A developer is in the process of creating an AWS CloudFormation template intended for the deployment of Amazon EC2 instances across multiple AWS accounts. As part of the security and compliance requirements, the developer must ensure that only pre-approved instance types are used for these EC2 instances.

What steps should the developer take to incorporate the list of approved EC2 instance types into the CloudFormation template?