You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The CloudFormation Registry schema is a Control Plane schema, that defines resources with properties. Some properties are configurable by the user (BucketName, Timeout, etc), and some properties are not configurable by the user (Arn, KeyId).
In the CloudFormation Registry schema, properties that are not configurable by the user are marked as readOnlyProperties.
CloudFormation
CloudFormation is an IaC engine that can orchestrate the creation of AWS resources by means of a template. In that template, values for configurable resource properties can be specified in a Properties: block. Equally, certain values can be read from a resource by specifying a { Fn::GetAtt } intrinsic. For example, the Arn property of a Bucket can be read by writing { "Fn::GetAtt": [MyBucket, Arn] }.
It's not possible to read all properties this way, just a limited subset that is different for each resource. (Motivation: If arbitrary anytime-mutable properties could be GetAtted, it would become extremely expensive to calculate the changeset, so CloudFormation specifically does not allow it. )
The issue
Now here comes the important bit:
In CloudFormation, certain properties can be both configured as well as read.
For example, an EC2::Subnet's VpcId can both be configured in Properties, as well as retrieved using { "Fn::GetAtt": [MySubnet, VpcId] }.
The CFN Registry Schema has no way to express this! The property is not ReadOnly, so it would be incorrect to put it inside readOnlyProperties.
The CFN Registry Schema is not intended to describe CloudFormation behavior, hence it does not have a way to describe the attributes that can be { Fn::GetAtt }ed, and it will never have a way to describe that.
Yet, in order to generate valid CloudFormation templates, the spec does need a way to describe the properties and attributes of each resource. So we need an additional datasource.
The set of { GetAtt }'able properties will always be at least the set of readOnlyProperties, as well as a set of additional properties that can be both configured as well as { GetAtt }ed.
We currently already mark readOnlyProperties as attributes, but don't have the additional set of writable+readable properties yet.
The solution
CloudFormation currently has an exception list for 87 properties that can be GetAtt'ed with the same name as properties, and will not accept new ones in the future.
We add this additional list as an enhanced data source, and add those into the spec as attributes.
Going forward, new GetAttable properties will be added to readOnlyProperties only, so we will automatically keep up with extensions.
Information on where to find the list of GetAttable properties: internal reference D139308277
The text was updated successfully, but these errors were encountered:
The CFN Registry Schema
The CloudFormation Registry schema is a Control Plane schema, that defines resources with properties. Some properties are configurable by the user (
BucketName
,Timeout
, etc), and some properties are not configurable by the user (Arn
,KeyId
).In the CloudFormation Registry schema, properties that are not configurable by the user are marked as
readOnlyProperties
.CloudFormation
CloudFormation is an IaC engine that can orchestrate the creation of AWS resources by means of a template. In that template, values for configurable resource properties can be specified in a
Properties:
block. Equally, certain values can be read from a resource by specifying a{ Fn::GetAtt }
intrinsic. For example, theArn
property of a Bucket can be read by writing{ "Fn::GetAtt": [MyBucket, Arn] }
.It's not possible to read all properties this way, just a limited subset that is different for each resource. (Motivation: If arbitrary anytime-mutable properties could be
GetAtt
ed, it would become extremely expensive to calculate the changeset, so CloudFormation specifically does not allow it. )The issue
Now here comes the important bit:
EC2::Subnet
'sVpcId
can both be configured inProperties
, as well as retrieved using{ "Fn::GetAtt": [MySubnet, VpcId] }
.readOnlyProperties
.The CFN Registry Schema is not intended to describe CloudFormation behavior, hence it does not have a way to describe the attributes that can be
{ Fn::GetAtt }
ed, and it will never have a way to describe that.Yet, in order to generate valid CloudFormation templates, the spec does need a way to describe the properties and attributes of each resource. So we need an additional datasource.
The set of
{ GetAtt }
'able properties will always be at least the set ofreadOnlyProperties
, as well as a set of additional properties that can be both configured as well as{ GetAtt }
ed.We currently already mark
readOnlyProperties
as attributes, but don't have the additional set of writable+readable properties yet.The solution
CloudFormation currently has an exception list for 87 properties that can be GetAtt'ed with the same name as properties, and will not accept new ones in the future.
We add this additional list as an enhanced data source, and add those into the spec as attributes.
Going forward, new
GetAtt
able properties will be added toreadOnlyProperties
only, so we will automatically keep up with extensions.Information on where to find the list of GetAttable properties: internal reference D139308277
The text was updated successfully, but these errors were encountered: