In the StageDescription property type, use the TracingEnabled property to specify whether active tracing with X-ray is enabled for this stage.
AWS::ApiGateway::Stage
Use the TracingEnabled property to specify whether active tracing with X-ray is enabled for this stage.
AWS::CloudWatch::Alarm
Use the DatapointsToAlarm property to specify the number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an "M out of N" alarm. In that case, this value is the M.
AWS::EC2::SecurityGroupIngress
Use the SourcePrefixListId property to specify the AWS service prefix of an Amazon VPC endpoint.
AWS::IAM::Role
Use the PermissionsBoundary property to specify the policy that is used to set the permissions boundary for the role.
AWS::IAM::User
Use the PermissionsBoundary property to specify the policy that is used to set the permissions boundary for the user.
AWS::IoT::TopicRule
In the TopicRulePayload property type, use the ErrorActions property to specify the action to take when an error occurs.
In the Action property type:
l Use the IoTAnalytics property to send message data to an AWS IoT Analytics channel.
l Use the StepFunctionsAction property to start execution of a Step Functions state machine.
AWS::KMS::Key
Use the PendingWindowInDays property to specify the waiting period, specified in number of days, after which AWS KMS deletes the customer master key (CMK).
AWS::RDS::DBInstance
Use the EnableCloudwatchLogExports property to specify the list of log types that need to be enabled for exporting to CloudWatch Logs.
Use the EnableIAMDatabaseAuthentication property to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
Use the EnablePerformanceInsights property to enable Performance Insights for the DB instance.
Use the PerformanceInsightsKMSKeyId property to specify the AWS KMS key identifier for encryption of Performance Insights data. The AWS KMS key ID is the Amazon Resource Name (ARN), AWS KMS key identifier, or the AWS KMS key alias for the AWS KMS encryption key.
Use the PerformanceInsightsRetentionPeriod property to specify the amount of time, in days, to retain Performance Insights data.
Use the ProcessorFeatures property to specify the number of CPU cores and the number of threads per core for the DB instance class of the DB instance.
Use the PromotionTier property to specify the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
AWS::RDS::DBCluster
Use the EnableCloudwatchLogExports property to specify the list of log types that need to be enabled for exporting to CloudWatch Logs.
Use the EnableIAMDatabaseAuthentication property to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
Use the BackTrackWindow property to set the target backtrack window, in seconds. To disable backtracking, specify 0. If specified, this property must be set to a number from 0 to 259,200 (72 hours).
AWS::Route53::RecordSet
Use the MultiValueAnswer property to route traffic approximately randomly to multiple resources, such as web servers. Create one multivalue answer record for each resource and specify true for MultiValueAnswer.
AWS::S3::Bucket
Use the RegionalDomainName attribute with the Fn::GetAtt function to return the regional domain name of the specified bucket.
AWS::WorkSpaces::Workspace
Use the Tags property to specify the tags (key-value pairs) that you want to attach to the WorkSpace.
Use the WorkspaceProperties property to specify information about a WorkSpace.
For a complete list of resources please click here
To learn more about AWS CloudFormation, please visit our documentation page.