Fn::GetAtt
The Fn::GetAtt intrinsic function returns the value of an attribute from a resource in the
template. When the AWS::LanguageExtensions transform transform is used, you
can use intrinsic functions as a parameter to Fn::GetAtt. For more information about
GetAtt return values for a particular resource, refer to the documentation for that resource in the
Resource and property reference.
Declaration
JSON
{ "Fn::GetAtt" : [ "logicalNameOfResource", "attributeName" ] }
YAML
Syntax for the full function name:
Fn::GetAtt: [logicalNameOfResource,attributeName]
Syntax for the short form:
!GetAttlogicalNameOfResource.attributeName
Parameters
logicalNameOfResource-
The logical name (also called logical ID) of the resource that contains the attribute that you want.
attributeName-
The name of the resource-specific attribute whose value you want. See the resource's reference page for details about the attributes available for that resource type.
Return value
The attribute value.
Examples
Return a string
This example snippet returns a string containing the DNS name of the load balancer with
the logical name myELB.
JSON
"Fn::GetAtt" : [ "myELB" , "DNSName" ]
YAML
!GetAtt myELB.DNSName
Return multiple strings
The following example template returns the SourceSecurityGroup.OwnerAlias
and SourceSecurityGroup.GroupName of the load balancer with the logical name
myELB.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "myELB": { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", "Properties": { "AvailabilityZones": [ "eu-west-1a" ], "Listeners": [ { "LoadBalancerPort": "80", "InstancePort": "80", "Protocol": "HTTP" } ] } }, "myELBIngressGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "ELB ingress group", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": 80, "ToPort": 80, "SourceSecurityGroupOwnerId": { "Fn::GetAtt": [ "myELB", "SourceSecurityGroup.OwnerAlias" ] }, "SourceSecurityGroupName": { "Fn::GetAtt": [ "myELB", "SourceSecurityGroup.GroupName" ] } } ] } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Resources: myELB: Type: AWS::ElasticLoadBalancing::LoadBalancer Properties: AvailabilityZones: - eu-west-1a Listeners: - LoadBalancerPort: '80' InstancePort: '80' Protocol: HTTP myELBIngressGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: ELB ingress group SecurityGroupIngress: - IpProtocol: tcp FromPort: 80 ToPort: 80 SourceSecurityGroupOwnerId: !GetAtt myELB.SourceSecurityGroup.OwnerAlias SourceSecurityGroupName: !GetAtt myELB.SourceSecurityGroup.GroupName
Example: Use a standard Identifier for multiple
resources using Fn::Sub within Fn::GetAtt, Ref and
Fn::ForEach
The following examples shows how to use Fn::GetAtt with Fn::Sub, in conjuction with Fn::ForEach, in the Outputs of a template to reduce the template length and verbosity. The use of Fn::Sub within Fn::GetAtt allows the template to contain one intrinsic function that can reference a different bucket at every iteration of the Fn::ForEach call.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Transform": "AWS::LanguageExtensions", "Mappings": { "Buckets": { "Properties": { "Identifiers": ["A", "B", "C"] } } }, "Resources": { "Fn::ForEach::Buckets": [ "Identifier", {"Fn::FindInMap": ["Buckets", "Properties", "Identifiers"]}, { "S3Bucket${Identifier}": { "Type": "AWS::S3::Bucket", "Properties": { "AccessControl": "PublicRead", "MetricsConfigurations": [ { "Id": {"Fn::Sub": "EntireBucket${Identifier}"} } ], "WebsiteConfiguration": { "IndexDocument": "index.html", "ErrorDocument": "error.html", "RoutingRules": [ { "RoutingRuleCondition": { "HttpErrorCodeReturnedEquals": "404", "KeyPrefixEquals": "out1/" }, "RedirectRule": { "HostName": "ec2-11-22-333-44.compute-1.amazonaws.com", "ReplaceKeyPrefixWith": "report-404/" } } ] } }, "DeletionPolicy": "Retain", "UpdateReplacePolicy": "Retain" } } ] }, "Outputs": { "Fn::ForEach::BucketOutputs": [ "Identifier", {"Fn::FindInMap": ["Buckets", "Properties", "Identifiers"]}, { "Fn::ForEach::GetAttLoop": [ "Property", ["Arn", "DomainName", "WebsiteURL"], { "S3Bucket${Identifier}${Property}": { "Value": { "Fn::GetAtt": [{"Fn::Sub": "S3Bucket${Identifier}"}, {"Ref": "Property"}] } } } ] } ] } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Transform: 'AWS::LanguageExtensions' Mappings: Buckets: Properties: Identifiers: - A - B - C Resources: 'Fn::ForEach::Buckets': - Identifier - Fn::FindInMap: - Buckets - Properties - Identifiers - 'S3Bucket${Identifier}': Type: 'AWS::S3::Bucket' Properties: AccessControl: PublicRead MetricsConfigurations: - Id: Fn::Sub: 'EntireBucket${Identifier}' WebsiteConfiguration: IndexDocument: index.html ErrorDocument: error.html RoutingRules: - RoutingRuleCondition: HttpErrorCodeReturnedEquals: '404' KeyPrefixEquals: out1/ RedirectRule: HostName: ec2-11-22-333-44.compute-1.amazonaws.com ReplaceKeyPrefixWith: report-404/ DeletionPolicy: Retain UpdateReplacePolicy: Retain Outputs: 'Fn::ForEach::BucketOutputs': - Identifier - Fn::FindInMap: - Buckets - Properties - Identifiers - 'Fn::ForEach::GetAttLoop': - Property - - Arn - DomainName - WebsiteURL - 'S3Bucket${Identifier}${Property}': Value: !GetAtt - !Sub 'S3Bucket${Identifier}' - !Ref Property
Supported functions
When the AWS::LanguageExtensions transform transform is not used:
When the AWS::LanguageExtensions transform
transform is used, within the Fn::GetAtt function, you can use the following functions. This is true
with either the Fn::GetAtt logical resource name or the Fn::GetAtt attribute
name.