daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
eaf19fa9c57a64da97b8fb3216d2094033221f00
agent-claw/cdk/node_modules/aws-cdk-lib/aws-backup/lib/vault.d.ts
daniel 732b00fb66 agent-claw: automated task changes
2026-05-06 18:55:16 -05:00

229 lines
8.1 KiB
TypeScript
Raw Blame History

import type { Construct } from 'constructs';
import * as iam from '../../aws-iam';
import type * as kms from '../../aws-kms';
import type * as sns from '../../aws-sns';
import type { Duration, IResource, RemovalPolicy } from '../../core';
import { Resource } from '../../core';
import type { BackupVaultReference, IBackupVaultRef } from '../../interfaces/generated/aws-backup-interfaces.generated';
/**
* A backup vault
*/
export interface IBackupVault extends IResource, IBackupVaultRef {
/**
* The name of a logical container where backups are stored.
*
* @attribute
*/
readonly backupVaultName: string;
/**
* The ARN of the backup vault.
*
* @attribute
*/
readonly backupVaultArn: string;
/**
* Grant the actions defined in actions to the given grantee
* on this backup vault.
*/
grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant;
}
/**
* Properties for a BackupVault
*/
export interface BackupVaultProps {
/**
* The name of a logical container where backups are stored. Backup vaults
* are identified by names that are unique to the account used to create
* them and the AWS Region where they are created.
*
* @default - A CDK generated name
*/
readonly backupVaultName?: string;
/**
* A resource-based policy that is used to manage access permissions on the
* backup vault.
*
* @default - access is not restricted
*/
readonly accessPolicy?: iam.PolicyDocument;
/**
* The server-side encryption key to use to protect your backups.
*
* @default - an Amazon managed KMS key
*/
readonly encryptionKey?: kms.IKeyRef;
/**
* A SNS topic to send vault events to.
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/sns-notifications.html
*
* @default - no notifications
*/
readonly notificationTopic?: sns.ITopic;
/**
* The vault events to send.
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/sns-notifications.html
*
* @default - all vault events if `notificationTopic` is defined
*/
readonly notificationEvents?: BackupVaultEvents[];
/**
* The removal policy to apply to the vault. Note that removing a vault
* that contains recovery points will fail.
*
* @default RemovalPolicy.RETAIN
*/
readonly removalPolicy?: RemovalPolicy;
/**
* Whether to add statements to the vault access policy that prevents anyone
* from deleting a recovery point.
*
* @default false
*/
readonly blockRecoveryPointDeletion?: boolean;
/**
* Configuration for AWS Backup Vault Lock
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html
*
* @default - AWS Backup Vault Lock is disabled
*/
readonly lockConfiguration?: LockConfiguration;
}
/**
* Backup vault events. Some events are no longer supported and will not return
* statuses or notifications.
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html#API_PutBackupVaultNotifications_RequestBody
*/
export declare enum BackupVaultEvents {
/** BACKUP_JOB_STARTED */
BACKUP_JOB_STARTED = "BACKUP_JOB_STARTED",
/** BACKUP_JOB_COMPLETED */
BACKUP_JOB_COMPLETED = "BACKUP_JOB_COMPLETED",
/** BACKUP_JOB_SUCCESSFUL */
BACKUP_JOB_SUCCESSFUL = "BACKUP_JOB_SUCCESSFUL",
/** BACKUP_JOB_FAILED */
BACKUP_JOB_FAILED = "BACKUP_JOB_FAILED",
/** BACKUP_JOB_EXPIRED */
BACKUP_JOB_EXPIRED = "BACKUP_JOB_EXPIRED",
/** RESTORE_JOB_STARTED */
RESTORE_JOB_STARTED = "RESTORE_JOB_STARTED",
/** RESTORE_JOB_COMPLETED */
RESTORE_JOB_COMPLETED = "RESTORE_JOB_COMPLETED",
/** RESTORE_JOB_SUCCESSFUL */
RESTORE_JOB_SUCCESSFUL = "RESTORE_JOB_SUCCESSFUL",
/** RESTORE_JOB_FAILED */
RESTORE_JOB_FAILED = "RESTORE_JOB_FAILED",
/** COPY_JOB_STARTED */
COPY_JOB_STARTED = "COPY_JOB_STARTED",
/** COPY_JOB_SUCCESSFUL */
COPY_JOB_SUCCESSFUL = "COPY_JOB_SUCCESSFUL",
/** COPY_JOB_FAILED */
COPY_JOB_FAILED = "COPY_JOB_FAILED",
/** RECOVERY_POINT_MODIFIED */
RECOVERY_POINT_MODIFIED = "RECOVERY_POINT_MODIFIED",
/** BACKUP_PLAN_CREATED */
BACKUP_PLAN_CREATED = "BACKUP_PLAN_CREATED",
/** BACKUP_PLAN_MODIFIED */
BACKUP_PLAN_MODIFIED = "BACKUP_PLAN_MODIFIED",
/** S3_BACKUP_OBJECT_FAILED */
S3_BACKUP_OBJECT_FAILED = "S3_BACKUP_OBJECT_FAILED",
/** BACKUP_PLAN_MODIFIED */
S3_RESTORE_OBJECT_FAILED = "S3_RESTORE_OBJECT_FAILED"
}
/**
* Configuration for AWS Backup Vault Lock
*
* @see https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html
*/
export interface LockConfiguration {
/**
* The minimum retention period that the vault retains its recovery points.
*
* If this parameter is specified, any backup or copy job to the vault must
* have a lifecycle policy with a retention period equal to or longer than
* the minimum retention period. If the job's retention period is shorter than
* that minimum retention period, then the vault fails that backup or copy job,
* and you should either modify your lifecycle settings or use a different
* vault. Recovery points already saved in the vault prior to Vault Lock are
* not affected.
*/
readonly minRetention: Duration;
/**
* The maximum retention period that the vault retains its recovery points.
*
* If this parameter is specified, any backup or copy job to the vault must
* have a lifecycle policy with a retention period equal to or shorter than
* the maximum retention period. If the job's retention period is longer than
* that maximum retention period, then the vault fails the backup or copy job,
* and you should either modify your lifecycle settings or use a different
* vault. Recovery points already saved in the vault prior to Vault Lock are
* not affected.
*
* @default - Vault Lock does not enforce a maximum retention period
*/
readonly maxRetention?: Duration;
/**
* The duration before the lock date.
*
* AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes
* effect and becomes immutable.
*
* Before the lock date, you can delete Vault Lock from the vault or change
* the Vault Lock configuration. On and after the lock date, the Vault Lock
* becomes immutable and cannot be changed or deleted.
*
* @default - Vault Lock can be deleted or changed at any time
*/
readonly changeableFor?: Duration;
}
declare abstract class BackupVaultBase extends Resource implements IBackupVault {
abstract readonly backupVaultName: string;
abstract readonly backupVaultArn: string;
get backupVaultRef(): BackupVaultReference;
/**
* Grant the actions defined in actions to the given grantee
* on this Backup Vault resource.
*
* [disable-awslint:no-grants]
*
* @param grantee Principal to grant right to
* @param actions The actions to grant
*/
grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant;
}
/**
* A backup vault
*/
export declare class BackupVault extends BackupVaultBase {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing backup vault by name
*/
static fromBackupVaultName(scope: Construct, id: string, backupVaultName: string): IBackupVault;
/**
* Import an existing backup vault by arn
*/
static fromBackupVaultArn(scope: Construct, id: string, backupVaultArn: string): IBackupVault;
readonly backupVaultName: string;
readonly backupVaultArn: string;
private readonly accessPolicy;
constructor(scope: Construct, id: string, props?: BackupVaultProps);
/**
* Adds a statement to the vault access policy
*/
addToAccessPolicy(statement: iam.PolicyStatement): void;
/**
* Adds a statement to the vault access policy that prevents anyone
* from deleting a recovery point.
*/
blockRecoveryPointDeletion(): void;
private uniqueVaultName;
}
export {};
Reference in New Issue View Git Blame Copy Permalink