AWS Native v0.109.0, Jun 26 24

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

aws-native.backup.BackupVault

Explore with Pulumi AI

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

Create BackupVault Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new BackupVault(name: string, args?: BackupVaultArgs, opts?: CustomResourceOptions);

@overload
def BackupVault(resource_name: str,
                args: Optional[BackupVaultArgs] = None,
                opts: Optional[ResourceOptions] = None)

@overload
def BackupVault(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                access_policy: Optional[Any] = None,
                backup_vault_name: Optional[str] = None,
                backup_vault_tags: Optional[Mapping[str, str]] = None,
                encryption_key_arn: Optional[str] = None,
                lock_configuration: Optional[BackupVaultLockConfigurationTypeArgs] = None,
                notifications: Optional[BackupVaultNotificationObjectTypeArgs] = None)

func NewBackupVault(ctx *Context, name string, args *BackupVaultArgs, opts ...ResourceOption) (*BackupVault, error)

public BackupVault(string name, BackupVaultArgs? args = null, CustomResourceOptions? opts = null)

public BackupVault(String name, BackupVaultArgs args)
public BackupVault(String name, BackupVaultArgs args, CustomResourceOptions options)

type: aws-native:backup:BackupVault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args BackupVaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args BackupVaultArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args BackupVaultArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args BackupVaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args BackupVaultArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

BackupVault Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The BackupVault resource accepts the following input properties:

AccessPolicy object

A resource-based policy that is used to manage access permissions on the target backup vault.

Search the CloudFormation User Guide for AWS::Backup::BackupVault for more information about the expected schema for this property.

BackupVaultName string

The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created.

BackupVaultTags Dictionary<string, string>

The tags to assign to the backup vault.

EncryptionKeyArn string

A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management; for example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab . If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, AWS Backup creates a KMS key for you by default.

To learn which AWS Backup services support full AWS Backup management and how AWS Backup handles encryption for backups from services that do not yet support full AWS Backup , see Encryption for backups in AWS Backup

LockConfiguration Pulumi.AwsNative.Backup.Inputs.BackupVaultLockConfigurationType

Configuration for AWS Backup Vault Lock .

Notifications Pulumi.AwsNative.Backup.Inputs.BackupVaultNotificationObjectType

The SNS event notifications for the specified backup vault.

AccessPolicy interface{}

A resource-based policy that is used to manage access permissions on the target backup vault.

Search the CloudFormation User Guide for AWS::Backup::BackupVault for more information about the expected schema for this property.

BackupVaultName string

The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created.

BackupVaultTags map[string]string

The tags to assign to the backup vault.

EncryptionKeyArn string

LockConfiguration BackupVaultLockConfigurationTypeArgs

Configuration for AWS Backup Vault Lock .

Notifications BackupVaultNotificationObjectTypeArgs

The SNS event notifications for the specified backup vault.

accessPolicy Object

A resource-based policy that is used to manage access permissions on the target backup vault.

Search the CloudFormation User Guide for AWS::Backup::BackupVault for more information about the expected schema for this property.

backupVaultName String

The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created.

backupVaultTags Map<String,String>

The tags to assign to the backup vault.

encryptionKeyArn String

lockConfiguration BackupVaultLockConfigurationType

Configuration for AWS Backup Vault Lock .

notifications BackupVaultNotificationObjectType

The SNS event notifications for the specified backup vault.

accessPolicy any

A resource-based policy that is used to manage access permissions on the target backup vault.

Search the CloudFormation User Guide for AWS::Backup::BackupVault for more information about the expected schema for this property.

backupVaultName string

The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created.

backupVaultTags {[key: string]: string}

The tags to assign to the backup vault.

encryptionKeyArn string

lockConfiguration BackupVaultLockConfigurationType

Configuration for AWS Backup Vault Lock .

notifications BackupVaultNotificationObjectType

The SNS event notifications for the specified backup vault.

access_policy Any

A resource-based policy that is used to manage access permissions on the target backup vault.

Search the CloudFormation User Guide for AWS::Backup::BackupVault for more information about the expected schema for this property.

backup_vault_name str

The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created.

backup_vault_tags Mapping[str, str]

The tags to assign to the backup vault.

encryption_key_arn str

lock_configuration BackupVaultLockConfigurationTypeArgs

Configuration for AWS Backup Vault Lock .

notifications BackupVaultNotificationObjectTypeArgs

The SNS event notifications for the specified backup vault.

accessPolicy Any

A resource-based policy that is used to manage access permissions on the target backup vault.

Search the CloudFormation User Guide for AWS::Backup::BackupVault for more information about the expected schema for this property.

backupVaultName String

The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created.

backupVaultTags Map<String>

The tags to assign to the backup vault.

encryptionKeyArn String

lockConfiguration Property Map

Configuration for AWS Backup Vault Lock .

notifications Property Map

The SNS event notifications for the specified backup vault.

Outputs

All input properties are implicitly available as output properties. Additionally, the BackupVault resource produces the following output properties:

BackupVaultArn string: An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault .
Id string: The provider-assigned unique ID for this managed resource.

BackupVaultArn string: An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault .
Id string: The provider-assigned unique ID for this managed resource.

backupVaultArn String: An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault .
id String: The provider-assigned unique ID for this managed resource.

backupVaultArn string: An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault .
id string: The provider-assigned unique ID for this managed resource.

backup_vault_arn str: An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault .
id str: The provider-assigned unique ID for this managed resource.

backupVaultArn String: An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault .
id String: The provider-assigned unique ID for this managed resource.

Supporting Types

BackupVaultLockConfigurationType, BackupVaultLockConfigurationTypeArgs

MinRetentionDays int

The AWS Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days).

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.

ChangeableForDays int

The AWS Backup Vault Lock configuration that specifies the number of days before the lock date. For example, setting ChangeableForDays to 30 on Jan. 1, 2022 at 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC.

AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set ChangeableForDays to 3 or greater.

Before the lock date, you can delete Vault Lock from the vault using DeleteBackupVaultLockConfiguration or change the Vault Lock configuration using PutBackupVaultLockConfiguration . On and after the lock date, the Vault Lock becomes immutable and cannot be changed or deleted.

If this parameter is not specified, you can delete Vault Lock from the vault using DeleteBackupVaultLockConfiguration or change the Vault Lock configuration using PutBackupVaultLockConfiguration at any time.

MaxRetentionDays int

The AWS Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days).

If this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period.

If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.

MinRetentionDays int

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

ChangeableForDays int

AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set ChangeableForDays to 3 or greater.

MaxRetentionDays int

minRetentionDays Integer

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

changeableForDays Integer

AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set ChangeableForDays to 3 or greater.

maxRetentionDays Integer

minRetentionDays number

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

changeableForDays number

AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set ChangeableForDays to 3 or greater.

maxRetentionDays number

min_retention_days int

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

changeable_for_days int

AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set ChangeableForDays to 3 or greater.

max_retention_days int

minRetentionDays Number

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

changeableForDays Number

AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set ChangeableForDays to 3 or greater.

maxRetentionDays Number

BackupVaultNotificationObjectType, BackupVaultNotificationObjectTypeArgs

BackupVaultEvents List<string>: An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see BackupVaultEvents in the AWS Backup API Guide .
SnsTopicArn string: An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, arn:aws:sns:us-west-2:111122223333:MyTopic .

BackupVaultEvents []string: An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see BackupVaultEvents in the AWS Backup API Guide .
SnsTopicArn string: An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, arn:aws:sns:us-west-2:111122223333:MyTopic .

backupVaultEvents List<String>: An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see BackupVaultEvents in the AWS Backup API Guide .
snsTopicArn String: An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, arn:aws:sns:us-west-2:111122223333:MyTopic .

backupVaultEvents string[]: An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see BackupVaultEvents in the AWS Backup API Guide .
snsTopicArn string: An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, arn:aws:sns:us-west-2:111122223333:MyTopic .

backup_vault_events Sequence[str]: An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see BackupVaultEvents in the AWS Backup API Guide .
sns_topic_arn str: An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, arn:aws:sns:us-west-2:111122223333:MyTopic .

backupVaultEvents List<String>: An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see BackupVaultEvents in the AWS Backup API Guide .
snsTopicArn String: An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, arn:aws:sns:us-west-2:111122223333:MyTopic .

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

aws-native.backup.BackupVault

On this page

On this page

Create BackupVault Resource

Constructor syntax

Parameters

BackupVault Resource Properties

Inputs

Outputs

Supporting Types

BackupVaultLockConfigurationType, BackupVaultLockConfigurationTypeArgs

BackupVaultNotificationObjectType, BackupVaultNotificationObjectTypeArgs

Package Details

On this page

On this page