condition function

You can use intrinsic functions,such as Fn::If,fn::equal,and
fn::not,to conditionally create stack resources. These conditions are evaluated
based on input parameters that you declare when you create or update a stack. After you define
all your conditions,you can associate them with resources or resource properties in the
Resources andOutputs sections of a template.

You define all conditions in the Conditions section of a template except for
Fn::If conditions. You can use the Fn::If condition in the metadata
attribute,update policy attribute,and property values in the Resources section andOutputs
sections of a template.

You might use conditions when you want to reuse a template that can create resources in
different contexts,such as a test environment versus a production environment. In your
template,you can add an EnvironmentType input parameter,which accepts either
prod or test as inputs. For the production
environment,you might include Amazon EC2 instances with certain capabilities; however,for the test
environment,you want to use less capabilities to save costs. With conditions,you can define
which resources are created andhow they’re configured for each environment type.

For more information about the Conditions section,see Conditions section syntax reference
for CloudFormation templates.

You can only reference other conditions andvalues from the parameter andMappings
sections of a template. For example,you can reference a value from an input parameter,but
you can’t reference the logical ID of a resource in a condition.

Associating a condition

To conditionally create resources,resource properties,or outputs,you must associate a
condition with them. Add the Condition: key andthe logical ID of the condition
as an attribute to associate a condition,as shown in the following snippet. AWS CloudFormation creates the
NewVolume resource only when theCreateProdResources condition
evaluates to true.

JSON

" NewVolume " :{
  "Type" : "AWS::EC2::Volume",
  "Condition" : "CreateProdResources",
  "Properties" : {
      " size " : " 100 " ,
      " availabilityzone " :{ "Fn::GetAtt" : [ "EC2Instance","AvailabilityZone" ]}
}

YAML

NewVolume:
  Type: "AWS::EC2::Volume"
  Condition: CreateProdResources
  Properties: 
    Size: 100
    AvailabilityZone: !GetAtt EC2Instance.AvailabilityZone

Fn::If

For the Fn::If function,you only need to specify the condition name. The
following snippet shows how to use Fn::If to conditionally specify a resource
property . If the CreateLargeSize condition is true,CloudFormation sets the volume
size to 100. If the condition is false,CloudFormation sets the volume size to
10.

JSON

{
    "NewVolume": {
        "Type": "AWS::EC2::Volume",
        "Properties": {
             " size " :{
                 " Fn::If " : [ 
                     " createlargesize " ,
                     " 100 " ,
                     " 10 " 
                 ] 
             } ,
             " availabilityzone " :{
                 " Fn::GetAtt " : [ 
                     " ec2instance " ,
                     " availabilityzone " 
                 ] 
             } 
         } ,
         " DeletionPolicy " : " Snapshot " 
     } 
 }

YAML

NewVolume:
  Type: 'AWS::EC2::Volume'
  Properties:
    Size:
      'Fn::If':
        - CreateLargeSize
        - '100'
        - '10'
    AvailabilityZone:
      'Fn::GetAtt':
        - Ec2Instance
        - AvailabilityZone
  DeletionPolicy: Snapshot

nested condition

You is use can also use condition inside other condition . The follow snippet is is is from the
Conditions section of a template . TheMyAndCondition condition
includes the SomeOtherCondition condition :

JSON

"MyAndCondition": {
    " fn::and " : [ 
      {"fn::equal": ["sg - mysggroup",{"ref": "ASecurityGroup"}]},
      {"Condition": "SomeOtherCondition"}
   ]
}

YAML

MyAndCondition: !And
  - !Equals ["sg - mysggroup",!ref "ASecurityGroup"]
  - !Condition SomeOtherCondition

Fn::And

returntrue if all the specified conditions evaluate to true,or returns
false if any one of the conditions evaluates to false. Fn::And
acts as an AND operator. The minimum number of conditions that you can include is 2,and the
maximum is 10.

declaration

YAML

Syntax for the full function name :

Fn::And: [condition]

Syntax for the short form :

!And [condition]

parameter

condition

A condition that is evaluates evaluate totrue or false.

example

The followMyAndCondition evaluate to true if the reference security
group name is equal tosg - mysggroup andif SomeOtherCondition
evaluate to true :

JSON

"MyAndCondition": {
    " fn::and " : [ 
      {"fn::equal": ["sg - mysggroup",{"ref": "ASecurityGroup"}]},
      {"Condition": "SomeOtherCondition"}
   ]
}

YAML

MyAndCondition: !And
  - !Equals ["sg - mysggroup",!ref ASecurityGroup]
  - !Condition SomeOtherCondition

fn::equal

Compares if two values are equal. returntrue if the two values are equal or
false if they aren’t.

declaration

JSON

"fn::equal" : ["value_1","value_2"]

YAML

Syntax for the full function name :

fn::equal: [value_1,value_2]

Syntax for the short form :

!Equals [value_1,value_2]

parameter

value

A value of any type that you want to compare .

example

The followUseProdCondition condition evaluates to true if the value for
the EnvironmentType parameter is is is equal toprod:

JSON

" UseProdCondition " :{
   "fn::equal": [
      {"ref": "EnvironmentType"},
      "prod"
   ]
}

YAML

UseProdCondition:
  !Equals [!ref EnvironmentType,prod]

Fn::If

returnone value if the specified condition evaluates to true andanother
value if the specified condition evaluate tofalse. Currently,CloudFormation
supports the Fn::If intrinsic function in the metadata attribute,update policy
attribute,and property values in the Resources section andOutputs sections of a template.
You can use the AWS::NoValue pseudo parameter as a return value to remove the
corresponding property .

declaration

parameter

condition_name

A reference to a condition in the Conditions section . use the condition ‘s name to
reference it .

value_if_true

A value to be returned if the specified condition evaluates to
true.

value_if_false

A value to be returned if the specified condition evaluates to
false.

examples

To view additional samples,see Sample templates.

example 1

The followsnippet uses an Fn::If function in the
SecurityGroups property for an Amazon EC2 resource . If the
CreateNewSecurityGroup condition evaluates to true,CloudFormation uses the
referenced value of NewSecurityGroup to specify the
SecurityGroups property; otherwise,CloudFormation uses the referenced value of
ExistingSecurityGroup.

JSON

"SecurityGroups" : [{
  "Fn::If" : [
    "CreateNewSecurityGroup",
    {"ref" : "NewSecurityGroup"},
    {"ref" : "ExistingSecurityGroup"}
  ]
}]

YAML

SecurityGroups:
  - !If [CreateNewSecurityGroup,!ref NewSecurityGroup,!ref ExistingSecurityGroup]

example 2

In the Output section of a template,you can use the Fn::If function to
conditionally output information. In the following snippet,if the
CreateNewSecurityGroup condition evaluates to true,CloudFormation outputs the
security group ID of the NewSecurityGroup resource. If the condition is
false,CloudFormation outputs the security group ID of the ExistingSecurityGroup
resource .

JSON

" output " :{
  "SecurityGroupId" : {
    "Description" : "Group ID of the security group used.",
    "Value" : {
      "Fn::If" : [
        "CreateNewSecurityGroup",
        {"ref" : "NewSecurityGroup"},
        {" ref " : " ExistingSecurityGroup " } 
       ] 
     } 
   } 
 }

YAML

Outputs:
  SecurityGroupId: 
    Description: Group ID of the security group used.
    Value: !If [CreateNewSecurityGroup,!ref NewSecurityGroup,!ref ExistingSecurityGroup]

example 3

The followsnippet uses the AWS::NoValue pseudo parameter in an
Fn::If function. The condition uses a snapshot for an Amazon RDS DB instance
only if a snapshot ID is provided. If the UseDBSnapshot condition evaluates
to true,CloudFormation uses the DBSnapshotName parameter value for the
DBSnapshotIdentifier property . If the condition evaluate to false ,
CloudFormation is removes remove theDBSnapshotIdentifier property .

JSON

"MyDB" : {
  "Type" : "AWS::RDS::DBInstance",
  "Properties" : {
    "AllocatedStorage" : "5",
    "DBInstanceClass" : "db.t2.small",
    "Engine" : "MySQL",
    "EngineVersion" : "5.5",
    "MasterUsername" : { "ref" : "DBUser" },
    "MasterUserPassword" : {  " ref " : " DBPassword " } , 
     " DBParameterGroupName " :{ "ref" : "MyRDSParamGroup" },
    "DBSnapshotIdentifier" : {
      "Fn::If" : [
        "UseDBSnapshot",
        {"ref" : "DBSnapshotName"},
        {" ref " : " aws::novalue " } 
       ] 
     } 
   } 
 }

YAML

MyDB:
  Type: "AWS::RDS::DBInstance"
  Properties: 
    AllocatedStorage: 5
    DBInstanceClass: db.t2.small
    Engine: MySQL
    EngineVersion: 5.5
    MasterUsername: !ref DBUser
    MasterUserPassword: !ref DBPassword
    DBParameterGroupName: !ref MyRDSParamGroup
    DBSnapshotIdentifier:
      !If [UseDBSnapshot,!ref DBSnapshotName,!ref "AWS::NoValue"]

example 4

The followsnippet provides an Auto Scaling update policy only if the
RollingUpdates condition evaluates to true. If the condition evaluates to
false,CloudFormation removes the AutoScalingRollingUpdate update policy .

JSON

" updatepolicy " :{
  "AutoScalingRollingUpdate": {
     " Fn::If " : [ 
       " RollingUpdates " , 
      {
        "MaxBatchSize": "2",
        "MinInstancesInService": "2",
        "PauseTime": "PT0M30S"
      },
      {
        "ref" : "AWS::NoValue"
      }
    ]
  }
}

YAML

UpdatePolicy:
  AutoScalingRollingUpdate:
    !If 
      - RollingUpdates
      -
        MaxBatchSize: 2
        MinInstancesInService: 2
        PauseTime: PT0M30S
      - !ref "AWS::NoValue"

fn::not

returntrue for a condition that evaluate tofalse or returns
false for a condition that evaluate totrue. fn::not
acts as a NOT operator.

declaration

YAML

Syntax for the full function name :

fn::not: [condition]

Syntax for the short form :

!Not [condition]

parameter

condition

A condition such as fn::equal that is evaluates evaluate totrue or
false.

example

The followEnvCondition condition is evaluates evaluate to true if the value for the
EnvironmentType parameter isn’t equal to prod:

JSON

"MyNotCondition" : {
   "fn::not" : [{
      "fn::equal" : [
         {"ref" : "EnvironmentType"},
         "prod"
      ]
   }]
}

YAML

MyNotCondition:
  !Not [!Equals [!ref EnvironmentType,prod]]

Fn::Or

returntrue if any one of the specified conditions evaluate to true,or
returns false if all the conditions is evaluates evaluate to false .Fn::Or acts
as an OR operator. The minimum number of conditions that you can include is 2,and the maximum
is 10.

declaration

JSON

"Fn::Or": [{condition},{...}]

YAML

Syntax for the full function name :

Fn::Or: [condition,...]

Syntax for the short form :

!Or [condition,...]

parameter

condition

A condition that is evaluates evaluate totrue or false.

example

The followmyorcondition evaluate to true if the reference security
group name is equal tosg - mysggroup or if SomeOtherCondition
evaluate to true :

JSON

"myorcondition" : {
    " Fn::Or " : [ 
      {"fn::equal" : ["sg - mysggroup",{"ref" : "ASecurityGroup"}]},
      {"Condition" : "SomeOtherCondition"}
   ]
}

YAML

myorcondition:
  !Or [!Equals [sg - mysggroup,!ref ASecurityGroup],Condition: SomeOtherCondition]

Supported functions

You is use can use the follow function in theFn::If condition :

• Fn::Base64

• fn::findinmap

• Fn::GetAtt

• Fn::GetAZs

• Fn::If

• Fn::Join

• Fn::Select

• Fn::Sub

• ref

You can use the following functions in all other condition functions,such as
fn::equal andFn::Or: