Show Menu
Cheatography

AWS CloudFormation Cheat Sheet (DRAFT) by

A quick reference for common AWS CloudFormation functions and features

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Template Anatomy

Resources
Mappings
Descri­ption
Conditions
Metadata
Transform
Parameters
Outputs
A Resources section is required.

Intrinsic Functions Syntax

YAML Shorthand
! Ref arg
YAML
Fn::Ref arg
JSON
{ "­Fn:­:Re­f": arg }

Common Intrinsic Functions

!FindInMap [ Map, TopLev­elKey, Second­Lev­elKey ]
Returns values of keys in 2-level map declared in Mappings section
!GettAtt a.Arn
Get Arn attribute of resource a in this stack
!Impor­tValue a
Reference export a from another stack
!Join [':',[­'a'­,'b']]
Produces 'a:b'
!Ref a
Get value of parameter or resource a in this stack
!Select ['1',[­'a'­,'b']]
Produces 'b'
!Split [ ':', 'a:b' ]
Produces ['a', 'b']
!Sub 'a-${b}'
Inject the value of b into a string
You can't nest the shorthand YAML functions. You must do:
Fn::Im­por­tValue: !Sub "­${a­}-b­"
not !Impor­tValue !Sub "­${a­}-b­"

Transforms

'Fn::Transform':
  - Name: 'AWS::Include'
    Parameters:
      Location: s3://bucket/snippet.yml
Use an Include transform to reference a template snippet stored separately from the main CloudF­orm­ation template.
 

Custom Resources

Use the AWS::C­lou­dFo­rma­tio­n::­Cus­tom­Res­ource or Custom­::S­tring resource type to define custom resources.

To create a custom resource, you need:

- A template that includes a custom resource type.
- A custom resource provider with a service token that the template developer uses.

During a stack operation, CloudF­orm­ation sends a request to a service token specified in the template, then waits for a response before procee­ding.

Common Pseudo Parameters

AWS::A­cco­untId
12-digit AWS account
AWS::N­oValue
Use in condit­ionals
AWS::R­egion
Deployment region
AWS::S­tackId
ARN of the current stack
AWS::S­tac­kName
Name of the current stack
Reference pseudo parameters just like regular parame­ters, e.g. !Ref AWS::R­egion

Condition Functions

!Equals ['a', 'b']
false
!And [!Equals ['a', 'a'], !Equals ['a', 'b']]
false
!Or [!Equals ['a', 'a'], !Equals ['a', 'b']]
true
!Not [!Equals ['a', 'a']]
false
!If [condi­tion, 100, 10]
100 if condition is true, else 10

Export Outputs

Outputs:
  MyVPCOutput:
    Value: !Ref VPCResource
    Export:
      Name: !Sub "${AWS::StackName}-VPCID"
- For each AWS account, Export names must be unique within a region.
- You can't create cross-­stack references across regions.
- You can't delete a stack if another stack references one of its outputs.