logically_air_gapped_backup_vaults

Creates, updates, deletes or gets a logically_air_gapped_backup_vault resource or lists logically_air_gapped_backup_vaults in a region

Overview

Name	`logically_air_gapped_backup_vaults`
Type	Resource
Description	Resource Type definition for AWS::Backup::LogicallyAirGappedBackupVault
Id	`awscc.backup.logically_air_gapped_backup_vaults`

Fields

get (all properties)
list (identifiers only)

Name	Datatype	Description
`vault_state`	`string`
`backup_vault_tags`	`object`
`vault_type`	`string`
`backup_vault_name`	`string`
`backup_vault_arn`	`string`
`encryption_key_arn`	`string`
`max_retention_days`	`integer`
`min_retention_days`	`integer`
▶`notifications`	`object`
`access_policy`	`object`
`region`	`string`	AWS region.

Name	Datatype	Description
`backup_vault_name`	`string`
`region`	`string`	AWS region.

For more information, see AWS::Backup::LogicallyAirGappedBackupVault.

Methods

Name	Resource	Accessible by	Required Params
`create_resource`	`logically_air_gapped_backup_vaults`	`INSERT`	`BackupVaultName, MinRetentionDays, MaxRetentionDays, region`
`delete_resource`	`logically_air_gapped_backup_vaults`	`DELETE`	`Identifier, region`
`update_resource`	`logically_air_gapped_backup_vaults`	`UPDATE`	`Identifier, PatchDocument, region`
`list_resources`	`logically_air_gapped_backup_vaults_list_only`	`SELECT`	`region`
`get_resource`	`logically_air_gapped_backup_vaults`	`SELECT`	`Identifier, region`

`SELECT` examples

get (all properties)
list (identifiers only)

Gets all properties from an individual logically_air_gapped_backup_vault.

SELECT
  region,
  vault_state,
  backup_vault_tags,
  vault_type,
  backup_vault_name,
  backup_vault_arn,
  encryption_key_arn,
  max_retention_days,
  min_retention_days,
  notifications,
  access_policy
FROM awscc.backup.logically_air_gapped_backup_vaults
WHERE
  region = 'us-east-1' AND
  Identifier = '{{ backup_vault_name }}';

Lists all logically_air_gapped_backup_vaults in a region.

SELECT
  region,
  backup_vault_name
FROM awscc.backup.logically_air_gapped_backup_vaults_list_only
WHERE
  region = 'us-east-1';

`INSERT` example

Use the following StackQL query and manifest file to create a new logically_air_gapped_backup_vault resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO awscc.backup.logically_air_gapped_backup_vaults (
  BackupVaultName,
  MaxRetentionDays,
  MinRetentionDays,
  region
)
SELECT
  '{{ backup_vault_name }}',
  '{{ max_retention_days }}',
  '{{ min_retention_days }}',
  '{{ region }}';

/*+ create */
INSERT INTO awscc.backup.logically_air_gapped_backup_vaults (
  BackupVaultTags,
  BackupVaultName,
  MaxRetentionDays,
  MinRetentionDays,
  Notifications,
  AccessPolicy,
  region
)
SELECT
  '{{ backup_vault_tags }}',
  '{{ backup_vault_name }}',
  '{{ max_retention_days }}',
  '{{ min_retention_days }}',
  '{{ notifications }}',
  '{{ access_policy }}',
  '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: logically_air_gapped_backup_vault
    props:
      - name: backup_vault_tags
        value: {}
      - name: backup_vault_name
        value: '{{ backup_vault_name }}'
      - name: max_retention_days
        value: '{{ max_retention_days }}'
      - name: min_retention_days
        value: '{{ min_retention_days }}'
      - name: notifications
        value:
          sns_topic_arn: '{{ sns_topic_arn }}'
          backup_vault_events:
            - '{{ backup_vault_events[0] }}'
      - name: access_policy
        value: {}

`UPDATE` example

Use the following StackQL query and manifest file to update a logically_air_gapped_backup_vault resource, using stack-deploy.

/*+ update */
UPDATE awscc.backup.logically_air_gapped_backup_vaults
SET PatchDocument = string('{{ {
    "BackupVaultTags": backup_vault_tags,
    "Notifications": notifications,
    "AccessPolicy": access_policy
} | generate_patch_document }}')
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ backup_vault_name }}';

`DELETE` example

/*+ delete */
DELETE FROM awscc.backup.logically_air_gapped_backup_vaults
WHERE
  Identifier = '{{ backup_vault_name }}' AND
  region = 'us-east-1';

Permissions

To operate on the logically_air_gapped_backup_vaults resource, the following permissions are required:

Read
Create
Update
List
Delete

backup:DescribeBackupVault,
backup:GetBackupVaultNotifications,
backup:GetBackupVaultAccessPolicy,
backup:ListTags

backup:TagResource,
backup:CreateLogicallyAirGappedBackupVault,
backup:PutBackupVaultAccessPolicy,
backup:PutBackupVaultNotifications,
backup-storage:Mount,
backup-storage:MountCapsule,
backup:DescribeBackupVault

backup:DescribeBackupVault,
backup:DeleteBackupVaultAccessPolicy,
backup:DeleteBackupVaultNotifications,
backup:DeleteBackupVaultLockConfiguration,
backup:GetBackupVaultAccessPolicy,
backup:ListTags,
backup:TagResource,
backup:UntagResource,
backup:PutBackupVaultAccessPolicy,
backup:PutBackupVaultNotifications,
backup:PutBackupVaultLockConfiguration

backup:ListBackupVaults

backup:DeleteBackupVault

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

UPDATE example​

DELETE example​

Permissions​