Summary
It is not possible to find or generate the ARN of an AutoScalingGroup in CloudFormation, for example for use in an IAM policy.
Details
The ARN of an ASG includes it's groupid, but Fn::Ref returns the name, and Fn::GetAtt is not supported at all, so it is not possible to retrieve, either directly or indirectly the ARN of an ASG created by a CloudFormation stack without the use of a custom resource.
AWS Support have confirmed this, and advised that there is an existing feature request open with the CloudFormation team for it.
Comments
Not sure whether this sort of issue should be added or not, so feel free to close it if you feel it's out of scope to track here, it doesn't exactly fit into any of the suggested issue templates, but at the same time feels like something that is reasonable to call a gap.
benbridts
commented
5 years ago
Summary It is not possible to find or generate the ARN of an AutoScalingGroup in CloudFormation, for example for use in an IAM policy.
Details The ARN of an ASG includes it's groupid, but Fn::Ref returns the name, and Fn::GetAtt is not supported at all, so it is not possible to retrieve, either directly or indirectly the ARN of an ASG created by a CloudFormation stack without the use of a custom resource.
AWS Support have confirmed this, and advised that there is an existing feature request open with the CloudFormation team for it.
Comments Not sure whether this sort of issue should be added or not, so feel free to close it if you feel it's out of scope to track here, it doesn't exactly fit into any of the suggested issue templates, but at the same time feels like something that is reasonable to call a gap.