daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

agent-claw: automated task changes

Browse Source
This commit is contained in:
daniel
2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cdk/node_modules/aws-cdk-lib/aws-backup/.jsiirc.json generated vendored Normal file
View File

@@ -0,0 +1,13 @@
{
"targets": {
"java": {
"package": "software.amazon.awscdk.services.backup"
},
"dotnet": {
"namespace": "Amazon.CDK.AWS.Backup"
},
"python": {
"module": "aws_cdk.aws_backup"
}
}
}

260
cdk/node_modules/aws-cdk-lib/aws-backup/README.md generated vendored Normal file
View File

@@ -0,0 +1,260 @@
# AWS Backup Construct Library
AWS Backup is a fully managed backup service that makes it easy to centralize and automate the
backup of data across AWS services in the cloud and on premises. Using AWS Backup, you can
configure backup policies and monitor backup activity for your AWS resources in one place.
## Backup plan and selection
In AWS Backup, a *backup plan* is a policy expression that defines when and how you want to back up
your AWS resources, such as Amazon DynamoDB tables or Amazon Elastic File System (Amazon EFS) file
systems. You can assign resources to backup plans, and AWS Backup automatically backs up and retains
backups for those resources according to the backup plan. You can create multiple backup plans if you
have workloads with different backup requirements.
This module provides ready-made backup plans (similar to the console experience):
```ts
// Daily, weekly and monthly with 5 year retention
const plan = backup.BackupPlan.dailyWeeklyMonthly5YearRetention(this, 'Plan');
```
Assigning resources to a plan can be done with `addSelection()`:
```ts
declare const plan: backup.BackupPlan;
declare const vpc: ec2.Vpc;
const myTable = dynamodb.Table.fromTableName(this, 'Table', 'myTableName');
const myDatabaseInstance = new rds.DatabaseInstance(this, 'DatabaseInstance', {
engine: rds.DatabaseInstanceEngine.mysql({ version: rds.MysqlEngineVersion.VER_8_0_26 }),
vpc,
});
const myDatabaseCluster = new rds.DatabaseCluster(this, 'DatabaseCluster', {
engine: rds.DatabaseClusterEngine.auroraMysql({ version: rds.AuroraMysqlEngineVersion.VER_2_08_1 }),
credentials: rds.Credentials.fromGeneratedSecret('clusteradmin'),
instanceProps: {
vpc,
},
});
const myServerlessCluster = new rds.ServerlessCluster(this, 'ServerlessCluster', {
engine: rds.DatabaseClusterEngine.AURORA_POSTGRESQL,
parameterGroup: rds.ParameterGroup.fromParameterGroupName(this, 'ParameterGroup', 'default.aurora-postgresql11'),
vpc,
});
const myCoolConstruct = new Construct(this, 'MyCoolConstruct');
plan.addSelection('Selection', {
resources: [
backup.BackupResource.fromDynamoDbTable(myTable), // A DynamoDB table
backup.BackupResource.fromRdsDatabaseInstance(myDatabaseInstance), // A RDS instance
backup.BackupResource.fromRdsDatabaseCluster(myDatabaseCluster), // A RDS database cluster
backup.BackupResource.fromRdsServerlessCluster(myServerlessCluster), // An Aurora Serverless cluster
backup.BackupResource.fromTag('stage', 'prod'), // All resources that are tagged stage=prod in the region/account
backup.BackupResource.fromConstruct(myCoolConstruct), // All backupable resources in `myCoolConstruct`
]
})
```
If not specified, a new IAM role with a managed policy for backup will be
created for the selection. The `BackupSelection` implements `IGrantable`.
To disable the plan from assigning the default `AWSBackupServiceRolePolicyForBackup` backup policy use the `disableDefaultBackupPolicy` property.
This is useful if you want to avoid granting unnecessary permissions to the role.
```ts
declare const plan: backup.BackupPlan;
const role = new iam.Role(this, 'BackupRole', {
assumedBy: new iam.ServicePrincipal('backup.amazonaws.com'),
});
// Assign S3-specific backup policy
role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AWSBackupServiceRolePolicyForS3Backup'));
plan.addSelection('Selection', {
resources: [
backup.BackupResource.fromTag('stage', 'prod'),
],
role,
disableDefaultBackupPolicy: true,
});
```
To add rules to a plan, use `addRule()`:
```ts
import { TimeZone } from 'aws-cdk-lib';
declare const plan: backup.BackupPlan;
plan.addRule(new backup.BackupPlanRule({
completionWindow: Duration.hours(2),
startWindow: Duration.hours(1),
scheduleExpression: events.Schedule.cron({ // Only cron expressions are supported
day: '15',
hour: '3',
minute: '30',
}),
scheduleExpressionTimezone: TimeZone.ETC_UTC,
moveToColdStorageAfter: Duration.days(30),
}));
```
Continuous backup and point-in-time restores (PITR) can be configured.
Property `deleteAfter` defines the retention period for the backup. It is mandatory if PITR is enabled.
If no value is specified, the retention period is set to 35 days which is the maximum retention period supported by PITR.
Property `moveToColdStorageAfter` must not be specified because PITR does not support this option.
This example defines an AWS Backup rule with PITR and a retention period set to 14 days:
```ts
declare const plan: backup.BackupPlan;
plan.addRule(new backup.BackupPlanRule({
enableContinuousBackup: true,
deleteAfter: Duration.days(14),
}));
```
Rules can also specify to copy recovery points to another Backup Vault using `copyActions`. Copied recovery points can
optionally have `moveToColdStorageAfter` and `deleteAfter` configured.
```ts
declare const plan: backup.BackupPlan;
declare const secondaryVault: backup.BackupVault;
plan.addRule(new backup.BackupPlanRule({
copyActions: [{
destinationBackupVault: secondaryVault,
moveToColdStorageAfter: Duration.days(30),
deleteAfter: Duration.days(120),
}]
}));
```
You can assign your own metadata to the resources that are associated with the rule when restored from backup using `recoveryPointTags`. Each tag is a key-value pair.
```ts
declare const plan: backup.BackupPlan;
plan.addRule(new backup.BackupPlanRule({
recoveryPointTags: {
key: 'value',
},
}));
```
Ready-made rules are also available:
```ts
declare const plan: backup.BackupPlan;
plan.addRule(backup.BackupPlanRule.daily());
plan.addRule(backup.BackupPlanRule.weekly());
```
By default a new [vault](#Backup-vault) is created when creating a plan.
It is also possible to specify a vault either at the plan level or at the
rule level.
```ts
const myVault = backup.BackupVault.fromBackupVaultName(this, 'Vault1', 'myVault');
const otherVault = backup.BackupVault.fromBackupVaultName(this, 'Vault2', 'otherVault');
const plan = backup.BackupPlan.daily35DayRetention(this, 'Plan', myVault); // Use `myVault` for all plan rules
plan.addRule(backup.BackupPlanRule.monthly1Year(otherVault)); // Use `otherVault` for this specific rule
```
You can [backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/windows-backups.html)
VSS-enabled Windows applications running on Amazon EC2 instances by setting the `windowsVss`
parameter to `true`. If the application has VSS writer registered with Windows VSS,
then AWS Backup creates a snapshot that will be consistent for that application.
```ts
const plan = new backup.BackupPlan(this, 'Plan', {
windowsVss: true,
});
```
## Backup vault
In AWS Backup, a *backup vault* is a container that you organize your backups in. You can use backup
vaults to set the AWS Key Management Service (AWS KMS) encryption key that is used to encrypt backups
in the backup vault and to control access to the backups in the backup vault. If you require different
encryption keys or access policies for different groups of backups, you can optionally create multiple
backup vaults.
```ts
const myKey = kms.Key.fromKeyArn(this, 'MyKey', 'aaa');
const myTopic = sns.Topic.fromTopicArn(this, 'MyTopic', 'bbb');
const vault = new backup.BackupVault(this, 'Vault', {
encryptionKey: myKey, // Custom encryption key
notificationTopic: myTopic, // Send all vault events to this SNS topic
});
```
A vault has a default `RemovalPolicy` set to `RETAIN`. Note that removing a vault
that contains recovery points will fail.
You can assign policies to backup vaults and the resources they contain. Assigning policies allows
you to do things like grant access to users to create backup plans and on-demand backups, but limit
their ability to delete recovery points after they're created.
Use the `accessPolicy` property to create a backup vault policy:
```ts
const vault = new backup.BackupVault(this, 'Vault', {
accessPolicy: new iam.PolicyDocument({
statements: [
new iam.PolicyStatement({
effect: iam.Effect.DENY,
principals: [new iam.AnyPrincipal()],
actions: ['backup:DeleteRecoveryPoint'],
resources: ['*'],
conditions: {
StringNotLike: {
'aws:userId': [
'user1',
'user2',
],
},
},
}),
],
}),
})
```
Alternativately statements can be added to the vault policy using `addToAccessPolicy()`.
Use the `blockRecoveryPointDeletion` property or the `blockRecoveryPointDeletion()` method to add
a statement to the vault access policy that prevents recovery point deletions in your vault:
```ts
new backup.BackupVault(this, 'Vault', {
blockRecoveryPointDeletion: true,
});
declare const backupVault: backup.BackupVault;
backupVault.blockRecoveryPointDeletion();
```
By default access is not restricted.
Use the `lockConfiguration` property to enable [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html):
```ts
new backup.BackupVault(this, 'Vault', {
lockConfiguration: {
minRetention: Duration.days(30),
},
});
```
## Importing existing backup vault
To import an existing backup vault into your CDK application, use the `BackupVault.fromBackupVaultArn` or `BackupVault.fromBackupVaultName`
static method. Here is an example of giving an IAM Role permission to start a backup job:
```ts
const importedVault = backup.BackupVault.fromBackupVaultName(this, 'Vault', 'myVaultName');
const role = new iam.Role(this, 'Access Role', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com') });
importedVault.grant(role, 'backup:StartBackupJob');
```

1
cdk/node_modules/aws-cdk-lib/aws-backup/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1 @@
export * from './lib';

1
cdk/node_modules/aws-cdk-lib/aws-backup/index.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

2372
cdk/node_modules/aws-cdk-lib/aws-backup/lib/backup.generated.d.ts generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/backup.generated.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

6
cdk/node_modules/aws-cdk-lib/aws-backup/lib/backupable-resources-collector.d.ts generated vendored Normal file
View File

@@ -0,0 +1,6 @@
import type { IConstruct } from 'constructs';
import type { IAspect } from '../../core';
export declare class BackupableResourcesCollector implements IAspect {
readonly resources: string[];
visit(node: IConstruct): void;
}

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/backupable-resources-collector.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.BackupableResourcesCollector=void 0;var dynamodb=()=>{var tmp=require("../../aws-dynamodb");return dynamodb=()=>tmp,tmp},ec2=()=>{var tmp=require("../../aws-ec2");return ec2=()=>tmp,tmp},efs=()=>{var tmp=require("../../aws-efs");return efs=()=>tmp,tmp},rds=()=>{var tmp=require("../../aws-rds");return rds=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp};class BackupableResourcesCollector{resources=[];visit(node){node instanceof efs().CfnFileSystem&&this.resources.push(core_1().Stack.of(node).formatArn({service:"elasticfilesystem",resource:"file-system",resourceName:node.ref})),node instanceof dynamodb().CfnTable&&this.resources.push(core_1().Stack.of(node).formatArn({service:"dynamodb",resource:"table",resourceName:node.ref})),node instanceof ec2().CfnInstance&&this.resources.push(core_1().Stack.of(node).formatArn({service:"ec2",resource:"instance",resourceName:node.ref})),node instanceof ec2().CfnVolume&&this.resources.push(core_1().Stack.of(node).formatArn({service:"ec2",resource:"volume",resourceName:node.ref})),node instanceof rds().CfnDBInstance&&(node.dbClusterIdentifier||this.resources.push(core_1().Stack.of(node).formatArn({service:"rds",resource:"db",arnFormat:core_1().ArnFormat.COLON_RESOURCE_NAME,resourceName:node.ref}))),node instanceof rds().CfnDBCluster&&this.resources.push(core_1().Stack.of(node).formatArn({service:"rds",resource:"cluster",arnFormat:core_1().ArnFormat.COLON_RESOURCE_NAME,resourceName:node.ref}))}}exports.BackupableResourcesCollector=BackupableResourcesCollector;

6
cdk/node_modules/aws-cdk-lib/aws-backup/lib/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,6 @@
export * from './vault';
export * from './plan';
export * from './rule';
export * from './selection';
export * from './resource';
export * from './backup.generated';

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/index.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

114
cdk/node_modules/aws-cdk-lib/aws-backup/lib/plan.d.ts generated vendored Normal file
View File

@@ -0,0 +1,114 @@
import type { Construct } from 'constructs';
import { BackupPlanRule } from './rule';
import type { BackupSelectionOptions } from './selection';
import { BackupSelection } from './selection';
import type { IBackupVault } from './vault';
import type { IResource } from '../../core';
import { Resource } from '../../core';
import type { BackupPlanReference, IBackupPlanRef, IBackupVaultRef } from '../../interfaces/generated/aws-backup-interfaces.generated';
/**
* A backup plan
*/
export interface IBackupPlan extends IResource, IBackupPlanRef {
/**
* The identifier of the backup plan.
*
* @attribute
*/
readonly backupPlanId: string;
}
/**
* Properties for a BackupPlan
*/
export interface BackupPlanProps {
/**
* The display name of the backup plan.
*
* @default - A CDK generated name
*/
readonly backupPlanName?: string;
/**
* The backup vault where backups are stored
*
* @default - use the vault defined at the rule level. If not defined a new
* common vault for the plan will be created
*/
readonly backupVault?: IBackupVaultRef;
/**
* Rules for the backup plan. Use `addRule()` to add rules after
* instantiation.
*
* @default - use `addRule()` to add rules
*/
readonly backupPlanRules?: BackupPlanRule[];
/**
* Enable Windows VSS backup.
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/windows-backups.html
*
* @default false
*/
readonly windowsVss?: boolean;
}
/**
* A backup plan
*/
export declare class BackupPlan extends Resource implements IBackupPlan {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing backup plan
*/
static fromBackupPlanId(scope: Construct, id: string, backupPlanId: string): IBackupPlan;
/**
* Daily with 35 day retention
*/
static daily35DayRetention(scope: Construct, id: string, backupVault?: IBackupVaultRef): BackupPlan;
/**
* Daily and monthly with 1 year retention
*/
static dailyMonthly1YearRetention(scope: Construct, id: string, backupVault?: IBackupVaultRef): BackupPlan;
/**
* Daily, weekly and monthly with 5 year retention
*/
static dailyWeeklyMonthly5YearRetention(scope: Construct, id: string, backupVault?: IBackupVaultRef): BackupPlan;
/**
* Daily, weekly and monthly with 7 year retention
*/
static dailyWeeklyMonthly7YearRetention(scope: Construct, id: string, backupVault?: IBackupVaultRef): BackupPlan;
readonly backupPlanId: string;
/**
* The ARN of the backup plan
*
* @attribute
*/
readonly backupPlanArn: string;
/**
* Version Id
*
* @attribute
*/
readonly versionId: string;
get backupPlanRef(): BackupPlanReference;
private readonly rules;
private _backupVault?;
constructor(scope: Construct, id: string, props?: BackupPlanProps);
private advancedBackupSettings;
/**
* Adds a rule to a plan
*
* @param rule the rule to add
*/
addRule(rule: BackupPlanRule): void;
private planCopyActions;
/**
* The backup vault where backups are stored if not defined at
* the rule level
*/
get backupVault(): IBackupVault;
/**
* Adds a selection to this plan
*/
addSelection(id: string, options: BackupSelectionOptions): BackupSelection;
private validatePlan;
}

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/plan.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

7
cdk/node_modules/aws-cdk-lib/aws-backup/lib/private/ref-utils.d.ts generated vendored Normal file
View File

@@ -0,0 +1,7 @@
import type { IBackupVaultRef } from '../../../interfaces/generated/aws-backup-interfaces.generated';
import type { IBackupVault } from '../vault';
/**
* Convert an IBackupVaultRef to IBackupVault, throwing an error if the instance
* doesn't implement the full IBackupVault interface.
*/
export declare function toIBackupVault(vault: IBackupVaultRef): IBackupVault;

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/private/ref-utils.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.toIBackupVault=toIBackupVault;var core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp};function toIBackupVault(vault){if(!("backupVaultName"in vault)||!("backupVaultArn"in vault)||!("grant"in vault))throw new(core_1()).UnscopedValidationError((0,literal_string_1().lit)`VaultInstanceShouldImplement`,`'vault' instance should implement IBackupVault, but doesn't: ${vault.constructor.name}`);return vault}

101
cdk/node_modules/aws-cdk-lib/aws-backup/lib/resource.d.ts generated vendored Normal file
View File

@@ -0,0 +1,101 @@
import type { Construct } from 'constructs';
import type * as dynamodb from '../../aws-dynamodb';
import type * as ec2 from '../../aws-ec2';
import type { aws_rds } from '../../interfaces';
import type { IFileSystemRef } from '../../interfaces/generated/aws-efs-interfaces.generated';
/**
* An operation that is applied to a key-value pair
*/
export declare enum TagOperation {
/**
* StringEquals
*/
STRING_EQUALS = "STRINGEQUALS",
/**
* Dummy member
*/
DUMMY = "dummy"
}
/**
* A tag condition
*/
export interface TagCondition {
/**
* The key in a key-value pair.
*
* For example, in `"ec2:ResourceTag/Department": "accounting"`,
* `ec2:ResourceTag/Department` is the key.
*/
readonly key: string;
/**
* An operation that is applied to a key-value pair used to filter
* resources in a selection.
*
* @default STRING_EQUALS
*/
readonly operation?: TagOperation;
/**
* The value in a key-value pair.
*
* For example, in `"ec2:ResourceTag/Department": "accounting"`,
* `accounting` is the value.
*/
readonly value: string;
}
/**
* A resource to backup
*/
export declare class BackupResource {
/**
* Adds all supported resources in a construct
*
* @param construct The construct containing resources to backup
*/
static fromConstruct(construct: Construct): BackupResource;
/**
* A DynamoDB table
*/
static fromDynamoDbTable(table: dynamodb.ITableRef): BackupResource;
/**
* An EC2 instance
*/
static fromEc2Instance(instance: ec2.IInstanceRef): BackupResource;
/**
* An EFS file system
*/
static fromEfsFileSystem(fileSystem: IFileSystemRef): BackupResource;
/**
* A RDS database instance
*/
static fromRdsDatabaseInstance(instance: aws_rds.IDBInstanceRef): BackupResource;
/**
* A RDS database cluter
*/
static fromRdsDatabaseCluster(cluster: aws_rds.IDBClusterRef): BackupResource;
/**
* An Aurora database instance
*/
static fromRdsServerlessCluster(cluster: aws_rds.IDBClusterRef): BackupResource;
/**
* A list of ARNs or match patterns such as
* `arn:aws:ec2:us-east-1:123456789012:volume/*`
*/
static fromArn(arn: string): BackupResource;
/**
* A tag condition
*/
static fromTag(key: string, value: string, operation?: TagOperation): BackupResource;
/**
* A resource
*/
readonly resource?: string;
/**
* A condition on a tag
*/
readonly tagCondition?: TagCondition;
/**
* A construct
*/
readonly construct?: Construct;
constructor(resource?: string, tagCondition?: TagCondition, construct?: Construct);
}

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/resource.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.BackupResource=exports.TagOperation=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp},TagOperation;(function(TagOperation2){TagOperation2.STRING_EQUALS="STRINGEQUALS",TagOperation2.DUMMY="dummy"})(TagOperation||(exports.TagOperation=TagOperation={}));class BackupResource{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_backup.BackupResource",version:"2.252.0"};static fromConstruct(construct){return new BackupResource(void 0,void 0,construct)}static fromDynamoDbTable(table){try{jsiiDeprecationWarnings().aws_cdk_lib_interfaces_aws_dynamodb_ITableRef(table)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromDynamoDbTable),error}return BackupResource.fromArn(table.tableRef.tableArn)}static fromEc2Instance(instance){try{jsiiDeprecationWarnings().aws_cdk_lib_interfaces_aws_ec2_IInstanceRef(instance)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromEc2Instance),error}return BackupResource.fromArn(core_1().Stack.of(instance).formatArn({service:"ec2",resource:"instance",resourceName:instance.instanceRef.instanceId}))}static fromEfsFileSystem(fileSystem){try{jsiiDeprecationWarnings().aws_cdk_lib_interfaces_aws_efs_IFileSystemRef(fileSystem)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromEfsFileSystem),error}return BackupResource.fromArn(core_1().Stack.of(fileSystem).formatArn({service:"elasticfilesystem",resource:"file-system",resourceName:fileSystem.fileSystemRef.fileSystemId}))}static fromRdsDatabaseInstance(instance){try{jsiiDeprecationWarnings().aws_cdk_lib_interfaces_aws_rds_IDBInstanceRef(instance)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromRdsDatabaseInstance),error}return BackupResource.fromArn(instance.dbInstanceRef.dbInstanceArn)}static fromRdsDatabaseCluster(cluster){try{jsiiDeprecationWarnings().aws_cdk_lib_interfaces_aws_rds_IDBClusterRef(cluster)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromRdsDatabaseCluster),error}const stack=core_1().Stack.of(cluster);return BackupResource.fromArn(`arn:${stack.partition}:rds:${stack.region}:${stack.account}:cluster:${cluster.dbClusterRef.dbClusterIdentifier}`)}static fromRdsServerlessCluster(cluster){try{jsiiDeprecationWarnings().aws_cdk_lib_interfaces_aws_rds_IDBClusterRef(cluster)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromRdsServerlessCluster),error}return BackupResource.fromArn(cluster.dbClusterRef.dbClusterArn)}static fromArn(arn){return new BackupResource(arn)}static fromTag(key,value,operation){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_backup_TagOperation(operation)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromTag),error}return new BackupResource(void 0,{key,value,operation})}resource;tagCondition;construct;constructor(resource,tagCondition,construct){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_backup_TagCondition(tagCondition)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,BackupResource),error}this.resource=resource,this.tagCondition=tagCondition,this.construct=construct}}exports.BackupResource=BackupResource;

139
cdk/node_modules/aws-cdk-lib/aws-backup/lib/rule.d.ts generated vendored Normal file
View File

@@ -0,0 +1,139 @@
import * as events from '../../aws-events';
import type { TimeZone } from '../../core';
import { Duration } from '../../core';
import type { IBackupVaultRef } from '../../interfaces/generated/aws-backup-interfaces.generated';
/**
* Properties for a BackupPlanRule
*/
export interface BackupPlanRuleProps {
/**
* The duration after a backup job is successfully started before it must be
* completed or it is canceled by AWS Backup.
*
* @default - 7 days
*/
readonly completionWindow?: Duration;
/**
* Specifies the duration after creation that a recovery point is deleted.
* Must be greater than `moveToColdStorageAfter`.
*
* @default - recovery point is never deleted
*/
readonly deleteAfter?: Duration;
/**
* Specifies the duration after creation that a recovery point is moved to cold
* storage.
*
* @default - recovery point is never moved to cold storage
*/
readonly moveToColdStorageAfter?: Duration;
/**
* A display name for the backup rule.
*
* @default - a CDK generated name
*/
readonly ruleName?: string;
/**
* A CRON expression specifying when AWS Backup initiates a backup job.
*
* @default - no schedule
*/
readonly scheduleExpression?: events.Schedule;
/**
* The timezone in which the schedule expression is set.
*
* @default - UTC
*/
readonly scheduleExpressionTimezone?: TimeZone;
/**
* The duration after a backup is scheduled before a job is canceled if it doesn't start successfully.
*
* @default - 8 hours
*/
readonly startWindow?: Duration;
/**
* The backup vault where backups are
*
* @default - use the vault defined at the plan level. If not defined a new
* common vault for the plan will be created
*/
readonly backupVault?: IBackupVaultRef;
/**
* Enables continuous backup and point-in-time restores (PITR).
*
* Property `deleteAfter` defines the retention period for the backup. It is mandatory if PITR is enabled.
* If no value is specified, the retention period is set to 35 days which is the maximum retention period supported by PITR.
*
* Property `moveToColdStorageAfter` must not be specified because PITR does not support this option.
*
* @default false
*/
readonly enableContinuousBackup?: boolean;
/**
* Copy operations to perform on recovery points created by this rule
*
* @default - no copy actions
*/
readonly copyActions?: BackupPlanCopyActionProps[];
/**
* To help organize your resources, you can assign your own metadata to the resources that you create. Each tag is a key-value pair.
*
* @default - no recovery point tags.
*/
readonly recoveryPointTags?: {
[key: string]: string;
};
}
/**
* Properties for a BackupPlanCopyAction
*/
export interface BackupPlanCopyActionProps {
/**
* Destination Vault for recovery points to be copied into
*/
readonly destinationBackupVault: IBackupVaultRef;
/**
* Specifies the duration after creation that a copied recovery point is deleted from the destination vault.
* Must be at least 90 days greater than `moveToColdStorageAfter`, if specified.
*
* @default - recovery point is never deleted
*/
readonly deleteAfter?: Duration;
/**
* Specifies the duration after creation that a copied recovery point is moved to cold storage.
*
* @default - recovery point is never moved to cold storage
*/
readonly moveToColdStorageAfter?: Duration;
}
/**
* A backup plan rule
*/
export declare class BackupPlanRule {
/**
* Daily with 35 days retention
*/
static daily(backupVault?: IBackupVaultRef): BackupPlanRule;
/**
* Weekly with 3 months retention
*/
static weekly(backupVault?: IBackupVaultRef): BackupPlanRule;
/**
* Monthly 1 year retention, move to cold storage after 1 month
*/
static monthly1Year(backupVault?: IBackupVaultRef): BackupPlanRule;
/**
* Monthly 5 year retention, move to cold storage after 3 months
*/
static monthly5Year(backupVault?: IBackupVaultRef): BackupPlanRule;
/**
* Monthly 7 year retention, move to cold storage after 3 months
*/
static monthly7Year(backupVault?: IBackupVaultRef): BackupPlanRule;
/**
* Properties of BackupPlanRule
*/
readonly props: BackupPlanRuleProps;
/** @param props Rule properties */
constructor(props: BackupPlanRuleProps);
}

2
cdk/node_modules/aws-cdk-lib/aws-backup/lib/rule.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

84
cdk/node_modules/aws-cdk-lib/aws-backup/lib/selection.d.ts generated vendored Normal file
View File

@@ -0,0 +1,84 @@
import type { Construct } from 'constructs';
import type { BackupResource } from './resource';
import * as iam from '../../aws-iam';
import { Resource } from '../../core';
import type { IBackupPlanRef } from '../../interfaces/generated/aws-backup-interfaces.generated';
/**
* Options for a BackupSelection
*/
export interface BackupSelectionOptions {
/**
* The resources to backup.
* Use the helper static methods defined on `BackupResource`.
*/
readonly resources: BackupResource[];
/**
* The name for this selection
*
* @default - a CDK generated name
*/
readonly backupSelectionName?: string;
/**
* The role that AWS Backup uses to authenticate when backuping or restoring
* the resources. The `AWSBackupServiceRolePolicyForBackup` managed policy
* will be attached to this role unless `disableDefaultBackupPolicy`
* is set to `true`.
*
* @default - a new role will be created
*/
readonly role?: iam.IRole;
/**
* Whether to disable automatically assigning default backup permissions to the role
* that AWS Backup uses.
* If `false`, the `AWSBackupServiceRolePolicyForBackup` managed policy will be
* attached to the role.
*
* @default false
*/
readonly disableDefaultBackupPolicy?: boolean;
/**
* Whether to automatically give restores permissions to the role that AWS
* Backup uses. If `true`, the `AWSBackupServiceRolePolicyForRestores` managed
* policy will be attached to the role.
*
* @default false
*/
readonly allowRestores?: boolean;
}
/**
* Properties for a BackupSelection
*/
export interface BackupSelectionProps extends BackupSelectionOptions {
/**
* The backup plan for this selection
*/
readonly backupPlan: IBackupPlanRef;
}
/**
* A backup selection
*/
export declare class BackupSelection extends Resource implements iam.IGrantable {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
/**
* The identifier of the backup plan.
*
* @attribute
*/
readonly backupPlanId: string;
/**
* The identifier of the backup selection.
*
* @attribute
*/
readonly selectionId: string;
/**
* The principal to grant permissions to
*/
readonly grantPrincipal: iam.IPrincipal;
private listOfTags;
private resources;
private readonly backupableResourcesCollector;
constructor(scope: Construct, id: string, props: BackupSelectionProps);
private addResource;
}

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/selection.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

228
cdk/node_modules/aws-cdk-lib/aws-backup/lib/vault.d.ts generated vendored Normal file
View File

@@ -0,0 +1,228 @@
import type { Construct } from 'constructs';
import * as iam from '../../aws-iam';
import type * as kms from '../../aws-kms';
import type * as sns from '../../aws-sns';
import type { Duration, IResource, RemovalPolicy } from '../../core';
import { Resource } from '../../core';
import type { BackupVaultReference, IBackupVaultRef } from '../../interfaces/generated/aws-backup-interfaces.generated';
/**
* A backup vault
*/
export interface IBackupVault extends IResource, IBackupVaultRef {
/**
* The name of a logical container where backups are stored.
*
* @attribute
*/
readonly backupVaultName: string;
/**
* The ARN of the backup vault.
*
* @attribute
*/
readonly backupVaultArn: string;
/**
* Grant the actions defined in actions to the given grantee
* on this backup vault.
*/
grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant;
}
/**
* Properties for a BackupVault
*/
export interface BackupVaultProps {
/**
* The name of a logical container where backups are stored. Backup vaults
* are identified by names that are unique to the account used to create
* them and the AWS Region where they are created.
*
* @default - A CDK generated name
*/
readonly backupVaultName?: string;
/**
* A resource-based policy that is used to manage access permissions on the
* backup vault.
*
* @default - access is not restricted
*/
readonly accessPolicy?: iam.PolicyDocument;
/**
* The server-side encryption key to use to protect your backups.
*
* @default - an Amazon managed KMS key
*/
readonly encryptionKey?: kms.IKeyRef;
/**
* A SNS topic to send vault events to.
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/sns-notifications.html
*
* @default - no notifications
*/
readonly notificationTopic?: sns.ITopic;
/**
* The vault events to send.
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/sns-notifications.html
*
* @default - all vault events if `notificationTopic` is defined
*/
readonly notificationEvents?: BackupVaultEvents[];
/**
* The removal policy to apply to the vault. Note that removing a vault
* that contains recovery points will fail.
*
* @default RemovalPolicy.RETAIN
*/
readonly removalPolicy?: RemovalPolicy;
/**
* Whether to add statements to the vault access policy that prevents anyone
* from deleting a recovery point.
*
* @default false
*/
readonly blockRecoveryPointDeletion?: boolean;
/**
* Configuration for AWS Backup Vault Lock
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html
*
* @default - AWS Backup Vault Lock is disabled
*/
readonly lockConfiguration?: LockConfiguration;
}
/**
* Backup vault events. Some events are no longer supported and will not return
* statuses or notifications.
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html#API_PutBackupVaultNotifications_RequestBody
*/
export declare enum BackupVaultEvents {
/** BACKUP_JOB_STARTED */
BACKUP_JOB_STARTED = "BACKUP_JOB_STARTED",
/** BACKUP_JOB_COMPLETED */
BACKUP_JOB_COMPLETED = "BACKUP_JOB_COMPLETED",
/** BACKUP_JOB_SUCCESSFUL */
BACKUP_JOB_SUCCESSFUL = "BACKUP_JOB_SUCCESSFUL",
/** BACKUP_JOB_FAILED */
BACKUP_JOB_FAILED = "BACKUP_JOB_FAILED",
/** BACKUP_JOB_EXPIRED */
BACKUP_JOB_EXPIRED = "BACKUP_JOB_EXPIRED",
/** RESTORE_JOB_STARTED */
RESTORE_JOB_STARTED = "RESTORE_JOB_STARTED",
/** RESTORE_JOB_COMPLETED */
RESTORE_JOB_COMPLETED = "RESTORE_JOB_COMPLETED",
/** RESTORE_JOB_SUCCESSFUL */
RESTORE_JOB_SUCCESSFUL = "RESTORE_JOB_SUCCESSFUL",
/** RESTORE_JOB_FAILED */
RESTORE_JOB_FAILED = "RESTORE_JOB_FAILED",
/** COPY_JOB_STARTED */
COPY_JOB_STARTED = "COPY_JOB_STARTED",
/** COPY_JOB_SUCCESSFUL */
COPY_JOB_SUCCESSFUL = "COPY_JOB_SUCCESSFUL",
/** COPY_JOB_FAILED */
COPY_JOB_FAILED = "COPY_JOB_FAILED",
/** RECOVERY_POINT_MODIFIED */
RECOVERY_POINT_MODIFIED = "RECOVERY_POINT_MODIFIED",
/** BACKUP_PLAN_CREATED */
BACKUP_PLAN_CREATED = "BACKUP_PLAN_CREATED",
/** BACKUP_PLAN_MODIFIED */
BACKUP_PLAN_MODIFIED = "BACKUP_PLAN_MODIFIED",
/** S3_BACKUP_OBJECT_FAILED */
S3_BACKUP_OBJECT_FAILED = "S3_BACKUP_OBJECT_FAILED",
/** BACKUP_PLAN_MODIFIED */
S3_RESTORE_OBJECT_FAILED = "S3_RESTORE_OBJECT_FAILED"
}
/**
* Configuration for AWS Backup Vault Lock
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html
*/
export interface LockConfiguration {
/**
* The minimum retention period that the vault retains its recovery points.
*
* If this parameter is specified, any backup or copy job to the vault must
* have a lifecycle policy with a retention period equal to or longer than
* the minimum retention period. If the job's retention period is shorter than
* that minimum retention period, then the vault fails that backup or copy job,
* and you should either modify your lifecycle settings or use a different
* vault. Recovery points already saved in the vault prior to Vault Lock are
* not affected.
*/
readonly minRetention: Duration;
/**
* The maximum retention period that the vault retains its recovery points.
*
* If this parameter is specified, any backup or copy job to the vault must
* have a lifecycle policy with a retention period equal to or shorter than
* the maximum retention period. If the job's retention period is longer than
* that maximum retention period, then the vault fails the backup or copy job,
* and you should either modify your lifecycle settings or use a different
* vault. Recovery points already saved in the vault prior to Vault Lock are
* not affected.
*
* @default - Vault Lock does not enforce a maximum retention period
*/
readonly maxRetention?: Duration;
/**
* The duration before the lock date.
*
* AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes
* effect and becomes immutable.
*
* Before the lock date, you can delete Vault Lock from the vault or change
* the Vault Lock configuration. On and after the lock date, the Vault Lock
* becomes immutable and cannot be changed or deleted.
*
* @default - Vault Lock can be deleted or changed at any time
*/
readonly changeableFor?: Duration;
}
declare abstract class BackupVaultBase extends Resource implements IBackupVault {
abstract readonly backupVaultName: string;
abstract readonly backupVaultArn: string;
get backupVaultRef(): BackupVaultReference;
/**
* Grant the actions defined in actions to the given grantee
* on this Backup Vault resource.
*
* [disable-awslint:no-grants]
*
* @param grantee Principal to grant right to
* @param actions The actions to grant
*/
grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant;
}
/**
* A backup vault
*/
export declare class BackupVault extends BackupVaultBase {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing backup vault by name
*/
static fromBackupVaultName(scope: Construct, id: string, backupVaultName: string): IBackupVault;
/**
* Import an existing backup vault by arn
*/
static fromBackupVaultArn(scope: Construct, id: string, backupVaultArn: string): IBackupVault;
readonly backupVaultName: string;
readonly backupVaultArn: string;
private readonly accessPolicy;
constructor(scope: Construct, id: string, props?: BackupVaultProps);
/**
* Adds a statement to the vault access policy
*/
addToAccessPolicy(statement: iam.PolicyStatement): void;
/**
* Adds a statement to the vault access policy that prevents anyone
* from deleting a recovery point.
*/
blockRecoveryPointDeletion(): void;
private uniqueVaultName;
}
export {};

1
cdk/node_modules/aws-cdk-lib/aws-backup/lib/vault.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long