pulumi-aws-kotlin/com.pulumi.aws.backup.kotlin/SelectionArgs

SelectionArgs

data class SelectionArgs(val conditions: Output<List<SelectionConditionArgs>>? = null, val iamRoleArn: Output<String>? = null, val name: Output<String>? = null, val notResources: Output<List<String>>? = null, val planId: Output<String>? = null, val resources: Output<List<String>>? = null, val selectionTags: Output<List<SelectionSelectionTagArgs>>? = null) : ConvertibleToJava<SelectionArgs>

Manages selection conditions for AWS Backup plan resources.

Example Usage

IAM Role

For more information about creating and managing IAM Roles for backups and restores, see the AWS Backup Developer Guide. The below example creates an IAM role with the default managed IAM Policy for allowing AWS Backup to create backups.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("backup.amazonaws.com")
                    .build())
                .actions("sts:AssumeRole")
                .build())
            .build());
        var exampleRole = new Role("exampleRole", RoleArgs.builder()
            .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());
        var exampleRolePolicyAttachment = new RolePolicyAttachment("exampleRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
            .policyArn("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup")
            .role(exampleRole.name())
            .build());
        var exampleSelection = new Selection("exampleSelection", SelectionArgs.builder()
            .iamRoleArn(exampleRole.arn())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Tag

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import com.pulumi.aws.backup.inputs.SelectionSelectionTagArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .selectionTags(SelectionSelectionTagArgs.builder()
                .type("STRINGEQUALS")
                .key("foo")
                .value("bar")
                .build())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Conditions

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import com.pulumi.aws.backup.inputs.SelectionConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .resources("*")
            .conditions(SelectionConditionArgs.builder()
                .stringEquals(SelectionConditionStringEqualArgs.builder()
                    .key("aws:ResourceTag/Component")
                    .value("rds")
                    .build())
                .stringLikes(SelectionConditionStringLikeArgs.builder()
                    .key("aws:ResourceTag/Application")
                    .value("app*")
                    .build())
                .stringNotEquals(SelectionConditionStringNotEqualArgs.builder()
                    .key("aws:ResourceTag/Backup")
                    .value("false")
                    .build())
                .stringNotLikes(SelectionConditionStringNotLikeArgs.builder()
                    .key("aws:ResourceTag/Environment")
                    .value("test*")
                    .build())
                .build())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Resource

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .resources(
                aws_db_instance.example().arn(),
                aws_ebs_volume.example().arn(),
                aws_efs_file_system.example().arn())
            .build());
    }
}
Content copied to clipboard

Selecting Backups By Not Resource

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Selection("example", SelectionArgs.builder()
            .iamRoleArn(aws_iam_role.example().arn())
            .planId(aws_backup_plan.example().id())
            .notResources(
                aws_db_instance.example().arn(),
                aws_ebs_volume.example().arn(),
                aws_efs_file_system.example().arn())
            .build());
    }
}
Content copied to clipboard

Import

Using pulumi import, import Backup selection using the role plan_id and id separated by |. For example:

$ pulumi import aws:backup/selection:Selection example plan-id|selection-id
Content copied to clipboard

Constructors

Link copied to clipboard
fun SelectionArgs(conditions: Output<List<SelectionConditionArgs>>? = null, iamRoleArn: Output<String>? = null, name: Output<String>? = null, notResources: Output<List<String>>? = null, planId: Output<String>? = null, resources: Output<List<String>>? = null, selectionTags: Output<List<SelectionSelectionTagArgs>>? = null)

Functions

Link copied to clipboard
open override fun toJava(): SelectionArgs

Properties

Link copied to clipboard
val conditions: Output<List<SelectionConditionArgs>>? = null

A list of conditions that you define to assign resources to your backup plans using tags.

Link copied to clipboard
val iamRoleArn: Output<String>? = null

The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.

Link copied to clipboard
val name: Output<String>? = null

The display name of a resource selection document.

Link copied to clipboard
val notResources: Output<List<String>>? = null

An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.

Link copied to clipboard
val planId: Output<String>? = null

The backup plan ID to be associated with the selection of resources.

Link copied to clipboard
val resources: Output<List<String>>? = null

An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.

Link copied to clipboard
val selectionTags: Output<List<SelectionSelectionTagArgs>>? = null

Tag-based conditions used to specify a set of resources to assign to a backup plan.