aws-cdk-lib

import * as cdk from "../../core/lib"; import * as constructs from "constructs"; import * as cfn_parse from "../../core/lib/helpers-internal"; import { AgentReference, IAgentRef, ILocationAzureBlobRef, ILocationEFSRef, ILocationFSxLustreRef, ILocationFSxONTAPRef, ILocationFSxOpenZFSRef, ILocationFSxWindowsRef, ILocationHDFSRef, ILocationNFSRef, ILocationObjectStorageRef, ILocationS3Ref, ILocationSMBRef, ITaskRef, LocationAzureBlobReference, LocationEFSReference, LocationFSxLustreReference, LocationFSxONTAPReference, LocationFSxOpenZFSReference, LocationFSxWindowsReference, LocationHDFSReference, LocationNFSReference, LocationObjectStorageReference, LocationS3Reference, LocationSMBReference, TaskReference } from "../../interfaces/generated/aws-datasync-interfaces.generated"; import { aws_datasync as dataSyncRefs, aws_efs as efsRefs, aws_logs as logsRefs, aws_s3 as s3Refs } from "../../interfaces"; /** * The `AWS::DataSync::Agent` resource activates an AWS DataSync agent that you've deployed for storage discovery or data transfers. * * The activation process associates the agent with your AWS account . * * For more information, see the following topics in the *AWS DataSync User Guide* : * * - [DataSync agent requirements](https://docs.aws.amazon.com/datasync/latest/userguide/agent-requirements.html) * - [DataSync network requirements](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html) * - [Create a DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/configure-agent.html) * * @cloudformationResource AWS::DataSync::Agent * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html */ export declare class CfnAgent extends cdk.CfnResource implements cdk.IInspectable, IAgentRef, cdk.ITaggable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnAgent from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnAgent; /** * Checks whether the given object is a CfnAgent */ static isCfnAgent(x: any): x is CfnAgent; static arnForAgent(resource: IAgentRef): string; /** * Specifies your DataSync agent's activation key. */ activationKey?: string; /** * Specifies a name for your agent. */ agentName?: string; /** * The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. */ securityGroupArns?: Array<string>; /** * Specifies the ARN of the subnet where your VPC service endpoint is located. */ subnetArns?: Array<string>; /** * Tag Manager which manages the tags for this resource */ readonly tags: cdk.TagManager; /** * Specifies labels that help you categorize, filter, and search for your AWS resources. */ tagsRaw?: Array<cdk.CfnTag>; /** * The ID of the virtual private cloud (VPC) endpoint that the agent has access to. */ vpcEndpointId?: string; /** * Create a new `AWS::DataSync::Agent`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props?: CfnAgentProps); get agentRef(): AgentReference; /** * The Amazon Resource Name (ARN) of the agent. Use the `ListAgents` operation to return a list of agents for your account and AWS Region . * * @cloudformationAttribute AgentArn */ get attrAgentArn(): string; /** * The type of endpoint that your agent is connected to. If the endpoint is a VPC endpoint, the agent is not accessible over the public internet. * * @cloudformationAttribute EndpointType */ get attrEndpointType(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } /** * Properties for defining a `CfnAgent` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html */ export interface CfnAgentProps { /** * Specifies your DataSync agent's activation key. * * If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-activationkey */ readonly activationKey?: string; /** * Specifies a name for your agent. * * We recommend specifying a name that you can remember. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-agentname */ readonly agentName?: string; /** * The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. * * See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) . * * *Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/.*$` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-securitygrouparns */ readonly securityGroupArns?: Array<string>; /** * Specifies the ARN of the subnet where your VPC service endpoint is located. * * You can only specify one ARN. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-subnetarns */ readonly subnetArns?: Array<string>; /** * Specifies labels that help you categorize, filter, and search for your AWS resources. * * We recommend creating at least one tag for your agent. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-tags */ readonly tags?: Array<cdk.CfnTag>; /** * The ID of the virtual private cloud (VPC) endpoint that the agent has access to. * * This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* . * * For more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.* * * A VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-vpcendpointid */ readonly vpcEndpointId?: string; } /** * Creates a transfer *location* for a Microsoft Azure Blob Storage container. * * AWS DataSync can use this location as a transfer source or destination. You can make transfers with or without a [DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-creating-agent) that connects to your container. * * Before you begin, make sure you know [how DataSync accesses Azure Blob Storage](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access) and works with [access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) and [blob types](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#blob-types) . * * @cloudformationResource AWS::DataSync::LocationAzureBlob * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html */ export declare class CfnLocationAzureBlob extends cdk.CfnResource implements cdk.IInspectable, ILocationAzureBlobRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnLocationAzureBlob from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnLocationAzureBlob; /** * Checks whether the given object is a CfnLocationAzureBlob */ static isCfnLocationAzureBlob(x: any): x is CfnLocationAzureBlob; /** * (Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. */ agentArns?: Array<string>; /** * Specifies the access tier that you want your objects or files transferred into. */ azureAccessTier?: string; /** * Specifies the authentication method DataSync uses to access your Azure Blob Storage. */ azureBlobAuthenticationType: string; /** * Specifies the URL of the Azure Blob Storage container involved in your transfer. */ azureBlobContainerUrl?: string; /** * Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage. */ azureBlobSasConfiguration?: CfnLocationAzureBlob.AzureBlobSasConfigurationProperty | cdk.IResolvable; /** * Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. */ azureBlobType?: string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token, secret key, password, or Kerberos keytab that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key . */ cmkSecretConfig?: CfnLocationAzureBlob.CmkSecretConfigProperty | cdk.IResolvable; /** * Specifies configuration information for a customer-managed Secrets Manager secret where a storage location credentials is stored in Secrets Manager as plain text (for authentication token, secret key, or password) or as binary (for Kerberos keytab). */ customSecretConfig?: CfnLocationAzureBlob.CustomSecretConfigProperty | cdk.IResolvable; /** * Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ). */ subdirectory?: string; /** * Specifies labels that help you categorize, filter, and search for your AWS resources. */ tags?: Array<cdk.CfnTag>; /** * Create a new `AWS::DataSync::LocationAzureBlob`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnLocationAzureBlobProps); get locationAzureBlobRef(): LocationAzureBlobReference; /** * Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` . * * @cloudformationAttribute CmkSecretConfig.SecretArn */ get attrCmkSecretConfigSecretArn(): string; /** * The ARN of the Azure Blob Storage transfer location that you created. * * @cloudformationAttribute LocationArn */ get attrLocationArn(): string; /** * The URI of the Azure Blob Storage transfer location that you created. * * @cloudformationAttribute LocationUri */ get attrLocationUri(): string; /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager. * * @cloudformationAttribute ManagedSecretConfig */ get attrManagedSecretConfig(): cdk.IResolvable; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnLocationAzureBlob { /** * The shared access signature (SAS) configuration that allows AWS DataSync to access your Microsoft Azure Blob Storage. * * For more information, see [SAS tokens](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-sas-tokens) for accessing your Azure Blob Storage. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-azureblobsasconfiguration.html */ interface AzureBlobSasConfigurationProperty { /** * Specifies a SAS token that provides permissions to access your Azure Blob Storage. * * The token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this: * * `sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-azureblobsasconfiguration.html#cfn-datasync-locationazureblob-azureblobsasconfiguration-azureblobsastoken */ readonly azureBlobSasToken: string; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token, secret key, password, or Kerberos keytab that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key . * * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-cmksecretconfig.html */ interface CmkSecretConfigProperty { /** * Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . * * DataSync provides this key to AWS Secrets Manager . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-cmksecretconfig.html#cfn-datasync-locationazureblob-cmksecretconfig-kmskeyarn */ readonly kmsKeyArn?: string; /** * Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. * * This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-cmksecretconfig.html#cfn-datasync-locationazureblob-cmksecretconfig-secretarn */ readonly secretArn?: string; } /** * Specifies configuration information for a customer-managed Secrets Manager secret where a storage location credentials is stored in Secrets Manager as plain text (for authentication token, secret key, or password) or as binary (for Kerberos keytab). * * This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. * * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-customsecretconfig.html */ interface CustomSecretConfigProperty { /** * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-customsecretconfig.html#cfn-datasync-locationazureblob-customsecretconfig-secretaccessrolearn */ readonly secretAccessRoleArn: string; /** * Specifies the ARN for an AWS Secrets Manager secret. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-customsecretconfig.html#cfn-datasync-locationazureblob-customsecretconfig-secretarn */ readonly secretArn: string; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. * * DataSync uses the default AWS -managed KMS key to encrypt this secret in AWS Secrets Manager . * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-managedsecretconfig.html */ interface ManagedSecretConfigProperty { /** * Specifies the ARN for an AWS Secrets Manager secret. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-managedsecretconfig.html#cfn-datasync-locationazureblob-managedsecretconfig-secretarn */ readonly secretArn: string; } } /** * Properties for defining a `CfnLocationAzureBlob` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html */ export interface CfnLocationAzureBlobProps { /** * (Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. * * If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter. * * You can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) . * * > Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-agentarns */ readonly agentArns?: Array<string>; /** * Specifies the access tier that you want your objects or files transferred into. * * This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) . * * @default - "HOT" * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-azureaccesstier */ readonly azureAccessTier?: string; /** * Specifies the authentication method DataSync uses to access your Azure Blob Storage. * * DataSync can access blob storage using a shared access signature (SAS). * * @default - "SAS" * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-azureblobauthenticationtype */ readonly azureBlobAuthenticationType: string; /** * Specifies the URL of the Azure Blob Storage container involved in your transfer. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-azureblobcontainerurl */ readonly azureBlobContainerUrl?: string; /** * Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage. * * > If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-azureblobsasconfiguration */ readonly azureBlobSasConfiguration?: CfnLocationAzureBlob.AzureBlobSasConfigurationProperty | cdk.IResolvable; /** * Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. * * Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) . * * @default - "BLOCK" * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-azureblobtype */ readonly azureBlobType?: string; /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token, secret key, password, or Kerberos keytab that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key . * * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-cmksecretconfig */ readonly cmkSecretConfig?: CfnLocationAzureBlob.CmkSecretConfigProperty | cdk.IResolvable; /** * Specifies configuration information for a customer-managed Secrets Manager secret where a storage location credentials is stored in Secrets Manager as plain text (for authentication token, secret key, or password) or as binary (for Kerberos keytab). * * This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. * * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-customsecretconfig */ readonly customSecretConfig?: CfnLocationAzureBlob.CustomSecretConfigProperty | cdk.IResolvable; /** * Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-subdirectory */ readonly subdirectory?: string; /** * Specifies labels that help you categorize, filter, and search for your AWS resources. * * We recommend creating at least a name tag for your transfer location. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * The `AWS::DataSync::LocationEFS` resource creates an endpoint for an Amazon EFS file system. * * AWS DataSync can access this endpoint as a source or destination location. * * @cloudformationResource AWS::DataSync::LocationEFS * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html */ export declare class CfnLocationEFS extends cdk.CfnResource implements cdk.IInspectable, ILocationEFSRef, cdk.ITaggable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnLocationEFS from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnLocationEFS; /** * Checks whether the given object is a CfnLocationEFS */ static isCfnLocationEFS(x: any): x is CfnLocationEFS; /** * Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system. */ accessPointArn?: string; /** * Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) . */ ec2Config: CfnLocationEFS.Ec2ConfigProperty | cdk.IResolvable; /** * Specifies the ARN for your Amazon EFS file system. */ efsFilesystemArn?: string; /** * Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system. */ fileSystemAccessRoleArn?: string; /** * Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system. */ inTransitEncryption?: string; /** * Specifies a mount path for your Amazon EFS file system. */ subdirectory?: string; /** * Tag Manager which manages the tags for this resource */ readonly tags: cdk.TagManager; /** * Specifies the key-value pair that represents a tag that you want to add to the resource. */ tagsRaw?: Array<cdk.CfnTag>; /** * Create a new `AWS::DataSync::LocationEFS`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnLocationEFSProps); get locationEfsRef(): LocationEFSReference; /** * The Amazon Resource Name (ARN) of the Amazon EFS file system. * * @cloudformationAttribute LocationArn */ get attrLocationArn(): string; /** * The URI of the Amazon EFS file system. * * @cloudformationAttribute LocationUri */ get attrLocationUri(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnLocationEFS { /** * The subnet and security groups that AWS DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) . * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html */ interface Ec2ConfigProperty { /** * Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html#cfn-datasync-locationefs-ec2config-securitygrouparns */ readonly securityGroupArns: Array<string>; /** * Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer. * * The subnet must be located: * * - In the same virtual private cloud (VPC) as the Amazon EFS file system. * - In the same Availability Zone as at least one mount target for the Amazon EFS file system. * * > You don't need to specify a subnet that includes a file system mount target. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html#cfn-datasync-locationefs-ec2config-subnetarn */ readonly subnetArn: string; } } /** * Properties for defining a `CfnLocationEFS` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html */ export interface CfnLocationEFSProps { /** * Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system. * * For more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-accesspointarn */ readonly accessPointArn?: string; /** * Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-ec2config */ readonly ec2Config: CfnLocationEFS.Ec2ConfigProperty | cdk.IResolvable; /** * Specifies the ARN for your Amazon EFS file system. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-efsfilesystemarn */ readonly efsFilesystemArn?: efsRefs.IFileSystemRef | string; /** * Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system. * * For information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-filesystemaccessrolearn */ readonly fileSystemAccessRoleArn?: string; /** * Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system. * * If you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-intransitencryption */ readonly inTransitEncryption?: string; /** * Specifies a mount path for your Amazon EFS file system. * * This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location). * * By default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-subdirectory */ readonly subdirectory?: string; /** * Specifies the key-value pair that represents a tag that you want to add to the resource. * * The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * The `AWS::DataSync::LocationFSxLustre` resource specifies an endpoint for an Amazon FSx for Lustre file system. * * @cloudformationResource AWS::DataSync::LocationFSxLustre * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxlustre.html */ export declare class CfnLocationFSxLustre extends cdk.CfnResource implements cdk.IInspectable, ILocationFSxLustreRef, cdk.ITaggable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnLocationFSxLustre from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnLocationFSxLustre; /** * Checks whether the given object is a CfnLocationFSxLustre */ static isCfnLocationFSxLustre(x: any): x is CfnLocationFSxLustre; /** * Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system. */ fsxFilesystemArn?: string; /** * The ARNs of the security groups that are used to configure the FSx for Lustre file system. */ securityGroupArns: Array<string>; /** * Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories. */ subdirectory?: string; /** * Tag Manager which manages the tags for this resource */ readonly tags: cdk.TagManager; /** * Specifies labels that help you categorize, filter, and search for your AWS resources. */ tagsRaw?: Array<cdk.CfnTag>; /** * Create a new `AWS::DataSync::LocationFSxLustre`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnLocationFSxLustreProps); get locationFSxLustreRef(): LocationFSxLustreReference; /** * The ARN of the specified FSx for Lustre file system location. * * @cloudformationAttribute LocationArn */ get attrLocationArn(): string; /** * The URI of the specified FSx for Lustre file system location. * * @cloudformationAttribute LocationUri */ get attrLocationUri(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } /** * Properties for defining a `CfnLocationFSxLustre` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxlustre.html */ export interface CfnLocationFSxLustreProps { /** * Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxlustre.html#cfn-datasync-locationfsxlustre-fsxfilesystemarn */ readonly fsxFilesystemArn?: string; /** * The ARNs of the security groups that are used to configure the FSx for Lustre file system. * * *Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/.*$` * * *Length constraints* : Maximum length of 128. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxlustre.html#cfn-datasync-locationfsxlustre-securitygrouparns */ readonly securityGroupArns: Array<string>; /** * Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories. * * When the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxlustre.html#cfn-datasync-locationfsxlustre-subdirectory */ readonly subdirectory?: string; /** * Specifies labels that help you categorize, filter, and search for your AWS resources. * * We recommend creating at least a name tag for your location. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxlustre.html#cfn-datasync-locationfsxlustre-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * The `AWS::DataSync::LocationFSxONTAP` resource creates an endpoint for an Amazon FSx for NetApp ONTAP file system. * * AWS DataSync can access this endpoint as a source or destination location. * * @cloudformationResource AWS::DataSync::LocationFSxONTAP * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxontap.html */ export declare class CfnLocationFSxONTAP extends cdk.CfnResource implements cdk.IInspectable, ILocationFSxONTAPRef, cdk.ITaggable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnLocationFSxONTAP from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnLocationFSxONTAP; /** * Checks whether the given object is a CfnLocationFSxONTAP */ static isCfnLocationFSxONTAP(x: any): x is CfnLocationFSxONTAP; /** * Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system. */ protocol?: cdk.IResolvable | CfnLocationFSxONTAP.ProtocolProperty; /** * Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. */ securityGroupArns: Array<string>; /** * Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from. */ storageVirtualMachineArn: string; /** * Specifies a path to the file share in the SVM where you want to transfer data to or from. */ subdirectory?: string; /** * Tag Manager which manages the tags for this resource */ readonly tags: cdk.TagManager; /** * Specifies labels that help you categorize, filter, and search for your AWS resources. */ tagsRaw?: Array<cdk.CfnTag>; /** * Create a new `AWS::DataSync::LocationFSxONTAP`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnLocationFSxONTAPProps); get locationFSxOntapRef(): LocationFSxONTAPReference; /** * The ARN of the FSx for ONTAP file system in the specified location. * * @cloudformationAttribute FsxFilesystemArn */ get attrFsxFilesystemArn(): string; /** * The ARN of the specified location. * * @cloudformationAttribute LocationArn */ get attrLocationArn(): string; /** * The URI of the specified location. * * @cloudformationAttribute LocationUri */ get attrLocationUri(): string; /** * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync. * * @cloudformationAttribute Protocol.SMB.CmkSecretConfig.SecretArn */ get attrProtocolSmbCmkSecretConfigSecretArn(): string; /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager. * * @cloudformationAttribute Protocol.SMB.ManagedSecretConfig */ get attrProtocolSmbManagedSecretConfig(): cdk.IResolvable; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnLocationFSxONTAP { /** * Specifies the data transfer protocol that AWS DataSync uses to access your Amazon FSx file system. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-protocol.html */ interface ProtocolProperty { /** * Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-protocol.html#cfn-datasync-locationfsxontap-protocol-nfs */ readonly nfs?: cdk.IResolvable | CfnLocationFSxONTAP.NFSProperty; /** * Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-protocol.html#cfn-datasync-locationfsxontap-protocol-smb */ readonly smb?: cdk.IResolvable | CfnLocationFSxONTAP.SMBProperty; } /** * Specifies the Server Message Block (SMB) protocol configuration that AWS DataSync uses to access a storage virtual machine (SVM) on your Amazon FSx for NetApp ONTAP file system. * * For more information, see [Accessing FSx for ONTAP file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-ontap-location.html#create-ontap-location-access) . * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-smb.html */ interface SMBProperty { /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-smb.html#cfn-datasync-locationfsxontap-smb-cmksecretconfig */ readonly cmkSecretConfig?: CfnLocationFSxONTAP.CmkSecretConfigProperty | cdk.IResolvable; /** * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-smb.html#cfn-datasync-locationfsxontap-smb-customsecretconfig */ readonly customSecretConfig?: CfnLocationFSxONTAP.CustomSecretConfigProperty | cdk.IResolvable; /** * Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to. * * If you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM. * * If you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-smb.html#cfn-datasync-locationfsxontap-smb-domain */ readonly domain?: string; /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. * * DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-smb.html#cfn-datasync-locationfsxontap-smb-managedsecretconfig */ readonly managedSecretConfig?: cdk.IResolvable | CfnLocationFSxONTAP.ManagedSecretConfigProperty; /** * Specifies how DataSync can access a location using the SMB protocol. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-smb.html#cfn-datasync-locationfsxontap-smb-mountoptions */ readonly mountOptions: cdk.IResolvable | CfnLocationFSxONTAP.SmbMountOptionsProperty; /** * Specifies the password of a user who has permission to access your SVM. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationfsxontap-smb.html#cfn-datasync-locationfsxontap-smb-password */ readonly password?: string; /** * Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM. * * If you provide a user in your Active Directory, note the following: * * - If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group. * - If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system. * * Make sure that the user has the permissions it needs to copy the data you want: * * - `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs). * - `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is gran