awsbackup

package
v1.170.0-devpreview Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 25, 2022 License: Apache-2.0 Imports: 14 Imported by: 0

README

AWS Backup Construct Library

AWS Backup is a fully managed backup service that makes it easy to centralize and automate the backup of data across AWS services in the cloud and on premises. Using AWS Backup, you can configure backup policies and monitor backup activity for your AWS resources in one place.

Backup plan and selection

In AWS Backup, a backup plan is a policy expression that defines when and how you want to back up your AWS resources, such as Amazon DynamoDB tables or Amazon Elastic File System (Amazon EFS) file systems. You can assign resources to backup plans, and AWS Backup automatically backs up and retains backups for those resources according to the backup plan. You can create multiple backup plans if you have workloads with different backup requirements.

This module provides ready-made backup plans (similar to the console experience):

// Daily, weekly and monthly with 5 year retention
plan := backup.backupPlan.dailyWeeklyMonthly5YearRetention(this, jsii.String("Plan"))

Assigning resources to a plan can be done with addSelection():

var plan backupPlan

myTable := dynamodb.table.fromTableName(this, jsii.String("Table"), jsii.String("myTableName"))
myCoolConstruct := constructs.NewConstruct(this, jsii.String("MyCoolConstruct"))

plan.addSelection(jsii.String("Selection"), &backupSelectionOptions{
	resources: []backupResource{
		backup.*backupResource.fromDynamoDbTable(myTable),
		backup.*backupResource.fromTag(jsii.String("stage"), jsii.String("prod")),
		backup.*backupResource.fromConstruct(myCoolConstruct),
	},
})

If not specified, a new IAM role with a managed policy for backup will be created for the selection. The BackupSelection implements IGrantable.

To add rules to a plan, use addRule():

var plan backupPlan

plan.addRule(backup.NewBackupPlanRule(&backupPlanRuleProps{
	completionWindow: awscdk.Duration.hours(jsii.Number(2)),
	startWindow: awscdk.Duration.hours(jsii.Number(1)),
	scheduleExpression: events.schedule.cron(&cronOptions{
		 // Only cron expressions are supported
		day: jsii.String("15"),
		hour: jsii.String("3"),
		minute: jsii.String("30"),
	}),
	moveToColdStorageAfter: awscdk.Duration.days(jsii.Number(30)),
}))

Continuous backup and point-in-time restores (PITR) can be configured. Property deleteAfter defines the retention period for the backup. It is mandatory if PITR is enabled. If no value is specified, the retention period is set to 35 days which is the maximum retention period supported by PITR. Property moveToColdStorageAfter must not be specified because PITR does not support this option. This example defines an AWS Backup rule with PITR and a retention period set to 14 days:

var plan backupPlan

plan.addRule(backup.NewBackupPlanRule(&backupPlanRuleProps{
	enableContinuousBackup: jsii.Boolean(true),
	deleteAfter: awscdk.Duration.days(jsii.Number(14)),
}))

Ready-made rules are also available:

var plan backupPlan

plan.addRule(backup.backupPlanRule.daily())
plan.addRule(backup.backupPlanRule.weekly())

By default a new vault is created when creating a plan. It is also possible to specify a vault either at the plan level or at the rule level.

myVault := backup.backupVault.fromBackupVaultName(this, jsii.String("Vault1"), jsii.String("myVault"))
otherVault := backup.backupVault.fromBackupVaultName(this, jsii.String("Vault2"), jsii.String("otherVault"))

plan := backup.backupPlan.daily35DayRetention(this, jsii.String("Plan"), myVault) // Use `myVault` for all plan rules
plan.addRule(backup.backupPlanRule.monthly1Year(otherVault))

You can backup VSS-enabled Windows applications running on Amazon EC2 instances by setting the windowsVss parameter to true. If the application has VSS writer registered with Windows VSS, then AWS Backup creates a snapshot that will be consistent for that application.

plan := backup.NewBackupPlan(this, jsii.String("Plan"), &backupPlanProps{
	windowsVss: jsii.Boolean(true),
})

Backup vault

In AWS Backup, a backup vault is a container that you organize your backups in. You can use backup vaults to set the AWS Key Management Service (AWS KMS) encryption key that is used to encrypt backups in the backup vault and to control access to the backups in the backup vault. If you require different encryption keys or access policies for different groups of backups, you can optionally create multiple backup vaults.

myKey := kms.key.fromKeyArn(this, jsii.String("MyKey"), jsii.String("aaa"))
myTopic := sns.topic.fromTopicArn(this, jsii.String("MyTopic"), jsii.String("bbb"))

vault := backup.NewBackupVault(this, jsii.String("Vault"), &backupVaultProps{
	encryptionKey: myKey,
	 // Custom encryption key
	notificationTopic: myTopic,
})

A vault has a default RemovalPolicy set to RETAIN. Note that removing a vault that contains recovery points will fail.

You can assign policies to backup vaults and the resources they contain. Assigning policies allows you to do things like grant access to users to create backup plans and on-demand backups, but limit their ability to delete recovery points after they're created.

Use the accessPolicy property to create a backup vault policy:

vault := backup.NewBackupVault(this, jsii.String("Vault"), &backupVaultProps{
	accessPolicy: iam.NewPolicyDocument(&policyDocumentProps{
		statements: []policyStatement{
			iam.NewPolicyStatement(&policyStatementProps{
				effect: iam.effect_DENY,
				principals: []iPrincipal{
					iam.NewAnyPrincipal(),
				},
				actions: []*string{
					jsii.String("backup:DeleteRecoveryPoint"),
				},
				resources: []*string{
					jsii.String("*"),
				},
				conditions: map[string]interface{}{
					"StringNotLike": map[string][]*string{
						"aws:userId": []*string{
							jsii.String("user1"),
							jsii.String("user2"),
						},
					},
				},
			}),
		},
	}),
})

Alternativately statements can be added to the vault policy using addToAccessPolicy().

Use the blockRecoveryPointDeletion property or the blockRecoveryPointDeletion() method to add a statement to the vault access policy that prevents recovery point deletions in your vault:

var backupVault backupVault
backup.NewBackupVault(this, jsii.String("Vault"), &backupVaultProps{
	blockRecoveryPointDeletion: jsii.Boolean(true),
})
backupVault.blockRecoveryPointDeletion()

By default access is not restricted.

Importing existing backup vault

To import an existing backup vault into your CDK application, use the BackupVault.fromBackupVaultArn or BackupVault.fromBackupVaultName static method. Here is an example of giving an IAM Role permission to start a backup job:

importedVault := backup.backupVault.fromBackupVaultName(this, jsii.String("Vault"), jsii.String("myVaultName"))

role := iam.NewRole(this, jsii.String("Access Role"), &roleProps{
	assumedBy: iam.NewServicePrincipal(jsii.String("lambda.amazonaws.com")),
})

importedVault.grant(role, jsii.String("backup:StartBackupJob"))

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BackupPlan_IsConstruct 

func BackupPlan_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func BackupPlan_IsResource 

func BackupPlan_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func BackupSelection_IsConstruct 

func BackupSelection_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func BackupSelection_IsResource 

func BackupSelection_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func BackupVault_IsConstruct 

func BackupVault_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func BackupVault_IsResource 

func BackupVault_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func CfnBackupPlan_CFN_RESOURCE_TYPE_NAME 

func CfnBackupPlan_CFN_RESOURCE_TYPE_NAME() *string

func CfnBackupPlan_IsCfnElement 

func CfnBackupPlan_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnBackupPlan_IsCfnResource 

func CfnBackupPlan_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnBackupPlan_IsConstruct 

func CfnBackupPlan_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnBackupSelection_CFN_RESOURCE_TYPE_NAME 

func CfnBackupSelection_CFN_RESOURCE_TYPE_NAME() *string

func CfnBackupSelection_IsCfnElement 

func CfnBackupSelection_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnBackupSelection_IsCfnResource 

func CfnBackupSelection_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnBackupSelection_IsConstruct 

func CfnBackupSelection_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnBackupVault_CFN_RESOURCE_TYPE_NAME 

func CfnBackupVault_CFN_RESOURCE_TYPE_NAME() *string

func CfnBackupVault_IsCfnElement 

func CfnBackupVault_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnBackupVault_IsCfnResource 

func CfnBackupVault_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnBackupVault_IsConstruct 

func CfnBackupVault_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnFramework_CFN_RESOURCE_TYPE_NAME 

func CfnFramework_CFN_RESOURCE_TYPE_NAME() *string

func CfnFramework_IsCfnElement 

func CfnFramework_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnFramework_IsCfnResource 

func CfnFramework_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnFramework_IsConstruct 

func CfnFramework_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnReportPlan_CFN_RESOURCE_TYPE_NAME 

func CfnReportPlan_CFN_RESOURCE_TYPE_NAME() *string

func CfnReportPlan_IsCfnElement 

func CfnReportPlan_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnReportPlan_IsCfnResource 

func CfnReportPlan_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnReportPlan_IsConstruct 

func CfnReportPlan_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func NewBackupPlanRule_Override 

func NewBackupPlanRule_Override(b BackupPlanRule, props *BackupPlanRuleProps)

Experimental.

func NewBackupPlan_Override 

func NewBackupPlan_Override(b BackupPlan, scope constructs.Construct, id *string, props *BackupPlanProps)

Experimental.

func NewBackupResource_Override 

func NewBackupResource_Override(b BackupResource, resource *string, tagCondition *TagCondition, construct constructs.Construct)

Experimental.

func NewBackupSelection_Override 

func NewBackupSelection_Override(b BackupSelection, scope constructs.Construct, id *string, props *BackupSelectionProps)

Experimental.

func NewBackupVault_Override 

func NewBackupVault_Override(b BackupVault, scope constructs.Construct, id *string, props *BackupVaultProps)

Experimental.

func NewCfnBackupPlan_Override 

func NewCfnBackupPlan_Override(c CfnBackupPlan, scope awscdk.Construct, id *string, props *CfnBackupPlanProps)

Create a new `AWS::Backup::BackupPlan`.

func NewCfnBackupSelection_Override 

func NewCfnBackupSelection_Override(c CfnBackupSelection, scope awscdk.Construct, id *string, props *CfnBackupSelectionProps)

Create a new `AWS::Backup::BackupSelection`.

func NewCfnBackupVault_Override 

func NewCfnBackupVault_Override(c CfnBackupVault, scope awscdk.Construct, id *string, props *CfnBackupVaultProps)

Create a new `AWS::Backup::BackupVault`.

func NewCfnFramework_Override 

func NewCfnFramework_Override(c CfnFramework, scope awscdk.Construct, id *string, props *CfnFrameworkProps)

Create a new `AWS::Backup::Framework`.

func NewCfnReportPlan_Override 

func NewCfnReportPlan_Override(c CfnReportPlan, scope awscdk.Construct, id *string, props *CfnReportPlanProps)

Create a new `AWS::Backup::ReportPlan`.

Types

type BackupPlan 

type BackupPlan interface {
	awscdk.Resource
	IBackupPlan
	// The ARN of the backup plan.
	// Experimental.
	BackupPlanArn() *string
	// The identifier of the backup plan.
	// Experimental.
	BackupPlanId() *string
	// The backup vault where backups are stored if not defined at the rule level.
	// Experimental.
	BackupVault() IBackupVault
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Version Id.
	// Experimental.
	VersionId() *string
	// Adds a rule to a plan.
	// Experimental.
	AddRule(rule BackupPlanRule)
	// Adds a selection to this plan.
	// Experimental.
	AddSelection(id *string, options *BackupSelectionOptions) BackupSelection
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	// Experimental.
	Validate() *[]*string
}

A backup plan.

Example: 

// Daily, weekly and monthly with 5 year retention
plan := backup.backupPlan.dailyWeeklyMonthly5YearRetention(this, jsii.String("Plan"))

Experimental.

func BackupPlan_Daily35DayRetention 

func BackupPlan_Daily35DayRetention(scope constructs.Construct, id *string, backupVault IBackupVault) BackupPlan

Daily with 35 day retention. Experimental.

func BackupPlan_DailyMonthly1YearRetention 

func BackupPlan_DailyMonthly1YearRetention(scope constructs.Construct, id *string, backupVault IBackupVault) BackupPlan

Daily and monthly with 1 year retention. Experimental.

func BackupPlan_DailyWeeklyMonthly5YearRetention 

func BackupPlan_DailyWeeklyMonthly5YearRetention(scope constructs.Construct, id *string, backupVault IBackupVault) BackupPlan

Daily, weekly and monthly with 5 year retention. Experimental.

func BackupPlan_DailyWeeklyMonthly7YearRetention 

func BackupPlan_DailyWeeklyMonthly7YearRetention(scope constructs.Construct, id *string, backupVault IBackupVault) BackupPlan

Daily, weekly and monthly with 7 year retention. Experimental.

func NewBackupPlan 

func NewBackupPlan(scope constructs.Construct, id *string, props *BackupPlanProps) BackupPlan

Experimental.

type BackupPlanProps 

type BackupPlanProps struct {
	// The display name of the backup plan.
	// Experimental.
	BackupPlanName *string `field:"optional" json:"backupPlanName" yaml:"backupPlanName"`
	// Rules for the backup plan.
	//
	// Use `addRule()` to add rules after
	// instantiation.
	// Experimental.
	BackupPlanRules *[]BackupPlanRule `field:"optional" json:"backupPlanRules" yaml:"backupPlanRules"`
	// The backup vault where backups are stored.
	// Experimental.
	BackupVault IBackupVault `field:"optional" json:"backupVault" yaml:"backupVault"`
	// Enable Windows VSS backup.
	// See: https://docs.aws.amazon.com/aws-backup/latest/devguide/windows-backups.html
	//
	// Experimental.
	WindowsVss *bool `field:"optional" json:"windowsVss" yaml:"windowsVss"`
}

Properties for a BackupPlan.

Example: 

plan := backup.NewBackupPlan(this, jsii.String("Plan"), &backupPlanProps{
	windowsVss: jsii.Boolean(true),
})

Experimental.

type BackupPlanRule 

type BackupPlanRule interface {
	// Properties of BackupPlanRule.
	// Experimental.
	Props() *BackupPlanRuleProps
}

A backup plan rule.

Example: 

var plan backupPlan

plan.addRule(backup.backupPlanRule.daily())
plan.addRule(backup.backupPlanRule.weekly())

Experimental.

func BackupPlanRule_Daily 

func BackupPlanRule_Daily(backupVault IBackupVault) BackupPlanRule

Daily with 35 days retention. Experimental.

func BackupPlanRule_Monthly1Year 

func BackupPlanRule_Monthly1Year(backupVault IBackupVault) BackupPlanRule

Monthly 1 year retention, move to cold storage after 1 month. Experimental.

func BackupPlanRule_Monthly5Year 

func BackupPlanRule_Monthly5Year(backupVault IBackupVault) BackupPlanRule

Monthly 5 year retention, move to cold storage after 3 months. Experimental.

func BackupPlanRule_Monthly7Year 

func BackupPlanRule_Monthly7Year(backupVault IBackupVault) BackupPlanRule

Monthly 7 year retention, move to cold storage after 3 months. Experimental.

func BackupPlanRule_Weekly 

func BackupPlanRule_Weekly(backupVault IBackupVault) BackupPlanRule

Weekly with 3 months retention. Experimental.

func NewBackupPlanRule 

func NewBackupPlanRule(props *BackupPlanRuleProps) BackupPlanRule

Experimental.

type BackupPlanRuleProps 

type BackupPlanRuleProps struct {
	// The backup vault where backups are.
	// Experimental.
	BackupVault IBackupVault `field:"optional" json:"backupVault" yaml:"backupVault"`
	// The duration after a backup job is successfully started before it must be completed or it is canceled by AWS Backup.
	// Experimental.
	CompletionWindow awscdk.Duration `field:"optional" json:"completionWindow" yaml:"completionWindow"`
	// Specifies the duration after creation that a recovery point is deleted.
	//
	// Must be greater than `moveToColdStorageAfter`.
	// Experimental.
	DeleteAfter awscdk.Duration `field:"optional" json:"deleteAfter" yaml:"deleteAfter"`
	// Enables continuous backup and point-in-time restores (PITR).
	//
	// Property `deleteAfter` defines the retention period for the backup. It is mandatory if PITR is enabled.
	// If no value is specified, the retention period is set to 35 days which is the maximum retention period supported by PITR.
	//
	// Property `moveToColdStorageAfter` must not be specified because PITR does not support this option.
	// Experimental.
	EnableContinuousBackup *bool `field:"optional" json:"enableContinuousBackup" yaml:"enableContinuousBackup"`
	// Specifies the duration after creation that a recovery point is moved to cold storage.
	// Experimental.
	MoveToColdStorageAfter awscdk.Duration `field:"optional" json:"moveToColdStorageAfter" yaml:"moveToColdStorageAfter"`
	// A display name for the backup rule.
	// Experimental.
	RuleName *string `field:"optional" json:"ruleName" yaml:"ruleName"`
	// A CRON expression specifying when AWS Backup initiates a backup job.
	// Experimental.
	ScheduleExpression awsevents.Schedule `field:"optional" json:"scheduleExpression" yaml:"scheduleExpression"`
	// The duration after a backup is scheduled before a job is canceled if it doesn't start successfully.
	// Experimental.
	StartWindow awscdk.Duration `field:"optional" json:"startWindow" yaml:"startWindow"`
}

Properties for a BackupPlanRule.

Example: 

var plan backupPlan

plan.addRule(backup.NewBackupPlanRule(&backupPlanRuleProps{
	completionWindow: awscdk.Duration.hours(jsii.Number(2)),
	startWindow: awscdk.Duration.hours(jsii.Number(1)),
	scheduleExpression: events.schedule.cron(&cronOptions{
		 // Only cron expressions are supported
		day: jsii.String("15"),
		hour: jsii.String("3"),
		minute: jsii.String("30"),
	}),
	moveToColdStorageAfter: awscdk.Duration.days(jsii.Number(30)),
}))

Experimental.

type BackupResource 

type BackupResource interface {
	// A construct.
	// Experimental.
	Construct() awscdk.Construct
	// A resource.
	// Experimental.
	Resource() *string
	// A condition on a tag.
	// Experimental.
	TagCondition() *TagCondition
}

A resource to backup.

Example: 

var plan backupPlan

myTable := dynamodb.table.fromTableName(this, jsii.String("Table"), jsii.String("myTableName"))
myCoolConstruct := constructs.NewConstruct(this, jsii.String("MyCoolConstruct"))

plan.addSelection(jsii.String("Selection"), &backupSelectionOptions{
	resources: []backupResource{
		backup.*backupResource.fromDynamoDbTable(myTable),
		backup.*backupResource.fromTag(jsii.String("stage"), jsii.String("prod")),
		backup.*backupResource.fromConstruct(myCoolConstruct),
	},
})

Experimental.

func BackupResource_FromArn 

func BackupResource_FromArn(arn *string) BackupResource

A list of ARNs or match patterns such as `arn:aws:ec2:us-east-1:123456789012:volume/*`. Experimental.

func BackupResource_FromConstruct 

func BackupResource_FromConstruct(construct constructs.Construct) BackupResource

Adds all supported resources in a construct. Experimental.

func BackupResource_FromDynamoDbTable 

func BackupResource_FromDynamoDbTable(table awsdynamodb.ITable) BackupResource

A DynamoDB table. Experimental.

func BackupResource_FromEc2Instance 

func BackupResource_FromEc2Instance(instance awsec2.IInstance) BackupResource

An EC2 instance. Experimental.

func BackupResource_FromEfsFileSystem 

func BackupResource_FromEfsFileSystem(fileSystem awsefs.IFileSystem) BackupResource

An EFS file system. Experimental.

func BackupResource_FromRdsDatabaseInstance 

func BackupResource_FromRdsDatabaseInstance(instance awsrds.IDatabaseInstance) BackupResource

A RDS database instance. Experimental.

func BackupResource_FromTag 

func BackupResource_FromTag(key *string, value *string, operation TagOperation) BackupResource

A tag condition. Experimental.

func NewBackupResource 

func NewBackupResource(resource *string, tagCondition *TagCondition, construct constructs.Construct) BackupResource

Experimental.

type BackupSelection 

type BackupSelection interface {
	awscdk.Resource
	awsiam.IGrantable
	// The identifier of the backup plan.
	// Experimental.
	BackupPlanId() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The principal to grant permissions to.
	// Experimental.
	GrantPrincipal() awsiam.IPrincipal
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The identifier of the backup selection.
	// Experimental.
	SelectionId() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A backup selection.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var backupPlan backupPlan
var backupResource backupResource
var role role

backupSelection := awscdk.Aws_backup.NewBackupSelection(this, jsii.String("MyBackupSelection"), &backupSelectionProps{
	backupPlan: backupPlan,
	resources: []*backupResource{
		backupResource,
	},

	// the properties below are optional
	allowRestores: jsii.Boolean(false),
	backupSelectionName: jsii.String("backupSelectionName"),
	role: role,
})

Experimental.

func NewBackupSelection 

func NewBackupSelection(scope constructs.Construct, id *string, props *BackupSelectionProps) BackupSelection

Experimental.

type BackupSelectionOptions 

type BackupSelectionOptions struct {
	// The resources to backup.
	//
	// Use the helper static methods defined on `BackupResource`.
	// Experimental.
	Resources *[]BackupResource `field:"required" json:"resources" yaml:"resources"`
	// Whether to automatically give restores permissions to the role that AWS Backup uses.
	//
	// If `true`, the `AWSBackupServiceRolePolicyForRestores` managed
	// policy will be attached to the role.
	// Experimental.
	AllowRestores *bool `field:"optional" json:"allowRestores" yaml:"allowRestores"`
	// The name for this selection.
	// Experimental.
	BackupSelectionName *string `field:"optional" json:"backupSelectionName" yaml:"backupSelectionName"`
	// The role that AWS Backup uses to authenticate when backuping or restoring the resources.
	//
	// The `AWSBackupServiceRolePolicyForBackup` managed policy
	// will be attached to this role.
	// Experimental.
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
}

Options for a BackupSelection.

Example: 

var plan backupPlan

myTable := dynamodb.table.fromTableName(this, jsii.String("Table"), jsii.String("myTableName"))
myCoolConstruct := constructs.NewConstruct(this, jsii.String("MyCoolConstruct"))

plan.addSelection(jsii.String("Selection"), &backupSelectionOptions{
	resources: []backupResource{
		backup.*backupResource.fromDynamoDbTable(myTable),
		backup.*backupResource.fromTag(jsii.String("stage"), jsii.String("prod")),
		backup.*backupResource.fromConstruct(myCoolConstruct),
	},
})

Experimental.

type BackupSelectionProps 

type BackupSelectionProps struct {
	// The resources to backup.
	//
	// Use the helper static methods defined on `BackupResource`.
	// Experimental.
	Resources *[]BackupResource `field:"required" json:"resources" yaml:"resources"`
	// Whether to automatically give restores permissions to the role that AWS Backup uses.
	//
	// If `true`, the `AWSBackupServiceRolePolicyForRestores` managed
	// policy will be attached to the role.
	// Experimental.
	AllowRestores *bool `field:"optional" json:"allowRestores" yaml:"allowRestores"`
	// The name for this selection.
	// Experimental.
	BackupSelectionName *string `field:"optional" json:"backupSelectionName" yaml:"backupSelectionName"`
	// The role that AWS Backup uses to authenticate when backuping or restoring the resources.
	//
	// The `AWSBackupServiceRolePolicyForBackup` managed policy
	// will be attached to this role.
	// Experimental.
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// The backup plan for this selection.
	// Experimental.
	BackupPlan IBackupPlan `field:"required" json:"backupPlan" yaml:"backupPlan"`
}

Properties for a BackupSelection.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var backupPlan backupPlan
var backupResource backupResource
var role role

backupSelectionProps := &backupSelectionProps{
	backupPlan: backupPlan,
	resources: []*backupResource{
		backupResource,
	},

	// the properties below are optional
	allowRestores: jsii.Boolean(false),
	backupSelectionName: jsii.String("backupSelectionName"),
	role: role,
}

Experimental.

type BackupVault 

type BackupVault interface {
	awscdk.Resource
	IBackupVault
	// The ARN of the backup vault.
	// Experimental.
	BackupVaultArn() *string
	// The name of a logical container where backups are stored.
	// Experimental.
	BackupVaultName() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds a statement to the vault access policy.
	// Experimental.
	AddToAccessPolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Adds a statement to the vault access policy that prevents anyone from deleting a recovery point.
	// Experimental.
	BlockRecoveryPointDeletion()
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the actions defined in actions to the given grantee on this Backup Vault resource.
	// Experimental.
	Grant(grantee awsiam.IGrantable, actions ...*string) awsiam.Grant
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A backup vault.

Example: 

importedVault := backup.backupVault.fromBackupVaultName(this, jsii.String("Vault"), jsii.String("myVaultName"))

role := iam.NewRole(this, jsii.String("Access Role"), &roleProps{
	assumedBy: iam.NewServicePrincipal(jsii.String("lambda.amazonaws.com")),
})

importedVault.grant(role, jsii.String("backup:StartBackupJob"))

Experimental.

func NewBackupVault 

func NewBackupVault(scope constructs.Construct, id *string, props *BackupVaultProps) BackupVault

Experimental.

type BackupVaultEvents 

type BackupVaultEvents string

Backup vault events. Experimental. 

const (
	// BACKUP_JOB_STARTED.
	// Experimental.
	BackupVaultEvents_BACKUP_JOB_STARTED BackupVaultEvents = "BACKUP_JOB_STARTED"
	// BACKUP_JOB_COMPLETED.
	// Experimental.
	BackupVaultEvents_BACKUP_JOB_COMPLETED BackupVaultEvents = "BACKUP_JOB_COMPLETED"
	// BACKUP_JOB_SUCCESSFUL.
	// Experimental.
	BackupVaultEvents_BACKUP_JOB_SUCCESSFUL BackupVaultEvents = "BACKUP_JOB_SUCCESSFUL"
	// BACKUP_JOB_FAILED.
	// Experimental.
	BackupVaultEvents_BACKUP_JOB_FAILED BackupVaultEvents = "BACKUP_JOB_FAILED"
	// BACKUP_JOB_EXPIRED.
	// Experimental.
	BackupVaultEvents_BACKUP_JOB_EXPIRED BackupVaultEvents = "BACKUP_JOB_EXPIRED"
	// RESTORE_JOB_STARTED.
	// Experimental.
	BackupVaultEvents_RESTORE_JOB_STARTED BackupVaultEvents = "RESTORE_JOB_STARTED"
	// RESTORE_JOB_COMPLETED.
	// Experimental.
	BackupVaultEvents_RESTORE_JOB_COMPLETED BackupVaultEvents = "RESTORE_JOB_COMPLETED"
	// RESTORE_JOB_SUCCESSFUL.
	// Experimental.
	BackupVaultEvents_RESTORE_JOB_SUCCESSFUL BackupVaultEvents = "RESTORE_JOB_SUCCESSFUL"
	// RESTORE_JOB_FAILED.
	// Experimental.
	BackupVaultEvents_RESTORE_JOB_FAILED BackupVaultEvents = "RESTORE_JOB_FAILED"
	// COPY_JOB_STARTED.
	// Experimental.
	BackupVaultEvents_COPY_JOB_STARTED BackupVaultEvents = "COPY_JOB_STARTED"
	// COPY_JOB_SUCCESSFUL.
	// Experimental.
	BackupVaultEvents_COPY_JOB_SUCCESSFUL BackupVaultEvents = "COPY_JOB_SUCCESSFUL"
	// COPY_JOB_FAILED.
	// Experimental.
	BackupVaultEvents_COPY_JOB_FAILED BackupVaultEvents = "COPY_JOB_FAILED"
	// RECOVERY_POINT_MODIFIED.
	// Experimental.
	BackupVaultEvents_RECOVERY_POINT_MODIFIED BackupVaultEvents = "RECOVERY_POINT_MODIFIED"
	// BACKUP_PLAN_CREATED.
	// Experimental.
	BackupVaultEvents_BACKUP_PLAN_CREATED BackupVaultEvents = "BACKUP_PLAN_CREATED"
	// BACKUP_PLAN_MODIFIED.
	// Experimental.
	BackupVaultEvents_BACKUP_PLAN_MODIFIED BackupVaultEvents = "BACKUP_PLAN_MODIFIED"
)

type BackupVaultProps 

type BackupVaultProps struct {
	// A resource-based policy that is used to manage access permissions on the backup vault.
	// Experimental.
	AccessPolicy awsiam.PolicyDocument `field:"optional" json:"accessPolicy" yaml:"accessPolicy"`
	// The name of a logical container where backups are stored.
	//
	// Backup vaults
	// are identified by names that are unique to the account used to create
	// them and the AWS Region where they are created.
	// Experimental.
	BackupVaultName *string `field:"optional" json:"backupVaultName" yaml:"backupVaultName"`
	// Whether to add statements to the vault access policy that prevents anyone from deleting a recovery point.
	// Experimental.
	BlockRecoveryPointDeletion *bool `field:"optional" json:"blockRecoveryPointDeletion" yaml:"blockRecoveryPointDeletion"`
	// The server-side encryption key to use to protect your backups.
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// The vault events to send.
	// See: https://docs.aws.amazon.com/aws-backup/latest/devguide/sns-notifications.html
	//
	// Experimental.
	NotificationEvents *[]BackupVaultEvents `field:"optional" json:"notificationEvents" yaml:"notificationEvents"`
	// A SNS topic to send vault events to.
	// See: https://docs.aws.amazon.com/aws-backup/latest/devguide/sns-notifications.html
	//
	// Experimental.
	NotificationTopic awssns.ITopic `field:"optional" json:"notificationTopic" yaml:"notificationTopic"`
	// The removal policy to apply to the vault.
	//
	// Note that removing a vault
	// that contains recovery points will fail.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
}

Properties for a BackupVault.

Example: 

myKey := kms.key.fromKeyArn(this, jsii.String("MyKey"), jsii.String("aaa"))
myTopic := sns.topic.fromTopicArn(this, jsii.String("MyTopic"), jsii.String("bbb"))

vault := backup.NewBackupVault(this, jsii.String("Vault"), &backupVaultProps{
	encryptionKey: myKey,
	 // Custom encryption key
	notificationTopic: myTopic,
})

Experimental.

type CfnBackupPlan 

type CfnBackupPlan interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// An Amazon Resource Name (ARN) that uniquely identifies a backup plan;
	//
	// for example, `arn:aws:backup:us-east-1:123456789012:plan:8F81F553-3A74-4A3F-B93D-B3360DC80C50` .
	AttrBackupPlanArn() *string
	// Uniquely identifies a backup plan.
	AttrBackupPlanId() *string
	// Unique, randomly generated, Unicode, UTF-8 encoded strings that are at most 1,024 bytes long.
	//
	// Version Ids cannot be edited.
	AttrVersionId() *string
	// Uniquely identifies the backup plan to be associated with the selection of resources.
	BackupPlan() interface{}
	SetBackupPlan(val interface{})
	// To help organize your resources, you can assign your own metadata to the resources that you create.
	//
	// Each tag is a key-value pair. The specified tags are assigned to all backups created with this plan.
	BackupPlanTags() interface{}
	SetBackupPlanTags(val interface{})
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Backup::BackupPlan`.

Contains an optional backup plan display name and an array of `BackupRule` objects, each of which specifies a backup rule. Each rule in a backup plan is a separate scheduled task and can back up a different selection of AWS resources.

For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-cfn) .

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var backupOptions interface{}

cfnBackupPlan := awscdk.Aws_backup.NewCfnBackupPlan(this, jsii.String("MyCfnBackupPlan"), &cfnBackupPlanProps{
	backupPlan: &backupPlanResourceTypeProperty{
		backupPlanName: jsii.String("backupPlanName"),
		backupPlanRule: []interface{}{
			&backupRuleResourceTypeProperty{
				ruleName: jsii.String("ruleName"),
				targetBackupVault: jsii.String("targetBackupVault"),

				// the properties below are optional
				completionWindowMinutes: jsii.Number(123),
				copyActions: []interface{}{
					&copyActionResourceTypeProperty{
						destinationBackupVaultArn: jsii.String("destinationBackupVaultArn"),

						// the properties below are optional
						lifecycle: &lifecycleResourceTypeProperty{
							deleteAfterDays: jsii.Number(123),
							moveToColdStorageAfterDays: jsii.Number(123),
						},
					},
				},
				enableContinuousBackup: jsii.Boolean(false),
				lifecycle: &lifecycleResourceTypeProperty{
					deleteAfterDays: jsii.Number(123),
					moveToColdStorageAfterDays: jsii.Number(123),
				},
				recoveryPointTags: map[string]*string{
					"recoveryPointTagsKey": jsii.String("recoveryPointTags"),
				},
				scheduleExpression: jsii.String("scheduleExpression"),
				startWindowMinutes: jsii.Number(123),
			},
		},

		// the properties below are optional
		advancedBackupSettings: []interface{}{
			&advancedBackupSettingResourceTypeProperty{
				backupOptions: backupOptions,
				resourceType: jsii.String("resourceType"),
			},
		},
	},

	// the properties below are optional
	backupPlanTags: map[string]*string{
		"backupPlanTagsKey": jsii.String("backupPlanTags"),
	},
})

func NewCfnBackupPlan 

func NewCfnBackupPlan(scope awscdk.Construct, id *string, props *CfnBackupPlanProps) CfnBackupPlan

Create a new `AWS::Backup::BackupPlan`.

type CfnBackupPlanProps 

type CfnBackupPlanProps struct {
	// Uniquely identifies the backup plan to be associated with the selection of resources.
	BackupPlan interface{} `field:"required" json:"backupPlan" yaml:"backupPlan"`
	// To help organize your resources, you can assign your own metadata to the resources that you create.
	//
	// Each tag is a key-value pair. The specified tags are assigned to all backups created with this plan.
	BackupPlanTags interface{} `field:"optional" json:"backupPlanTags" yaml:"backupPlanTags"`
}

Properties for defining a `CfnBackupPlan`.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var backupOptions interface{}

cfnBackupPlanProps := &cfnBackupPlanProps{
	backupPlan: &backupPlanResourceTypeProperty{
		backupPlanName: jsii.String("backupPlanName"),
		backupPlanRule: []interface{}{
			&backupRuleResourceTypeProperty{
				ruleName: jsii.String("ruleName"),
				targetBackupVault: jsii.String("targetBackupVault"),

				// the properties below are optional
				completionWindowMinutes: jsii.Number(123),
				copyActions: []interface{}{
					&copyActionResourceTypeProperty{
						destinationBackupVaultArn: jsii.String("destinationBackupVaultArn"),

						// the properties below are optional
						lifecycle: &lifecycleResourceTypeProperty{
							deleteAfterDays: jsii.Number(123),
							moveToColdStorageAfterDays: jsii.Number(123),
						},
					},
				},
				enableContinuousBackup: jsii.Boolean(false),
				lifecycle: &lifecycleResourceTypeProperty{
					deleteAfterDays: jsii.Number(123),
					moveToColdStorageAfterDays: jsii.Number(123),
				},
				recoveryPointTags: map[string]*string{
					"recoveryPointTagsKey": jsii.String("recoveryPointTags"),
				},
				scheduleExpression: jsii.String("scheduleExpression"),
				startWindowMinutes: jsii.Number(123),
			},
		},

		// the properties below are optional
		advancedBackupSettings: []interface{}{
			&advancedBackupSettingResourceTypeProperty{
				backupOptions: backupOptions,
				resourceType: jsii.String("resourceType"),
			},
		},
	},

	// the properties below are optional
	backupPlanTags: map[string]*string{
		"backupPlanTagsKey": jsii.String("backupPlanTags"),
	},
}

type CfnBackupPlan_AdvancedBackupSettingResourceTypeProperty 

type CfnBackupPlan_AdvancedBackupSettingResourceTypeProperty struct {
	// The backup option for the resource.
	//
	// Each option is a key-value pair.
	BackupOptions interface{} `field:"required" json:"backupOptions" yaml:"backupOptions"`
	// The name of a resource type.
	//
	// The only supported resource type is EC2.
	ResourceType *string `field:"required" json:"resourceType" yaml:"resourceType"`
}

Specifies an object containing resource type and backup options.

This is only supported for Windows VSS backups.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var backupOptions interface{}

advancedBackupSettingResourceTypeProperty := &advancedBackupSettingResourceTypeProperty{
	backupOptions: backupOptions,
	resourceType: jsii.String("resourceType"),
}

type CfnBackupPlan_BackupPlanResourceTypeProperty 

type CfnBackupPlan_BackupPlanResourceTypeProperty struct {
	// The display name of a backup plan.
	BackupPlanName *string `field:"required" json:"backupPlanName" yaml:"backupPlanName"`
	// An array of `BackupRule` objects, each of which specifies a scheduled task that is used to back up a selection of resources.
	BackupPlanRule interface{} `field:"required" json:"backupPlanRule" yaml:"backupPlanRule"`
	// A list of backup options for each resource type.
	AdvancedBackupSettings interface{} `field:"optional" json:"advancedBackupSettings" yaml:"advancedBackupSettings"`
}

Specifies an object containing properties used to create a backup plan.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var backupOptions interface{}

backupPlanResourceTypeProperty := &backupPlanResourceTypeProperty{
	backupPlanName: jsii.String("backupPlanName"),
	backupPlanRule: []interface{}{
		&backupRuleResourceTypeProperty{
			ruleName: jsii.String("ruleName"),
			targetBackupVault: jsii.String("targetBackupVault"),

			// the properties below are optional
			completionWindowMinutes: jsii.Number(123),
			copyActions: []interface{}{
				&copyActionResourceTypeProperty{
					destinationBackupVaultArn: jsii.String("destinationBackupVaultArn"),

					// the properties below are optional
					lifecycle: &lifecycleResourceTypeProperty{
						deleteAfterDays: jsii.Number(123),
						moveToColdStorageAfterDays: jsii.Number(123),
					},
				},
			},
			enableContinuousBackup: jsii.Boolean(false),
			lifecycle: &lifecycleResourceTypeProperty{
				deleteAfterDays: jsii.Number(123),
				moveToColdStorageAfterDays: jsii.Number(123),
			},
			recoveryPointTags: map[string]*string{
				"recoveryPointTagsKey": jsii.String("recoveryPointTags"),
			},
			scheduleExpression: jsii.String("scheduleExpression"),
			startWindowMinutes: jsii.Number(123),
		},
	},

	// the properties below are optional
	advancedBackupSettings: []interface{}{
		&advancedBackupSettingResourceTypeProperty{
			backupOptions: backupOptions,
			resourceType: jsii.String("resourceType"),
		},
	},
}

type CfnBackupPlan_BackupRuleResourceTypeProperty 

type CfnBackupPlan_BackupRuleResourceTypeProperty struct {
	// A display name for a backup rule.
	RuleName *string `field:"required" json:"ruleName" yaml:"ruleName"`
	// The name of a logical container where backups are stored.
	//
	// Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of letters, numbers, and hyphens.
	TargetBackupVault *string `field:"required" json:"targetBackupVault" yaml:"targetBackupVault"`
	// A value in minutes after a backup job is successfully started before it must be completed or it is canceled by AWS Backup .
	CompletionWindowMinutes *float64 `field:"optional" json:"completionWindowMinutes" yaml:"completionWindowMinutes"`
	// An array of CopyAction objects, which contains the details of the copy operation.
	CopyActions interface{} `field:"optional" json:"copyActions" yaml:"copyActions"`
	// Enables continuous backup and point-in-time restores (PITR).
	EnableContinuousBackup interface{} `field:"optional" json:"enableContinuousBackup" yaml:"enableContinuousBackup"`
	// The lifecycle defines when a protected resource is transitioned to cold storage and when it expires.
	//
	// AWS Backup transitions and expires backups automatically according to the lifecycle that you define.
	Lifecycle interface{} `field:"optional" json:"lifecycle" yaml:"lifecycle"`
	// To help organize your resources, you can assign your own metadata to the resources that you create.
	//
	// Each tag is a key-value pair.
	RecoveryPointTags interface{} `field:"optional" json:"recoveryPointTags" yaml:"recoveryPointTags"`
	// A CRON expression specifying when AWS Backup initiates a backup job.
	ScheduleExpression *string `field:"optional" json:"scheduleExpression" yaml:"scheduleExpression"`
	// An optional value that specifies a period of time in minutes after a backup is scheduled before a job is canceled if it doesn't start successfully.
	StartWindowMinutes *float64 `field:"optional" json:"startWindowMinutes" yaml:"startWindowMinutes"`
}

Specifies an object containing properties used to schedule a task to back up a selection of resources.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

backupRuleResourceTypeProperty := &backupRuleResourceTypeProperty{
	ruleName: jsii.String("ruleName"),
	targetBackupVault: jsii.String("targetBackupVault"),

	// the properties below are optional
	completionWindowMinutes: jsii.Number(123),
	copyActions: []interface{}{
		&copyActionResourceTypeProperty{
			destinationBackupVaultArn: jsii.String("destinationBackupVaultArn"),

			// the properties below are optional
			lifecycle: &lifecycleResourceTypeProperty{
				deleteAfterDays: jsii.Number(123),
				moveToColdStorageAfterDays: jsii.Number(123),
			},
		},
	},
	enableContinuousBackup: jsii.Boolean(false),
	lifecycle: &lifecycleResourceTypeProperty{
		deleteAfterDays: jsii.Number(123),
		moveToColdStorageAfterDays: jsii.Number(123),
	},
	recoveryPointTags: map[string]*string{
		"recoveryPointTagsKey": jsii.String("recoveryPointTags"),
	},
	scheduleExpression: jsii.String("scheduleExpression"),
	startWindowMinutes: jsii.Number(123),
}

type CfnBackupPlan_CopyActionResourceTypeProperty 

type CfnBackupPlan_CopyActionResourceTypeProperty struct {
	// An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup.
	//
	// For example, `arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.`
	DestinationBackupVaultArn *string `field:"required" json:"destinationBackupVaultArn" yaml:"destinationBackupVaultArn"`
	// Defines when a protected resource is transitioned to cold storage and when it expires.
	//
	// AWS Backup transitions and expires backups automatically according to the lifecycle that you define. If you do not specify a lifecycle, AWS Backup applies the lifecycle policy of the source backup to the destination backup.
	//
	// Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days.
	Lifecycle interface{} `field:"optional" json:"lifecycle" yaml:"lifecycle"`
}

Copies backups created by a backup rule to another vault.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

copyActionResourceTypeProperty := &copyActionResourceTypeProperty{
	destinationBackupVaultArn: jsii.String("destinationBackupVaultArn"),

	// the properties below are optional
	lifecycle: &lifecycleResourceTypeProperty{
		deleteAfterDays: jsii.Number(123),
		moveToColdStorageAfterDays: jsii.Number(123),
	},
}

type CfnBackupPlan_LifecycleResourceTypeProperty 

type CfnBackupPlan_LifecycleResourceTypeProperty struct {
	// Specifies the number of days after creation that a recovery point is deleted.
	//
	// Must be greater than `MoveToColdStorageAfterDays` .
	DeleteAfterDays *float64 `field:"optional" json:"deleteAfterDays" yaml:"deleteAfterDays"`
	// Specifies the number of days after creation that a recovery point is moved to cold storage.
	MoveToColdStorageAfterDays *float64 `field:"optional" json:"moveToColdStorageAfterDays" yaml:"moveToColdStorageAfterDays"`
}

Specifies an object containing an array of `Transition` objects that determine how long in days before a recovery point transitions to cold storage or is deleted.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

lifecycleResourceTypeProperty := &lifecycleResourceTypeProperty{
	deleteAfterDays: jsii.Number(123),
	moveToColdStorageAfterDays: jsii.Number(123),
}

type CfnBackupSelection 

type CfnBackupSelection interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Uniquely identifies a backup plan.
	AttrBackupPlanId() *string
	// Uniquely identifies the backup selection.
	AttrId() *string
	// Uniquely identifies a request to assign a set of resources to a backup plan.
	AttrSelectionId() *string
	// Uniquely identifies a backup plan.
	BackupPlanId() *string
	SetBackupPlanId(val *string)
	// Specifies the body of a request to assign a set of resources to a backup plan.
	//
	// It includes an array of resources, an optional array of patterns to exclude resources, an optional role to provide access to the AWS service the resource belongs to, and an optional array of tags used to identify a set of resources.
	BackupSelection() interface{}
	SetBackupSelection(val interface{})
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Backup::BackupSelection`.

Specifies a set of resources to assign to a backup plan.

For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-cfn) .

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var conditions interface{}

cfnBackupSelection := awscdk.Aws_backup.NewCfnBackupSelection(this, jsii.String("MyCfnBackupSelection"), &cfnBackupSelectionProps{
	backupPlanId: jsii.String("backupPlanId"),
	backupSelection: &backupSelectionResourceTypeProperty{
		iamRoleArn: jsii.String("iamRoleArn"),
		selectionName: jsii.String("selectionName"),

		// the properties below are optional
		conditions: conditions,
		listOfTags: []interface{}{
			&conditionResourceTypeProperty{
				conditionKey: jsii.String("conditionKey"),
				conditionType: jsii.String("conditionType"),
				conditionValue: jsii.String("conditionValue"),
			},
		},
		notResources: []*string{
			jsii.String("notResources"),
		},
		resources: []*string{
			jsii.String("resources"),
		},
	},
})

func NewCfnBackupSelection 

func NewCfnBackupSelection(scope awscdk.Construct, id *string, props *CfnBackupSelectionProps) CfnBackupSelection

Create a new `AWS::Backup::BackupSelection`.

type CfnBackupSelectionProps 

type CfnBackupSelectionProps struct {
	// Uniquely identifies a backup plan.
	BackupPlanId *string `field:"required" json:"backupPlanId" yaml:"backupPlanId"`
	// Specifies the body of a request to assign a set of resources to a backup plan.
	//
	// It includes an array of resources, an optional array of patterns to exclude resources, an optional role to provide access to the AWS service the resource belongs to, and an optional array of tags used to identify a set of resources.
	BackupSelection interface{} `field:"required" json:"backupSelection" yaml:"backupSelection"`
}

Properties for defining a `CfnBackupSelection`.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var conditions interface{}

cfnBackupSelectionProps := &cfnBackupSelectionProps{
	backupPlanId: jsii.String("backupPlanId"),
	backupSelection: &backupSelectionResourceTypeProperty{
		iamRoleArn: jsii.String("iamRoleArn"),
		selectionName: jsii.String("selectionName"),

		// the properties below are optional
		conditions: conditions,
		listOfTags: []interface{}{
			&conditionResourceTypeProperty{
				conditionKey: jsii.String("conditionKey"),
				conditionType: jsii.String("conditionType"),
				conditionValue: jsii.String("conditionValue"),
			},
		},
		notResources: []*string{
			jsii.String("notResources"),
		},
		resources: []*string{
			jsii.String("resources"),
		},
	},
}

type CfnBackupSelection_BackupSelectionResourceTypeProperty 

type CfnBackupSelection_BackupSelectionResourceTypeProperty struct {
	// The ARN of the IAM role that AWS Backup uses to authenticate when backing up the target resource;
	//
	// for example, `arn:aws:iam::123456789012:role/S3Access` .
	IamRoleArn *string `field:"required" json:"iamRoleArn" yaml:"iamRoleArn"`
	// The display name of a resource selection document.
	SelectionName *string `field:"required" json:"selectionName" yaml:"selectionName"`
	// A list of conditions that you define to assign resources to your backup plans using tags.
	//
	// For example, `"StringEquals": {"Department": "accounting"` . Condition operators are case sensitive.
	//
	// `Conditions` differs from `ListOfTags` as follows:
	//
	// - When you specify more than one condition, you only assign the resources that match ALL conditions (using AND logic).
	// - `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . `ListOfTags` only supports `StringEquals` .
	Conditions interface{} `field:"optional" json:"conditions" yaml:"conditions"`
	// An array of conditions used to specify a set of resources to assign to a backup plan;
	//
	// for example, `"STRINGEQUALS": {"Department":"accounting"` .
	ListOfTags interface{} `field:"optional" json:"listOfTags" yaml:"listOfTags"`
	// A list of Amazon Resource Names (ARNs) to exclude from a backup plan.
	//
	// The maximum number of ARNs is 500 without wildcards, or 30 ARNs with wildcards.
	//
	// If you need to exclude many resources from a backup plan, consider a different resource selection strategy, such as assigning only one or a few resource types or refining your resource selection using tags.
	NotResources *[]*string `field:"optional" json:"notResources" yaml:"notResources"`
	// An array of strings that contain Amazon Resource Names (ARNs) of resources to assign to a backup plan.
	Resources *[]*string `field:"optional" json:"resources" yaml:"resources"`
}

Specifies an object containing properties used to assign a set of resources to a backup plan.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var conditions interface{}

backupSelectionResourceTypeProperty := &backupSelectionResourceTypeProperty{
	iamRoleArn: jsii.String("iamRoleArn"),
	selectionName: jsii.String("selectionName"),

	// the properties below are optional
	conditions: conditions,
	listOfTags: []interface{}{
		&conditionResourceTypeProperty{
			conditionKey: jsii.String("conditionKey"),
			conditionType: jsii.String("conditionType"),
			conditionValue: jsii.String("conditionValue"),
		},
	},
	notResources: []*string{
		jsii.String("notResources"),
	},
	resources: []*string{
		jsii.String("resources"),
	},
}

type CfnBackupSelection_ConditionResourceTypeProperty 

type CfnBackupSelection_ConditionResourceTypeProperty struct {
	// The key in a key-value pair.
	//
	// For example, in `"Department": "accounting"` , `"Department"` is the key.
	ConditionKey *string `field:"required" json:"conditionKey" yaml:"conditionKey"`
	// An operation, such as `STRINGEQUALS` , that is applied to a key-value pair used to filter resources in a selection.
	ConditionType *string `field:"required" json:"conditionType" yaml:"conditionType"`
	// The value in a key-value pair.
	//
	// For example, in `"Department": "accounting"` , `"accounting"` is the value.
	ConditionValue *string `field:"required" json:"conditionValue" yaml:"conditionValue"`
}

Specifies an object that contains an array of triplets made up of a condition type (such as `STRINGEQUALS` ), a key, and a value.

Conditions are used to filter resources in a selection that is assigned to a backup plan.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

conditionResourceTypeProperty := &conditionResourceTypeProperty{
	conditionKey: jsii.String("conditionKey"),
	conditionType: jsii.String("conditionType"),
	conditionValue: jsii.String("conditionValue"),
}

type CfnBackupVault 

type CfnBackupVault interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// A resource-based policy that is used to manage access permissions on the target backup vault.
	AccessPolicy() interface{}
	SetAccessPolicy(val interface{})
	// An Amazon Resource Name (ARN) that uniquely identifies a backup vault;
	//
	// for example, `arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault` .
	AttrBackupVaultArn() *string
	// The name of a logical container where backups are stored.
	//
	// Backup vaults are identified by names that are unique to the account used to create them and the Region where they are created. They consist of lowercase and uppercase letters, numbers, and hyphens.
	AttrBackupVaultName() *string
	// The name of a logical container where backups are stored.
	//
	// Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of lowercase letters, numbers, and hyphens.
	BackupVaultName() *string
	SetBackupVaultName(val *string)
	// Metadata that you can assign to help organize the resources that you create.
	//
	// Each tag is a key-value pair.
	BackupVaultTags() interface{}
	SetBackupVaultTags(val interface{})
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management;
	//
	// for example, `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` . If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, AWS Backup creates a KMS key for you by default.
	//
	// To learn which AWS Backup services support full AWS Backup management and how AWS Backup handles encryption for backups from services that do not yet support full AWS Backup , see [Encryption for backups in AWS Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html)
	EncryptionKeyArn() *string
	SetEncryptionKeyArn(val *string)
	// Configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) .
	LockConfiguration() interface{}
	SetLockConfiguration(val interface{})
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// The SNS event notifications for the specified backup vault.
	Notifications() interface{}
	SetNotifications(val interface{})
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Backup::BackupVault`.

Creates a logical container where backups are stored. A `CreateBackupVault` request includes a name, optionally one or more resource tags, an encryption key, and a request ID.

Do not include sensitive data, such as passport numbers, in the name of a backup vault.

For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-cfn) .

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var accessPolicy interface{}

cfnBackupVault := awscdk.Aws_backup.NewCfnBackupVault(this, jsii.String("MyCfnBackupVault"), &cfnBackupVaultProps{
	backupVaultName: jsii.String("backupVaultName"),

	// the properties below are optional
	accessPolicy: accessPolicy,
	backupVaultTags: map[string]*string{
		"backupVaultTagsKey": jsii.String("backupVaultTags"),
	},
	encryptionKeyArn: jsii.String("encryptionKeyArn"),
	lockConfiguration: &lockConfigurationTypeProperty{
		minRetentionDays: jsii.Number(123),

		// the properties below are optional
		changeableForDays: jsii.Number(123),
		maxRetentionDays: jsii.Number(123),
	},
	notifications: &notificationObjectTypeProperty{
		backupVaultEvents: []*string{
			jsii.String("backupVaultEvents"),
		},
		snsTopicArn: jsii.String("snsTopicArn"),
	},
})

func NewCfnBackupVault 

func NewCfnBackupVault(scope awscdk.Construct, id *string, props *CfnBackupVaultProps) CfnBackupVault

Create a new `AWS::Backup::BackupVault`.

type CfnBackupVaultProps 

type CfnBackupVaultProps struct {
	// The name of a logical container where backups are stored.
	//
	// Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of lowercase letters, numbers, and hyphens.
	BackupVaultName *string `field:"required" json:"backupVaultName" yaml:"backupVaultName"`
	// A resource-based policy that is used to manage access permissions on the target backup vault.
	AccessPolicy interface{} `field:"optional" json:"accessPolicy" yaml:"accessPolicy"`
	// Metadata that you can assign to help organize the resources that you create.
	//
	// Each tag is a key-value pair.
	BackupVaultTags interface{} `field:"optional" json:"backupVaultTags" yaml:"backupVaultTags"`
	// A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management;
	//
	// for example, `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` . If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, AWS Backup creates a KMS key for you by default.
	//
	// To learn which AWS Backup services support full AWS Backup management and how AWS Backup handles encryption for backups from services that do not yet support full AWS Backup , see [Encryption for backups in AWS Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html)
	EncryptionKeyArn *string `field:"optional" json:"encryptionKeyArn" yaml:"encryptionKeyArn"`
	// Configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) .
	LockConfiguration interface{} `field:"optional" json:"lockConfiguration" yaml:"lockConfiguration"`
	// The SNS event notifications for the specified backup vault.
	Notifications interface{} `field:"optional" json:"notifications" yaml:"notifications"`
}

Properties for defining a `CfnBackupVault`.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var accessPolicy interface{}

cfnBackupVaultProps := &cfnBackupVaultProps{
	backupVaultName: jsii.String("backupVaultName"),

	// the properties below are optional
	accessPolicy: accessPolicy,
	backupVaultTags: map[string]*string{
		"backupVaultTagsKey": jsii.String("backupVaultTags"),
	},
	encryptionKeyArn: jsii.String("encryptionKeyArn"),
	lockConfiguration: &lockConfigurationTypeProperty{
		minRetentionDays: jsii.Number(123),

		// the properties below are optional
		changeableForDays: jsii.Number(123),
		maxRetentionDays: jsii.Number(123),
	},
	notifications: &notificationObjectTypeProperty{
		backupVaultEvents: []*string{
			jsii.String("backupVaultEvents"),
		},
		snsTopicArn: jsii.String("snsTopicArn"),
	},
}

type CfnBackupVault_LockConfigurationTypeProperty 

type CfnBackupVault_LockConfigurationTypeProperty struct {
	// The AWS Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points.
	//
	// This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days).
	//
	// If this parameter is not specified, Vault Lock will not enforce a minimum retention period.
	//
	// If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.
	MinRetentionDays *float64 `field:"required" json:"minRetentionDays" yaml:"minRetentionDays"`
	// The AWS Backup Vault Lock configuration that specifies the number of days before the lock date.
	//
	// For example, setting `ChangeableForDays` to 30 on Jan. 1, 2022 at 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC.
	//
	// AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set `ChangeableForDays` to 3 or greater.
	//
	// Before the lock date, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` . On and after the lock date, the Vault Lock becomes immutable and cannot be changed or deleted.
	//
	// If this parameter is not specified, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` at any time.
	ChangeableForDays *float64 `field:"optional" json:"changeableForDays" yaml:"changeableForDays"`
	// The AWS Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points.
	//
	// This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days).
	//
	// If this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period.
	//
	// If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.
	MaxRetentionDays *float64 `field:"optional" json:"maxRetentionDays" yaml:"maxRetentionDays"`
}

The `LockConfigurationType` property type specifies configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) .

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

lockConfigurationTypeProperty := &lockConfigurationTypeProperty{
	minRetentionDays: jsii.Number(123),

	// the properties below are optional
	changeableForDays: jsii.Number(123),
	maxRetentionDays: jsii.Number(123),
}

type CfnBackupVault_NotificationObjectTypeProperty 

type CfnBackupVault_NotificationObjectTypeProperty struct {
	// An array of events that indicate the status of jobs to back up resources to the backup vault.
	//
	// For valid events, see [BackupVaultEvents](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html#API_PutBackupVaultNotifications_RequestSyntax) in the *AWS Backup API Guide* .
	BackupVaultEvents *[]*string `field:"required" json:"backupVaultEvents" yaml:"backupVaultEvents"`
	// An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic;
	//
	// for example, `arn:aws:sns:us-west-2:111122223333:MyTopic` .
	SnsTopicArn *string `field:"required" json:"snsTopicArn" yaml:"snsTopicArn"`
}

Specifies an object containing SNS event notification properties for the target backup vault.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

notificationObjectTypeProperty := &notificationObjectTypeProperty{
	backupVaultEvents: []*string{
		jsii.String("backupVaultEvents"),
	},
	snsTopicArn: jsii.String("snsTopicArn"),
}

type CfnFramework 

type CfnFramework interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The UTC time when you created your framework.
	AttrCreationTime() awscdk.IResolvable
	// Depolyment status refers to whether your framework has completed deployment.
	//
	// This status is usually `Completed` , but might also be `Create in progress` or another status. For a list of statuses, see [Framework compliance status](https://docs.aws.amazon.com/aws-backup/latest/devguide/viewing-frameworks.html) in the *Developer Guide* .
	AttrDeploymentStatus() *string
	// The Amazon Resource Name (ARN) of your framework.
	AttrFrameworkArn() *string
	// Framework status refers to whether you have turned on resource tracking for all of your resources.
	//
	// This status is `Active` when you turn on all resources the framework evaluates. For other statuses and steps to correct them, see [Framework compliance status](https://docs.aws.amazon.com/aws-backup/latest/devguide/viewing-frameworks.html) in the *Developer Guide* .
	AttrFrameworkStatus() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// Contains detailed information about all of the controls of a framework.
	//
	// Each framework must contain at least one control.
	FrameworkControls() interface{}
	SetFrameworkControls(val interface{})
	// An optional description of the framework with a maximum 1,024 characters.
	FrameworkDescription() *string
	SetFrameworkDescription(val *string)
	// The unique name of a framework.
	//
	// This name is between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).
	FrameworkName() *string
	SetFrameworkName(val *string)
	// A list of tags with which to tag your framework.
	FrameworkTags() interface{}
	SetFrameworkTags(val interface{})
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Backup::Framework`.

Creates a framework with one or more controls. A framework is a collection of controls that you can use to evaluate your backup practices. By using pre-built customizable controls to define your policies, you can evaluate whether your backup practices comply with your policies and which resources are not yet in compliance.

For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/bam-cfn-integration.html#bam-cfn-frameworks-template) .

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var controlScope interface{}

cfnFramework := awscdk.Aws_backup.NewCfnFramework(this, jsii.String("MyCfnFramework"), &cfnFrameworkProps{
	frameworkControls: []interface{}{
		&frameworkControlProperty{
			controlName: jsii.String("controlName"),

			// the properties below are optional
			controlInputParameters: []interface{}{
				&controlInputParameterProperty{
					parameterName: jsii.String("parameterName"),
					parameterValue: jsii.String("parameterValue"),
				},
			},
			controlScope: controlScope,
		},
	},

	// the properties below are optional
	frameworkDescription: jsii.String("frameworkDescription"),
	frameworkName: jsii.String("frameworkName"),
	frameworkTags: []interface{}{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnFramework 

func NewCfnFramework(scope awscdk.Construct, id *string, props *CfnFrameworkProps) CfnFramework

Create a new `AWS::Backup::Framework`.

type CfnFrameworkProps 

type CfnFrameworkProps struct {
	// Contains detailed information about all of the controls of a framework.
	//
	// Each framework must contain at least one control.
	FrameworkControls interface{} `field:"required" json:"frameworkControls" yaml:"frameworkControls"`
	// An optional description of the framework with a maximum 1,024 characters.
	FrameworkDescription *string `field:"optional" json:"frameworkDescription" yaml:"frameworkDescription"`
	// The unique name of a framework.
	//
	// This name is between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).
	FrameworkName *string `field:"optional" json:"frameworkName" yaml:"frameworkName"`
	// A list of tags with which to tag your framework.
	FrameworkTags interface{} `field:"optional" json:"frameworkTags" yaml:"frameworkTags"`
}

Properties for defining a `CfnFramework`.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var controlScope interface{}

cfnFrameworkProps := &cfnFrameworkProps{
	frameworkControls: []interface{}{
		&frameworkControlProperty{
			controlName: jsii.String("controlName"),

			// the properties below are optional
			controlInputParameters: []interface{}{
				&controlInputParameterProperty{
					parameterName: jsii.String("parameterName"),
					parameterValue: jsii.String("parameterValue"),
				},
			},
			controlScope: controlScope,
		},
	},

	// the properties below are optional
	frameworkDescription: jsii.String("frameworkDescription"),
	frameworkName: jsii.String("frameworkName"),
	frameworkTags: []interface{}{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnFramework_ControlInputParameterProperty 

type CfnFramework_ControlInputParameterProperty struct {
	// The name of a parameter, for example, `BackupPlanFrequency` .
	ParameterName *string `field:"required" json:"parameterName" yaml:"parameterName"`
	// The value of parameter, for example, `hourly` .
	ParameterValue *string `field:"required" json:"parameterValue" yaml:"parameterValue"`
}

A list of parameters for a control.

A control can have zero, one, or more than one parameter. An example of a control with two parameters is: "backup plan frequency is at least `daily` and the retention period is at least `1 year` ". The first parameter is `daily` . The second parameter is `1 year` .

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

controlInputParameterProperty := &controlInputParameterProperty{
	parameterName: jsii.String("parameterName"),
	parameterValue: jsii.String("parameterValue"),
}

type CfnFramework_FrameworkControlProperty 

type CfnFramework_FrameworkControlProperty struct {
	// The name of a control.
	//
	// This name is between 1 and 256 characters.
	ControlName *string `field:"required" json:"controlName" yaml:"controlName"`
	// A list of `ParameterName` and `ParameterValue` pairs.
	ControlInputParameters interface{} `field:"optional" json:"controlInputParameters" yaml:"controlInputParameters"`
	// The scope of a control.
	//
	// The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. For more information, see [`ControlScope` .](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ControlScope.html)
	ControlScope interface{} `field:"optional" json:"controlScope" yaml:"controlScope"`
}

Contains detailed information about all of the controls of a framework.

Each framework must contain at least one control.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var controlScope interface{}

frameworkControlProperty := &frameworkControlProperty{
	controlName: jsii.String("controlName"),

	// the properties below are optional
	controlInputParameters: []interface{}{
		&controlInputParameterProperty{
			parameterName: jsii.String("parameterName"),
			parameterValue: jsii.String("parameterValue"),
		},
	},
	controlScope: controlScope,
}

type CfnReportPlan 

type CfnReportPlan interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The Amazon Resource Name (ARN) of your report plan.
	AttrReportPlanArn() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// Contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports.
	ReportDeliveryChannel() interface{}
	SetReportDeliveryChannel(val interface{})
	// An optional description of the report plan with a maximum 1,024 characters.
	ReportPlanDescription() *string
	SetReportPlanDescription(val *string)
	// The unique name of the report plan.
	//
	// This name is between 1 and 256 characters starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).
	ReportPlanName() *string
	SetReportPlanName(val *string)
	// A list of tags to tag your report plan.
	ReportPlanTags() interface{}
	SetReportPlanTags(val interface{})
	// Identifies the report template for the report. Reports are built using a report template. The report templates are:.
	//
	// `RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT`
	//
	// If the report template is `RESOURCE_COMPLIANCE_REPORT` or `CONTROL_COMPLIANCE_REPORT` , this API resource also describes the report coverage by AWS Regions and frameworks.
	ReportSetting() interface{}
	SetReportSetting(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Backup::ReportPlan`.

Creates a report plan. A report plan is a document that contains information about the contents of the report and where AWS Backup will deliver it.

If you call `CreateReportPlan` with a plan that already exists, you receive an `AlreadyExistsException` exception.

For a sample AWS CloudFormation template, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-cfn) .

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var reportDeliveryChannel interface{}
var reportSetting interface{}

cfnReportPlan := awscdk.Aws_backup.NewCfnReportPlan(this, jsii.String("MyCfnReportPlan"), &cfnReportPlanProps{
	reportDeliveryChannel: reportDeliveryChannel,
	reportSetting: reportSetting,

	// the properties below are optional
	reportPlanDescription: jsii.String("reportPlanDescription"),
	reportPlanName: jsii.String("reportPlanName"),
	reportPlanTags: []interface{}{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnReportPlan 

func NewCfnReportPlan(scope awscdk.Construct, id *string, props *CfnReportPlanProps) CfnReportPlan

Create a new `AWS::Backup::ReportPlan`.

type CfnReportPlanProps 

type CfnReportPlanProps struct {
	// Contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports.
	ReportDeliveryChannel interface{} `field:"required" json:"reportDeliveryChannel" yaml:"reportDeliveryChannel"`
	// Identifies the report template for the report. Reports are built using a report template. The report templates are:.
	//
	// `RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT`
	//
	// If the report template is `RESOURCE_COMPLIANCE_REPORT` or `CONTROL_COMPLIANCE_REPORT` , this API resource also describes the report coverage by AWS Regions and frameworks.
	ReportSetting interface{} `field:"required" json:"reportSetting" yaml:"reportSetting"`
	// An optional description of the report plan with a maximum 1,024 characters.
	ReportPlanDescription *string `field:"optional" json:"reportPlanDescription" yaml:"reportPlanDescription"`
	// The unique name of the report plan.
	//
	// This name is between 1 and 256 characters starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).
	ReportPlanName *string `field:"optional" json:"reportPlanName" yaml:"reportPlanName"`
	// A list of tags to tag your report plan.
	ReportPlanTags interface{} `field:"optional" json:"reportPlanTags" yaml:"reportPlanTags"`
}

Properties for defining a `CfnReportPlan`.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var reportDeliveryChannel interface{}
var reportSetting interface{}

cfnReportPlanProps := &cfnReportPlanProps{
	reportDeliveryChannel: reportDeliveryChannel,
	reportSetting: reportSetting,

	// the properties below are optional
	reportPlanDescription: jsii.String("reportPlanDescription"),
	reportPlanName: jsii.String("reportPlanName"),
	reportPlanTags: []interface{}{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type IBackupPlan 

type IBackupPlan interface {
	awscdk.IResource
	// The identifier of the backup plan.
	// Experimental.
	BackupPlanId() *string
}

A backup plan. Experimental.

func BackupPlan_FromBackupPlanId 

func BackupPlan_FromBackupPlanId(scope constructs.Construct, id *string, backupPlanId *string) IBackupPlan

Import an existing backup plan. Experimental.

type IBackupVault 

type IBackupVault interface {
	awscdk.IResource
	// Grant the actions defined in actions to the given grantee on this backup vault.
	// Experimental.
	Grant(grantee awsiam.IGrantable, actions ...*string) awsiam.Grant
	// The ARN of the backup vault.
	// Experimental.
	BackupVaultArn() *string
	// The name of a logical container where backups are stored.
	// Experimental.
	BackupVaultName() *string
}

A backup vault. Experimental.

func BackupVault_FromBackupVaultArn 

func BackupVault_FromBackupVaultArn(scope constructs.Construct, id *string, backupVaultArn *string) IBackupVault

Import an existing backup vault by arn. Experimental.

func BackupVault_FromBackupVaultName 

func BackupVault_FromBackupVaultName(scope constructs.Construct, id *string, backupVaultName *string) IBackupVault

Import an existing backup vault by name. Experimental.

type TagCondition 

type TagCondition struct {
	// The key in a key-value pair.
	//
	// For example, in `"ec2:ResourceTag/Department": "accounting"`,
	// `ec2:ResourceTag/Department` is the key.
	// Experimental.
	Key *string `field:"required" json:"key" yaml:"key"`
	// The value in a key-value pair.
	//
	// For example, in `"ec2:ResourceTag/Department": "accounting"`,
	// `accounting` is the value.
	// Experimental.
	Value *string `field:"required" json:"value" yaml:"value"`
	// An operation that is applied to a key-value pair used to filter resources in a selection.
	// Experimental.
	Operation TagOperation `field:"optional" json:"operation" yaml:"operation"`
}

A tag condition.

Example: 

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tagCondition := &tagCondition{
	key: jsii.String("key"),
	value: jsii.String("value"),

	// the properties below are optional
	operation: awscdk.Aws_backup.tagOperation_STRING_EQUALS,
}

Experimental.

type TagOperation 

type TagOperation string

An operation that is applied to a key-value pair. Experimental. 

const (
	// StringEquals.
	// Experimental.
	TagOperation_STRING_EQUALS TagOperation = "STRING_EQUALS"
	// Dummy member.
	// Experimental.
	TagOperation_DUMMY TagOperation = "DUMMY"
)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.