CfnAppPropsMixin
- class aws_cdk.mixins_preview.aws_resiliencehub.mixins.CfnAppPropsMixin(props, *, strategy=None)
Bases:
MixinCreates an AWS Resilience Hub application.
An AWS Resilience Hub application is a collection of AWS resources structured to prevent and recover AWS application disruptions. To describe a AWS Resilience Hub application, you provide an application name, resources from one or more AWS CloudFormation stacks, AWS Resource Groups , Terraform state files, AppRegistry applications, and an appropriate resiliency policy. In addition, you can also add resources that are located on Amazon Elastic Kubernetes Service (Amazon EKS) clusters as optional resources. For more information about the number of resources supported per application, see Service quotas .
After you create an AWS Resilience Hub application, you publish it so that you can run a resiliency assessment on it. You can then use recommendations from the assessment to improve resiliency by running another assessment, comparing results, and then iterating the process until you achieve your goals for recovery time objective (RTO) and recovery point objective (RPO).
- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-resiliencehub-app.html
- CloudformationResource:
AWS::ResilienceHub::App
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_resiliencehub import mixins as resiliencehub_mixins cfn_app_props_mixin = resiliencehub_mixins.CfnAppPropsMixin(resiliencehub_mixins.CfnAppMixinProps( app_assessment_schedule="appAssessmentSchedule", app_template_body="appTemplateBody", description="description", event_subscriptions=[resiliencehub_mixins.CfnAppPropsMixin.EventSubscriptionProperty( event_type="eventType", name="name", sns_topic_arn="snsTopicArn" )], name="name", permission_model=resiliencehub_mixins.CfnAppPropsMixin.PermissionModelProperty( cross_account_role_arns=["crossAccountRoleArns"], invoker_role_name="invokerRoleName", type="type" ), resiliency_policy_arn="resiliencyPolicyArn", resource_mappings=[resiliencehub_mixins.CfnAppPropsMixin.ResourceMappingProperty( eks_source_name="eksSourceName", logical_stack_name="logicalStackName", mapping_type="mappingType", physical_resource_id=resiliencehub_mixins.CfnAppPropsMixin.PhysicalResourceIdProperty( aws_account_id="awsAccountId", aws_region="awsRegion", identifier="identifier", type="type" ), resource_name="resourceName", terraform_source_name="terraformSourceName" )], tags={ "tags_key": "tags" } ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::ResilienceHub::App.- Parameters:
props (
Union[CfnAppMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['appAssessmentSchedule', 'appTemplateBody', 'description', 'eventSubscriptions', 'name', 'permissionModel', 'resiliencyPolicyArn', 'resourceMappings', 'tags']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
EventSubscriptionProperty
- class CfnAppPropsMixin.EventSubscriptionProperty(*, event_type=None, name=None, sns_topic_arn=None)
Bases:
objectIndicates an event you would like to subscribe and get notification for.
Currently, AWS Resilience Hub supports notifications only for Drift detected and Scheduled assessment failure events.
- Parameters:
event_type (
Optional[str]) – The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for Drift detected (DriftDetected) and Scheduled assessment failure (ScheduledAssessmentFailure) events.name (
Optional[str]) – Unique name to identify an event subscription.sns_topic_arn (
Optional[str]) – Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is:arn:partition:sns:region:account:topic-name. For more information about ARNs, see Amazon Resource Names (ARNs) in the AWS General Reference guide.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_resiliencehub import mixins as resiliencehub_mixins event_subscription_property = resiliencehub_mixins.CfnAppPropsMixin.EventSubscriptionProperty( event_type="eventType", name="name", sns_topic_arn="snsTopicArn" )
Attributes
- event_type
The type of event you would like to subscribe and get notification for.
Currently, AWS Resilience Hub supports notifications only for Drift detected (
DriftDetected) and Scheduled assessment failure (ScheduledAssessmentFailure) events.
- name
Unique name to identify an event subscription.
- sns_topic_arn
Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic.
The format for this ARN is:
arn:partition:sns:region:account:topic-name. For more information about ARNs, see Amazon Resource Names (ARNs) in the AWS General Reference guide.
PermissionModelProperty
- class CfnAppPropsMixin.PermissionModelProperty(*, cross_account_role_arns=None, invoker_role_name=None, type=None)
Bases:
objectDefines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.
- Parameters:
cross_account_role_arns (
Optional[Sequence[str]]) – Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application. .. epigraph:: - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts. - These roles must have a trust policy withiam:AssumeRolepermission to the invoker role in the primary account.invoker_role_name (
Optional[str]) – Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment. If your IAM role includes a path, you must include the path in theinvokerRoleNameparameter. For example, if your IAM role’s ARN isarn:aws:iam:123456789012:role/my-path/role-name, you should passmy-path/role-name. .. epigraph:: - You must haveiam:passRolepermission for this role while creating or updating the application. - Currently,invokerRoleNameaccepts only[A-Za-z0-9_+=,.@-]characters.type (
Optional[str]) – Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_resiliencehub import mixins as resiliencehub_mixins permission_model_property = resiliencehub_mixins.CfnAppPropsMixin.PermissionModelProperty( cross_account_role_arns=["crossAccountRoleArns"], invoker_role_name="invokerRoleName", type="type" )
Attributes
- cross_account_role_arns
Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts.
These ARNs are used for querying purposes while importing resources and assessing your application. .. epigraph:
- These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts. - These roles must have a trust policy with ``iam:AssumeRole`` permission to the invoker role in the primary account.
- invoker_role_name
Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.
If your IAM role includes a path, you must include the path in the
invokerRoleNameparameter. For example, if your IAM role’s ARN isarn:aws:iam:123456789012:role/my-path/role-name, you should passmy-path/role-name. .. epigraph:- You must have ``iam:passRole`` permission for this role while creating or updating the application. - Currently, ``invokerRoleName`` accepts only ``[A-Za-z0-9_+=,.@-]`` characters.
- type
Defines how AWS Resilience Hub scans your resources.
It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.
PhysicalResourceIdProperty
- class CfnAppPropsMixin.PhysicalResourceIdProperty(*, aws_account_id=None, aws_region=None, identifier=None, type=None)
Bases:
objectDefines a physical resource identifier.
- Parameters:
aws_account_id (
Optional[str]) – The AWS account that owns the physical resource.aws_region (
Optional[str]) – The AWS Region that the physical resource is located in.identifier (
Optional[str]) – Identifier of the physical resource.type (
Optional[str]) – Specifies the type of physical resource identifier. - Arn - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources: -AWS::ECS::Service-AWS::EFS::FileSystem-AWS::ElasticLoadBalancingV2::LoadBalancer-AWS::Lambda::Function-AWS::SNS::Topic- Native - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources: -AWS::ApiGateway::RestApi-AWS::ApiGatewayV2::Api-AWS::AutoScaling::AutoScalingGroup-AWS::DocDB::DBCluster-AWS::DocDB::DBGlobalCluster-AWS::DocDB::DBInstance-AWS::DynamoDB::GlobalTable-AWS::DynamoDB::Table-AWS::EC2::EC2Fleet-AWS::EC2::Instance-AWS::EC2::NatGateway-AWS::EC2::Volume-AWS::ElasticLoadBalancing::LoadBalancer-AWS::RDS::DBCluster-AWS::RDS::DBInstance-AWS::RDS::GlobalCluster-AWS::Route53::RecordSet-AWS::S3::Bucket-AWS::SQS::Queue
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_resiliencehub import mixins as resiliencehub_mixins physical_resource_id_property = resiliencehub_mixins.CfnAppPropsMixin.PhysicalResourceIdProperty( aws_account_id="awsAccountId", aws_region="awsRegion", identifier="identifier", type="type" )
Attributes
- aws_account_id
The AWS account that owns the physical resource.
- aws_region
The AWS Region that the physical resource is located in.
- identifier
Identifier of the physical resource.
- type
Specifies the type of physical resource identifier.
Arn - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:
AWS::ECS::ServiceAWS::EFS::FileSystemAWS::ElasticLoadBalancingV2::LoadBalancerAWS::Lambda::FunctionAWS::SNS::TopicNative - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:
AWS::ApiGateway::RestApiAWS::ApiGatewayV2::ApiAWS::AutoScaling::AutoScalingGroupAWS::DocDB::DBClusterAWS::DocDB::DBGlobalClusterAWS::DocDB::DBInstanceAWS::DynamoDB::GlobalTableAWS::DynamoDB::TableAWS::EC2::EC2FleetAWS::EC2::InstanceAWS::EC2::NatGatewayAWS::EC2::VolumeAWS::ElasticLoadBalancing::LoadBalancerAWS::RDS::DBClusterAWS::RDS::DBInstanceAWS::RDS::GlobalClusterAWS::Route53::RecordSetAWS::S3::BucketAWS::SQS::Queue
ResourceMappingProperty
- class CfnAppPropsMixin.ResourceMappingProperty(*, eks_source_name=None, logical_stack_name=None, mapping_type=None, physical_resource_id=None, resource_name=None, terraform_source_name=None)
Bases:
objectDefines a resource mapping.
- Parameters:
eks_source_name (
Optional[str]) – Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when themappingTypeisEKS. .. epigraph:: This parameter accepts values in “eks-cluster/namespace” format.logical_stack_name (
Optional[str]) – Name of the CloudFormation stack this resource is mapped to when themappingTypeisCfnStack.mapping_type (
Optional[str]) – Specifies the type of resource mapping.physical_resource_id (
Union[IResolvable,PhysicalResourceIdProperty,Dict[str,Any],None]) – Identifier of the physical resource.resource_name (
Optional[str]) – Name of the resource that this resource is mapped to when themappingTypeisResource.terraform_source_name (
Optional[str]) – Name of the Terraform source that this resource is mapped to when themappingTypeisTerraform.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_resiliencehub import mixins as resiliencehub_mixins resource_mapping_property = resiliencehub_mixins.CfnAppPropsMixin.ResourceMappingProperty( eks_source_name="eksSourceName", logical_stack_name="logicalStackName", mapping_type="mappingType", physical_resource_id=resiliencehub_mixins.CfnAppPropsMixin.PhysicalResourceIdProperty( aws_account_id="awsAccountId", aws_region="awsRegion", identifier="identifier", type="type" ), resource_name="resourceName", terraform_source_name="terraformSourceName" )
Attributes
- eks_source_name
Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the
mappingTypeisEKS.This parameter accepts values in “eks-cluster/namespace” format.
- logical_stack_name
Name of the CloudFormation stack this resource is mapped to when the
mappingTypeisCfnStack.
- mapping_type
Specifies the type of resource mapping.
- physical_resource_id
Identifier of the physical resource.
- resource_name
Name of the resource that this resource is mapped to when the
mappingTypeisResource.
- terraform_source_name
Name of the Terraform source that this resource is mapped to when the
mappingTypeisTerraform.