LifecyclePolicy
Provides a Data Lifecycle Manager (DLM) lifecycle policy for managing snapshots.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var dlmLifecycleRole = new Aws.Iam.Role("dlmLifecycleRole", new Aws.Iam.RoleArgs
{
AssumeRolePolicy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": ""sts:AssumeRole"",
""Principal"": {
""Service"": ""dlm.amazonaws.com""
},
""Effect"": ""Allow"",
""Sid"": """"
}
]
}
",
});
var dlmLifecycle = new Aws.Iam.RolePolicy("dlmLifecycle", new Aws.Iam.RolePolicyArgs
{
Policy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Effect"": ""Allow"",
""Action"": [
""ec2:CreateSnapshot"",
""ec2:DeleteSnapshot"",
""ec2:DescribeVolumes"",
""ec2:DescribeSnapshots""
],
""Resource"": ""*""
},
{
""Effect"": ""Allow"",
""Action"": [
""ec2:CreateTags""
],
""Resource"": ""arn:aws:ec2:*::snapshot/*""
}
]
}
",
Role = dlmLifecycleRole.Id,
});
var example = new Aws.Dlm.LifecyclePolicy("example", new Aws.Dlm.LifecyclePolicyArgs
{
Description = "example DLM lifecycle policy",
ExecutionRoleArn = dlmLifecycleRole.Arn,
PolicyDetails = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsArgs
{
ResourceTypes =
{
"VOLUME",
},
Schedules =
{
new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleArgs
{
CopyTags = false,
CreateRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs
{
Interval = 24,
IntervalUnit = "HOURS",
Times = "23:45",
},
Name = "2 weeks of daily snapshots",
RetainRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs
{
Count = 14,
},
TagsToAdd =
{
{ "SnapshotCreator", "DLM" },
},
},
},
TargetTags =
{
{ "Snapshot", "true" },
},
},
State = "ENABLED",
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/dlm"
"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
dlmLifecycleRole, err := iam.NewRole(ctx, "dlmLifecycleRole", &iam.RoleArgs{
AssumeRolePolicy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"dlm.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n", "\n")),
})
if err != nil {
return err
}
_, err = iam.NewRolePolicy(ctx, "dlmLifecycle", &iam.RolePolicyArgs{
Policy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Effect\": \"Allow\",\n", " \"Action\": [\n", " \"ec2:CreateSnapshot\",\n", " \"ec2:DeleteSnapshot\",\n", " \"ec2:DescribeVolumes\",\n", " \"ec2:DescribeSnapshots\"\n", " ],\n", " \"Resource\": \"*\"\n", " },\n", " {\n", " \"Effect\": \"Allow\",\n", " \"Action\": [\n", " \"ec2:CreateTags\"\n", " ],\n", " \"Resource\": \"arn:aws:ec2:*::snapshot/*\"\n", " }\n", " ]\n", "}\n", "\n")),
Role: dlmLifecycleRole.ID(),
})
if err != nil {
return err
}
_, err = dlm.NewLifecyclePolicy(ctx, "example", &dlm.LifecyclePolicyArgs{
Description: pulumi.String("example DLM lifecycle policy"),
ExecutionRoleArn: dlmLifecycleRole.Arn,
PolicyDetails: &dlm.LifecyclePolicyPolicyDetailsArgs{
ResourceTypes: pulumi.StringArray{
pulumi.String("VOLUME"),
},
Schedules: dlm.LifecyclePolicyPolicyDetailsScheduleArray{
&dlm.LifecyclePolicyPolicyDetailsScheduleArgs{
CopyTags: pulumi.Bool(false),
CreateRule: &dlm.LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs{
Interval: pulumi.Int(24),
IntervalUnit: pulumi.String("HOURS"),
Times: pulumi.String("23:45"),
},
Name: pulumi.String("2 weeks of daily snapshots"),
RetainRule: &dlm.LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs{
Count: pulumi.Int(14),
},
TagsToAdd: pulumi.StringMap{
"SnapshotCreator": pulumi.String("DLM"),
},
},
},
TargetTags: pulumi.StringMap{
"Snapshot": pulumi.String("true"),
},
},
State: pulumi.String("ENABLED"),
})
if err != nil {
return err
}
return nil
})
}import pulumi
import pulumi_aws as aws
dlm_lifecycle_role = aws.iam.Role("dlmLifecycleRole", assume_role_policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "dlm.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
""")
dlm_lifecycle = aws.iam.RolePolicy("dlmLifecycle",
policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:CreateSnapshot",
"ec2:DeleteSnapshot",
"ec2:DescribeVolumes",
"ec2:DescribeSnapshots"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ec2:CreateTags"
],
"Resource": "arn:aws:ec2:*::snapshot/*"
}
]
}
""",
role=dlm_lifecycle_role.id)
example = aws.dlm.LifecyclePolicy("example",
description="example DLM lifecycle policy",
execution_role_arn=dlm_lifecycle_role.arn,
policy_details={
"resourceTypes": ["VOLUME"],
"schedules": [{
"copyTags": False,
"createRule": {
"interval": 24,
"intervalUnit": "HOURS",
"times": "23:45",
},
"name": "2 weeks of daily snapshots",
"retainRule": {
"count": 14,
},
"tagsToAdd": {
"SnapshotCreator": "DLM",
},
}],
"targetTags": {
"Snapshot": "true",
},
},
state="ENABLED")import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const dlmLifecycleRole = new aws.iam.Role("dlm_lifecycle_role", {
assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "dlm.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
`,
});
const dlmLifecycle = new aws.iam.RolePolicy("dlm_lifecycle", {
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:CreateSnapshot",
"ec2:DeleteSnapshot",
"ec2:DescribeVolumes",
"ec2:DescribeSnapshots"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ec2:CreateTags"
],
"Resource": "arn:aws:ec2:*::snapshot/*"
}
]
}
`,
role: dlmLifecycleRole.id,
});
const example = new aws.dlm.LifecyclePolicy("example", {
description: "example DLM lifecycle policy",
executionRoleArn: dlmLifecycleRole.arn,
policyDetails: {
resourceTypes: ["VOLUME"],
schedules: [{
copyTags: false,
createRule: {
interval: 24,
intervalUnit: "HOURS",
times: "23:45",
},
name: "2 weeks of daily snapshots",
retainRule: {
count: 14,
},
tagsToAdd: {
SnapshotCreator: "DLM",
},
}],
targetTags: {
Snapshot: "true",
},
},
state: "ENABLED",
});Create a LifecyclePolicy Resource
new LifecyclePolicy(name: string, args: LifecyclePolicyArgs, opts?: CustomResourceOptions);def LifecyclePolicy(resource_name, opts=None, description=None, execution_role_arn=None, policy_details=None, state=None, tags=None, __props__=None);func NewLifecyclePolicy(ctx *Context, name string, args LifecyclePolicyArgs, opts ...ResourceOption) (*LifecyclePolicy, error)public LifecyclePolicy(string name, LifecyclePolicyArgs args, CustomResourceOptions? opts = null)- name string
- The unique name of the resource.
- args LifecyclePolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LifecyclePolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LifecyclePolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
LifecyclePolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The LifecyclePolicy resource accepts the following input properties:
- Description string
A description for the DLM lifecycle policy.
- Execution
Role stringArn The ARN of an IAM role that is able to be assumed by the DLM service.
- Policy
Details LifecyclePolicy Policy Details Args See the
policy_detailsconfiguration block. Max of 1.- State string
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- Dictionary<string, string>
Key-value map of resource tags.
- Description string
A description for the DLM lifecycle policy.
- Execution
Role stringArn The ARN of an IAM role that is able to be assumed by the DLM service.
- Policy
Details LifecyclePolicy Policy Details See the
policy_detailsconfiguration block. Max of 1.- State string
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- map[string]string
Key-value map of resource tags.
- description string
A description for the DLM lifecycle policy.
- execution
Role stringArn The ARN of an IAM role that is able to be assumed by the DLM service.
- policy
Details LifecyclePolicy Policy Details See the
policy_detailsconfiguration block. Max of 1.- state string
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- {[key: string]: string}
Key-value map of resource tags.
- description str
A description for the DLM lifecycle policy.
- execution_
role_ strarn The ARN of an IAM role that is able to be assumed by the DLM service.
- policy_
details Dict[LifecyclePolicy Policy Details] See the
policy_detailsconfiguration block. Max of 1.- state str
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- Dict[str, str]
Key-value map of resource tags.
Outputs
All input properties are implicitly available as output properties. Additionally, the LifecyclePolicy resource produces the following output properties:
Look up an Existing LifecyclePolicy Resource
Get an existing LifecyclePolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LifecyclePolicyState, opts?: CustomResourceOptions): LifecyclePolicystatic get(resource_name, id, opts=None, arn=None, description=None, execution_role_arn=None, policy_details=None, state=None, tags=None, __props__=None);func GetLifecyclePolicy(ctx *Context, name string, id IDInput, state *LifecyclePolicyState, opts ...ResourceOption) (*LifecyclePolicy, error)public static LifecyclePolicy Get(string name, Input<string> id, LifecyclePolicyState? state, CustomResourceOptions? opts = null)- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Arn string
Amazon Resource Name (ARN) of the DLM Lifecycle Policy.
- Description string
A description for the DLM lifecycle policy.
- Execution
Role stringArn The ARN of an IAM role that is able to be assumed by the DLM service.
- Policy
Details LifecyclePolicy Policy Details Args See the
policy_detailsconfiguration block. Max of 1.- State string
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- Dictionary<string, string>
Key-value map of resource tags.
- Arn string
Amazon Resource Name (ARN) of the DLM Lifecycle Policy.
- Description string
A description for the DLM lifecycle policy.
- Execution
Role stringArn The ARN of an IAM role that is able to be assumed by the DLM service.
- Policy
Details LifecyclePolicy Policy Details See the
policy_detailsconfiguration block. Max of 1.- State string
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- map[string]string
Key-value map of resource tags.
- arn string
Amazon Resource Name (ARN) of the DLM Lifecycle Policy.
- description string
A description for the DLM lifecycle policy.
- execution
Role stringArn The ARN of an IAM role that is able to be assumed by the DLM service.
- policy
Details LifecyclePolicy Policy Details See the
policy_detailsconfiguration block. Max of 1.- state string
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- {[key: string]: string}
Key-value map of resource tags.
- arn str
Amazon Resource Name (ARN) of the DLM Lifecycle Policy.
- description str
A description for the DLM lifecycle policy.
- execution_
role_ strarn The ARN of an IAM role that is able to be assumed by the DLM service.
- policy_
details Dict[LifecyclePolicy Policy Details] See the
policy_detailsconfiguration block. Max of 1.- state str
Whether the lifecycle policy should be enabled or disabled.
ENABLEDorDISABLEDare valid values. Defaults toENABLED.- Dict[str, str]
Key-value map of resource tags.
Supporting Types
LifecyclePolicyPolicyDetails
- Resource
Types List<string> A list of resource types that should be targeted by the lifecycle policy.
VOLUMEis currently the only allowed value.- Schedules
List<Lifecycle
Policy Policy Details Schedule Args> See the
scheduleconfiguration block.- Dictionary<string, string>
A map of tag keys and their values. Any resources that match the
resource_typesand are tagged with any of these tags will be targeted.
- Resource
Types []string A list of resource types that should be targeted by the lifecycle policy.
VOLUMEis currently the only allowed value.- Schedules
[]Lifecycle
Policy Policy Details Schedule See the
scheduleconfiguration block.- map[string]string
A map of tag keys and their values. Any resources that match the
resource_typesand are tagged with any of these tags will be targeted.
- resource
Types string[] A list of resource types that should be targeted by the lifecycle policy.
VOLUMEis currently the only allowed value.- schedules
Lifecycle
Policy Policy Details Schedule[] See the
scheduleconfiguration block.- {[key: string]: string}
A map of tag keys and their values. Any resources that match the
resource_typesand are tagged with any of these tags will be targeted.
- resource
Types List[str] A list of resource types that should be targeted by the lifecycle policy.
VOLUMEis currently the only allowed value.- schedules
List[Lifecycle
Policy Policy Details Schedule] See the
scheduleconfiguration block.- Dict[str, str]
A map of tag keys and their values. Any resources that match the
resource_typesand are tagged with any of these tags will be targeted.
LifecyclePolicyPolicyDetailsSchedule
- Create
Rule LifecyclePolicy Policy Details Schedule Create Rule Args See the
create_ruleblock. Max of 1 per schedule.- Name string
A name for the schedule.
- Retain
Rule LifecyclePolicy Policy Details Schedule Retain Rule Args See the
retain_ruleblock. Max of 1 per schedule.- bool
Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.
- Dictionary<string, string>
A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these.
- Create
Rule LifecyclePolicy Policy Details Schedule Create Rule See the
create_ruleblock. Max of 1 per schedule.- Name string
A name for the schedule.
- Retain
Rule LifecyclePolicy Policy Details Schedule Retain Rule See the
retain_ruleblock. Max of 1 per schedule.- bool
Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.
- map[string]string
A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these.
- create
Rule LifecyclePolicy Policy Details Schedule Create Rule See the
create_ruleblock. Max of 1 per schedule.- name string
A name for the schedule.
- retain
Rule LifecyclePolicy Policy Details Schedule Retain Rule See the
retain_ruleblock. Max of 1 per schedule.- boolean
Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.
- {[key: string]: string}
A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these.
- create
Rule Dict[LifecyclePolicy Policy Details Schedule Create Rule] See the
create_ruleblock. Max of 1 per schedule.- name str
A name for the schedule.
- retain
Rule Dict[LifecyclePolicy Policy Details Schedule Retain Rule] See the
retain_ruleblock. Max of 1 per schedule.- bool
Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.
- Dict[str, str]
A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these.
LifecyclePolicyPolicyDetailsScheduleCreateRule
- Interval int
How often this lifecycle policy should be evaluated.
1,2,3,4,6,8,12or24are valid values.- Interval
Unit string The unit for how often the lifecycle policy should be evaluated.
HOURSis currently the only allowed value and also the default value.- Times string
A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1.
- Interval int
How often this lifecycle policy should be evaluated.
1,2,3,4,6,8,12or24are valid values.- Interval
Unit string The unit for how often the lifecycle policy should be evaluated.
HOURSis currently the only allowed value and also the default value.- Times string
A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1.
- interval number
How often this lifecycle policy should be evaluated.
1,2,3,4,6,8,12or24are valid values.- interval
Unit string The unit for how often the lifecycle policy should be evaluated.
HOURSis currently the only allowed value and also the default value.- times string
A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1.
- interval float
How often this lifecycle policy should be evaluated.
1,2,3,4,6,8,12or24are valid values.- interval
Unit str The unit for how often the lifecycle policy should be evaluated.
HOURSis currently the only allowed value and also the default value.- times str
A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1.
LifecyclePolicyPolicyDetailsScheduleRetainRule
Package Details
- Repository
- https://github.com/pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.