Skip to content

Custom CFN Linting rule for Avoid manually setting optional name-like properties #4127

New issue
New issue
Open
Open
Custom CFN Linting rule for Avoid manually setting optional name-like properties#4127
Labels
new ruleNew rule
@omkarok

Description

@omkarok
omkarok
opened on Apr 30, 2025

Is this feature request related to a new rule or cfn-lint capabilities?

rules

Describe the feature you'd like to request

Feature Request: Warn When Optional Name-like Properties Are Manually Set

Summary

CloudFormation allows optional properties like BucketName, RoleName, QueueName, etc., to be auto-generated by AWS. Manually setting these values can result in resource replacement issues, particularly during updates, because CloudFormation cannot reuse names for resources marked for deletion.

This request is to add a new rule (e.g., WXXXX) to cfn-lint that warns when a non-required property matching *Name, *Identifier, or *Id is manually set — if that property is not required in the resource spec.

Motivation

  • Many production outages stem from manual Name settings that block safe stack updates (especially in S3 buckets, IAM roles, SQS queues, etc.).
  • Best practices recommend omitting these values unless deterministic naming is essential.
  • This rule could prevent subtle production issues and align CloudFormation templates with AWS fault-tolerant patterns.

Proposed Behavior

Warn when:

  • A CloudFormation resource sets an optional property matching /Name$|Identifier$|Id$/
  • The property is not required in the resource spec
  • (Optional) Provide metadata-based suppression to silence rule per resource

Example warning:
WXXXX: Optional property 'BucketName' is set on resource 'MyBucket'. This may block CloudFormation from replacing the resource cleanly.

Describe the solution you'd like

Workaround

I’ve implemented this as a [custom rule] locally, but would like to propose making it an official part of the core rule set

References

Would be happy to contribute or open a PR if this sounds aligned. Let me know what feedback or constraints you'd like addressed.

Additional context

No response

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this feature request

Would this feature include a breaking change?

  • ⚠️ This feature might incur a breaking change

Metadata

Metadata

Assignees

No one assigned

    Labels

    new ruleNew rule

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions