aws-cdk-lib

import * as cdk from "../../core"; import * as constructs from "constructs"; import * as cfn_parse from "../../core/lib/helpers-internal"; /** * Contains an optional backup plan display name and an array of `BackupRule` objects, each of which specifies a backup rule. * * Each rule in a backup plan is a separate scheduled task and can back up a different selection of AWS resources. * * For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-cfn) . * * @cloudformationResource AWS::Backup::BackupPlan * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupplan.html */ export declare class CfnBackupPlan extends cdk.CfnResource implements cdk.IInspectable, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnBackupPlan from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnBackupPlan; /** * An Amazon Resource Name (ARN) that uniquely identifies a backup plan; for example, `arn:aws:backup:us-east-1:123456789012:plan:8F81F553-3A74-4A3F-B93D-B3360DC80C50` . * * @cloudformationAttribute BackupPlanArn */ readonly attrBackupPlanArn: string; /** * Uniquely identifies a backup plan. * * @cloudformationAttribute BackupPlanId */ readonly attrBackupPlanId: string; /** * Unique, randomly generated, Unicode, UTF-8 encoded strings that are at most 1,024 bytes long. Version Ids cannot be edited. * * @cloudformationAttribute VersionId */ readonly attrVersionId: string; /** * Uniquely identifies the backup plan to be associated with the selection of resources. */ backupPlan: CfnBackupPlan.BackupPlanResourceTypeProperty | cdk.IResolvable; /** * The tags to assign to the backup plan. */ backupPlanTags?: Record<string, string>; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnBackupPlanProps); protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnBackupPlan { /** * Specifies an object containing properties used to create a backup plan. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupplanresourcetype.html */ interface BackupPlanResourceTypeProperty { /** * A list of backup options for each resource type. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupplanresourcetype.html#cfn-backup-backupplan-backupplanresourcetype-advancedbackupsettings */ readonly advancedBackupSettings?: Array<CfnBackupPlan.AdvancedBackupSettingResourceTypeProperty | cdk.IResolvable> | cdk.IResolvable; /** * The display name of a backup plan. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupplanresourcetype.html#cfn-backup-backupplan-backupplanresourcetype-backupplanname */ readonly backupPlanName: string; /** * An array of `BackupRule` objects, each of which specifies a scheduled task that is used to back up a selection of resources. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupplanresourcetype.html#cfn-backup-backupplan-backupplanresourcetype-backupplanrule */ readonly backupPlanRule: Array<CfnBackupPlan.BackupRuleResourceTypeProperty | cdk.IResolvable> | cdk.IResolvable; } /** * Specifies an object containing resource type and backup options. * * This is only supported for Windows VSS backups. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-advancedbackupsettingresourcetype.html */ interface AdvancedBackupSettingResourceTypeProperty { /** * The backup option for the resource. * * Each option is a key-value pair. This option is only available for Windows VSS backup jobs. * * Valid values: * * Set to `"WindowsVSS":"enabled"` to enable the `WindowsVSS` backup option and create a Windows VSS backup. * * Set to `"WindowsVSS":"disabled"` to create a regular backup. The `WindowsVSS` option is not enabled by default. * * If you specify an invalid option, you get an `InvalidParameterValueException` exception. * * For more information about Windows VSS backups, see [Creating a VSS-Enabled Windows Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/windows-backups.html) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-advancedbackupsettingresourcetype.html#cfn-backup-backupplan-advancedbackupsettingresourcetype-backupoptions */ readonly backupOptions: any | cdk.IResolvable; /** * The name of a resource type. * * The only supported resource type is EC2. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-advancedbackupsettingresourcetype.html#cfn-backup-backupplan-advancedbackupsettingresourcetype-resourcetype */ readonly resourceType: string; } /** * Specifies an object containing properties used to schedule a task to back up a selection of resources. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html */ interface BackupRuleResourceTypeProperty { /** * A value in minutes after a backup job is successfully started before it must be completed or it is canceled by AWS Backup . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-completionwindowminutes */ readonly completionWindowMinutes?: number; /** * An array of CopyAction objects, which contains the details of the copy operation. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-copyactions */ readonly copyActions?: Array<CfnBackupPlan.CopyActionResourceTypeProperty | cdk.IResolvable> | cdk.IResolvable; /** * Enables continuous backup and point-in-time restores (PITR). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-enablecontinuousbackup */ readonly enableContinuousBackup?: boolean | cdk.IResolvable; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-indexactions */ readonly indexActions?: Array<CfnBackupPlan.IndexActionsResourceTypeProperty | cdk.IResolvable> | cdk.IResolvable; /** * The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. * * AWS Backup transitions and expires backups automatically according to the lifecycle that you define. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-lifecycle */ readonly lifecycle?: cdk.IResolvable | CfnBackupPlan.LifecycleResourceTypeProperty; /** * The tags to assign to the resources. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-recoverypointtags */ readonly recoveryPointTags?: cdk.IResolvable | Record<string, string>; /** * A display name for a backup rule. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-rulename */ readonly ruleName: string; /** * A CRON expression specifying when AWS Backup initiates a backup job. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-scheduleexpression */ readonly scheduleExpression?: string; /** * This is the timezone in which the schedule expression is set. * * By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-scheduleexpressiontimezone */ readonly scheduleExpressionTimezone?: string; /** * An optional value that specifies a period of time in minutes after a backup is scheduled before a job is canceled if it doesn't start successfully. * * If this value is included, it must be at least 60 minutes to avoid errors. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-startwindowminutes */ readonly startWindowMinutes?: number; /** * The name of a logical container where backups are stored. * * Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of letters, numbers, and hyphens. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-backupruleresourcetype.html#cfn-backup-backupplan-backupruleresourcetype-targetbackupvault */ readonly targetBackupVault: string; } /** * Copies backups created by a backup rule to another vault. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-copyactionresourcetype.html */ interface CopyActionResourceTypeProperty { /** * An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. * * For example, `arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-copyactionresourcetype.html#cfn-backup-backupplan-copyactionresourcetype-destinationbackupvaultarn */ readonly destinationBackupVaultArn: string; /** * Defines when a protected resource is transitioned to cold storage and when it expires. * * AWS Backup transitions and expires backups automatically according to the lifecycle that you define. If you do not specify a lifecycle, AWS Backup applies the lifecycle policy of the source backup to the destination backup. * * Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-copyactionresourcetype.html#cfn-backup-backupplan-copyactionresourcetype-lifecycle */ readonly lifecycle?: cdk.IResolvable | CfnBackupPlan.LifecycleResourceTypeProperty; } /** * Specifies an object containing an array of `Transition` objects that determine how long in days before a recovery point transitions to cold storage or is deleted. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-lifecycleresourcetype.html */ interface LifecycleResourceTypeProperty { /** * Specifies the number of days after creation that a recovery point is deleted. * * Must be greater than `MoveToColdStorageAfterDays` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-lifecycleresourcetype.html#cfn-backup-backupplan-lifecycleresourcetype-deleteafterdays */ readonly deleteAfterDays?: number; /** * Specifies the number of days after creation that a recovery point is moved to cold storage. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-lifecycleresourcetype.html#cfn-backup-backupplan-lifecycleresourcetype-movetocoldstorageafterdays */ readonly moveToColdStorageAfterDays?: number; /** * If the value is true, your backup plan transitions supported resources to archive (cold) storage tier in accordance with your lifecycle settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-lifecycleresourcetype.html#cfn-backup-backupplan-lifecycleresourcetype-optintoarchiveforsupportedresources */ readonly optInToArchiveForSupportedResources?: boolean | cdk.IResolvable; } /** * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-indexactionsresourcetype.html */ interface IndexActionsResourceTypeProperty { /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-indexactionsresourcetype.html#cfn-backup-backupplan-indexactionsresourcetype-resourcetypes */ readonly resourceTypes?: Array<string>; } } /** * Properties for defining a `CfnBackupPlan` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupplan.html */ export interface CfnBackupPlanProps { /** * Uniquely identifies the backup plan to be associated with the selection of resources. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupplan.html#cfn-backup-backupplan-backupplan */ readonly backupPlan: CfnBackupPlan.BackupPlanResourceTypeProperty | cdk.IResolvable; /** * The tags to assign to the backup plan. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupplan.html#cfn-backup-backupplan-backupplantags */ readonly backupPlanTags?: Record<string, string>; } /** * Specifies a set of resources to assign to a backup plan. * * For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-cfn) . * * @cloudformationResource AWS::Backup::BackupSelection * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupselection.html */ export declare class CfnBackupSelection extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnBackupSelection from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnBackupSelection; /** * Uniquely identifies a backup plan. * * @cloudformationAttribute BackupPlanId */ readonly attrBackupPlanId: string; /** * Uniquely identifies the backup selection. * * @cloudformationAttribute Id */ readonly attrId: string; /** * Uniquely identifies a request to assign a set of resources to a backup plan. * * @cloudformationAttribute SelectionId */ readonly attrSelectionId: string; /** * Uniquely identifies a backup plan. */ backupPlanId: string; /** * Specifies the body of a request to assign a set of resources to a backup plan. */ backupSelection: CfnBackupSelection.BackupSelectionResourceTypeProperty | cdk.IResolvable; /** * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnBackupSelectionProps); protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnBackupSelection { /** * Specifies an object containing properties used to assign a set of resources to a backup plan. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html */ interface BackupSelectionResourceTypeProperty { /** * A list of conditions that you define to assign resources to your backup plans using tags. * * For example, `"StringEquals": { "ConditionKey": "aws:ResourceTag/CreatedByCryo", "ConditionValue": "true" },` . Condition operators are case sensitive. * * `Conditions` differs from `ListOfTags` as follows: * * - When you specify more than one condition, you only assign the resources that match ALL conditions (using AND logic). * - `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . `ListOfTags` only supports `StringEquals` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-conditions */ readonly conditions?: any | cdk.IResolvable; /** * The ARN of the IAM role that AWS Backup uses to authenticate when backing up the target resource; * * for example, `arn:aws:iam::123456789012:role/S3Access` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-iamrolearn */ readonly iamRoleArn: string; /** * A list of conditions that you define to assign resources to your backup plans using tags. * * For example, `"StringEquals": { "ConditionKey": "aws:ResourceTag/CreatedByCryo", "ConditionValue": "true" },` . Condition operators are case sensitive. * * `ListOfTags` differs from `Conditions` as follows: * * - When you specify more than one condition, you assign all resources that match AT LEAST ONE condition (using OR logic). * - `ListOfTags` only supports `StringEquals` . `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-listoftags */ readonly listOfTags?: Array<CfnBackupSelection.ConditionResourceTypeProperty | cdk.IResolvable> | cdk.IResolvable; /** * A list of Amazon Resource Names (ARNs) to exclude from a backup plan. * * The maximum number of ARNs is 500 without wildcards, or 30 ARNs with wildcards. * * If you need to exclude many resources from a backup plan, consider a different resource selection strategy, such as assigning only one or a few resource types or refining your resource selection using tags. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-notresources */ readonly notResources?: Array<string>; /** * An array of strings that contain Amazon Resource Names (ARNs) of resources to assign to a backup plan. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-resources */ readonly resources?: Array<string>; /** * The display name of a resource selection document. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-selectionname */ readonly selectionName: string; } /** * Specifies an object that contains an array of triplets made up of a condition type (such as `STRINGEQUALS` ), a key, and a value. * * Conditions are used to filter resources in a selection that is assigned to a backup plan. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionresourcetype.html */ interface ConditionResourceTypeProperty { /** * The key in a key-value pair. * * For example, in `"Department": "accounting"` , `"Department"` is the key. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionresourcetype.html#cfn-backup-backupselection-conditionresourcetype-conditionkey */ readonly conditionKey: string; /** * An operation, such as `STRINGEQUALS` , that is applied to a key-value pair used to filter resources in a selection. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionresourcetype.html#cfn-backup-backupselection-conditionresourcetype-conditiontype */ readonly conditionType: string; /** * The value in a key-value pair. * * For example, in `"Department": "accounting"` , `"accounting"` is the value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionresourcetype.html#cfn-backup-backupselection-conditionresourcetype-conditionvalue */ readonly conditionValue: string; } /** * Includes information about tags you define to assign tagged resources to a backup plan. * * Include the prefix `aws:ResourceTag` in your tags. For example, `"aws:ResourceTag/TagKey1": "Value1"` . * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionparameter.html */ interface ConditionParameterProperty { /** * The key in a key-value pair. * * For example, in the tag `Department: Accounting` , `Department` is the key. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionparameter.html#cfn-backup-backupselection-conditionparameter-conditionkey */ readonly conditionKey?: string; /** * The value in a key-value pair. * * For example, in the tag `Department: Accounting` , `Accounting` is the value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionparameter.html#cfn-backup-backupselection-conditionparameter-conditionvalue */ readonly conditionValue?: string; } /** * Contains information about which resources to include or exclude from a backup plan using their tags. * * Conditions are case sensitive. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditions.html */ interface ConditionsProperty { /** * Filters the values of your tagged resources for only those resources that you tagged with the same value. * * Also called "exact matching." * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditions.html#cfn-backup-backupselection-conditions-stringequals */ readonly stringEquals?: Array<CfnBackupSelection.ConditionParameterProperty | cdk.IResolvable> | cdk.IResolvable; /** * Filters the values of your tagged resources for matching tag values with the use of a wildcard character (*) anywhere in the string. * * For example, "prod*" or "*rod*" matches the tag value "production". * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditions.html#cfn-backup-backupselection-conditions-stringlike */ readonly stringLike?: Array<CfnBackupSelection.ConditionParameterProperty | cdk.IResolvable> | cdk.IResolvable; /** * Filters the values of your tagged resources for only those resources that you tagged that do not have the same value. * * Also called "negated matching." * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditions.html#cfn-backup-backupselection-conditions-stringnotequals */ readonly stringNotEquals?: Array<CfnBackupSelection.ConditionParameterProperty | cdk.IResolvable> | cdk.IResolvable; /** * Filters the values of your tagged resources for non-matching tag values with the use of a wildcard character (*) anywhere in the string. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditions.html#cfn-backup-backupselection-conditions-stringnotlike */ readonly stringNotLike?: Array<CfnBackupSelection.ConditionParameterProperty | cdk.IResolvable> | cdk.IResolvable; } } /** * Properties for defining a `CfnBackupSelection` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupselection.html */ export interface CfnBackupSelectionProps { /** * Uniquely identifies a backup plan. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupselection.html#cfn-backup-backupselection-backupplanid */ readonly backupPlanId: string; /** * Specifies the body of a request to assign a set of resources to a backup plan. * * It includes an array of resources, an optional array of patterns to exclude resources, an optional role to provide access to the AWS service the resource belongs to, and an optional array of tags used to identify a set of resources. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupselection.html#cfn-backup-backupselection-backupselection */ readonly backupSelection: CfnBackupSelection.BackupSelectionResourceTypeProperty | cdk.IResolvable; } /** * Creates a logical container where backups are stored. * * A `CreateBackupVault` request includes a name, optionally one or more resource tags, an encryption key, and a request ID. * * Do not include sensitive data, such as passport numbers, in the name of a backup vault. * * For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-cfn) . * * @cloudformationResource AWS::Backup::BackupVault * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html */ export declare class CfnBackupVault extends cdk.CfnResource implements cdk.IInspectable, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnBackupVault from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnBackupVault; /** * An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, `arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault` . * * @cloudformationAttribute BackupVaultArn */ readonly attrBackupVaultArn: string; /** * The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the Region where they are created. They consist of lowercase and uppercase letters, numbers, and hyphens. * * @cloudformationAttribute BackupVaultName */ readonly attrBackupVaultName: string; /** * A resource-based policy that is used to manage access permissions on the target backup vault. */ accessPolicy?: any | cdk.IResolvable; /** * The name of a logical container where backups are stored. */ backupVaultName: string; /** * The tags to assign to the backup vault. */ backupVaultTags?: Record<string, string>; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management; */ encryptionKeyArn?: string; /** * Configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) . */ lockConfiguration?: cdk.IResolvable | CfnBackupVault.LockConfigurationTypeProperty; /** * The SNS event notifications for the specified backup vault. */ notifications?: cdk.IResolvable | CfnBackupVault.NotificationObjectTypeProperty; /** * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnBackupVaultProps); protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnBackupVault { /** * The `LockConfigurationType` property type specifies configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) . * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html */ interface LockConfigurationTypeProperty { /** * The AWS Backup Vault Lock configuration that specifies the number of days before the lock date. * * For example, setting `ChangeableForDays` to 30 on Jan. 1, 2022 at 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC. * * AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set `ChangeableForDays` to 3 or greater. * * Before the lock date, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` . On and after the lock date, the Vault Lock becomes immutable and cannot be changed or deleted. * * If this parameter is not specified, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` at any time. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html#cfn-backup-backupvault-lockconfigurationtype-changeablefordays */ readonly changeableForDays?: number; /** * The AWS Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points. * * This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days). * * If this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period. * * If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html#cfn-backup-backupvault-lockconfigurationtype-maxretentiondays */ readonly maxRetentionDays?: number; /** * The AWS Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points. * * This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days). * * If this parameter is not specified, Vault Lock will not enforce a minimum retention period. * * If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html#cfn-backup-backupvault-lockconfigurationtype-minretentiondays */ readonly minRetentionDays: number; } /** * Specifies an object containing SNS event notification properties for the target backup vault. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-notificationobjecttype.html */ interface NotificationObjectTypeProperty { /** * An array of events that indicate the status of jobs to back up resources to the backup vault. * * For valid events, see [BackupVaultEvents](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html#API_PutBackupVaultNotifications_RequestSyntax) in the *AWS Backup API Guide* . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-notificationobjecttype.html#cfn-backup-backupvault-notificationobjecttype-backupvaultevents */ readonly backupVaultEvents: Array<string>; /** * An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; * * for example, `arn:aws:sns:us-west-2:111122223333:MyTopic` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-notificationobjecttype.html#cfn-backup-backupvault-notificationobjecttype-snstopicarn */ readonly snsTopicArn: string; } } /** * Properties for defining a `CfnBackupVault` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html */ export interface CfnBackupVaultProps { /** * A resource-based policy that is used to manage access permissions on the target backup vault. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html#cfn-backup-backupvault-accesspolicy */ readonly accessPolicy?: any | cdk.IResolvable; /** * The name of a logical container where backups are stored. * * Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html#cfn-backup-backupvault-backupvaultname */ readonly backupVaultName: string; /** * The tags to assign to the backup vault. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html#cfn-backup-backupvault-backupvaulttags */ readonly backupVaultTags?: Record<string, string>; /** * A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management; * * for example, `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` . If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, AWS Backup creates a KMS key for you by default. * * To learn which AWS Backup services support full AWS Backup management and how AWS Backup handles encryption for backups from services that do not yet support full AWS Backup , see [Encryption for backups in AWS Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html) * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html#cfn-backup-backupvault-encryptionkeyarn */ readonly encryptionKeyArn?: string; /** * Configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html#cfn-backup-backupvault-lockconfiguration */ readonly lockConfiguration?: cdk.IResolvable | CfnBackupVault.LockConfigurationTypeProperty; /** * The SNS event notifications for the specified backup vault. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-backupvault.html#cfn-backup-backupvault-notifications */ readonly notifications?: cdk.IResolvable | CfnBackupVault.NotificationObjectTypeProperty; } /** * Creates a framework with one or more controls. * * A framework is a collection of controls that you can use to evaluate your backup practices. By using pre-built customizable controls to define your policies, you can evaluate whether your backup practices comply with your policies and which resources are not yet in compliance. * * For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/bam-cfn-integration.html#bam-cfn-frameworks-template) . * * @cloudformationResource AWS::Backup::Framework * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-framework.html */ export declare class CfnFramework extends cdk.CfnResource implements cdk.IInspectable, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnFramework from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnFramework; /** * The UTC time when you created your framework. * * @cloudformationAttribute CreationTime */ readonly attrCreationTime: string; /** * Depolyment status refers to whether your framework has completed deployment. This status is usually `Completed` , but might also be `Create in progress` or another status. For a list of statuses, see [Framework compliance status](https://docs.aws.amazon.com/aws-backup/latest/devguide/viewing-frameworks.html) in the *Developer Guide* . * * @cloudformationAttribute DeploymentStatus */ readonly attrDeploymentStatus: string; /** * The Amazon Resource Name (ARN) of your framework. * * @cloudformationAttribute FrameworkArn */ readonly attrFrameworkArn: string; /** * Framework status refers to whether you have turned on resource tracking for all of your resources. This status is `Active` when you turn on all resources the framework evaluates. For other statuses and steps to correct them, see [Framework compliance status](https://docs.aws.amazon.com/aws-backup/latest/devguide/viewing-frameworks.html) in the *Developer Guide* . * * @cloudformationAttribute FrameworkStatus */ readonly attrFrameworkStatus: string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * Contains detailed information about all of the controls of a framework. */ frameworkControls: Array<CfnFramework.FrameworkControlProperty | cdk.IResolvable> | cdk.IResolvable; /** * An optional description of the framework with a maximum 1,024 characters. */ frameworkDescription?: string; /** * The unique name of a framework. */ frameworkName?: string; /** * The tags to assign to your framework. */ frameworkTags?: Array<cdk.CfnTag>; /** * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnFrameworkProps); protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnFramework { /** * Contains detailed information about all of the controls of a framework. * * Each framework must contain at least one control. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html */ interface FrameworkControlProperty { /** * The name/value pairs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html#cfn-backup-framework-frameworkcontrol-controlinputparameters */ readonly controlInputParameters?: Array<CfnFramework.ControlInputParameterProperty | cdk.IResolvable> | cdk.IResolvable; /** * The name of a control. * * This name is between 1 and 256 characters. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html#cfn-backup-framework-frameworkcontrol-controlname */ readonly controlName: string; /** * The scope of a control. * * The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. * * For more information, see [`ControlScope` .](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ControlScope.html) * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html#cfn-backup-framework-frameworkcontrol-controlscope */ readonly controlScope?: any | cdk.IResolvable; } /** * The parameters for a control. * * A control can have zero, one, or more than one parameter. An example of a control with two parameters is: "backup plan frequency is at least `daily` and the retention period is at least `1 year` ". The first parameter is `daily` . The second parameter is `1 year` . * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-controlinputparameter.html */ interface ControlInputParameterProperty { /** * The name of a parameter, for example, `BackupPlanFrequency` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-controlinputparameter.html#cfn-backup-framework-controlinputparameter-parametername */ readonly parameterName: string; /** * The value of parameter, for example, `hourly` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-controlinputparameter.html#cfn-backup-framework-controlinputparameter-parametervalue */ readonly parameterValue: string; } /** * A framework consists of one or more controls. * * Each control has its own control scope. The control scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. If no scope is specified, evaluations for the rule are triggered when any resource in your recording group changes in configuration. * * > To set a control scope that includes all of a particular resource, leave the `ControlScope` empty or do not pass it when calling `CreateFramework` .