CloudFormation template Conditions syntax
The optional Conditions section contains statements that define the
circumstances under which entities are created or configured. For example, you can create a
condition and associate it with a resource or output so that CloudFormation creates the resource
or output only if the condition is true. Similarly, you can associate a condition with a
property so that CloudFormation sets the property to a specific value only if the condition is
true. If the condition is false, CloudFormation sets the property to an alternative value that
you specify.
You can use conditions when you want to reuse a template to create resources in different
contexts, such as test versus production environments. For example, in your template, you
can add an EnvironmentType input parameter that accepts either
prod or test as inputs. For the prod environment,
you might include EC2 instances with certain capabilities, while for the test
environment, you might use reduced capabilities to save money. This condition definition
allows you to define which resources are created and how they're configured for each
environment type.
Syntax
The Conditions section consists of the key name Conditions.
Each condition declaration includes a logical ID and one or more intrinsic functions.
JSON
"Conditions": { "LogicalConditionName1": { "Intrinsic function":...[ }, "LogicalConditionName2": { "Intrinsic function":...} }
YAML
Conditions:LogicalConditionName1:Intrinsic function:...LogicalConditionName2:Intrinsic function:...
How conditions work
To use conditions, follow these steps:
-
Add a parameter definition – Define the inputs that your conditions will evaluate in the
Parameterssection of your template. The conditions evaluate to true or false based on these input parameter values. Note that pseudo parameters are automatically available and don't require explicit definition in theParameterssection. For more information about pseudo parameters, see Get AWS values using pseudo parameters. -
Add a condition definition – Define conditions in the
Conditionssection using intrinsic functions such asFn::IforFn::Equals. These conditions determine when CloudFormation creates the associated resources. The conditions can be based on:-
Input or pseudo parameter values
-
Other conditions
-
Mapping values
However, you can't reference resource logical IDs or their attributes in conditions.
-
-
Associate conditions with resources or outputs – Reference conditions in resources or outputs using the
Conditionkey and a condition's logical ID. Optionally, useFn::Ifin other parts of the template (such as property values) to set values based on a condition. For more information, see Using the Condition key.
CloudFormation evaluates conditions when creating or updating a stack. CloudFormation creates entities that are associated with a true condition and ignores entities that are associated with a false condition. CloudFormation also re-evaluates these conditions during each stack update before modifying any resources. Entities that remain associated with a true condition are updated, while those that become associated with a false condition are deleted.
Important
During a stack update, you can't update conditions by themselves. You can update conditions only when you include changes that add, modify, or delete resources.
Condition intrinsic functions
You can use the following intrinsic functions to define conditions:
Note
Fn::If is only supported in the metadata attribute, update policy
attribute, and property values in the Resources section and
Outputs sections of a template.
Using the Condition
key
Once a condition is defined, you can apply it in several places in the template, such
as Resources and Outputs, using the Condition
key. The Condition key references a condition's logical name and returns
the evaluated result of the specified condition.
Topics
Associate conditions with resources
To conditionally create resources, add the Condition key and the
logical ID of the condition as an attribute to the resource. CloudFormation creates the
resource only when the condition evaluates to true.
JSON
"NewVolume" : { "Type" : "AWS::EC2::Volume", "Condition" : "IsProduction", "Properties" : { "Size" : "100", "AvailabilityZone" : { "Fn::GetAtt" : [ "EC2Instance", "AvailabilityZone" ]} } }
YAML
NewVolume: Type: AWS::EC2::Volume Condition: IsProduction Properties: Size: 100 AvailabilityZone: !GetAtt EC2Instance.AvailabilityZone
Associate conditions with outputs
You can also associate conditions with outputs. CloudFormation creates the output only when the associated condition evaluates to true.
JSON
"Outputs" : { "VolumeId" : { "Condition" : "IsProduction", "Value" : { "Ref" : "NewVolume" } } }
YAML
Outputs: VolumeId: Condition: IsProduction Value: !Ref NewVolume
Reference conditions in other conditions
When defining conditions in the Conditions section, you can reference
other conditions using the Condition key. This allows you to create
more complex conditional logic by combining multiple conditions.
In the following example, the IsProdAndFeatureEnabled condition
evaluates to true only if the IsProduction and
IsFeatureEnabled conditions evaluate to true.
JSON
"Conditions": { "IsProduction" : {"Fn::Equals" : [{"Ref" : "Environment"}, "prod"]}, "IsFeatureEnabled" : { "Fn::Equals" : [{"Ref" : "FeatureFlag"}, "enabled"]}, "IsProdAndFeatureEnabled" : { "Fn::And" : [ {"Condition" : "IsProduction"}, {"Condition" : "IsFeatureEnabled"} ] } }
YAML
Conditions: IsProduction: !Equals [!Ref Environment, "prod"] IsFeatureEnabled: !Equals [!Ref FeatureFlag, "enabled"] IsProdAndFeatureEnabled: !And - !Condition IsProduction - !Condition IsFeatureEnabled
Conditionally
return property values using Fn::If
For more granular control, you can use the Fn::If intrinsic function
to conditionally return one of two property values within resources or outputs. This
function evaluates a condition and returns one value if the condition is true and
another value if the condition is false.
Conditional property values
The following example demonstrates setting an EC2 instance type based on an
environment condition. If the IsProduction condition evaluates to
true, the instance type is set to c5.xlarge. Otherwise, it's set to
t3.small.
JSON
"Properties" : { "InstanceType" : { "Fn::If" : [ "IsProduction", "c5.xlarge", "t3.small" ] } }
YAML
Properties: InstanceType: !If - IsProduction - c5.xlarge - t3.small
Conditional property removal
You can also use the AWS::NoValue pseudo parameter as a return
value to remove the corresponding property when a condition is false.
JSON
"DBSnapshotIdentifier" : { "Fn::If" : [ "UseDBSnapshot", {"Ref" : "DBSnapshotName"}, {"Ref" : "AWS::NoValue"} ] }
YAML
DBSnapshotIdentifier: !If - UseDBSnapshot - !Ref DBSnapshotName - !Ref "AWS::NoValue"
Examples
Environment-based resource creation
This following examples provision an EC2 instance, and conditionally create and
attach a new EBS volume only if the environment type is prod. If the
environment is test, they just create the EC2 instance without the
additional volume.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "EnvType": { "Description": "Environment type", "Default": "test", "Type": "String", "AllowedValues": [ "prod", "test" ], "ConstraintDescription": "must specify prod or test" } }, "Conditions": { "IsProduction": { "Fn::Equals": [ { "Ref": "EnvType" }, "prod" ] } }, "Resources": { "EC2Instance": { "Type": "AWS::EC2::Instance", "Properties": { "ImageId": "ami-1234567890abcdef0", "InstanceType": "c5.xlarge" } }, "MountPoint": { "Type": "AWS::EC2::VolumeAttachment", "Condition": "IsProduction", "Properties": { "InstanceId": { "Ref": "EC2Instance" }, "VolumeId": { "Ref": "NewVolume" }, "Device": "/dev/sdh" } }, "NewVolume": { "Type": "AWS::EC2::Volume", "Condition": "IsProduction", "Properties": { "Size": 100, "AvailabilityZone": { "Fn::GetAtt": [ "EC2Instance", "AvailabilityZone" ] } } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Parameters: EnvType: Description: Environment type Default: test Type: String AllowedValues: - prod - test ConstraintDescription: must specify prod or test Conditions: IsProduction: !Equals - !Ref EnvType - prod Resources: EC2Instance: Type: AWS::EC2::Instance Properties: ImageId: ami-1234567890abcdef0 InstanceType: c5.xlarge MountPoint: Type: AWS::EC2::VolumeAttachment Condition: IsProduction Properties: InstanceId: !Ref EC2Instance VolumeId: !Ref NewVolume Device: /dev/sdh NewVolume: Type: AWS::EC2::Volume Condition: IsProduction Properties: Size: 100 AvailabilityZone: !GetAtt - EC2Instance - AvailabilityZone
Multi-condition resource provisioning
The following examples conditionally create an S3 bucket if a bucket name is
provided, and attach a bucket policy only when the environment is set to
prod. If no bucket name is given or the environment is
test, no resources are created.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "EnvType": { "Type": "String", "AllowedValues": [ "prod", "test" ] }, "BucketName": { "Default": "", "Type": "String" } }, "Conditions": { "IsProduction": { "Fn::Equals": [ { "Ref": "EnvType" }, "prod" ] }, "CreateBucket": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "BucketName" }, "" ] } ] }, "CreateBucketPolicy": { "Fn::And": [ { "Condition": "IsProduction" }, { "Condition": "CreateBucket" } ] } }, "Resources": { "Bucket": { "Type": "AWS::S3::Bucket", "Condition": "CreateBucket", "Properties": { "BucketName": { "Ref": "BucketName" } } }, "Policy": { "Type": "AWS::S3::BucketPolicy", "Condition": "CreateBucketPolicy", "Properties": { "Bucket": { "Ref": "Bucket" }, "PolicyDocument": { ... } } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Parameters: EnvType: Type: String AllowedValues: - prod - test BucketName: Default: '' Type: String Conditions: IsProduction: !Equals - !Ref EnvType - prod CreateBucket: !Not - !Equals - !Ref BucketName - '' CreateBucketPolicy: !And - !Condition IsProduction - !Condition CreateBucket Resources: Bucket: Type: AWS::S3::Bucket Condition: CreateBucket Properties: BucketName: !Ref BucketName Policy: Type: AWS::S3::BucketPolicy Condition: CreateBucketPolicy Properties: Bucket: !Ref Bucket PolicyDocument: ...
In this example, the CreateBucketPolicy condition demonstrates how to
reference other conditions using the Condition key. The policy is
created only when both the IsProduction and CreateBucket
conditions evaluate to true.
Note
For more complex examples of using conditions, see the Condition attribute topic in the AWS CloudFormation Template Reference Guide.
