AWS::VpcLattice::ResourceConfiguration - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


Creates a resource configuration. A resource configuration defines a specific resource. You can associate a resource configuration with a service network or a VPC endpoint.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "Type" : "AWS::VpcLattice::ResourceConfiguration", "Properties" : { "AllowAssociationToSharableServiceNetwork" : Boolean, "Name" : String, "PortRanges" : [ String, ... ], "ProtocolType" : String, "ResourceConfigurationAuthType" : String, "ResourceConfigurationDefinition" : ResourceConfigurationDefinition, "ResourceConfigurationGroupId" : String, "ResourceConfigurationType" : String, "ResourceGatewayId" : String, "Tags" : [ Tag, ... ] } }



Specifies whether the resource configuration can be associated with a sharable service network.

Required: No

Type: Boolean

Update requires: No interruption


The name of the resource configuration.

Required: No

Type: String

Pattern: ^(?!rcfg-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$

Minimum: 3

Maximum: 40

Update requires: No interruption


(SINGLE, GROUP, CHILD) The TCP port ranges that a consumer can use to access a resource configuration (for example: 1-65535). You can separate port ranges using commas (for example: 1,2,22-30).

Required: No

Type: Array of String

Update requires: No interruption


(SINGLE, GROUP) The protocol accepted by the resource configuration.

Required: No

Type: String

Allowed values: TCP

Update requires: Replacement


The auth type for the resource configuration.

Required: No

Type: String

Allowed values: NONE | AWS_IAM

Update requires: Replacement


Identifies the resource configuration in one of the following ways:

  • Amazon Resource Name (ARN) - Supported resource-types that are provisioned by Amazon services, such as RDS databases, can be identified by their ARN.

  • Domain name - Any domain name that is publicly resolvable.

  • IP address - For IPv4 and IPv6, only IP addresses in the VPC are supported.

Required: No

Type: ResourceConfigurationDefinition

Update requires: No interruption


The ID of the group resource configuration.

Required: No

Type: String

Pattern: ^rcfg-[0-9a-z]{17}$

Minimum: 22

Maximum: 22

Update requires: No interruption


The type of resource configuration. A resource configuration can be one of the following types:

  • SINGLE - A single resource.

  • GROUP - A group of resources. You must create a group resource configuration before you create a child resource configuration.

  • CHILD - A single resource that is part of a group resource configuration.

  • ARN - An Amazon resource.

Required: No

Type: String

Allowed values: GROUP | CHILD | SINGLE | ARN

Update requires: Replacement


The ID of the resource gateway.

Required: No

Type: String

Update requires: Replacement


The tags for the resource configuration.

Required: No

Type: Array of Tag

Minimum: 0

Maximum: 50

Update requires: No interruption

Return values


When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the Amazon Resource Name (ARN) of the resource configuration.

For more information about using the Ref function, see Ref.


The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.


The Amazon Resource Name (ARN) of the resource configuration.


The ID of the resource configuration.