Viewing docs for AWS v5.43.0 (Older version)
published on Tuesday, Mar 10, 2026 by Pulumi
published on Tuesday, Mar 10, 2026 by Pulumi
Viewing docs for AWS v5.43.0 (Older version)
published on Tuesday, Mar 10, 2026 by Pulumi
published on Tuesday, Mar 10, 2026 by Pulumi
Manages selection conditions for AWS Backup plan resources.
Example Usage
IAM Role
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Principals = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
{
Type = "Service",
Identifiers = new[]
{
"backup.amazonaws.com",
},
},
},
Actions = new[]
{
"sts:AssumeRole",
},
},
},
});
var exampleRole = new Aws.Iam.Role("exampleRole", new()
{
AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("exampleRolePolicyAttachment", new()
{
PolicyArn = "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup",
Role = exampleRole.Name,
});
// ... other configuration ...
var exampleSelection = new Aws.Backup.Selection("exampleSelection", new()
{
IamRoleArn = exampleRole.Arn,
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/backup"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
Statements: []iam.GetPolicyDocumentStatement{
{
Effect: pulumi.StringRef("Allow"),
Principals: []iam.GetPolicyDocumentStatementPrincipal{
{
Type: "Service",
Identifiers: []string{
"backup.amazonaws.com",
},
},
},
Actions: []string{
"sts:AssumeRole",
},
},
},
}, nil)
if err != nil {
return err
}
exampleRole, err := iam.NewRole(ctx, "exampleRole", &iam.RoleArgs{
AssumeRolePolicy: *pulumi.String(assumeRole.Json),
})
if err != nil {
return err
}
_, err = iam.NewRolePolicyAttachment(ctx, "exampleRolePolicyAttachment", &iam.RolePolicyAttachmentArgs{
PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup"),
Role: exampleRole.Name,
})
if err != nil {
return err
}
_, err = backup.NewSelection(ctx, "exampleSelection", &backup.SelectionArgs{
IamRoleArn: exampleRole.Arn,
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("backup.amazonaws.com")
.build())
.actions("sts:AssumeRole")
.build())
.build());
var exampleRole = new Role("exampleRole", RoleArgs.builder()
.assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
var exampleRolePolicyAttachment = new RolePolicyAttachment("exampleRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
.policyArn("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup")
.role(exampleRole.name())
.build());
var exampleSelection = new Selection("exampleSelection", SelectionArgs.builder()
.iamRoleArn(exampleRole.arn())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const assumeRole = aws.iam.getPolicyDocument({
statements: [{
effect: "Allow",
principals: [{
type: "Service",
identifiers: ["backup.amazonaws.com"],
}],
actions: ["sts:AssumeRole"],
}],
});
const exampleRole = new aws.iam.Role("exampleRole", {assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json)});
const exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment("exampleRolePolicyAttachment", {
policyArn: "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup",
role: exampleRole.name,
});
// ... other configuration ...
const exampleSelection = new aws.backup.Selection("exampleSelection", {iamRoleArn: exampleRole.arn});
import pulumi
import pulumi_aws as aws
assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
effect="Allow",
principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
type="Service",
identifiers=["backup.amazonaws.com"],
)],
actions=["sts:AssumeRole"],
)])
example_role = aws.iam.Role("exampleRole", assume_role_policy=assume_role.json)
example_role_policy_attachment = aws.iam.RolePolicyAttachment("exampleRolePolicyAttachment",
policy_arn="arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup",
role=example_role.name)
# ... other configuration ...
example_selection = aws.backup.Selection("exampleSelection", iam_role_arn=example_role.arn)
resources:
exampleRole:
type: aws:iam:Role
properties:
assumeRolePolicy: ${assumeRole.json}
exampleRolePolicyAttachment:
type: aws:iam:RolePolicyAttachment
properties:
policyArn: arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup
role: ${exampleRole.name}
exampleSelection:
type: aws:backup:Selection
properties:
iamRoleArn: ${exampleRole.arn}
variables:
assumeRole:
fn::invoke:
Function: aws:iam:getPolicyDocument
Arguments:
statements:
- effect: Allow
principals:
- type: Service
identifiers:
- backup.amazonaws.com
actions:
- sts:AssumeRole
Selecting Backups By Tag
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Backup.Selection("example", new()
{
IamRoleArn = aws_iam_role.Example.Arn,
PlanId = aws_backup_plan.Example.Id,
SelectionTags = new[]
{
new Aws.Backup.Inputs.SelectionSelectionTagArgs
{
Type = "STRINGEQUALS",
Key = "foo",
Value = "bar",
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/backup"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := backup.NewSelection(ctx, "example", &backup.SelectionArgs{
IamRoleArn: pulumi.Any(aws_iam_role.Example.Arn),
PlanId: pulumi.Any(aws_backup_plan.Example.Id),
SelectionTags: backup.SelectionSelectionTagArray{
&backup.SelectionSelectionTagArgs{
Type: pulumi.String("STRINGEQUALS"),
Key: pulumi.String("foo"),
Value: pulumi.String("bar"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import com.pulumi.aws.backup.inputs.SelectionSelectionTagArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Selection("example", SelectionArgs.builder()
.iamRoleArn(aws_iam_role.example().arn())
.planId(aws_backup_plan.example().id())
.selectionTags(SelectionSelectionTagArgs.builder()
.type("STRINGEQUALS")
.key("foo")
.value("bar")
.build())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.backup.Selection("example", {
iamRoleArn: aws_iam_role.example.arn,
planId: aws_backup_plan.example.id,
selectionTags: [{
type: "STRINGEQUALS",
key: "foo",
value: "bar",
}],
});
import pulumi
import pulumi_aws as aws
example = aws.backup.Selection("example",
iam_role_arn=aws_iam_role["example"]["arn"],
plan_id=aws_backup_plan["example"]["id"],
selection_tags=[aws.backup.SelectionSelectionTagArgs(
type="STRINGEQUALS",
key="foo",
value="bar",
)])
resources:
example:
type: aws:backup:Selection
properties:
iamRoleArn: ${aws_iam_role.example.arn}
planId: ${aws_backup_plan.example.id}
selectionTags:
- type: STRINGEQUALS
key: foo
value: bar
Selecting Backups By Conditions
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Backup.Selection("example", new()
{
IamRoleArn = aws_iam_role.Example.Arn,
PlanId = aws_backup_plan.Example.Id,
Resources = new[]
{
"*",
},
Conditions = new[]
{
new Aws.Backup.Inputs.SelectionConditionArgs
{
StringEquals = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringEqualArgs
{
Key = "aws:ResourceTag/Component",
Value = "rds",
},
},
StringLikes = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringLikeArgs
{
Key = "aws:ResourceTag/Application",
Value = "app*",
},
},
StringNotEquals = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringNotEqualArgs
{
Key = "aws:ResourceTag/Backup",
Value = "false",
},
},
StringNotLikes = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringNotLikeArgs
{
Key = "aws:ResourceTag/Environment",
Value = "test*",
},
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/backup"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := backup.NewSelection(ctx, "example", &backup.SelectionArgs{
IamRoleArn: pulumi.Any(aws_iam_role.Example.Arn),
PlanId: pulumi.Any(aws_backup_plan.Example.Id),
Resources: pulumi.StringArray{
pulumi.String("*"),
},
Conditions: backup.SelectionConditionArray{
&backup.SelectionConditionArgs{
StringEquals: backup.SelectionConditionStringEqualArray{
&backup.SelectionConditionStringEqualArgs{
Key: pulumi.String("aws:ResourceTag/Component"),
Value: pulumi.String("rds"),
},
},
StringLikes: backup.SelectionConditionStringLikeArray{
&backup.SelectionConditionStringLikeArgs{
Key: pulumi.String("aws:ResourceTag/Application"),
Value: pulumi.String("app*"),
},
},
StringNotEquals: backup.SelectionConditionStringNotEqualArray{
&backup.SelectionConditionStringNotEqualArgs{
Key: pulumi.String("aws:ResourceTag/Backup"),
Value: pulumi.String("false"),
},
},
StringNotLikes: backup.SelectionConditionStringNotLikeArray{
&backup.SelectionConditionStringNotLikeArgs{
Key: pulumi.String("aws:ResourceTag/Environment"),
Value: pulumi.String("test*"),
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import com.pulumi.aws.backup.inputs.SelectionConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Selection("example", SelectionArgs.builder()
.iamRoleArn(aws_iam_role.example().arn())
.planId(aws_backup_plan.example().id())
.resources("*")
.conditions(SelectionConditionArgs.builder()
.stringEquals(SelectionConditionStringEqualArgs.builder()
.key("aws:ResourceTag/Component")
.value("rds")
.build())
.stringLikes(SelectionConditionStringLikeArgs.builder()
.key("aws:ResourceTag/Application")
.value("app*")
.build())
.stringNotEquals(SelectionConditionStringNotEqualArgs.builder()
.key("aws:ResourceTag/Backup")
.value("false")
.build())
.stringNotLikes(SelectionConditionStringNotLikeArgs.builder()
.key("aws:ResourceTag/Environment")
.value("test*")
.build())
.build())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.backup.Selection("example", {
iamRoleArn: aws_iam_role.example.arn,
planId: aws_backup_plan.example.id,
resources: ["*"],
conditions: [{
stringEquals: [{
key: "aws:ResourceTag/Component",
value: "rds",
}],
stringLikes: [{
key: "aws:ResourceTag/Application",
value: "app*",
}],
stringNotEquals: [{
key: "aws:ResourceTag/Backup",
value: "false",
}],
stringNotLikes: [{
key: "aws:ResourceTag/Environment",
value: "test*",
}],
}],
});
import pulumi
import pulumi_aws as aws
example = aws.backup.Selection("example",
iam_role_arn=aws_iam_role["example"]["arn"],
plan_id=aws_backup_plan["example"]["id"],
resources=["*"],
conditions=[aws.backup.SelectionConditionArgs(
string_equals=[aws.backup.SelectionConditionStringEqualArgs(
key="aws:ResourceTag/Component",
value="rds",
)],
string_likes=[aws.backup.SelectionConditionStringLikeArgs(
key="aws:ResourceTag/Application",
value="app*",
)],
string_not_equals=[aws.backup.SelectionConditionStringNotEqualArgs(
key="aws:ResourceTag/Backup",
value="false",
)],
string_not_likes=[aws.backup.SelectionConditionStringNotLikeArgs(
key="aws:ResourceTag/Environment",
value="test*",
)],
)])
resources:
example:
type: aws:backup:Selection
properties:
iamRoleArn: ${aws_iam_role.example.arn}
planId: ${aws_backup_plan.example.id}
resources:
- '*'
conditions:
- stringEquals:
- key: aws:ResourceTag/Component
value: rds
stringLikes:
- key: aws:ResourceTag/Application
value: app*
stringNotEquals:
- key: aws:ResourceTag/Backup
value: 'false'
stringNotLikes:
- key: aws:ResourceTag/Environment
value: test*
Selecting Backups By Resource
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Backup.Selection("example", new()
{
IamRoleArn = aws_iam_role.Example.Arn,
PlanId = aws_backup_plan.Example.Id,
Resources = new[]
{
aws_db_instance.Example.Arn,
aws_ebs_volume.Example.Arn,
aws_efs_file_system.Example.Arn,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/backup"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := backup.NewSelection(ctx, "example", &backup.SelectionArgs{
IamRoleArn: pulumi.Any(aws_iam_role.Example.Arn),
PlanId: pulumi.Any(aws_backup_plan.Example.Id),
Resources: pulumi.StringArray{
aws_db_instance.Example.Arn,
aws_ebs_volume.Example.Arn,
aws_efs_file_system.Example.Arn,
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Selection("example", SelectionArgs.builder()
.iamRoleArn(aws_iam_role.example().arn())
.planId(aws_backup_plan.example().id())
.resources(
aws_db_instance.example().arn(),
aws_ebs_volume.example().arn(),
aws_efs_file_system.example().arn())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.backup.Selection("example", {
iamRoleArn: aws_iam_role.example.arn,
planId: aws_backup_plan.example.id,
resources: [
aws_db_instance.example.arn,
aws_ebs_volume.example.arn,
aws_efs_file_system.example.arn,
],
});
import pulumi
import pulumi_aws as aws
example = aws.backup.Selection("example",
iam_role_arn=aws_iam_role["example"]["arn"],
plan_id=aws_backup_plan["example"]["id"],
resources=[
aws_db_instance["example"]["arn"],
aws_ebs_volume["example"]["arn"],
aws_efs_file_system["example"]["arn"],
])
resources:
example:
type: aws:backup:Selection
properties:
iamRoleArn: ${aws_iam_role.example.arn}
planId: ${aws_backup_plan.example.id}
resources:
- ${aws_db_instance.example.arn}
- ${aws_ebs_volume.example.arn}
- ${aws_efs_file_system.example.arn}
Selecting Backups By Not Resource
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Backup.Selection("example", new()
{
IamRoleArn = aws_iam_role.Example.Arn,
PlanId = aws_backup_plan.Example.Id,
NotResources = new[]
{
aws_db_instance.Example.Arn,
aws_ebs_volume.Example.Arn,
aws_efs_file_system.Example.Arn,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/backup"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := backup.NewSelection(ctx, "example", &backup.SelectionArgs{
IamRoleArn: pulumi.Any(aws_iam_role.Example.Arn),
PlanId: pulumi.Any(aws_backup_plan.Example.Id),
NotResources: pulumi.StringArray{
aws_db_instance.Example.Arn,
aws_ebs_volume.Example.Arn,
aws_efs_file_system.Example.Arn,
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.backup.Selection;
import com.pulumi.aws.backup.SelectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Selection("example", SelectionArgs.builder()
.iamRoleArn(aws_iam_role.example().arn())
.planId(aws_backup_plan.example().id())
.notResources(
aws_db_instance.example().arn(),
aws_ebs_volume.example().arn(),
aws_efs_file_system.example().arn())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.backup.Selection("example", {
iamRoleArn: aws_iam_role.example.arn,
planId: aws_backup_plan.example.id,
notResources: [
aws_db_instance.example.arn,
aws_ebs_volume.example.arn,
aws_efs_file_system.example.arn,
],
});
import pulumi
import pulumi_aws as aws
example = aws.backup.Selection("example",
iam_role_arn=aws_iam_role["example"]["arn"],
plan_id=aws_backup_plan["example"]["id"],
not_resources=[
aws_db_instance["example"]["arn"],
aws_ebs_volume["example"]["arn"],
aws_efs_file_system["example"]["arn"],
])
resources:
example:
type: aws:backup:Selection
properties:
iamRoleArn: ${aws_iam_role.example.arn}
planId: ${aws_backup_plan.example.id}
notResources:
- ${aws_db_instance.example.arn}
- ${aws_ebs_volume.example.arn}
- ${aws_efs_file_system.example.arn}
Create Selection Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Selection(name: string, args: SelectionArgs, opts?: CustomResourceOptions);@overload
def Selection(resource_name: str,
args: SelectionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Selection(resource_name: str,
opts: Optional[ResourceOptions] = None,
iam_role_arn: Optional[str] = None,
plan_id: Optional[str] = None,
conditions: Optional[Sequence[SelectionConditionArgs]] = None,
name: Optional[str] = None,
not_resources: Optional[Sequence[str]] = None,
resources: Optional[Sequence[str]] = None,
selection_tags: Optional[Sequence[SelectionSelectionTagArgs]] = None)func NewSelection(ctx *Context, name string, args SelectionArgs, opts ...ResourceOption) (*Selection, error)public Selection(string name, SelectionArgs args, CustomResourceOptions? opts = null)
public Selection(String name, SelectionArgs args)
public Selection(String name, SelectionArgs args, CustomResourceOptions options)
type: aws:backup:Selection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SelectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SelectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SelectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SelectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SelectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var selectionResource = new Aws.Backup.Selection("selectionResource", new()
{
IamRoleArn = "string",
PlanId = "string",
Conditions = new[]
{
new Aws.Backup.Inputs.SelectionConditionArgs
{
StringEquals = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringEqualArgs
{
Key = "string",
Value = "string",
},
},
StringLikes = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringLikeArgs
{
Key = "string",
Value = "string",
},
},
StringNotEquals = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringNotEqualArgs
{
Key = "string",
Value = "string",
},
},
StringNotLikes = new[]
{
new Aws.Backup.Inputs.SelectionConditionStringNotLikeArgs
{
Key = "string",
Value = "string",
},
},
},
},
Name = "string",
NotResources = new[]
{
"string",
},
Resources = new[]
{
"string",
},
SelectionTags = new[]
{
new Aws.Backup.Inputs.SelectionSelectionTagArgs
{
Key = "string",
Type = "string",
Value = "string",
},
},
});
example, err := backup.NewSelection(ctx, "selectionResource", &backup.SelectionArgs{
IamRoleArn: pulumi.String("string"),
PlanId: pulumi.String("string"),
Conditions: backup.SelectionConditionArray{
&backup.SelectionConditionArgs{
StringEquals: backup.SelectionConditionStringEqualArray{
&backup.SelectionConditionStringEqualArgs{
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
StringLikes: backup.SelectionConditionStringLikeArray{
&backup.SelectionConditionStringLikeArgs{
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
StringNotEquals: backup.SelectionConditionStringNotEqualArray{
&backup.SelectionConditionStringNotEqualArgs{
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
StringNotLikes: backup.SelectionConditionStringNotLikeArray{
&backup.SelectionConditionStringNotLikeArgs{
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
},
Name: pulumi.String("string"),
NotResources: pulumi.StringArray{
pulumi.String("string"),
},
Resources: pulumi.StringArray{
pulumi.String("string"),
},
SelectionTags: backup.SelectionSelectionTagArray{
&backup.SelectionSelectionTagArgs{
Key: pulumi.String("string"),
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
})
var selectionResource = new Selection("selectionResource", SelectionArgs.builder()
.iamRoleArn("string")
.planId("string")
.conditions(SelectionConditionArgs.builder()
.stringEquals(SelectionConditionStringEqualArgs.builder()
.key("string")
.value("string")
.build())
.stringLikes(SelectionConditionStringLikeArgs.builder()
.key("string")
.value("string")
.build())
.stringNotEquals(SelectionConditionStringNotEqualArgs.builder()
.key("string")
.value("string")
.build())
.stringNotLikes(SelectionConditionStringNotLikeArgs.builder()
.key("string")
.value("string")
.build())
.build())
.name("string")
.notResources("string")
.resources("string")
.selectionTags(SelectionSelectionTagArgs.builder()
.key("string")
.type("string")
.value("string")
.build())
.build());
selection_resource = aws.backup.Selection("selectionResource",
iam_role_arn="string",
plan_id="string",
conditions=[{
"string_equals": [{
"key": "string",
"value": "string",
}],
"string_likes": [{
"key": "string",
"value": "string",
}],
"string_not_equals": [{
"key": "string",
"value": "string",
}],
"string_not_likes": [{
"key": "string",
"value": "string",
}],
}],
name="string",
not_resources=["string"],
resources=["string"],
selection_tags=[{
"key": "string",
"type": "string",
"value": "string",
}])
const selectionResource = new aws.backup.Selection("selectionResource", {
iamRoleArn: "string",
planId: "string",
conditions: [{
stringEquals: [{
key: "string",
value: "string",
}],
stringLikes: [{
key: "string",
value: "string",
}],
stringNotEquals: [{
key: "string",
value: "string",
}],
stringNotLikes: [{
key: "string",
value: "string",
}],
}],
name: "string",
notResources: ["string"],
resources: ["string"],
selectionTags: [{
key: "string",
type: "string",
value: "string",
}],
});
type: aws:backup:Selection
properties:
conditions:
- stringEquals:
- key: string
value: string
stringLikes:
- key: string
value: string
stringNotEquals:
- key: string
value: string
stringNotLikes:
- key: string
value: string
iamRoleArn: string
name: string
notResources:
- string
planId: string
resources:
- string
selectionTags:
- key: string
type: string
value: string
Selection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Selection resource accepts the following input properties:
- Iam
Role stringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- Plan
Id string - The backup plan ID to be associated with the selection of resources.
- Conditions
List<Selection
Condition> - A list of conditions that you define to assign resources to your backup plans using tags.
- Name string
- The display name of a resource selection document.
- Not
Resources List<string> - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- Resources List<string>
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
List<Selection
Selection Tag> - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- Iam
Role stringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- Plan
Id string - The backup plan ID to be associated with the selection of resources.
- Conditions
[]Selection
Condition Args - A list of conditions that you define to assign resources to your backup plans using tags.
- Name string
- The display name of a resource selection document.
- Not
Resources []string - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- Resources []string
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
[]Selection
Selection Tag Args - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- iam
Role StringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- plan
Id String - The backup plan ID to be associated with the selection of resources.
- conditions
List<Selection
Condition> - A list of conditions that you define to assign resources to your backup plans using tags.
- name String
- The display name of a resource selection document.
- not
Resources List<String> - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- resources List<String>
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
List<Selection
Selection Tag> - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- iam
Role stringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- plan
Id string - The backup plan ID to be associated with the selection of resources.
- conditions
Selection
Condition[] - A list of conditions that you define to assign resources to your backup plans using tags.
- name string
- The display name of a resource selection document.
- not
Resources string[] - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- resources string[]
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
Selection
Selection Tag[] - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- iam_
role_ strarn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- plan_
id str - The backup plan ID to be associated with the selection of resources.
- conditions
Sequence[Selection
Condition Args] - A list of conditions that you define to assign resources to your backup plans using tags.
- name str
- The display name of a resource selection document.
- not_
resources Sequence[str] - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- resources Sequence[str]
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
Sequence[Selection
Selection Tag Args] - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- iam
Role StringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- plan
Id String - The backup plan ID to be associated with the selection of resources.
- conditions List<Property Map>
- A list of conditions that you define to assign resources to your backup plans using tags.
- name String
- The display name of a resource selection document.
- not
Resources List<String> - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- resources List<String>
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
- List<Property Map>
- Tag-based conditions used to specify a set of resources to assign to a backup plan.
Outputs
All input properties are implicitly available as output properties. Additionally, the Selection resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Selection Resource
Get an existing Selection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SelectionState, opts?: CustomResourceOptions): Selection@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
conditions: Optional[Sequence[SelectionConditionArgs]] = None,
iam_role_arn: Optional[str] = None,
name: Optional[str] = None,
not_resources: Optional[Sequence[str]] = None,
plan_id: Optional[str] = None,
resources: Optional[Sequence[str]] = None,
selection_tags: Optional[Sequence[SelectionSelectionTagArgs]] = None) -> Selectionfunc GetSelection(ctx *Context, name string, id IDInput, state *SelectionState, opts ...ResourceOption) (*Selection, error)public static Selection Get(string name, Input<string> id, SelectionState? state, CustomResourceOptions? opts = null)public static Selection get(String name, Output<String> id, SelectionState state, CustomResourceOptions options)resources: _: type: aws:backup:Selection get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Conditions
List<Selection
Condition> - A list of conditions that you define to assign resources to your backup plans using tags.
- Iam
Role stringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- Name string
- The display name of a resource selection document.
- Not
Resources List<string> - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- Plan
Id string - The backup plan ID to be associated with the selection of resources.
- Resources List<string>
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
List<Selection
Selection Tag> - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- Conditions
[]Selection
Condition Args - A list of conditions that you define to assign resources to your backup plans using tags.
- Iam
Role stringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- Name string
- The display name of a resource selection document.
- Not
Resources []string - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- Plan
Id string - The backup plan ID to be associated with the selection of resources.
- Resources []string
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
[]Selection
Selection Tag Args - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- conditions
List<Selection
Condition> - A list of conditions that you define to assign resources to your backup plans using tags.
- iam
Role StringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- name String
- The display name of a resource selection document.
- not
Resources List<String> - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- plan
Id String - The backup plan ID to be associated with the selection of resources.
- resources List<String>
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
List<Selection
Selection Tag> - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- conditions
Selection
Condition[] - A list of conditions that you define to assign resources to your backup plans using tags.
- iam
Role stringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- name string
- The display name of a resource selection document.
- not
Resources string[] - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- plan
Id string - The backup plan ID to be associated with the selection of resources.
- resources string[]
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
Selection
Selection Tag[] - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- conditions
Sequence[Selection
Condition Args] - A list of conditions that you define to assign resources to your backup plans using tags.
- iam_
role_ strarn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- name str
- The display name of a resource selection document.
- not_
resources Sequence[str] - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- plan_
id str - The backup plan ID to be associated with the selection of resources.
- resources Sequence[str]
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
-
Sequence[Selection
Selection Tag Args] - Tag-based conditions used to specify a set of resources to assign to a backup plan.
- conditions List<Property Map>
- A list of conditions that you define to assign resources to your backup plans using tags.
- iam
Role StringArn - The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the AWS Backup Developer Guide for additional information about using AWS managed policies or creating custom policies attached to the IAM role.
- name String
- The display name of a resource selection document.
- not
Resources List<String> - An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.
- plan
Id String - The backup plan ID to be associated with the selection of resources.
- resources List<String>
- An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.
- List<Property Map>
- Tag-based conditions used to specify a set of resources to assign to a backup plan.
Supporting Types
SelectionCondition, SelectionConditionArgs
SelectionConditionStringEqual, SelectionConditionStringEqualArgs
SelectionConditionStringLike, SelectionConditionStringLikeArgs
SelectionConditionStringNotEqual, SelectionConditionStringNotEqualArgs
SelectionConditionStringNotLike, SelectionConditionStringNotLikeArgs
SelectionSelectionTag, SelectionSelectionTagArgs
Import
Backup selection can be imported using the role plan_id and id separated by |.
$ pulumi import aws:backup/selection:Selection example plan-id|selection-id
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Viewing docs for AWS v5.43.0 (Older version)
published on Tuesday, Mar 10, 2026 by Pulumi
published on Tuesday, Mar 10, 2026 by Pulumi
