0
0
AwsHow-ToBeginner · 4 min read

How to Use Intrinsic Functions in AWS CloudFormation

In AWS CloudFormation, use intrinsic functions like Ref, Fn::GetAtt, and Fn::Join to dynamically reference resources, get attributes, and manipulate strings within your templates. These functions help you build flexible and reusable infrastructure as code.
📐

Syntax

Intrinsic functions in AWS CloudFormation have a specific syntax that starts with Ref or Fn:: followed by the function name. They take parameters like resource names or lists to return dynamic values.

Common intrinsic functions include:

  • Ref: Returns the value of a resource or parameter.
  • Fn::GetAtt: Gets an attribute of a resource.
  • Fn::Join: Joins a list of strings.
json
{
  "Ref": "LogicalName"
}

{
  "Fn::GetAtt": ["LogicalName", "AttributeName"]
}

{
  "Fn::Join": ["delimiter", ["string1", "string2"]]
}
💻

Example

This example shows a CloudFormation snippet using intrinsic functions to create an S3 bucket and output its name dynamically.

json
{
  "Resources": {
    "MyBucket": {
      "Type": "AWS::S3::Bucket",
      "Properties": {
        "BucketName": { "Fn::Join": ["-", ["myapp", { "Ref": "AWS::Region" }, "bucket"]] }
      }
    }
  },
  "Outputs": {
    "BucketNameOutput": {
      "Value": { "Ref": "MyBucket" },
      "Description": "The name of the S3 bucket"
    }
  }
}
Output
Outputs: BucketNameOutput: Value: myapp-us-east-1-bucket Description: The name of the S3 bucket
⚠️

Common Pitfalls

Common mistakes when using intrinsic functions include:

  • Using Ref on resources that do not support it, causing errors.
  • Incorrectly formatting Fn::Join with wrong delimiters or missing brackets.
  • Confusing Ref with Fn::GetAtt—use Fn::GetAtt to get resource attributes, not just names.

Always check the resource documentation to know which intrinsic functions are supported.

json
{
  "Properties": {
    "BucketName": { "Ref": "MyBucket" }  
  }
}

// Correct usage:
{
  "Properties": {
    "BucketName": { "Fn::Join": ["-", ["myapp", { "Ref": "AWS::Region" }, "bucket"]] }
  }
}
📊

Quick Reference

Intrinsic FunctionPurposeExample Usage
RefReturns the value of a resource or parameter{"Ref": "MyResource"}
Fn::GetAttGets an attribute of a resource{"Fn::GetAtt": ["MyResource", "Arn"]}
Fn::JoinJoins a list of strings with a delimiter{"Fn::Join": ["-", ["part1", "part2"]]}
Fn::SubSubstitutes variables in a string{"Fn::Sub": "arn:aws:s3:::${BucketName}/*"}
Fn::IfReturns one value if condition is true, another if false{"Fn::If": ["ConditionName", "ValueIfTrue", "ValueIfFalse"]}

Key Takeaways

Use intrinsic functions to make CloudFormation templates dynamic and reusable.
Remember that Ref returns resource names or parameter values, while Fn::GetAtt fetches resource attributes.
Always check the correct syntax and supported functions for each resource type.
Test templates to catch common mistakes like wrong delimiters or unsupported references.
Use Fn::Join and Fn::Sub to build strings dynamically.

Related by keyword

How to Create State Machine Step Functions in AWSOther ServicesAWS Step Functions: What They Are and How They WorkOther ServicesHow to Sync a Folder to AWS S3 Using AWS CLIS3AWS vs Azure: Key Differences and When to Use EachGetting StartedAWS vs GCP: Key Differences and When to Use EachGetting Started

Up next

What is CloudWatch Logs Insights: Overview and UsageWhat is CloudWatch Metrics: Overview and UsageAWS CodePipeline vs CodeBuild vs CodeDeploy: Key Differences & UsageElastiCache Redis vs Memcached: Key Differences and Usage Guide

More in CloudFormation

CloudFormation vs CDK: Key Differences and When to Use EachCloudFormation vs Terraform: Key Differences and When to Use EachHow to Create AWS CloudFormation Template: Simple GuideHow to Create a Stack in AWS CloudFormation: Step-by-Step Guide