---
AWSTemplateFormatVersion: "2010-09-09"
Parameters:
  myEnvironment:
    Type: String
Conditions:
  myCondition: !Equals [ !Ref myEnvironment, 'Prod']
Resources:
  myInstance:
    Type: AWS::EC2::Instance
    Properties:
      Fn::If:
      - myCondition
      - BadType: ami-abcdef
      - ImageId: ami-123456
      BlockDeviceMappings:
        -
          DeviceName: /dev/sda
          Ebs:
            VolumeType: io1
            Iops: 300
            DeleteOnTermination: false
            VolumeSize: 20
            BadSubX2Key: Not valid
        -
          DeviceName: /dev/sdb
          Ebs:
            VolumeType: gp2
            DeleteOnTermination: 20
            VolumeSize: 20
      NetworkInterfaces:
        - DeviceIndex:
          - "1"
          BadKey: true
      UserData: !Ref AWS::NotificationARNs
      Tags:
      - Key: Test
  LambdaFunction:
    Type: 'AWS::Lambda::Function'
    Properties:
      Runtime: java8
      Code:
        S3Bucket: 'foo-bar'
        S3Key: 'foo-bar'
        S3ObjectVersion: 'foo-bar'
      Handler: 'com.foo.bar::handleRequest'
      Role: 'arn:aws:iam::123456789101:role/foo-bar'
      VpcConfig:
        SubnetIds: !ImportValue foobar1
        SecurityGroupIds: !ImportValue foobar2
  Custom:
    Type: AWS::CloudFormation::CustomResource
    Properties:
      ServiceToken: arn.example
  Helper:
    Type: 'AWS::Lambda::Function'
    Properties:
      Handler: 'helper.lambda_handler'
      Role: arn:aws:iam::123456789012:role/role-name-with-path
      Code: !GetAtt myInstance.AvailabilityZone  # returns a string not an object