AWS::Lightsail::Container - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


The AWS::Lightsail::Container resource specifies a container service.

A Lightsail container service is a compute resource to which you can deploy containers.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "Type" : "AWS::Lightsail::Container", "Properties" : { "ContainerServiceDeployment" : ContainerServiceDeployment, "IsDisabled" : Boolean, "Power" : String, "PrivateRegistryAccess" : PrivateRegistryAccess, "PublicDomainNames" : [ PublicDomainName, ... ], "Scale" : Integer, "ServiceName" : String, "Tags" : [ Tag, ... ] } }



An object that describes the current container deployment of the container service.

Required: No

Type: ContainerServiceDeployment

Update requires: Some interruptions


A Boolean value indicating whether the container service is disabled.

Required: No

Type: Boolean

Update requires: No interruption


The power specification of the container service.

The power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.

Required: Yes

Type: String

Allowed values: nano | micro | small | medium | large | xlarge

Update requires: No interruption


An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories.

For more information, see Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service in the Amazon Lightsail Developer Guide.

Required: No

Type: PrivateRegistryAccess

Update requires: No interruption


The public domain name of the container service, such as and

You can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.

If you don't specify public domain names, then you can use the default domain of the container service.


You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the AWS::Lightsail::Certificate resource to create a certificate for the public domain names that you want to use with your container service.

Required: No

Type: Array of PublicDomainName

Update requires: No interruption


The scale specification of the container service.

The scale specifies the allocated compute nodes of the container service.

Required: Yes

Type: Integer

Minimum: 1

Maximum: 20

Update requires: No interruption


The name of the container service.

Required: Yes

Type: String

Pattern: ^[a-z0-9]{1,2}|[a-z0-9][a-z0-9-]+[a-z0-9]$

Minimum: 1

Maximum: 63

Update requires: Replacement


An array of key-value pairs to apply to this resource.

For more information, see Tag in the Amazon CloudFormation User Guide.


The Value of Tags is optional for Lightsail resources.

Required: No

Type: Array of Tag

Update requires: No interruption

Return values


When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns a unique identifier for this resource.


The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.


The Amazon Resource Name (ARN) of the container.


The principle Amazon Resource Name (ARN) of the role.


The principle Amazon Resource Name (ARN) of the role.


The publicly accessible URL of the container service.

If no public endpoint is specified in the current deployment, this URL returns a 404 response.


Container deployment failures

The stack will drift if the deployment to your ContainerService fails. This is because the template will have a different deployment compared to the container service.