--- AWSTemplateFormatVersion: '2010-09-09' Description: > Template with all the resources that are covered by the AllowedValues. Minimal configuration for each resource to be "valid", apart from the properties that are part of the AllowedValues check. Parameters: AvailabilityZone: Type: "AWS::EC2::AvailabilityZone::Name" Default: "eu-west-1a" Password: Type: String NoEcho: True AutoScalingLaunchConfigurationVolume: Type: String Default: "ssd" # Invalid AllowedValue AllowedValues: - "io1" - "gp2" - "ssd" # Invalid AllowedValue ImageId: Type: "AWS::EC2::Image::Id" Resources: AccessKey: Type: "AWS::IAM::AccessKey" Properties: Status: "active" # Invalid AllowedValue UserName: "my-user" AmazonMQBroker: Type: "AWS::AmazonMQ::Broker" Properties: AutoMinorVersionUpgrade: false BrokerName: "myBroker" DeploymentMode: "production" # Invalid AllowedValue EngineType: "activemq" # Invalid AllowedValue EngineVersion: "ActiveMQ 5.10.8" # Invalid AllowedValue PubliclyAccessible: false HostInstanceType: "t2.micro" # Invalid AllowedValue Users: - ConsoleAccess: false Groups: - "group1" Password: !Ref "Password" Username: "user" AmazonMQConfiguration: Type: "AWS::AmazonMQ::Configuration" Properties: Data: "" EngineType: "ACTIVE_MQ" # Invalid AllowedValue EngineVersion: "ActiveMQ" # Invalid AllowedValue Name: "Configuration" ApiGatewayAuthorizer: Type: "AWS::ApiGateway::Authorizer" Properties: RestApiId: !Ref "ApiGatewayRestAPI" Type: "Cognito" # Invalid AllowedValue ApiGatewayResponse: Type: "AWS::ApiGateway::GatewayResponse" Properties: ResponseType: "200 OK" # Invalid AllowedValue RestApiId: !Ref "ApiGatewayRestAPI" ApiGatewayRestAPI: Type: "AWS::ApiGateway::RestApi" Properties: ApiKeySourceType: "AUTHORISER" # Invalid AllowedValue ApiGatewayUsagePlanKey: Type: "AWS::ApiGateway::UsagePlanKey" Properties: KeyId: "ApiGatewayUsagePlanKey" KeyType: "random value" # Invalid AllowedValue UsagePlanId: "UsagePlanId" ApplicationAutoScalingPolicy: Type: "AWS::ApplicationAutoScaling::ScalingPolicy" Properties: PolicyName: "ApplicationAutoScalingPolicy" PolicyType: "SimpleScaling" # Invalid AllowedValue ScalingTargetId: "" TargetTrackingScalingPolicyConfiguration: TargetValue: 50.0 PredefinedMetricSpecification: PredefinedMetricType: "DynamoDbReadCapacityUtilization" # Invalid AllowedValue AppSyncDataSource: Type: "AWS::AppSync::DataSource" Properties: ApiId: "ApiId" Name: "AppSyncDataSource" Type: "LAMBDA" # Invalid AllowedValue AppSyncGraphQLApi: Type: "AWS::AppSync::GraphQLApi" Properties: Name: "AppSyncGraphQLApi" AuthenticationType: "IAM" # Invalid AllowedValue AppSyncResolver: Type: "AWS::AppSync::Resolver" Properties: ApiId: "ApiId" FieldName: "field" Kind: "PIPELINES" # Invlid AllowedValue TypeName: "type" AutoScalingGroup: Type: "AWS::AutoScaling::AutoScalingGroup" Properties: HealthCheckType: "elb" # Invalid AlllowedValue LaunchConfigurationName: "launch-configuration" LifecycleHookSpecificationList: - DefaultResult: " ABANDON" # Invalid AlllowedValue LifecycleHookName: "hook" LifecycleTransition: "autoscaling: EC2_INSTANCE_TERMINATING" # Invalid AllowedValue MaxSize: "1" MinSize: "1" AutoScalingLaunchConfiguration: Type: "AWS::AutoScaling::LaunchConfiguration" Properties: BlockDeviceMappings: - DeviceName: /dev/sdm Ebs: VolumeType: !Ref "AutoScalingLaunchConfigurationVolume" ImageId: !Ref "ImageId" InstanceType: "t2.16xlarge" # Invalid AllowedValue PlacementTenancy: "Standard" # Invalid AllowedValue AutoScalingLifecycleHook: Type: "AWS::AutoScaling::LifecycleHook" Properties: DefaultResult: "ABORT" # Invalid AlllowedValue AutoScalingGroupName: !Ref "AutoScalingGroup" LifecycleTransition: "EC2_INSTANCE_LAUNCHING" # Invalid AllowedValue AutoScalingPolicy: Type: "AWS::AutoScaling::ScalingPolicy" Properties: AdjustmentType: "ChangeCapacity" # Invalid AllowedValue AutoScalingGroupName: !Ref "AutoScalingGroup" MetricAggregationType: "max" # Invalid AllowedValue PolicyType: "Simplescaling" # Invalid AllowedValue TargetTrackingConfiguration: CustomizedMetricSpecification: MetricName: "MetricName" Namespace: "Namespace" Statistic: "Sample Count" # Invalid AllowedValue PredefinedMetricSpecification: PredefinedMetricType: "MaxCount" # Invalid AllowedValue TargetValue: 10.5 AutoScalingPlan: Type: "AWS::AutoScalingPlans::ScalingPlan" Properties: ApplicationSource: CloudFormationStackARN: "StackArn" ScalingInstructions: - MaxCapacity: 1 MinCapacity: 1 ResourceId: "ResourceId" ScalableDimension: "dynamodb:WriteCapacityUnits" # Invalid AllowedValues ServiceNamespace: "dynamoDB" # Invalid AllowedValues PredictiveScalingMaxCapacityBehavior: "SetForecastCapacityToMaxCapacity ok" # Invalid AllowedValue PredictiveScalingMode: "Forecast" # Invalid AllowedValue TargetTrackingConfigurations: - CustomizedScalingMetricSpecification: MetricName: "MetricName" Namespace: "Namespace" Statistic: "sample count" # Invalid AllowedValue PredefinedScalingMetricSpecification: PredefinedScalingMetricType: "RequestCountPerTarget" # Invalid AllowedValue TargetValue: 10.5 Budget: Type: "AWS::Budgets::Budget" Properties: Budget: BudgetType: "UTILIZATION" # Invalid AllowedValue TimeUnit: "month" # Invalid AllowedValue NotificationsWithSubscribers: - Subscribers: - SubscriptionType: "e-mail" # Invalid AllowedValue Address: "test@test.com" Notification: ThresholdType: "ACTUAL" # Invalid AllowedValue Threshold: 80 NotificationType: "FORECAST" # Invalid AllowedValue ComparisonOperator: "GREATER" # Invalid AllowedValue Certificate: Type: "AWS::CertificateManager::Certificate" Properties: DomainName: "example.com" ValidationMethod: "Dns" # Invalid AllowedValue CloudFrontDistribution: Type: "AWS::CloudFront::Distribution" Properties: DistributionConfig: CustomErrorResponses: - ErrorCode: 200 # Invalid AllowedValue ResponseCode: 301 # Invalid AllowedValue ResponsePagePath: "/404-errors/403-forbidden.html" CacheBehaviors: - ForwardedValues: QueryString: False LambdaFunctionAssociations: - EventType: "viewerrequest" # Invalid AllowedValue LambdaFunctionARN: "LambdaArn" PathPattern: "images/*.jpg" TargetOriginId: "2" ViewerProtocolPolicy: "http" # Invalid AllowedValue DefaultCacheBehavior: ForwardedValues: QueryString: False TargetOriginId: "1" ViewerProtocolPolicy: "https" # Invalid AllowedValue Enabled: False HttpVersion: "http1.2" # Invalid AllowedValue PriceClass: "Cheap" # Invalid AllowedValue Origins: - DomainName: !GetAtt "S3Bucket.DomainName" Id: "1" S3OriginConfig: OriginAccessIdentity: "origin-access-identity/cloudfront/E15MNIMTCFKK4C" - Id: "2" DomainName: "example.com" CustomOriginConfig: HTTPSPort: 443 OriginProtocolPolicy: "MatchViewer" # Invalid AllowedValue OriginSSLProtocols: - "TLSv1.3" # Invalid AllowedValue Restrictions: GeoRestriction: Locations: - "EN" # Invalid AllowedValue RestrictionType: "white-list" # Invalid AllowedValue ViewerCertificate: AcmCertificateArn: !Ref "Certificate" MinimumProtocolVersion: "TLSv1.2-2018" # Invalid AllowedValue SslSupportMethod: "sni" # Invalid AllowedValue CloudFrontStreamingDistribution: Type: "AWS::CloudFront::StreamingDistribution" Properties: StreamingDistributionConfig: Comment: "Mandatory comment" Enabled: False PriceClass: "PriceClassAll" # Invalid AllowedValue S3Origin: DomainName: !GetAtt "S3Bucket.DomainName" OriginAccessIdentity: "origin-access-identity/cloudfront/E15MNIMTCFKK4C" TrustedSigners: Enabled: False Tags: - Key: "Mandatory" Value: "Tag" CloudTrail: Type: "AWS::CloudTrail::Trail" Properties: EventSelectors: - ReadWriteType: "Read" # Invalid AllowedValue DataResources: - Type: "AWS::S3:Object" # Invalid AllowedValue Values: - "Arn1" - "Arn2" IsLogging: True S3BucketName: "MyBucket" CloudWatchAlarm: Type: "AWS::CloudWatch::Alarm" Properties: ComparisonOperator: "GreaterThan" # Invalid AllowedValue MetricName: "my-metric" EvaluationPeriods: 1 Statistic: "Total" # Invalid AllowedValue Threshold: 0.0 TreatMissingData: "not_breaching" # Invalid AllowedValue Unit: "Teraflops" # Invalid AllowedValue CloudWatchEventRule: Type: "AWS::Events::Rule" Properties: EventPattern: "" State: "SUSPENDED" # Invalid AllowedValue CloudWatchEventBusPolicy: Type: "AWS::Events::EventBusPolicy" Properties: Action: "events:GetEvents" # Invalid AllowedValue Condition: Type: "GreaterOrEquals" # Invalid AllowedValue Key: "aws:PrincipalOrg" # Invalid AllowedValue Value: "o-1234567890" Principal: "*" StatementId: "x" CloudWatchLogGroup: Type: "AWS::Logs::LogGroup" Properties: LogGroupName: "cloudtrail" RetentionInDays: 2 # Invalid AllowedValue CodeBuildProject: Type: "AWS::CodeBuild::Project" Properties: Artifacts: Packaging: "gzip" # Invalid AllowedValue Type: "codebuild" # Invalid AllowedValue Cache: Type: "CACHE" # Invalid AllowedValue Environment: ComputeType: "BUILD_GENERAL2_LARGE" # Invalid AllowedValue Image: "registry/repository:latest" ImagePullCredentialsType: "GITHUB" # Invalid AllowedValue Type: "Windows" # Invalid AllowedValue LogsConfig: CloudWatchLogs: Status: "SUSPENDED" # Invalid AllowedValue S3Logs: Status: "Disabled" # Invalid AllowedValue ServiceRole: "arn:aws:iam::123456789012:role/CodeBuild-service-role" Source: Type: "SOURCEFORGE" # Invalid AllowedValue CodeCommitRepository: Type: "AWS::CodeCommit::Repository" Properties: RepositoryName: "CodeCommitRepository" Triggers: - Name: "Trigger" Events: - "test" # Invalid AllowedValue CodeDeployApplication: Type: "AWS::CodeDeploy::Application" Properties: ApplicationName: "CodeDeployApplication" ComputePlatform: "EC2" # Invalid AllowedValue CodeDeployDeploymentConfig: Type: "AWS::CodeDeploy::DeploymentConfig" Properties: DeploymentConfigName: "CodeDeployDeploymentConfig" MinimumHealthyHosts: Type: "HOST_PERCENTAGE" # Invalid AllowedValue Value: 1 CodeDeployDeploymentGroup: Type: "AWS::CodeDeploy::DeploymentGroup" Properties: ApplicationName: "CodeDeployDeploymentGroup" AutoRollbackConfiguration: Events: - "DEPLOYMENTFAILURE" # Invalid AllowedValue - "DEPLOYMENT_STOP_ALARM" # Invalid AllowedValue DeploymentStyle: DeploymentOption: "TRAFFIC_CONTROL" # Invalid AllowedValue DeploymentType: "IN PLACE" # Invalid AllowedValue ServiceRoleArn: "ServiceRoleArn" TriggerConfigurations: - TriggerEvents: - "DeploymentStart" # Invalid AllowedValue CodePipelineCustomActionType: Type: "AWS::CodePipeline::CustomActionType" Properties: Category: "Custom" # Invalid AllowedValue ConfigurationProperties: - Key: True Name: "My-Name" Required: True Secret: False Type: "string" # Invalid AllowedValue InputArtifactDetails: MaximumCount: 1 MinimumCount: 1 OutputArtifactDetails: MaximumCount: 1 MinimumCount: 1 Provider: "My-Build-Provider-Name" Version: "1a" CodePipeline: Type: "AWS::CodePipeline::Pipeline" Properties: ArtifactStore: Location: "S3Bucket" Type: "ec2" # Invalid AllowedValue RoleArn: "my-role-arn" Stages: - Name: "stage1" Actions: - Name: "action1" ActionTypeId: Category: "Testing" # Invalid AllowedValue Owner: "me" # Invalid AllowedValue Provider: "provider" Version: "latest" Blockers: - Name: "blocker1" Type: "blocker" # Invalid AllowedValue CodePipelineWebhook: Type: "AWS::CodePipeline::Webhook" Properties: Authentication: "GITHUB" # InValid AllowedValue AuthenticationConfiguration: SecretToken: "githubtoken" Filters: - JsonPath: "" TargetAction: "action1" TargetPipeline: "" TargetPipelineVersion: 1 CognitoIdentityPool: Type: "AWS::Cognito::IdentityPool" Properties: AllowUnauthenticatedIdentities: False CognitoStreams: StreamingStatus: "SUSPENDED" # Invalid AllowedValue CognitoUserPool: Type: "AWS::Cognito::UserPool" Properties: AliasAttributes: - "phonenumber" # Invalid AllowedValue AutoVerifiedAttributes: - "e-mail" # Invalid AllowedValue MfaConfiguration: "MANDATORY" # Invalid AllowedValue Schema: - AttributeDataType: "String " # Invalid AllowedValue UsernameAttributes: - "phone" # Imvalid AllowedValue CognitoUserPoolClient: Type: "AWS::Cognito::UserPoolClient" Properties: ExplicitAuthFlows: - "CUSTOM_AUTHFLOW_ONLY" # Invalid AllowedValue UserPoolId: "pool1" CognitoUserPoolUser: Type: "AWS::Cognito::UserPoolUser" Properties: DesiredDeliveryMediums: - "MAIL" # Invalid AllowedValue MessageAction: "RESEND." # Invalid AllowedValue UserPoolId: "pool1" ConfigAggregationAuthorization: Type: "AWS::Config::AggregationAuthorization" Properties: AuthorizedAccountId: "123456789012" AuthorizedAwsRegion: "eu-west-12" # Invalid AllowedValue ConfigRule: Type: "AWS::Config::ConfigRule" Properties: MaximumExecutionFrequency: "OneHour" # Invalid AllowedValue Scope: ComplianceResourceTypes: - "AWS:CloudFront::StreamingDistribution" # Invalid AllowedValue Source: Owner: "Lambda" # Invalid AllowedValue SourceDetails: - EventSource: "aws.ec2" # Invalid AllowedValue MaximumExecutionFrequency: "24 Hours" # Invalid AllowedValue MessageType: "Schedulednotification" # Invalid AllowedValue SourceIdentifier: "arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name" ConfigRecorder: Type: "AWS::Config::ConfigurationRecorder" Properties: RecordingGroup: ResourceTypes: - "AWS::DMS::Endpoint" # Invalid AllowedValue RoleARN: "" ConfigDeliveryChannel: Type: "AWS::Config::DeliveryChannel" Properties: ConfigSnapshotDeliveryProperties: DeliveryFrequency: "Minute" # Invalid AllowedValue S3BucketName: !Ref "S3Bucket" CustomerGateway: Type: "AWS::EC2::CustomerGateway" Properties: BgpAsn: 65000 IpAddress: "127.0.0.1" Type: "ipsec.1 " # Invalid AllowedValue DAXCluster: Type: "AWS::DAX::Cluster" Properties: IAMRoleARN: "iam" NodeType: "t2.small" # Invalid AllowedValue ReplicationFactor: 1 DHCPOptions: Type: "AWS::EC2::DHCPOptions" Properties: NetbiosNodeType: 5 # Invalid AllowedValue DirectoryServiceMicrosoftAD: Type: "AWS::DirectoryService::MicrosoftAD" Properties: Edition: "Special" # Invalid AllowedValue Name: "MicrosoftAD" Password: !Ref "Password" VpcSettings: SubnetIds: - "a1" VpcId: "123" DirectoryServiceSimpleAD: Type: "AWS::DirectoryService::SimpleAD" Properties: Name: "SimpleAD" Password: !Ref "Password" Size: "t2.Small" # Invalid AllowedValue VpcSettings: SubnetIds: - "a1" VpcId: "123" DLMPolicy: Type: "AWS::DLM::LifecyclePolicy" Properties: ExecutionRoleArn: "" PolicyDetails: ResourceTypes: - "VOLUMES" # Invalid AllowedValue State: "SUSPENDED" # Invalid AllowedValue DmsEndpoint: Type: "AWS::DMS::Endpoint" Properties: EndpointType: "random" # Invalid AllowedValue EngineName: "database" # Invalid AllowedValue SslMode: "ssl" # Invalid AllowedValue DocumentDBCluster: Type: "AWS::DocDB::DBCluster" Properties: AvailabilityZones: - String EngineVersion: "documentdb" # Invalid AllowedValue DocumentDBInstance: Type: "AWS::DocDB::DBInstance" Properties: DBClusterIdentifier: !Ref "DocumentDBCluster" DBInstanceClass: "db.r4.16xl" # Invalid AllowedValue DynamoDBTable: Type: "AWS::DynamoDB::Table" Properties: BillingMode: "PAY_PER _REQUEST" # Invalid AllowedValue AttributeDefinitions: - AttributeName: "Id" AttributeType: "T" # Invalid AllowedValue GlobalSecondaryIndexes: - IndexName: "GlobalIndex1" KeySchema: - AttributeName: "Id" KeyType: "hash" # Invalid AllowedValue Projection: ProjectionType: "KEY_ONLY" # Invalid AlloedValue KeySchema: - AttributeName: "Id" KeyType: "hash" # Invalid AllowedValue StreamSpecification: StreamViewType: "NEW_AND_OLD" # Invalid AllowedValue EC2CapacityReservation: Type: "AWS::EC2::CapacityReservation" Properties: AvailabilityZone: !Ref "AvailabilityZone" EndDateType: "asap" # Invalid AllowedValue InstanceCount: 1 InstanceMatchCriteria: "Targeted" # Invalid AllowedValue InstancePlatform: "Linux" # Invalid AllowedValue InstanceType: "t.medium" # Invalid AllowedValue Tenancy: "Default" # Invalid AllowedValue EC2ElasticIp: Type: "AWS::EC2::EIP" Properties: Domain: "VPC" # Invalid AllowedValue EC2Fleet: Type: "AWS::EC2::EC2Fleet" Properties: ExcessCapacityTerminationPolicy: "terminator" # Invalid AllowedValue LaunchTemplateConfigs: - Overrides: - InstanceType: "t1.large" # Invalid AllowedValue OnDemandOptions: AllocationStrategy: "Prioritized" # Invalid AllowedValue SpotOptions: AllocationStrategy: "special" # Invalid AllowedValue InstanceInterruptionBehavior: "reboot" # Invalid AllowedValue TargetCapacitySpecification: DefaultTargetCapacityType: "ondemand" # Invalid AllowedValue TotalTargetCapacity: 1 Type: "maintainain" # Invalid AllowedValue EC2FlowLog: Type: "AWS::EC2::FlowLog" Properties: LogDestinationType: "cloudwatch-logs" # Invalid AllowedValue ResourceId: !Ref "Vpc" ResourceType: "vpc" # Invalid AllowedValue TrafficType: "All" # Invalid AllowedValue EC2Host: Type: "AWS::EC2::Host" Properties: AutoPlacement: "On" # Invalid allowed Value AvailabilityZone: !Ref "AvailabilityZone" InstanceType: "t3.medium" EC2Instance: Type: "AWS::EC2::Instance" Properties: Affinity: "dedicated" # Invalid AllowedValue CreditSpecification: CPUCredits: "default" # Invalid AllowedValue ImageId: "ami-2f726546" InstanceType: "t1.small" # Invalid AllowedValue KeyName: "" BlockDeviceMappings: - DeviceName: "/dev/sdm" Ebs: VolumeType: "magnetic" # Invalid AllowedValue ElasticInferenceAccelerators: - Type: "t2.medium" # Invalid AllowedValue Tenancy: "instance" # Invalid AllowedValue EC2LaunchTemplate: Type: "AWS::EC2::LaunchTemplate" Properties: LaunchTemplateData: BlockDeviceMappings: - DeviceName: /dev/sdm Ebs: VolumeType: "disk" # Invalid AllowedValue CreditSpecification: CpuCredits: "unlimit" # Invalid AllowedValue InstanceInitiatedShutdownBehavior: "hibernate" # Invalid AllowedValue InstanceMarketOptions: MarketType: "sport" # Invalid AllowedValue SpotOptions: InstanceInterruptionBehavior: "remove" # Invalid AllowedValue SpotInstanceType: "onetime" # Invalid AllowedValue InstanceType: "t4.small" # Invalid AllowedValue Placement: Tenancy: "instance" # Invalid AllowedValue GlueConnection: Type: "AWS::Glue::Connection" Properties: CatalogId: !Ref "AWS::AccountId" ConnectionInput: ConnectionProperties: "{}" ConnectionType: "FTP" # Invalid AllowedValue ECSService: Type: "AWS::ECS::Service" Properties: LaunchType: "fargate" # Invalid AllowedValue SchedulingStrategy: "DEAMON" # Invalid AllowedValue TaskDefinition: !Ref "ECSTaskDefinition" ECSTaskDefinition: Type: "AWS::ECS::TaskDefinition" Properties: NetworkMode: "enabled" # Invalid AllowedValue ProxyConfiguration: ContainerName: "my-container" Type: "Appmesh" # Invalid AllowedValue EFSFileSystem: Type: "AWS::EFS::FileSystem" Properties: LifecyclePolicies: - TransitionToIA: " AFTER_30_DAYS" # Invalid AllowedValue PerformanceMode: "generalpurpose" # Invalid AllowedValue ThroughputMode: "burst" # Invalid AllowedValue GlueCrawler: Type: "AWS::Glue::Crawler" Properties: DatabaseName: "database" Role: "arn:aws:iam::123456789012:role/MyRole" SchemaChangePolicy: UpdateBehavior: "UPDATE" # Invalid AllowedValue DeleteBehavior: "DELETE_IN_DATABASE" # Invalid AllowedValue Targets: S3Targets: [] GlueTable: Type: "AWS::Glue::Table" Properties: CatalogId: !Ref "AWS::AccountId" DatabaseName: "database" TableInput: TableType: "VIRTUALVIEW" # Invalid AllowedValue GlueTrigger: Type: "AWS::Glue::Trigger" Properties: Actions: - JobName: "Trigger" Type: "ONDEMAND" # Invalid AllowedValue Predicate: Logical: "OR" # Invalid AllowedValue Conditions: - LogicalOperator: "GREATER_THAN" # Invalid AllowedValue State: "SUCEEDED" # Invalid AllowedValue GuardDutyDetector: Type: "AWS::GuardDuty::Detector" Properties: Enable: True FindingPublishingFrequency: "HOURLY" # Invalid AllowedValue GuardDutyFilter: Type: "AWS::GuardDuty::Filter" Properties: Action: "Noop" # Invalid AllowedValue Description: "A mandatory Description" DetectorId: "-1" FindingCriteria: Criterion: {} Rank: 1 GuardDutyIPSet: Type: "AWS::GuardDuty::IPSet" Properties: Activate: False DetectorId: "-1" Format: "stix" # Invalid AllowedValue Location: "http://localhost" GuardDutyMember: Type: AWS::GuardDuty::Member Properties: Email: "info@example.com" MemberId: !Ref "AWS::AccountId" DetectorId: "-1" Status: "Active" # Invalid AllowedValue GuardDutyThreadIntelSet: Type: "AWS::GuardDuty::ThreatIntelSet" Properties: Activate: False DetectorId: "-1" Format: "ALIENVAULT" # Invalid AllowedValue Location: "http://localhost" NeptuneInstance: Type: "AWS::Neptune::DBInstance" Properties: DBInstanceClass: "db.r3.xlarge" # Invalid AllowedValue NetworkAclEntry: Type: "AWS::EC2::NetworkAclEntry" Properties: CidrBlock: "127.0.0.1/32" NetworkAclId: "-1" Protocol: -1 RuleAction: "ALLOW" # Invlid AllowedValue RuleNumber: 1 NetworkInterfacePermission: Type: "AWS::EC2::NetworkInterfacePermission" Properties: AwsAccountId: !Ref "AWS::AccountId" NetworkInterfaceId: "-1" Permission: "Associate" # Invalid AllowedValue PlacementGroup: Type: "AWS::EC2::PlacementGroup" Properties: Strategy: "combined" # Invalid AllowedValue RedshiftCluster: Type: "AWS::Redshift::Cluster" Properties: ClusterType: "cluster" # Invalid AllowedValue ClusterVersion: "1" # Invalid AllowedValue DBName: "redshift-cluster" MasterUserPassword: !Ref "Password" MasterUsername: "PUBLIC" NodeType: "dc2.2xlarge" # Invalid AllowedValue Route53HealthCheck: Type: "AWS::Route53::HealthCheck" Properties: HealthCheckConfig: InsufficientDataHealthStatus: "" # Invalid AllowedValue Type: "HTTP_MATCH" # Invalid AllowedValue Route53RecordSet: Type: "AWS::Route53::RecordSet" Properties: Failover: "primary" # Invalid AllowedValue GeoLocation: ContinentCode: "US" # Invalid AllowedValue HostedZoneName: "www.example.com" Name: "www.example.com" Type: "AA" # Invalid AllowedValue ResourceRecords: - '127.0.0.1' Route53RecordSetGroup: Type: "AWS::Route53::RecordSetGroup" Properties: HostedZoneName: "www.example.com" RecordSets: - Failover: "Secondary" # Invalid AllowedValue GeoLocation: ContinentCode: "A" # Invalid AllowedValue Name: "www.example.com" Type: "ABC" # Invalid AllowedValue ResourceRecords: - 'www.example.com' Route53ResolverEndpoint: Type: "AWS::Route53Resolver::ResolverEndpoint" Properties: Direction: "left" # Invalid AlowedValue IpAddresses: - Ip: '127.0.0.1' SubnetId: "SubnetId" SecurityGroupIds: - "sg" Route53ResolverRule: Type: "AWS::Route53Resolver::ResolverRule" Properties: DomainName: "example.com" RuleType: "default" # Invalid AllowedValue S3Bucket: Type: "AWS::S3::Bucket" Properties: AccelerateConfiguration: AccelerationStatus: "Disabled" # Inalid AllowedValue AccessControl: "PrivateRead" # Invalid AllowedValue BucketEncryption: ServerSideEncryptionConfiguration: - ServerSideEncryptionByDefault: SSEAlgorithm: "KMS" # Invalid AllowedValue NotificationConfiguration: TopicConfigurations: - Topic: "MyTopic" Event: "s3:ObjectCreated:Get" # Invalid AllowedValue VersioningConfiguration: Status: "disabled" # Invalid AllowedValue WebsiteConfiguration: IndexDocument: "index.html" RedirectAllRequestsTo: HostName: "example.com" Protocol: "tcp" # Invalid AllowedValue SecretManagerSecretTargetAttachment: Type: "AWS::SecretsManager::SecretTargetAttachment" Properties: SecretId: "SecretArn" TargetId: "RefToCluster" TargetType: "AWS::RDS:DBCluster" # Invalid AllowedValue ServiceDiscoveryService: Type: "AWS::ServiceDiscovery::Service" Properties: HealthCheckConfig: Type: "SSH" # Invalid AllowedValue DnsConfig: DnsRecords: - Type: "NS" # Invalid AllowedValue TTL: 60 SesReceiptRule: Type: "AWS::SES::ReceiptRule" Properties: Rule: TlsPolicy: "required" # Invalid AllowedValue RuleSetName: "SesReceiptRule" SnsSubscription: Type: "AWS::SNS::Subscription" Properties: Protocol: "mail" # Invalid AllowedValue TopicArn: "TopicArn" SpotFleet: Type: "AWS::EC2::SpotFleet" Properties: SpotFleetRequestConfigData: AllocationStrategy: "lowest_price" # Invalid AllowedValue ExcessCapacityTerminationPolicy: "MyDefault" # Invalid AllowedValue IamFleetRole: "arn:aws:iam::123456789012:role/MyRole" InstanceInterruptionBehavior: "" # Invalid AllowedValue LaunchSpecifications: - BlockDeviceMappings: - DeviceName: /dev/sdm Ebs: VolumeType: "ssd" # Invalid AllowedValue ImageId: !Ref "ImageId" InstanceType: "t1.small" # Invalid AllowedValue TargetCapacity: 1 Type: "instantly" # Invalid AllowedValue TransitGateway: Type: "AWS::EC2::TransitGateway" Properties: AutoAcceptSharedAttachments: "disabled" # Invalid AllowedValue DefaultRouteTableAssociation: "enabled" # Invalid AllowedValue DefaultRouteTablePropagation: "on" # Invalid AllowedValue DnsSupport: "true" # Invalid AllowedValue VpnEcmpSupport: "Disable" # Invalid AllowedValue Volume: Type: "AWS::EC2::Volume" Properties: AvailabilityZone: !Ref "AvailabilityZone" VolumeType: "sssd" # Invalid AllowedValue Vpc: Type: "AWS::EC2::VPC" Properties: CidrBlock: "10.0.0.0/8" InstanceTenancy: "Default" # Invalid AllowedValue VpcEndpoint: Type: "AWS::EC2::VPCEndpoint" Properties: VpcId: !Ref "Vpc" ServiceName: "com.amazonaws.vpce.us-east-1.vpce-svc-03d5ebb7d9579a2b3" VpcEndpointType: "InternetGateway" # Invalid AllowedValue VpcEndpointConnectionNotification: Type: "AWS::EC2::VPCEndpointConnectionNotification" Properties: ConnectionEvents: - "Accept." # Invalid Allowed alue ConnectionNotificationArn: "TopicArn" VPNConnection: Type: "AWS::EC2::VPNConnection" Properties: CustomerGatewayId: "1" Type: "ipsec.2" # Invalid AllowedValue VpnGatewayId: !Ref VPNGateway VPNGateway: Type: "AWS::EC2::VPNGateway" Properties: Type: "ipsec1" # Invalid AllowedValue WAFRule: Type: "AWS::WAFRegional::Rule" Properties: Name: "WAF Rule" MetricName: "MetricName" Predicates: - DataId: "DataId" Negated: false Type: "Bytematch" # Invalid AllowedValue Workspace: Type: "AWS::WorkSpaces::Workspace" Properties: BundleId: "Workspace" DirectoryId: "DirectoryId" UserName: "test" WorkspaceProperties: ComputeTypeName: "DEFAULT" # Invalid AllowedValue RunningMode: "ALWAYS_OFF" # Invalid AllowedValue