CloudFormation Parameters: Make your life simple

dark clouds

Before we dive into the details of CloudFormation Parameters, lets build some context around what CloudFormation is. It is a service by Amazon, used to  model, provision and configure AWS  resources in the Cloud. You do this by creating a template, which is a a simple text file in JSON or YAML format. 

In case you are not familiar with JSON and YAML, JSON stands for JavaScript Object Notation and is lightweight data-interchange format easy for humans and machines to comprehend. Similarly, YAML ( “YAML Aint Markup Language“) is a data-serialization language  and uses indentation for formatting. This minimal syntax makes it easy to understand and write.

Lets walk thru an example to make better sense. Assume you want to create a DynamoDB table with indexes. You would have to manually provision and configure the table name,  keys, capacity units, field attributes, primary and secondary indexes and more. With CloudFormation, you specify your required AWS resources and its properties in your template and create a stack from either the CLI, API or Console.

In this post, lets look at the below Cloudformation Parameters and their attributes

  1. Cloudformation basics
  2. Cloudformation Parameter Types
  3. Cloudformation Parameter Properties
  4. Cloudformation Parameter Examples

1. CloudFormation Basics

aws cloudformation

A CloudFormation template is composed of multiple sections – Format Version, Description, Metadata, Parameters, Mappings, Conditions, Transform, Resources and Output. Parameters, though an optional section in the template can be used to turbo charge your resource deployment game.

CloudFormation Parameters are used to pass input values to the template during run-time when creating or updating a stack. These parameters are then referenced from the Resources or Output sections in the template. Keep the following points in mind when you use parameters in your CloudFormation template.

  • A parameter can only be referenced in the context of the template it is declared in. In other words, they are not global.
  • You have to provide a value during runtime. If you decide to declare a parameter and not use it, then it has to have a default value assigned.
  • You can have a maximum of 60 parameters in a template and each one must have a unique logical name.
  • And finally, every parameter should have a type assigned to it.

CloudFormation Parameter Types

AWS CloudFormation Parameter types require a bit more attention. So, what are Cloudformation Parameter Types ?

A Parameter Type in a CloudFormation template is the data type of the parameter. This a required property of a parameter. Currently, there are 6 CloudFormation Parameter Types.


Now lets look at a simple example of an AWS CloudFormation Parameter in JSON and YAML format.

Parameter Format for JSON

"Parameters" : {
          "ParameterLogicalID" : {
                  "Type" : "DataType",
                  "ParameterProperty" : "value"

Parameter Format for YAML

Parameters :
                  Type : DataType
                  ParameterProperty : value

CloudFormation Parameter Properties

When using CloudFormation Parameters, there are 13 properties you can specify for control and structure. Almost all of them are optional, except for the Type parameter. The table below lists the parameter properties and description.



Parameter Properties

What it does



The approved format for the string type specified as a regular expression. For a database password for instance, this could be “^[a-zA-Z0-9]*$”



List containing the valid values for a parameter



Descriptive text on why a constraint was violated



Fallback value to use if a specific parameter is not specified



A description of what the parameter does limited to 4000 bytes



Largest value allowed for a String type



Largest value allowed for a Number type



Smallest value allowed for a String type



Smallest value allowed for a Number type



Used to mask the parameter value displayed. As a best practice, try not to use this parameter



The datatype of the parameter. Can be String, Number, List, CommaDelimitedList, AWS-Specific Parameter types or SSM Parameter Types


AWS-Specific Parameter Types

Used to specify an existing AWS Parameter in your account


SSM Parameter Types

Used to specify existing AWS Parameters in System Manager Parameter Store.

CloudFormation Parameter Examples

If all this technical jargon is making your head spin, don’t fret! We will walk through the top 5 frequently used CloudFormation Parameter patterns. Once you get familiar with them, try tweaking them for your specific use cases.

Example 1: Create an AWS-Specific Cloudformation Parameter for an EC2 Key Pair


"Parameters" : {
    "KeyName": {
      "Description" : "EC2 Key Pair Name",
      "Type": "AWS::EC2::KeyPair::KeyName",
        "ConstraintDescription" : "EC2 Key Pair must exist"


Parameters :
      Description : EC2 Key Pair Name
      Type: AWS::EC2::KeyPair::KeyName
      ConstraintDescription : EC2 Key Pair must exist

Example 2: Create a CloudFormation Parameter for SSH access to an EC2 Instance


"Parameters" : {
    "SSHLocation" : {
            "Description" : " IP address for SSH to
                                    the EC2 instance",
             "Type": "String",
             "MinLength": "9",
             "MaxLength": "18",
             "Default": "",
"AllowedPattern": "(\\d{1,3})\\.
"ConstraintDescription": "IP in x.x.x.x/x


Parameters : 
       SSHLocation :
           Description : IP address for SSH to
                                     the EC2 instance
           Type: String
           MinLength: 9
           MaxLength: 18
           Default: 0000/0
           AllowedPattern: (\\d13)\\(\\d13)\\(\\d13)
           ConstraintDescription: IP CIDR range in
xxxx/x format

Example 3: Create CloudFormation Parameters for a Database

In this example, we will create 3 parameters for a DynamoDB database. One for the Database Name (DBName),One for the Database User (DBUser) and one for the Database Password (DB Password). 

This example can be used for other databases and any scenario requiring Username and Password parameters.


"Parameters" : { 
"DBName": {
"Default": "testDynamoDB",
"Description" : "DynamoDB database name",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "Must start with a letter and contain only alphanumeric characters"
"DBUser": {
"NoEcho": "true",
"Description" : "Username for DynamoDB database",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "Must start with a letter and contain only alphanumeric characters"
"DBPassword": {
"NoEcho": "true",
"Description" : "Password for DynamoDB database",
"Type": "String",
"MinLength": "8",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "Alphanumeric characters only"


Parameters :
Default: testDynamoDB
Description : DynamoDB database name
Type: String
MinLength: 1
MaxLength: 64
AllowedPattern : [a-zA-Z][a-zA-Z0-9]*
ConstraintDescription : Must start with a letter and contain only alphanumeric characters
NoEcho: true
Description : Username for DynamoDB database
Type: String
MinLength: 1
MaxLength: 16
AllowedPattern : [a-zA-Z][a-zA-Z0-9]*
ConstraintDescription : Must start with a letter and contain only alphanumeric characters
NoEcho: true
Description : Password for DynamoDB database
Type: String
MinLength: 8
MaxLength: 41
AllowedPattern : [a-zA-Z0-9]*
ConstraintDescription : Alphanumeric characters only

Example 4: Create a CloudFormation Parameter for an Email Address


"Parameters": { 
     "EMailAddress": {
         "Description": "Email address for issue notification",
         "Type": "String",
       "AllowedPattern": "([a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|
(([a-zA-Z0-9\\-]+\\.)+)) ([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?)",
         "ConstraintDescription": "Enter a valid email address."


         Description: Email address for issue notification
         Type: String
       AllowedPattern: [a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|(([a-zA-Z0-9\\-]+\\.)+))
ConstraintDescription: Enter a valid email address

Example 5: Create a CloudFormation Parameter for a SageMaker EC2 Instance Type


"Parameters" : {
     "InstanceType" : {
         "Description" : "SageMaker EC2 instance type",
         "Type" : "String",
         "Default" : "ml.m4.xlarge",
 "AllowedValues" : [ "ml.m4.xlarge",
"ConstraintDescription" : "Must be a valid EC2
instance type."   


Parameters : 
     InstanceType :
         Description : SageMaker EC2 instance type
         Type : String
         Default : ml.m4.xlarge
         AllowedValues :
                 - ml.m4.xlarge
                 - ml.m4.4xlarge
                 - ml.m4.10xlarge
                 - ml.c4.xlarge
                 - ml.c4.2xlarge
                 - ml.c4.8xlarge
                 - ml.p2.xlarge
                 - ml.p2.8xlarge
                 - ml.p2.16xlarge
       ConstraintDescription : Must be a valid EC2
instance type

In Conclusion

Keep the following key points in mind: 

  • CloudFormation Parameters are an optional section in the template. However, using them will make your template flexible and dynamic.
  • At a minimum, you need to specify a logical id (name) and type for your parameter.
  • For AWS specific values, always use the AWS-Specific Parameter Types.
  • Though not required, using Parameter Constraints and Defaults is considered best practice.

Now that we covered some of the basics. See if you can provision an Amazon Redshift Cluster using AWS CloudFormation. Here are a few articles to get you started

Helpful links

AWS CloudFormation User Guide

AWS Official User guide on CloudFormation

Service Offerings by Obstkel

Get to know the AWS Cloud Services offered by Obstkel

Interested in our services ?

email us at :

Copyright 2021 © OBSTKEL LLC. All rights Reserved