logically_air_gapped_backup_vaults
Creates, updates, deletes or gets a logically_air_gapped_backup_vault resource or lists logically_air_gapped_backup_vaults in a region
Overview
| Name | logically_air_gapped_backup_vaults |
| Type | Resource |
| Description | Resource Type definition for AWS::Backup::LogicallyAirGappedBackupVault |
| Id | awscc.backup.logically_air_gapped_backup_vaults |
Fields
| Name | Datatype | Description |
|---|---|---|
vault_state | string | |
backup_vault_tags | object | |
vault_type | string | |
backup_vault_name | string | |
backup_vault_arn | string | |
encryption_key_arn | string | |
max_retention_days | integer | |
min_retention_days | integer | |
notifications | object | |
access_policy | object | |
region | string | AWS region. |
For more information, see AWS::Backup::LogicallyAirGappedBackupVault.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | BackupVaultName, MinRetentionDays, MaxRetentionDays, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all properties from an individual logically_air_gapped_backup_vault.
SELECT
region,
vault_state,
backup_vault_tags,
vault_type,
backup_vault_name,
backup_vault_arn,
encryption_key_arn,
max_retention_days,
min_retention_days,
notifications,
access_policy
FROM awscc.backup.logically_air_gapped_backup_vaults
WHERE region = 'us-east-1' AND data__Identifier = '<BackupVaultName>';
INSERT example
Use the following StackQL query and manifest file to create a new logically_air_gapped_backup_vault resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.backup.logically_air_gapped_backup_vaults (
BackupVaultName,
MaxRetentionDays,
MinRetentionDays,
region
)
SELECT
'{{ BackupVaultName }}',
'{{ MaxRetentionDays }}',
'{{ MinRetentionDays }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.backup.logically_air_gapped_backup_vaults (
BackupVaultTags,
BackupVaultName,
MaxRetentionDays,
MinRetentionDays,
Notifications,
AccessPolicy,
region
)
SELECT
'{{ BackupVaultTags }}',
'{{ BackupVaultName }}',
'{{ MaxRetentionDays }}',
'{{ MinRetentionDays }}',
'{{ Notifications }}',
'{{ AccessPolicy }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: logically_air_gapped_backup_vault
props:
- name: BackupVaultTags
value: {}
- name: BackupVaultName
value: '{{ BackupVaultName }}'
- name: MaxRetentionDays
value: '{{ MaxRetentionDays }}'
- name: MinRetentionDays
value: '{{ MinRetentionDays }}'
- name: Notifications
value:
SNSTopicArn: '{{ SNSTopicArn }}'
BackupVaultEvents:
- '{{ BackupVaultEvents[0] }}'
- name: AccessPolicy
value: {}
DELETE example
/*+ delete */
DELETE FROM awscc.backup.logically_air_gapped_backup_vaults
WHERE data__Identifier = '<BackupVaultName>'
AND region = 'us-east-1';
Permissions
To operate on the logically_air_gapped_backup_vaults resource, the following permissions are required:
Read
backup:DescribeBackupVault,
backup:GetBackupVaultNotifications,
backup:GetBackupVaultAccessPolicy,
backup:ListTags
Create
backup:TagResource,
backup:CreateLogicallyAirGappedBackupVault,
backup:PutBackupVaultAccessPolicy,
backup:PutBackupVaultNotifications,
backup-storage:Mount,
backup-storage:MountCapsule,
backup:DescribeBackupVault
Update
backup:DescribeBackupVault,
backup:DeleteBackupVaultAccessPolicy,
backup:DeleteBackupVaultNotifications,
backup:DeleteBackupVaultLockConfiguration,
backup:GetBackupVaultAccessPolicy,
backup:ListTags,
backup:TagResource,
backup:UntagResource,
backup:PutBackupVaultAccessPolicy,
backup:PutBackupVaultNotifications,
backup:PutBackupVaultLockConfiguration
List
backup:ListBackupVaults
Delete
backup:DeleteBackupVault