AWS::CloudFormation::GuardHook

CloudFormation GuardHook

This is a CloudFormation resource for activating the first-party AWS::Hooks::GuardHook.

Properties

10 configurable properties. 6 required. Click a row to see details.

Filter:

Property	Type	Flags
`Alias`	`string`	RequiredCreate-only
`ExecutionRole`	`string`	RequiredCreate-only
`FailureMode`	`string`	Required
`HookStatus`	`string`	Required
`RuleLocation`	`S3Location`	Required
`TargetOperations`	`Array<string>`	Required
`LogBucket`	`string`
`Options`	`Any`
`StackFilters`	`object`
`TargetFilters`	`object \| object`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`HookArn`	`string`	The Amazon Resource Name (ARN) of the activated hook

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::CloudFormation::GuardHook

Resources:
  MyResource:
    Type: AWS::CloudFormation::GuardHook
    Properties:
      RuleLocation: "value"
      HookStatus: "ENABLED"
      TargetOperations: []
      FailureMode: "FAIL"
      Alias: "value"
      ExecutionRole: "value"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

cloudformation:ActivateTypecloudformation:DescribeTypecloudformation:ListTypescloudformation:SetTypeConfigurationcloudformation:BatchDescribeTypeConfigurationsiam:PassRole

read

cloudformation:DescribeTypecloudformation:BatchDescribeTypeConfigurations

update

cloudformation:BatchDescribeTypeConfigurationscloudformation:DescribeTypecloudformation:SetTypeConfigurationiam:PassRole

delete

cloudformation:BatchDescribeTypeConfigurationscloudformation:DescribeTypecloudformation:DeactivateTypecloudformation:SetTypeConfiguration

list

cloudformation:ListTypescloudformation:DescribeTypecloudformation:BatchDescribeTypeConfigurations

Get the CloudFormation Cheat Sheet

Everything you need to know about CloudFormation on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceCloudFormation

Properties11

Required6

TaggingNot supported

Primary IDHookArn

Supported Operations

CreateReadUpdateDeleteList

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

ExecutionRoleAlias

Related Resources

External Links

AWS Documentation