AWS CloudFormation Intrinsic Functions Overview

Intrinsic functions in AWS CloudFormation are used to assign values to properties that are not available until runtime. Here's a summary of the key intrinsic functions and their uses:

• Ref: Retrieve the value of a parameter or the physical ID of a resource.
  • !Ref MyVPC to reference the VPC ID.
• GetAtt: Get an attribute from a created resource.
  • !GetAtt EC2Instance.AvailabilityZone to get the AZ of an EC2 instance.
• FindInMap: Retrieve a value from a specified key in a map.
• ImportValue: Import values that were exported in other stacks.
  • !ImportValue SSHSecurityGroup to use an exported security group ID.
• Base64: Encode content in Base64.
  • Used in EC2 user data.
• Condition Functions: Apply conditions to resource creation.
  • Functions include Fn::And, Fn::Equals, Fn::If, Fn::Not, and Fn::Or.

Must-Know Functions

• Ref
• Fn::GetAtt
• Fn::FindInMap
• Fn::ImportValue
  • Fn::Join
  • Fn::Sub
  • Fn::ForEach
  • Fn::ToJsonString
• Condition Functions (Fn::If, Fn::Not, Fn::Equals, etc.)
• Fn::Base64
  • Fn::Cidr
  • Fn::GetAZs
  • Fn::Select
  • Fn::Split
  • Fn::Transform
  • Fn::Length

Example Usage of Ref and GetAtt

• Ref:

  Resources:
    MySubnet:
      Type: AWS::EC2::Subnet
      Properties:
        VpcId: !Ref MyVPC
  

• GetAtt:

  Resources:
    MyEBSVolume:
      Type: AWS::EC2::Volume
      Properties:
        AvailabilityZone: !GetAtt EC2Instance.AvailabilityZone
  

• Base64:

  Resources:
    MyEC2Instance:
      Type: AWS::EC2::Instance
      Properties: 
        ImageId: ami-0abcdef1234567890
        InstanceType: t2.micro
        UserData: 
          Fn::Base64: |
            #!/bin/bash
            echo "Hello, World!" > /home/ec2-user/hello.txt
  

Additional Notes