--- AWSTemplateFormatVersion: '2010-09-09' Description: > Template with all the resources that are covered by the AllowedValues. Minimal configuration for each resource to be "valid". Properties that are part of the AllowedValues check are marked for transparancy Parameters: AvailabilityZone: Type: "AWS::EC2::AvailabilityZone::Name" Default: "eu-west-1a" Password: Type: String NoEcho: True AutoScalingLaunchConfigurationVolume: Type: String Default: "standard" AllowedValues: # Valid AllowedValues - "io1" - "gp2" - "standard" ImageId: Type: "AWS::EC2::Image::Id" SsmInstanceType: Default: /Demo/DemoInstanceType # Recommend t3.nano Description: EC2 instance type to use to create the collector host Type: AWS::SSM::Parameter::Value LogsRetentionLength: AllowedValues: - 1 - 3 Default: 1 Description: The retention length of the logs. Type: Number Retention: Type: Number Description: Retention in days for the log group (-1 for no retention) Default: -1 Conditions: IsRetention: !Not [!Equals [!Ref 'Retention', '-1']] Resources: LogGroup: Type: "AWS::Logs::LogGroup" Properties: RetentionInDays: !Ref LogsRetentionLength LogGroupName: '/name' LogGroupWithCondition: Type: AWS::Logs::LogGroup Properties: LogGroupName: 'some-log-group' # Don't error when Retention is used inside a condition RetentionInDays: !If [IsRetention, !Ref Retention, !Ref 'AWS::NoValue'] LogGroupWithResourceCondition: Type: AWS::Logs::LogGroup Condition: IsRetention Properties: RetentionInDays: !Ref Retention AccessKey: Type: "AWS::IAM::AccessKey" Properties: Status: "Active" # Valid AllowedValue UserName: "my-user" AmazonMQBroker: Type: "AWS::AmazonMQ::Broker" Properties: AutoMinorVersionUpgrade: false BrokerName: "myBroker" DeploymentMode: "SINGLE_INSTANCE" # Valid AllowedValue EngineType: "ACTIVEMQ" # Valid AllowedValue EngineVersion: "5.15.8" # Valid AllowedValue PubliclyAccessible: false HostInstanceType: "mq.t2.micro" # Valid AllowedValue Users: - ConsoleAccess: false Groups: - "group1" Password: !Ref "Password" Username: "user" AmazonMQConfiguration: Type: "AWS::AmazonMQ::Configuration" Properties: Data: "" EngineType: "ACTIVEMQ" # Valid AllowedValue EngineVersion: "5.15.8" # Valid AllowedValue Name: "Configuration" ApiGatewayAuthorizerSSM: Type: "AWS::ApiGateway::Authorizer" Properties: RestApiId: !Ref "ApiGatewayRestAPI" Type: "{{resolve:ssm:myparam:1}} xyz" # Excluded AllowedValue ApiGatewayAuthorizer: Type: "AWS::ApiGateway::Authorizer" Properties: RestApiId: !Ref "ApiGatewayRestAPI" Type: "COGNITO_USER_POOLS" # Valid AllowedValue ApiGatewayResponse: Type: "AWS::ApiGateway::GatewayResponse" Properties: ResponseType: "DEFAULT_5XX" # Valid AllowedValue RestApiId: !Ref "ApiGatewayRestAPI" ApiGatewayRestAPI: Type: "AWS::ApiGateway::RestApi" Properties: ApiKeySourceType: "AUTHORIZER" # Valid AllowedValue ApiGatewayUsagePlanKey: Type: "AWS::ApiGateway::UsagePlanKey" Properties: KeyId: "ApiGatewayUsagePlanKey" KeyType: "API_KEY" # Valid AllowedValue UsagePlanId: "UsagePlanId" ApplicationAutoScalingPolicy: Type: "AWS::ApplicationAutoScaling::ScalingPolicy" Properties: PolicyName: "ApplicationAutoScalingPolicy" PolicyType: "StepScaling" # Valid AllowedValue ScalingTargetId: "" TargetTrackingScalingPolicyConfiguration: TargetValue: 50.0 PredefinedMetricSpecification: PredefinedMetricType: "DynamoDBReadCapacityUtilization" # Valid AllowedValue AppSyncDataSource: Type: "AWS::AppSync::DataSource" Properties: ApiId: "ApiId" Name: "AppSyncDataSource" Type: "AWS_LAMBDA" # Valid AllowedValue AppSyncGraphQLApi: Type: "AWS::AppSync::GraphQLApi" Properties: Name: "AppSyncGraphQLApi" AuthenticationType: "AMAZON_COGNITO_USER_POOLS" # Valid AllowedValue AppSyncResolver: Type: "AWS::AppSync::Resolver" Properties: ApiId: "ApiId" FieldName: "field" Kind: "PIPELINE" # Valid AllowedValue TypeName: "type" AutoScalingGroup: Type: "AWS::AutoScaling::AutoScalingGroup" Properties: HealthCheckType: "ELB" # Valid AlllowedValue LaunchConfigurationName: "launch-configuration" LifecycleHookSpecificationList: - DefaultResult: "ABANDON" # Valid AlllowedValue LifecycleHookName: "hook" LifecycleTransition: "autoscaling:EC2_INSTANCE_TERMINATING" # Valid AllowedValue MaxSize: "1" MinSize: "1" AutoScalingLaunchConfiguration: Type: "AWS::AutoScaling::LaunchConfiguration" Properties: BlockDeviceMappings: - DeviceName: /dev/sdm Ebs: VolumeType: !Ref "AutoScalingLaunchConfigurationVolume" # Valid AllowedValue ImageId: !Ref "ImageId" InstanceType: "t2.small" # Valid AllowedValue PlacementTenancy: "default" # Valid AllowedValue AutoScalingLifecycleHook: Type: "AWS::AutoScaling::LifecycleHook" Properties: DefaultResult: "CONTINUE" # Valid AlllowedValue AutoScalingGroupName: !Ref "AutoScalingGroup" LifecycleTransition: "autoscaling:EC2_INSTANCE_LAUNCHING" # Valid AllowedValue AutoScalingPolicy: Type: "AWS::AutoScaling::ScalingPolicy" Properties: AdjustmentType: "ChangeInCapacity" # Valid AllowedValue AutoScalingGroupName: !Ref "AutoScalingGroup" MetricAggregationType: "Average" # Valid AllowedValue PolicyType: "SimpleScaling" # Valid AllowedValue TargetTrackingConfiguration: CustomizedMetricSpecification: MetricName: "MetricName" Namespace: "Namespace" Statistic: "SampleCount" # Valid AllowedValue PredefinedMetricSpecification: PredefinedMetricType: "ALBRequestCountPerTarget" # Valid AllowedValue TargetValue: 10.5 AutoScalingPlan: Type: "AWS::AutoScalingPlans::ScalingPlan" Properties: ApplicationSource: CloudFormationStackARN: "StackArn" ScalingInstructions: - MaxCapacity: 1 MinCapacity: 1 ResourceId: "ResourceId" ScalableDimension: "dynamodb:index:WriteCapacityUnits" # Valid AllowedValues ServiceNamespace: "dynamodb" # Valid AllowedValues PredictiveScalingMaxCapacityBehavior: "SetForecastCapacityToMaxCapacity" # Valid AllowedValue PredictiveScalingMode: "ForecastOnly" # Valid AllowedValue TargetTrackingConfigurations: - CustomizedScalingMetricSpecification: MetricName: "MetricName" Namespace: "Namespace" Statistic: "SampleCount" # Valid AllowedValue PredefinedScalingMetricSpecification: PredefinedScalingMetricType: "ALBRequestCountPerTarget" # Valid AllowedValue TargetValue: 10.5 Budget: Type: "AWS::Budgets::Budget" Properties: Budget: BudgetType: "RI_UTILIZATION" # Valid AllowedValue TimeUnit: "MONTHLY" # Valid AllowedValue NotificationsWithSubscribers: - Subscribers: - SubscriptionType: "EMAIL" #Valid AllowedValue Address: "test@test.com" Notification: ThresholdType: "PERCENTAGE" # Valid AllowedValue Threshold: 80 NotificationType: "ACTUAL" # Valid AllowedValue ComparisonOperator: "GREATER_THAN" # Valid AllowedValue Certificate: Type: "AWS::CertificateManager::Certificate" Properties: DomainName: "example.com" ValidationMethod: "DNS" # Valid AllowedValue CloudFrontDistribution: Type: "AWS::CloudFront::Distribution" Properties: DistributionConfig: CustomErrorResponses: - ErrorCode: 504 # Valid AllowedValue ResponseCode: 414 # Valid AllowedValue ResponsePagePath: "/404-errors/403-forbidden.html" CacheBehaviors: - ForwardedValues: QueryString: False LambdaFunctionAssociations: - EventType: "viewer-request" # Valid AllowedValue LambdaFunctionARN: "LambdaArn" PathPattern: "images/*.jpg" TargetOriginId: "2" ViewerProtocolPolicy: "allow-all" # Valid AllowedValue DefaultCacheBehavior: ForwardedValues: QueryString: False TargetOriginId: "1" ViewerProtocolPolicy: "redirect-to-https" # Valid AllowedValue Enabled: False HttpVersion: "http1.1" # Valid AllowedValue PriceClass: "PriceClass_100" # Valid AllowedValue Origins: - DomainName: !GetAtt "S3Bucket.DomainName" Id: "1" S3OriginConfig: OriginAccessIdentity: "origin-access-identity/cloudfront/E15MNIMTCFKK4C" - Id: "2" DomainName: "example.com" CustomOriginConfig: HTTPSPort: 443 OriginProtocolPolicy: "match-viewer" # Valid AllowedValue OriginSSLProtocols: - "TLSv1.2" # Valid AllowedValue Restrictions: GeoRestriction: Locations: - "NL" # Valid AllowedValue RestrictionType: "whitelist" # Valid AllowedValue ViewerCertificate: AcmCertificateArn: !Ref "Certificate" MinimumProtocolVersion: "TLSv1.2_2018" # Valid AllowedValue SslSupportMethod: "sni-only" # Valid AllowedValue CloudFrontStreamingDistribution: Type: "AWS::CloudFront::StreamingDistribution" Properties: StreamingDistributionConfig: Comment: "Mandatory comment" Enabled: False PriceClass: "PriceClass_All" # Valid AllowedValue S3Origin: DomainName: !GetAtt "S3Bucket.DomainName" OriginAccessIdentity: "origin-access-identity/cloudfront/E15MNIMTCFKK4C" TrustedSigners: Enabled: False Tags: - Key: "Mandatory" Value: "Tag" CloudTrail: Type: "AWS::CloudTrail::Trail" Properties: EventSelectors: - ReadWriteType: "All" # Valid AllowedValue DataResources: - Type: "AWS::S3::Object" # Valid AllowedValue Values: - "Arn1" - "Arn2" IsLogging: True S3BucketName: "MyBucket" CloudWatchAlarm: Type: "AWS::CloudWatch::Alarm" Properties: ComparisonOperator: "GreaterThanOrEqualToThreshold" # Valid AllowedValue EvaluationPeriods: 1 MetricName: "my-metric" Statistic: "SampleCount" # Valid AllowedValue Threshold: 0.0 TreatMissingData: "notBreaching" # Valid AllowedValue Unit: "Terabits/Second" # Valid AllowedValue CloudWatchEventRule: Type: "AWS::Events::Rule" Properties: EventPattern: "" State: "ENABLED" # Valid AllowedValue CloudWatchEventBusPolicy: Type: "AWS::Events::EventBusPolicy" Properties: Action: "events:PutEvents" # Valid AllowedValue Condition: Type: "StringEquals" # Valid AllowedValue Key: "aws:PrincipalOrgID" # Valid AllowedValue Value: "o-1234567890" Principal: "*" StatementId: "x" CloudWatchLogGroup: Type: "AWS::Logs::LogGroup" Properties: LogGroupName: "cloudtrail" RetentionInDays: 365 # Valid AllowedValue CodeBuildProject: Type: "AWS::CodeBuild::Project" Properties: Artifacts: Packaging: "ZIP" # Valid AllowedValue Type: "CODEPIPELINE" # Valid AllowedValue Cache: Type: "NO_CACHE" # Valid AllowedValue Environment: ComputeType: "BUILD_GENERAL1_LARGE" # Valid AllowedValue Image: "registry/repository:latest" ImagePullCredentialsType: "CODEBUILD" # Valid AllowedValue Type: "LINUX_CONTAINER" # Valid AllowedValue LogsConfig: CloudWatchLogs: Status: "ENABLED" # Valid AllowedValue S3Logs: Status: "DISABLED" # Valid AllowedValue ServiceRole: "arn:aws:iam::123456789012:role/CodeBuild-service-role" Source: Type: "GITHUB_ENTERPRISE" # Valid AllowedValue CodeCommitRepository: Type: "AWS::CodeCommit::Repository" Properties: RepositoryName: "CodeCommitRepository" Triggers: - Name: "Trigger" Events: - "updateReference" # Valid AllowedValue CodeDeployApplication: Type: "AWS::CodeDeploy::Application" Properties: ApplicationName: "CodeDeployApplication" ComputePlatform: "Server" # Valid AllowedValue CodeDeployDeploymentConfig: Type: "AWS::CodeDeploy::DeploymentConfig" Properties: DeploymentConfigName: "CodeDeployDeploymentConfig" MinimumHealthyHosts: Type: "HOST_COUNT" # Valid AllowedValue Value: 1 CodeDeployDeploymentGroup: Type: "AWS::CodeDeploy::DeploymentGroup" Properties: ApplicationName: "CodeDeployDeploymentGroup" AutoRollbackConfiguration: Events: - "DEPLOYMENT_FAILURE" # Valid AllowedValue - "DEPLOYMENT_STOP_ON_ALARM" # Valid AllowedValue DeploymentStyle: DeploymentOption: "WITH_TRAFFIC_CONTROL" # Valid AllowedValue DeploymentType: "IN_PLACE" # Valid AllowedValue ServiceRoleArn: "ServiceRoleArn" TriggerConfigurations: - TriggerEvents: - "DeploymentStart" # Valid AllowedValue CodePipeline: Type: "AWS::CodePipeline::Pipeline" Properties: ArtifactStore: Location: "S3Bucket" Type: "S3" # Valid AllowedValue RoleArn: "my-role-arn" Stages: - Name: "stage1" Actions: - Name: "action1" ActionTypeId: Category: "Source" # Valid AllowedValue Owner: "AWS" # Valid AllowedValue Provider: "provider" Version: "1" Blockers: - Name: "blocker1" Type: "Schedule" # Valid AllowedValue - Name: "stage2" Actions: - Name: "action2" ActionTypeId: Category: "Test" # Valid AllowedValue Owner: "AWS" # Valid AllowedValue Provider: "provider" Version: "1" CodePipelineCustomActionType: Type: "AWS::CodePipeline::CustomActionType" Properties: Category: "Test" # Valid AllowedValue ConfigurationProperties: - Key: True Name: "My-Name" Required: True Secret: False Type: "String" # Valid AllowedValue InputArtifactDetails: MaximumCount: 1 MinimumCount: 1 OutputArtifactDetails: MaximumCount: 1 MinimumCount: 1 Provider: "My-Build-Provider-Name" Version: "1a" CodePipelineWebhook: Type: "AWS::CodePipeline::Webhook" Properties: Authentication: "GITHUB_HMAC" # Valid AllowedValue AuthenticationConfiguration: SecretToken: "githubtoken" Filters: - JsonPath: "" TargetAction: "action1" TargetPipeline: "" TargetPipelineVersion: 1 CognitoIdentityPool: Type: "AWS::Cognito::IdentityPool" Properties: AllowUnauthenticatedIdentities: False CognitoStreams: StreamingStatus: "ENABLED" # Valid AllowedValue CognitoUserPool: Type: "AWS::Cognito::UserPool" Properties: AliasAttributes: - "phone_number" # Valid AllowedValue AutoVerifiedAttributes: - "email" # Valid AllowedValue MfaConfiguration: "OPTIONAL" # Valid AllowedValue Schema: - AttributeDataType: "String" # Valid AllowedValue UsernameAttributes: - "phone_number" # Valid AllowedValue CognitoUserPoolClient: Type: "AWS::Cognito::UserPoolClient" Properties: ExplicitAuthFlows: - "CUSTOM_AUTH_FLOW_ONLY" # Valid AllowedValue UserPoolId: "pool1" CognitoUserPoolUser: Type: "AWS::Cognito::UserPoolUser" Properties: DesiredDeliveryMediums: - "SMS" # Valid AllowedValue MessageAction: "RESEND" # Valid AllowedValue UserPoolId: "pool1" ConfigAggregationAuthorization: Type: "AWS::Config::AggregationAuthorization" Properties: AuthorizedAccountId: "123456789012" AuthorizedAwsRegion: "eu-west-1" # Valid AllowedValue ConfigRule: Type: "AWS::Config::ConfigRule" Properties: MaximumExecutionFrequency: "One_Hour" # Valid AllowedValue Scope: ComplianceResourceTypes: - "AWS::CloudFront::StreamingDistribution" # Valid AllowedValue Source: Owner: "CUSTOM_LAMBDA" # Valid AllowedValue SourceDetails: - EventSource: "aws.config" # Valid AllowedValue MaximumExecutionFrequency: "TwentyFour_Hours" # Valid AllowedValue MessageType: "ConfigurationItemChangeNotification" # Valid AllowedValue SourceIdentifier: "arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name" ConfigRecorder: Type: "AWS::Config::ConfigurationRecorder" Properties: RecordingGroup: ResourceTypes: - "AWS::CloudFront::Distribution" # Valid AllowedValue RoleARN: "" ConfigDeliveryChannel: Type: "AWS::Config::DeliveryChannel" Properties: ConfigSnapshotDeliveryProperties: DeliveryFrequency: "Six_Hours" # Valid AllowedValue S3BucketName: !Ref "S3Bucket" CustomerGateway: Type: "AWS::EC2::CustomerGateway" Properties: BgpAsn: 65000 IpAddress: "127.0.0.1" Type: "ipsec.1" # Valid AllowedValue DAXCluster: Type: "AWS::DAX::Cluster" Properties: IAMRoleARN: "iam" NodeType: "dax.t2.small" # Valid AllowedValue ReplicationFactor: 1 DHCPOptions: Type: "AWS::EC2::DHCPOptions" Properties: NetbiosNodeType: 4 # Valid AllowedValue DirectoryServiceMicrosoftAD: Type: "AWS::DirectoryService::MicrosoftAD" Properties: Edition: "Standard" # Valid AllowedValue Name: "MicrosoftAD" Password: !Ref "Password" VpcSettings: SubnetIds: - "a1" VpcId: "123" DirectoryServiceSimpleAD: Type: "AWS::DirectoryService::SimpleAD" Properties: Name: "SimpleAD" Password: !Ref "Password" Size: "Small" # Valid AllowedValue VpcSettings: SubnetIds: - "a1" VpcId: "123" DLMPolicy: Type: "AWS::DLM::LifecyclePolicy" Properties: ExecutionRoleArn: "" PolicyDetails: ResourceTypes: - "VOLUME" # Valid AllowedValue State: "ENABLED" # Valid AllowedValue DmsEndpoint: Type: "AWS::DMS::Endpoint" Properties: EndpointType: "source" # Valid AllowedValue EngineName: "mysql" # Valid AllowedValue SslMode: "verify-full" # Valid AllowedValue DocumentDBCluster: Type: "AWS::DocDB::DBCluster" Properties: AvailabilityZones: - String EngineVersion: "3.6.0" # Valid AllowedValue DocumentDBInstance: Type: "AWS::DocDB::DBInstance" Properties: DBClusterIdentifier: !Ref "DocumentDBCluster" DBInstanceClass: "db.r4.16xlarge" # Valid AllowedValue DynamoDBTable: Type: "AWS::DynamoDB::Table" Properties: BillingMode: "PROVISIONED" # Valid AllowedValue AttributeDefinitions: - AttributeName: "Id" AttributeType: "S" # Valid AllowedValue GlobalSecondaryIndexes: - IndexName: "GlobalIndex1" KeySchema: - AttributeName: "Id" KeyType: "RANGE" # Valid AllowedValue Projection: ProjectionType: "KEYS_ONLY" # Valid AlloedValue KeySchema: - AttributeName: "Id" KeyType: "HASH" # Valid AllowedValue StreamSpecification: StreamViewType: "NEW_AND_OLD_IMAGES" # Valid AllowedValue EC2CapacityReservation: Type: "AWS::EC2::CapacityReservation" Properties: AvailabilityZone: !Ref "AvailabilityZone" EndDateType: "unlimited" # Valid AllowedValue InstanceCount: 1 InstanceMatchCriteria: "targeted" # Valid AllowedValue InstancePlatform: "Linux/UNIX" # Valid AllowedValue InstanceType: "t2.medium" # Valid AllowedValue Tenancy: "default" # Valid AllowedValue EC2ElasticIp: Type: "AWS::EC2::EIP" Properties: Domain: "vpc" # Valid AllowedValue EC2Fleet: Type: "AWS::EC2::EC2Fleet" Properties: ExcessCapacityTerminationPolicy: "termination" # Valid AllowedValue LaunchTemplateConfigs: - Overrides: - InstanceType: "t2.large" # Valid AllowedValue OnDemandOptions: AllocationStrategy: "prioritized" # Valid AllowedValue SpotOptions: AllocationStrategy: "diversified" # Valid AllowedValue InstanceInterruptionBehavior: "hibernate" # Valid AllowedValue TargetCapacitySpecification: DefaultTargetCapacityType: "on-demand" # Valid AllowedValue TotalTargetCapacity: 1 Type: "maintain" # Valid AllowedValue EC2FlowLog: Type: "AWS::EC2::FlowLog" Properties: LogDestinationType: "cloud-watch-logs" # Valid AllowedValue ResourceId: !Ref "Vpc" ResourceType: "VPC" # Valid AllowedValue TrafficType: "ALL" # Valid AllowedValue EC2Host: Type: "AWS::EC2::Host" Properties: AutoPlacement: "on" # Valid allowed Value AvailabilityZone: !Ref "AvailabilityZone" InstanceType: "m3.medium" EC2Instance: Type: "AWS::EC2::Instance" Properties: Affinity: "default" # Valid AllowedValue CreditSpecification: CPUCredits: "standard" # Valid AllowedValue ImageId: "ami-2f726546" InstanceType: "t1.micro" # Valid AllowedValue KeyName: "" BlockDeviceMappings: - DeviceName: "/dev/sdm" Ebs: VolumeType: "gp2" # Valid AllowedValue ElasticInferenceAccelerators: - Type: "eia1.medium" # Valid AllowedValue Tenancy: "dedicated" # Valid AllowedValue EC2Instance2: Type: AWS::EC2::Instance Properties: ImageId: "ami-2f726546" InstanceType: !Ref SsmInstanceType EC2LaunchTemplate: Type: "AWS::EC2::LaunchTemplate" Properties: LaunchTemplateData: BlockDeviceMappings: - DeviceName: /dev/sdm Ebs: VolumeType: !Ref "AutoScalingLaunchConfigurationVolume" # Valid AllowedValue CreditSpecification: CpuCredits: "unlimited" # Valid AllowedValue InstanceInitiatedShutdownBehavior: "terminate" # Valid AllowedValue InstanceMarketOptions: MarketType: "spot" # Valid AllowedValue SpotOptions: InstanceInterruptionBehavior: "hibernate" # Valid AllowedValue SpotInstanceType: "one-time" # Valid AllowedValue InstanceType: "t3.small" # Valid AllowedValue Placement: Tenancy: "host" # Valid AllowedValue ECSService: Type: "AWS::ECS::Service" Properties: LaunchType: "FARGATE" # Valid AllowedValue SchedulingStrategy: "REPLICA" # Valid AllowedValue TaskDefinition: !Ref "ECSTaskDefinition" ECSTaskDefinition: Type: "AWS::ECS::TaskDefinition" Properties: NetworkMode: "none" # Valid AllowedValue ProxyConfiguration: ContainerName: "my-container" Type: "APPMESH" # Valid AllowedValue EFSFileSystem: Type: "AWS::EFS::FileSystem" Properties: LifecyclePolicies: - TransitionToIA: "AFTER_30_DAYS" # Valid AllowedValue PerformanceMode: "generalPurpose" # Valid AllowedValue ThroughputMode: "bursting" # Valid AllowedValue GlueConnection: Type: "AWS::Glue::Connection" Properties: CatalogId: !Ref "AWS::AccountId" ConnectionInput: ConnectionProperties: "{}" ConnectionType: "SFTP" # Valid AllowedValue GlueCrawler: Type: "AWS::Glue::Crawler" Properties: DatabaseName: "database" Role: "arn:aws:iam::123456789012:role/MyRole" SchemaChangePolicy: UpdateBehavior: "LOG" # Valid AllowedValue DeleteBehavior: "DELETE_FROM_DATABASE" # Valid AllowedValue Targets: S3Targets: [] GlueTable: Type: "AWS::Glue::Table" Properties: CatalogId: !Ref "AWS::AccountId" DatabaseName: "database" TableInput: TableType: "VIRTUAL_VIEW" # Valid AllowedValue GlueTrigger: Type: "AWS::Glue::Trigger" Properties: Actions: - JobName: "Trigger" Type: "ON_DEMAND" # Valid AllowedValue Predicate: Logical: "AND" # Valid AllowedValue Conditions: - LogicalOperator: "EQUALS" # Valid AllowedValue State: "SUCCEEDED" # Valid AllowedValue GuardDutyDetector: Type: "AWS::GuardDuty::Detector" Properties: Enable: True FindingPublishingFrequency: "FIFTEEN_MINUTES" # Valid AllowedValue GuardDutyFilter: Type: "AWS::GuardDuty::Filter" Properties: Action: "NOOP" # Valid AllowedValue Description: "A mandatory Description" DetectorId: "-1" FindingCriteria: Criterion: {} Rank: 1 GuardDutyIPSet: Type: "AWS::GuardDuty::IPSet" Properties: Activate: False DetectorId: "-1" Format: "STIX" # Valid AllowedValue Location: "http://localhost" GuardDutyMember: Type: AWS::GuardDuty::Member Properties: Email: "info@example.com" MemberId: !Ref "AWS::AccountId" DetectorId: "-1" Status: "Resigned" # Valid AllowedValue GuardDutyThreadIntelSet: Type: "AWS::GuardDuty::ThreatIntelSet" Properties: Activate: False DetectorId: "-1" Format: "ALIEN_VAULT" # Valid AllowedValue Location: "http://localhost" NeptuneInstance: Type: "AWS::Neptune::DBInstance" Properties: DBInstanceClass: "db.r4.8xlarge" # Valid AllowedValue NetworkAclEntry: Type: "AWS::EC2::NetworkAclEntry" Properties: CidrBlock: "127.0.0.1/32" NetworkAclId: "-1" Protocol: -1 RuleAction: "allow" # Valid AllowedValue RuleNumber: 1 NetworkInterfacePermission: Type: "AWS::EC2::NetworkInterfacePermission" Properties: AwsAccountId: !Ref "AWS::AccountId" NetworkInterfaceId: "-1" Permission: "EIP-ASSOCIATE" # Valid AllowedValue PlacementGroup: Type: "AWS::EC2::PlacementGroup" Properties: Strategy: "cluster" # Valid AllowedValue RedshiftCluster: Type: "AWS::Redshift::Cluster" Properties: ClusterType: "single-node" # Valid AllowedValue ClusterVersion: "1.0" # Valid AllowedValue DBName: "redshift-cluster" MasterUserPassword: !Ref "Password" MasterUsername: "PUBLIC" NodeType: "dc2.large" # Valid AllowedValue Route53HealthCheck: Type: "AWS::Route53::HealthCheck" Properties: HealthCheckConfig: InsufficientDataHealthStatus: "Healthy" # Valid AllowedValue Type: "CALCULATED" # Valid AllowedValue Route53RecordSet: Type: "AWS::Route53::RecordSet" Properties: Failover: "PRIMARY" # Valid AllowedValue GeoLocation: ContinentCode: "EU" # Valid AllowedValue HostedZoneName: "www.example.com" Name: "www.example.com" Type: "A" # Valid AllowedValue ResourceRecords: - '127.0.0.1' Route53RecordSetGroup: Type: "AWS::Route53::RecordSetGroup" Properties: HostedZoneName: "www.example.com" RecordSets: - Failover: "SECONDARY" # Valid AllowedValue GeoLocation: ContinentCode: "AF" # Valid AllowedValue Name: "www.example.com" Type: "CNAME" # Valid AllowedValue ResourceRecords: - 'www.example.com' Route53ResolverEndpoint: Type: "AWS::Route53Resolver::ResolverEndpoint" Properties: Direction: "INBOUND" # Valid AlowedValue IpAddresses: - Ip: '127.0.0.1' SubnetId: "SubnetId" SecurityGroupIds: - "sg" Route53ResolverRule: Type: "AWS::Route53Resolver::ResolverRule" Properties: DomainName: "example.com" RuleType: "SYSTEM" # Valid AllowedValue S3Bucket: Type: "AWS::S3::Bucket" Properties: AccessControl: "BucketOwnerFullControl" # Valid AllowedValue BucketEncryption: ServerSideEncryptionConfiguration: - ServerSideEncryptionByDefault: SSEAlgorithm: "AES256" # Valid AllowedValue AccelerateConfiguration: AccelerationStatus: "Enabled" # Valid AllowedValue NotificationConfiguration: TopicConfigurations: - Topic: "MyTopic" Event: "s3:ObjectCreated:*" # Valid AllowedValue VersioningConfiguration: Status: "Enabled" # Valid AllowedValue WebsiteConfiguration: RedirectAllRequestsTo: HostName: "example.com" Protocol: "https" # Valid AllowedValue SecretManagerSecretTargetAttachment: Type: "AWS::SecretsManager::SecretTargetAttachment" Properties: SecretId: "SecretArn" TargetId: "RefToCluster" TargetType: "AWS::RDS::DBCluster" # Valid AllowedValue ServiceDiscoveryService: Type: "AWS::ServiceDiscovery::Service" Properties: HealthCheckConfig: Type: "HTTP" # Valid AllowedValue DnsConfig: DnsRecords: - Type: "CNAME" # Valid AllowedValue TTL: 60 SesReceiptRule: Type: "AWS::SES::ReceiptRule" Properties: Rule: TlsPolicy: "Require" # Valid AllowedValue RuleSetName: "SesReceiptRule" SnsSubscription: Type: "AWS::SNS::Subscription" Properties: Protocol: "http" # Valid AllowedValue TopicArn: "TopicArn" SpotFleet: Type: "AWS::EC2::SpotFleet" Properties: SpotFleetRequestConfigData: AllocationStrategy: "lowestPrice" # Valid AllowedValue ExcessCapacityTerminationPolicy: "default" # Valid AllowedValue IamFleetRole: "arn:aws:iam::123456789012:role/MyRole" InstanceInterruptionBehavior: "terminate" # Valid AllowedValue LaunchSpecifications: - BlockDeviceMappings: - DeviceName: /dev/sdm Ebs: VolumeType: !Ref "AutoScalingLaunchConfigurationVolume" # Valid AllowedValue ImageId: !Ref "ImageId" InstanceType: "t2.small" # Valid AllowedValue TargetCapacity: 1 Type: "maintain" # Valid AllowedValue TransitGateway: Type: "AWS::EC2::TransitGateway" Properties: AutoAcceptSharedAttachments: "disable" # Valid AllowedValue DefaultRouteTableAssociation: "enable" # Valid AllowedValue DefaultRouteTablePropagation: "enable" # Valid AllowedValue DnsSupport: "enable" # Valid AllowedValue VpnEcmpSupport: "disable" # Valid AllowedValue Volume: Type: "AWS::EC2::Volume" Properties: AvailabilityZone: !Ref "AvailabilityZone" VolumeType: "standard" # Valid AllowedValue Vpc: Type: "AWS::EC2::VPC" Properties: CidrBlock: "10.0.0.0/16" InstanceTenancy: "default" # Valid AllowedValue VpcEndpoint: Type: "AWS::EC2::VPCEndpoint" Properties: VpcId: !Ref "Vpc" ServiceName: "com.amazonaws.vpce.us-east-1.vpce-svc-03d5ebb7d9579a2b3" VpcEndpointType: "Gateway" # Valid AllowedValue VpcEndpointConnectionNotification: Type: "AWS::EC2::VPCEndpointConnectionNotification" Properties: ConnectionEvents: - "Accept" # Valid Allowed alue ConnectionNotificationArn: "TopicArn" VPNConnection: Type: "AWS::EC2::VPNConnection" Properties: CustomerGatewayId: "1" Type: "ipsec.1" # Valid AllowedValue VpnGatewayId: !Ref VPNGateway VPNGateway: Type: "AWS::EC2::VPNGateway" Properties: Type: "ipsec.1" # Valid AllowedValue WAFRule: Type: "AWS::WAFRegional::Rule" Properties: Name: "WAF Rule" MetricName: "MetricName" Predicates: - DataId: "DataId" Negated: false Type: "ByteMatch" # Valid AllowedValue Workspace: Type: "AWS::WorkSpaces::Workspace" Properties: BundleId: "Workspace" DirectoryId: "DirectoryId" UserName: "test" WorkspaceProperties: ComputeTypeName: "STANDARD" # Valid AllowedValue RunningMode: "ALWAYS_ON" # Valid AllowedValue