This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::EC2::VPCEncryptionControl ResourceExclusions Information about resource exclusions for the VPC Encryption Control configuration. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[EgressOnlyInternetGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-egressonlyinternetgateway)" : VpcEncryptionControlExclusion, "[ElasticFileSystem](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-elasticfilesystem)" : VpcEncryptionControlExclusion, "[InternetGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-internetgateway)" : VpcEncryptionControlExclusion, "[Lambda](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-lambda)" : VpcEncryptionControlExclusion, "[NatGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-natgateway)" : VpcEncryptionControlExclusion, "[VirtualPrivateGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-virtualprivategateway)" : VpcEncryptionControlExclusion, "[VpcLattice](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-vpclattice)" : VpcEncryptionControlExclusion, "[VpcPeering](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-vpcpeering)" : VpcEncryptionControlExclusion } ``` ### YAML ``` [EgressOnlyInternetGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-egressonlyinternetgateway): VpcEncryptionControlExclusion [ElasticFileSystem](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-elasticfilesystem): VpcEncryptionControlExclusion [InternetGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-internetgateway): VpcEncryptionControlExclusion [Lambda](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-lambda): VpcEncryptionControlExclusion [NatGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-natgateway): VpcEncryptionControlExclusion [VirtualPrivateGateway](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-virtualprivategateway): VpcEncryptionControlExclusion [VpcLattice](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-vpclattice): VpcEncryptionControlExclusion [VpcPeering](#cfn-ec2-vpcencryptioncontrol-resourceexclusions-vpcpeering): VpcEncryptionControlExclusion ``` ## Properties `EgressOnlyInternetGateway` Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `ElasticFileSystem` Specifies whether to exclude Elastic File System traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `InternetGateway` Specifies whether to exclude internet gateway traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Lambda` Specifies whether to exclude Lambda function traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `NatGateway` Specifies whether to exclude NAT gateway traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `VirtualPrivateGateway` Specifies whether to exclude virtual private gateway traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `VpcLattice` Specifies whether to exclude VPC Lattice traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `VpcPeering` Specifies whether to exclude VPC peering connection traffic from encryption enforcement. *Required*: No *Type*: [VpcEncryptionControlExclusion](aws-properties-ec2-vpcencryptioncontrol-vpcencryptioncontrolexclusion.md) *Allowed values*: `enable | disable` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)