pulumi-aws-kotlin/com.pulumi.aws.backup.kotlin/Selection

Selection

class Selection : KotlinCustomResource

Manages selection conditions for AWS Backup plan resources.

Example Usage

IAM Role

For more information about creating and managing IAM Roles for backups and restores, see the AWS Backup Developer Guide. The below example creates an IAM role with the default managed IAM Policy for allowing AWS Backup to create backups.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("backup.amazonaws.com")
                    .build())
                .actions("sts:AssumeRole")
                .build())
            .build());
        var exampleRole = new Role("exampleRole", RoleArgs.builder()
            .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());
        var exampleRolePolicyAttachment = new RolePolicyAttachment("exampleRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
            .policyArn("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup")
            .role(exampleRole.name())
            .build());
        var exampleSelection = new Selection("exampleSelection", SelectionArgs.builder()
            .iamRoleArn(exampleRole.arn())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Tag

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import com.pulumi.aws.backup.inputs.SelectionSelectionTagArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .selectionTags(SelectionSelectionTagArgs.builder()
                .type("STRINGEQUALS")
                .key("foo")
                .value("bar")
                .build())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Conditions

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import com.pulumi.aws.backup.inputs.SelectionConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .resources("*")
            .conditions(SelectionConditionArgs.builder()
                .stringEquals(SelectionConditionStringEqualArgs.builder()
                    .key("aws:ResourceTag/Component")
                    .value("rds")
                    .build())
                .stringLikes(SelectionConditionStringLikeArgs.builder()
                    .key("aws:ResourceTag/Application")
                    .value("app*")
                    .build())
                .stringNotEquals(SelectionConditionStringNotEqualArgs.builder()
                    .key("aws:ResourceTag/Backup")
                    .value("false")
                    .build())
                .stringNotLikes(SelectionConditionStringNotLikeArgs.builder()
                    .key("aws:ResourceTag/Environment")
                    .value("test*")
                    .build())
                .build())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Resource

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .resources(
                aws_db_instance.example().arn(),
                aws_ebs_volume.example().arn(),
                aws_efs_file_system.example().arn())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Not Resource

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .notResources(
                aws_db_instance.example().arn(),
                aws_ebs_volume.example().arn(),
                aws_efs_file_system.example().arn())
            .build());
    }
}
Content copied to clipboard

Import

Backup selection can be imported using the role plan_id and id separated by |.

$ pulumi import aws:backup/selection:Selection example plan-id|selection-id
Content copied to clipboard

Properties

Link copied to clipboard
val conditions: Output<List<SelectionCondition>>

A list of conditions that you define to assign resources to your backup plans using tags.

Link copied to clipboard
val iamRoleArn: Output<String>

The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val name: Output<String>

The display name of a resource selection document.

Link copied to clipboard
val notResources: Output<List<String>>

An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.

Link copied to clipboard
val planId: Output<String>

The backup plan ID to be associated with the selection of resources.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val resources: Output<List<String>>?

An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.

Link copied to clipboard
val selectionTags: Output<List<SelectionSelectionTag>>?

Tag-based conditions used to specify a set of resources to assign to a backup plan.

Link copied to clipboard
val urn: Output<String>