Resources, Parameters, and Outputs

The Resources section is the only required part of a CloudFormation template, and it is where you define the AWS infrastructure to build. Parameters make your templates reusable by accepting input at deployment time, and Outputs let you expose important values — such as endpoint URLs or resource IDs — after the stack is created. In this lesson we will explore all three in depth with practical examples.

---

Resources In-Depth

Resource Syntax

Every resource follows this structure:

Resources:
  LogicalName:
    Type: AWS::Service::Resource
    Properties:
      PropertyName: value

• LogicalName — a name you choose that identifies the resource within the template (e.g., WebServer, AppDatabase)
• Type — the CloudFormation resource type (e.g., AWS::EC2::Instance, AWS::S3::Bucket)
• Properties — configuration settings specific to the resource type

Common Resource Types

Resource Type	Description
AWS::EC2::Instance	An EC2 virtual machine
AWS::EC2::VPC	A Virtual Private Cloud
AWS::EC2::Subnet	A subnet within a VPC
AWS::EC2::SecurityGroup	A security group for controlling traffic
AWS::S3::Bucket	An S3 storage bucket
AWS::RDS::DBInstance	A managed relational database
AWS::Lambda::Function	A serverless function
AWS::IAM::Role	An IAM role for access control
AWS::ElasticLoadBalancingV2::LoadBalancer	An Application or Network Load Balancer
AWS::CloudWatch::Alarm	A CloudWatch alarm

Resource Attributes

Beyond Properties, resources support several optional attributes:

Resources:
  WebServer:
    Type: AWS::EC2::Instance
    DependsOn: AppDatabase
    DeletionPolicy: Retain
    UpdateReplacePolicy: Snapshot
    Properties:
      InstanceType: t3.micro
      ImageId: ami-0abcdef1234567890

Attribute	Purpose
DependsOn	Explicitly declares that this resource depends on another
DeletionPolicy	Controls what happens when the resource is deleted (Delete, Retain, Snapshot)
UpdateReplacePolicy	Controls behaviour when a resource must be replaced during an update
Condition	Only creates the resource if the named condition is true
CreationPolicy	Pauses stack creation until a signal is received (used with EC2 and Auto Scaling)
UpdatePolicy	Defines how updates are handled (used with Auto Scaling Groups)

DeletionPolicy

The DeletionPolicy attribute is particularly important for stateful resources:

Resources:
  ProductionDatabase:
    Type: AWS::RDS::DBInstance
    DeletionPolicy: Snapshot
    Properties:
      DBInstanceClass: db.r5.large
      Engine: postgres
      MasterUsername: admin
      MasterUserPassword: !Ref DBPassword

  LogsBucket:
    Type: AWS::S3::Bucket
    DeletionPolicy: Retain
    Properties:
      BucketName: my-audit-logs

• Delete (default) — the resource is deleted when the stack is deleted
• Retain — the resource is kept even after the stack is deleted
• Snapshot — a snapshot is taken before deletion (supported by RDS, EBS, and others)

---

Parameters In-Depth

Making Templates Reusable

Hard-coding values creates inflexible templates. Parameters let you supply values at deploy time:

Parameters:
  Environment:
    Type: String
    Default: dev
    AllowedValues: [dev, staging, production]

  DBInstanceClass:
    Type: String
    Default: db.t3.micro
    AllowedValues:
      - db.t3.micro
      - db.t3.small
      - db.r5.large