com.pulumi.azure.dataprotection.kotlin.BackupInstanceKubernetesClusterArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.dataprotection.kotlin
import com.pulumi.azure.dataprotection.BackupInstanceKubernetesClusterArgs.builder
import com.pulumi.azure.dataprotection.kotlin.inputs.BackupInstanceKubernetesClusterBackupDatasourceParametersArgs
import com.pulumi.azure.dataprotection.kotlin.inputs.BackupInstanceKubernetesClusterBackupDatasourceParametersArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.jvm.JvmName
/**
* Manages a Backup Instance to back up a Kubernetes Cluster.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const current = azure.core.getClientConfig({});
* const example = new azure.core.ResourceGroup("example", {
* name: "example",
* location: "West Europe",
* });
* const snap = new azure.core.ResourceGroup("snap", {
* name: "example-snap",
* location: "West Europe",
* });
* const exampleBackupVault = new azure.dataprotection.BackupVault("example", {
* name: "example",
* resourceGroupName: example.name,
* location: example.location,
* datastoreType: "VaultStore",
* redundancy: "LocallyRedundant",
* identity: {
* type: "SystemAssigned",
* },
* });
* const exampleKubernetesCluster = new azure.containerservice.KubernetesCluster("example", {
* name: "example",
* location: example.location,
* resourceGroupName: example.name,
* dnsPrefix: "dns",
* defaultNodePool: {
* name: "default",
* nodeCount: 1,
* vmSize: "Standard_DS2_v2",
* enableHostEncryption: true,
* },
* identity: {
* type: "SystemAssigned",
* },
* });
* const aksClusterTrustedAccess = new azure.containerservice.ClusterTrustedAccessRoleBinding("aks_cluster_trusted_access", {
* kubernetesClusterId: exampleKubernetesCluster.id,
* name: "example",
* roles: ["Microsoft.DataProtection/backupVaults/backup-operator"],
* sourceResourceId: exampleBackupVault.id,
* });
* const exampleAccount = new azure.storage.Account("example", {
* name: "example",
* resourceGroupName: example.name,
* location: example.location,
* accountTier: "Standard",
* accountReplicationType: "LRS",
* });
* const exampleContainer = new azure.storage.Container("example", {
* name: "example",
* storageAccountName: exampleAccount.name,
* containerAccessType: "private",
* });
* const exampleKubernetesClusterExtension = new azure.containerservice.KubernetesClusterExtension("example", {
* name: "example",
* clusterId: exampleKubernetesCluster.id,
* extensionType: "Microsoft.DataProtection.Kubernetes",
* releaseTrain: "stable",
* releaseNamespace: "dataprotection-microsoft",
* configurationSettings: {
* "configuration.backupStorageLocation.bucket": exampleContainer.name,
* "configuration.backupStorageLocation.config.resourceGroup": example.name,
* "configuration.backupStorageLocation.config.storageAccount": exampleAccount.name,
* "configuration.backupStorageLocation.config.subscriptionId": current.then(current => current.subscriptionId),
* "credentials.tenantId": current.then(current => current.tenantId),
* },
* });
* const extensionAndStorageAccountPermission = new azure.authorization.Assignment("extension_and_storage_account_permission", {
* scope: exampleAccount.id,
* roleDefinitionName: "Storage Account Contributor",
* principalId: exampleKubernetesClusterExtension.aksAssignedIdentities.apply(aksAssignedIdentities => aksAssignedIdentities[0].principalId),
* });
* const vaultMsiReadOnCluster = new azure.authorization.Assignment("vault_msi_read_on_cluster", {
* scope: exampleKubernetesCluster.id,
* roleDefinitionName: "Reader",
* principalId: exampleBackupVault.identity.apply(identity => identity?.principalId),
* });
* const vaultMsiReadOnSnapRg = new azure.authorization.Assignment("vault_msi_read_on_snap_rg", {
* scope: snap.id,
* roleDefinitionName: "Reader",
* principalId: exampleBackupVault.identity.apply(identity => identity?.principalId),
* });
* const testVaultMsiSnapshotContributorOnSnapRg = new azure.authorization.Assignment("test_vault_msi_snapshot_contributor_on_snap_rg", {
* scope: snap.id,
* roleDefinitionName: "Disk Snapshot Contributor",
* principalId: test.identity[0].principalId,
* });
* const testVaultDataOperatorOnSnapRg = new azure.authorization.Assignment("test_vault_data_operator_on_snap_rg", {
* scope: snap.id,
* roleDefinitionName: "Data Operator for Managed Disks",
* principalId: test.identity[0].principalId,
* });
* const testVaultDataContributorOnStorage = new azure.authorization.Assignment("test_vault_data_contributor_on_storage", {
* scope: testAzurermStorageAccount.id,
* roleDefinitionName: "Storage Blob Data Contributor",
* principalId: test.identity[0].principalId,
* });
* const clusterMsiContributorOnSnapRg = new azure.authorization.Assignment("cluster_msi_contributor_on_snap_rg", {
* scope: snap.id,
* roleDefinitionName: "Contributor",
* principalId: exampleKubernetesCluster.identity.apply(identity => identity?.principalId),
* });
* const exampleBackupPolicyKubernetesCluster = new azure.dataprotection.BackupPolicyKubernetesCluster("example", {
* name: "example",
* resourceGroupName: example.name,
* vaultName: exampleBackupVault.name,
* backupRepeatingTimeIntervals: ["R/2023-05-23T02:30:00+00:00/P1W"],
* retentionRules: [{
* name: "Daily",
* priority: 25,
* lifeCycles: [{
* duration: "P84D",
* dataStoreType: "OperationalStore",
* }],
* criteria: {
* daysOfWeeks: ["Thursday"],
* monthsOfYears: ["November"],
* weeksOfMonths: ["First"],
* scheduledBackupTimes: ["2023-05-23T02:30:00Z"],
* },
* }],
* defaultRetentionRule: {
* lifeCycles: [{
* duration: "P14D",
* dataStoreType: "OperationalStore",
* }],
* },
* });
* const exampleBackupInstanceKubernetesCluster = new azure.dataprotection.BackupInstanceKubernetesCluster("example", {
* name: "example",
* location: example.location,
* vaultId: exampleBackupVault.id,
* kubernetesClusterId: exampleKubernetesCluster.id,
* snapshotResourceGroupName: snap.name,
* backupPolicyId: exampleBackupPolicyKubernetesCluster.id,
* backupDatasourceParameters: {
* excludedNamespaces: ["test-excluded-namespaces"],
* excludedResourceTypes: ["exvolumesnapshotcontents.snapshot.storage.k8s.io"],
* clusterScopedResourcesEnabled: true,
* includedNamespaces: ["test-included-namespaces"],
* includedResourceTypes: ["involumesnapshotcontents.snapshot.storage.k8s.io"],
* labelSelectors: ["kubernetes.io/metadata.name:test"],
* volumeSnapshotEnabled: true,
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* current = azure.core.get_client_config()
* example = azure.core.ResourceGroup("example",
* name="example",
* location="West Europe")
* snap = azure.core.ResourceGroup("snap",
* name="example-snap",
* location="West Europe")
* example_backup_vault = azure.dataprotection.BackupVault("example",
* name="example",
* resource_group_name=example.name,
* location=example.location,
* datastore_type="VaultStore",
* redundancy="LocallyRedundant",
* identity=azure.dataprotection.BackupVaultIdentityArgs(
* type="SystemAssigned",
* ))
* example_kubernetes_cluster = azure.containerservice.KubernetesCluster("example",
* name="example",
* location=example.location,
* resource_group_name=example.name,
* dns_prefix="dns",
* default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(
* name="default",
* node_count=1,
* vm_size="Standard_DS2_v2",
* enable_host_encryption=True,
* ),
* identity=azure.containerservice.KubernetesClusterIdentityArgs(
* type="SystemAssigned",
* ))
* aks_cluster_trusted_access = azure.containerservice.ClusterTrustedAccessRoleBinding("aks_cluster_trusted_access",
* kubernetes_cluster_id=example_kubernetes_cluster.id,
* name="example",
* roles=["Microsoft.DataProtection/backupVaults/backup-operator"],
* source_resource_id=example_backup_vault.id)
* example_account = azure.storage.Account("example",
* name="example",
* resource_group_name=example.name,
* location=example.location,
* account_tier="Standard",
* account_replication_type="LRS")
* example_container = azure.storage.Container("example",
* name="example",
* storage_account_name=example_account.name,
* container_access_type="private")
* example_kubernetes_cluster_extension = azure.containerservice.KubernetesClusterExtension("example",
* name="example",
* cluster_id=example_kubernetes_cluster.id,
* extension_type="Microsoft.DataProtection.Kubernetes",
* release_train="stable",
* release_namespace="dataprotection-microsoft",
* configuration_settings={
* "configuration.backupStorageLocation.bucket": example_container.name,
* "configuration.backupStorageLocation.config.resourceGroup": example.name,
* "configuration.backupStorageLocation.config.storageAccount": example_account.name,
* "configuration.backupStorageLocation.config.subscriptionId": current.subscription_id,
* "credentials.tenantId": current.tenant_id,
* })
* extension_and_storage_account_permission = azure.authorization.Assignment("extension_and_storage_account_permission",
* scope=example_account.id,
* role_definition_name="Storage Account Contributor",
* principal_id=example_kubernetes_cluster_extension.aks_assigned_identities[0].principal_id)
* vault_msi_read_on_cluster = azure.authorization.Assignment("vault_msi_read_on_cluster",
* scope=example_kubernetes_cluster.id,
* role_definition_name="Reader",
* principal_id=example_backup_vault.identity.principal_id)
* vault_msi_read_on_snap_rg = azure.authorization.Assignment("vault_msi_read_on_snap_rg",
* scope=snap.id,
* role_definition_name="Reader",
* principal_id=example_backup_vault.identity.principal_id)
* test_vault_msi_snapshot_contributor_on_snap_rg = azure.authorization.Assignment("test_vault_msi_snapshot_contributor_on_snap_rg",
* scope=snap.id,
* role_definition_name="Disk Snapshot Contributor",
* principal_id=test["identity"][0]["principalId"])
* test_vault_data_operator_on_snap_rg = azure.authorization.Assignment("test_vault_data_operator_on_snap_rg",
* scope=snap.id,
* role_definition_name="Data Operator for Managed Disks",
* principal_id=test["identity"][0]["principalId"])
* test_vault_data_contributor_on_storage = azure.authorization.Assignment("test_vault_data_contributor_on_storage",
* scope=test_azurerm_storage_account["id"],
* role_definition_name="Storage Blob Data Contributor",
* principal_id=test["identity"][0]["principalId"])
* cluster_msi_contributor_on_snap_rg = azure.authorization.Assignment("cluster_msi_contributor_on_snap_rg",
* scope=snap.id,
* role_definition_name="Contributor",
* principal_id=example_kubernetes_cluster.identity.principal_id)
* example_backup_policy_kubernetes_cluster = azure.dataprotection.BackupPolicyKubernetesCluster("example",
* name="example",
* resource_group_name=example.name,
* vault_name=example_backup_vault.name,
* backup_repeating_time_intervals=["R/2023-05-23T02:30:00+00:00/P1W"],
* retention_rules=[azure.dataprotection.BackupPolicyKubernetesClusterRetentionRuleArgs(
* name="Daily",
* priority=25,
* life_cycles=[azure.dataprotection.BackupPolicyKubernetesClusterRetentionRuleLifeCycleArgs(
* duration="P84D",
* data_store_type="OperationalStore",
* )],
* criteria=azure.dataprotection.BackupPolicyKubernetesClusterRetentionRuleCriteriaArgs(
* days_of_weeks=["Thursday"],
* months_of_years=["November"],
* weeks_of_months=["First"],
* scheduled_backup_times=["2023-05-23T02:30:00Z"],
* ),
* )],
* default_retention_rule=azure.dataprotection.BackupPolicyKubernetesClusterDefaultRetentionRuleArgs(
* life_cycles=[azure.dataprotection.BackupPolicyKubernetesClusterDefaultRetentionRuleLifeCycleArgs(
* duration="P14D",
* data_store_type="OperationalStore",
* )],
* ))
* example_backup_instance_kubernetes_cluster = azure.dataprotection.BackupInstanceKubernetesCluster("example",
* name="example",
* location=example.location,
* vault_id=example_backup_vault.id,
* kubernetes_cluster_id=example_kubernetes_cluster.id,
* snapshot_resource_group_name=snap.name,
* backup_policy_id=example_backup_policy_kubernetes_cluster.id,
* backup_datasource_parameters=azure.dataprotection.BackupInstanceKubernetesClusterBackupDatasourceParametersArgs(
* excluded_namespaces=["test-excluded-namespaces"],
* excluded_resource_types=["exvolumesnapshotcontents.snapshot.storage.k8s.io"],
* cluster_scoped_resources_enabled=True,
* included_namespaces=["test-included-namespaces"],
* included_resource_types=["involumesnapshotcontents.snapshot.storage.k8s.io"],
* label_selectors=["kubernetes.io/metadata.name:test"],
* volume_snapshot_enabled=True,
* ))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var current = Azure.Core.GetClientConfig.Invoke();
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example",
* Location = "West Europe",
* });
* var snap = new Azure.Core.ResourceGroup("snap", new()
* {
* Name = "example-snap",
* Location = "West Europe",
* });
* var exampleBackupVault = new Azure.DataProtection.BackupVault("example", new()
* {
* Name = "example",
* ResourceGroupName = example.Name,
* Location = example.Location,
* DatastoreType = "VaultStore",
* Redundancy = "LocallyRedundant",
* Identity = new Azure.DataProtection.Inputs.BackupVaultIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var exampleKubernetesCluster = new Azure.ContainerService.KubernetesCluster("example", new()
* {
* Name = "example",
* Location = example.Location,
* ResourceGroupName = example.Name,
* DnsPrefix = "dns",
* DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
* {
* Name = "default",
* NodeCount = 1,
* VmSize = "Standard_DS2_v2",
* EnableHostEncryption = true,
* },
* Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var aksClusterTrustedAccess = new Azure.ContainerService.ClusterTrustedAccessRoleBinding("aks_cluster_trusted_access", new()
* {
* KubernetesClusterId = exampleKubernetesCluster.Id,
* Name = "example",
* Roles = new[]
* {
* "Microsoft.DataProtection/backupVaults/backup-operator",
* },
* SourceResourceId = exampleBackupVault.Id,
* });
* var exampleAccount = new Azure.Storage.Account("example", new()
* {
* Name = "example",
* ResourceGroupName = example.Name,
* Location = example.Location,
* AccountTier = "Standard",
* AccountReplicationType = "LRS",
* });
* var exampleContainer = new Azure.Storage.Container("example", new()
* {
* Name = "example",
* StorageAccountName = exampleAccount.Name,
* ContainerAccessType = "private",
* });
* var exampleKubernetesClusterExtension = new Azure.ContainerService.KubernetesClusterExtension("example", new()
* {
* Name = "example",
* ClusterId = exampleKubernetesCluster.Id,
* ExtensionType = "Microsoft.DataProtection.Kubernetes",
* ReleaseTrain = "stable",
* ReleaseNamespace = "dataprotection-microsoft",
* ConfigurationSettings =
* {
* { "configuration.backupStorageLocation.bucket", exampleContainer.Name },
* { "configuration.backupStorageLocation.config.resourceGroup", example.Name },
* { "configuration.backupStorageLocation.config.storageAccount", exampleAccount.Name },
* { "configuration.backupStorageLocation.config.subscriptionId", current.Apply(getClientConfigResult => getClientConfigResult.SubscriptionId) },
* { "credentials.tenantId", current.Apply(getClientConfigResult => getClientConfigResult.TenantId) },
* },
* });
* var extensionAndStorageAccountPermission = new Azure.Authorization.Assignment("extension_and_storage_account_permission", new()
* {
* Scope = exampleAccount.Id,
* RoleDefinitionName = "Storage Account Contributor",
* PrincipalId = exampleKubernetesClusterExtension.AksAssignedIdentities.Apply(aksAssignedIdentities => aksAssignedIdentities[0].PrincipalId),
* });
* var vaultMsiReadOnCluster = new Azure.Authorization.Assignment("vault_msi_read_on_cluster", new()
* {
* Scope = exampleKubernetesCluster.Id,
* RoleDefinitionName = "Reader",
* PrincipalId = exampleBackupVault.Identity.Apply(identity => identity?.PrincipalId),
* });
* var vaultMsiReadOnSnapRg = new Azure.Authorization.Assignment("vault_msi_read_on_snap_rg", new()
* {
* Scope = snap.Id,
* RoleDefinitionName = "Reader",
* PrincipalId = exampleBackupVault.Identity.Apply(identity => identity?.PrincipalId),
* });
* var testVaultMsiSnapshotContributorOnSnapRg = new Azure.Authorization.Assignment("test_vault_msi_snapshot_contributor_on_snap_rg", new()
* {
* Scope = snap.Id,
* RoleDefinitionName = "Disk Snapshot Contributor",
* PrincipalId = test.Identity[0].PrincipalId,
* });
* var testVaultDataOperatorOnSnapRg = new Azure.Authorization.Assignment("test_vault_data_operator_on_snap_rg", new()
* {
* Scope = snap.Id,
* RoleDefinitionName = "Data Operator for Managed Disks",
* PrincipalId = test.Identity[0].PrincipalId,
* });
* var testVaultDataContributorOnStorage = new Azure.Authorization.Assignment("test_vault_data_contributor_on_storage", new()
* {
* Scope = testAzurermStorageAccount.Id,
* RoleDefinitionName = "Storage Blob Data Contributor",
* PrincipalId = test.Identity[0].PrincipalId,
* });
* var clusterMsiContributorOnSnapRg = new Azure.Authorization.Assignment("cluster_msi_contributor_on_snap_rg", new()
* {
* Scope = snap.Id,
* RoleDefinitionName = "Contributor",
* PrincipalId = exampleKubernetesCluster.Identity.Apply(identity => identity?.PrincipalId),
* });
* var exampleBackupPolicyKubernetesCluster = new Azure.DataProtection.BackupPolicyKubernetesCluster("example", new()
* {
* Name = "example",
* ResourceGroupName = example.Name,
* VaultName = exampleBackupVault.Name,
* BackupRepeatingTimeIntervals = new[]
* {
* "R/2023-05-23T02:30:00+00:00/P1W",
* },
* RetentionRules = new[]
* {
* new Azure.DataProtection.Inputs.BackupPolicyKubernetesClusterRetentionRuleArgs
* {
* Name = "Daily",
* Priority = 25,
* LifeCycles = new[]
* {
* new Azure.DataProtection.Inputs.BackupPolicyKubernetesClusterRetentionRuleLifeCycleArgs
* {
* Duration = "P84D",
* DataStoreType = "OperationalStore",
* },
* },
* Criteria = new Azure.DataProtection.Inputs.BackupPolicyKubernetesClusterRetentionRuleCriteriaArgs
* {
* DaysOfWeeks = new[]
* {
* "Thursday",
* },
* MonthsOfYears = new[]
* {
* "November",
* },
* WeeksOfMonths = new[]
* {
* "First",
* },
* ScheduledBackupTimes = new[]
* {
* "2023-05-23T02:30:00Z",
* },
* },
* },
* },
* DefaultRetentionRule = new Azure.DataProtection.Inputs.BackupPolicyKubernetesClusterDefaultRetentionRuleArgs
* {
* LifeCycles = new[]
* {
* new Azure.DataProtection.Inputs.BackupPolicyKubernetesClusterDefaultRetentionRuleLifeCycleArgs
* {
* Duration = "P14D",
* DataStoreType = "OperationalStore",
* },
* },
* },
* });
* var exampleBackupInstanceKubernetesCluster = new Azure.DataProtection.BackupInstanceKubernetesCluster("example", new()
* {
* Name = "example",
* Location = example.Location,
* VaultId = exampleBackupVault.Id,
* KubernetesClusterId = exampleKubernetesCluster.Id,
* SnapshotResourceGroupName = snap.Name,
* BackupPolicyId = exampleBackupPolicyKubernetesCluster.Id,
* BackupDatasourceParameters = new Azure.DataProtection.Inputs.BackupInstanceKubernetesClusterBackupDatasourceParametersArgs
* {
* ExcludedNamespaces = new[]
* {
* "test-excluded-namespaces",
* },
* ExcludedResourceTypes = new[]
* {
* "exvolumesnapshotcontents.snapshot.storage.k8s.io",
* },
* ClusterScopedResourcesEnabled = true,
* IncludedNamespaces = new[]
* {
* "test-included-namespaces",
* },
* IncludedResourceTypes = new[]
* {
* "involumesnapshotcontents.snapshot.storage.k8s.io",
* },
* LabelSelectors = new[]
* {
* "kubernetes.io/metadata.name:test",
* },
* VolumeSnapshotEnabled = true,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/dataprotection"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* snap, err := core.NewResourceGroup(ctx, "snap", &core.ResourceGroupArgs{
* Name: pulumi.String("example-snap"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleBackupVault, err := dataprotection.NewBackupVault(ctx, "example", &dataprotection.BackupVaultArgs{
* Name: pulumi.String("example"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* DatastoreType: pulumi.String("VaultStore"),
* Redundancy: pulumi.String("LocallyRedundant"),
* Identity: &dataprotection.BackupVaultIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* exampleKubernetesCluster, err := containerservice.NewKubernetesCluster(ctx, "example", &containerservice.KubernetesClusterArgs{
* Name: pulumi.String("example"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* DnsPrefix: pulumi.String("dns"),
* DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
* Name: pulumi.String("default"),
* NodeCount: pulumi.Int(1),
* VmSize: pulumi.String("Standard_DS2_v2"),
* EnableHostEncryption: pulumi.Bool(true),
* },
* Identity: &containerservice.KubernetesClusterIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* _, err = containerservice.NewClusterTrustedAccessRoleBinding(ctx, "aks_cluster_trusted_access", &containerservice.ClusterTrustedAccessRoleBindingArgs{
* KubernetesClusterId: exampleKubernetesCluster.ID(),
* Name: pulumi.String("example"),
* Roles: pulumi.StringArray{
* pulumi.String("Microsoft.DataProtection/backupVaults/backup-operator"),
* },
* SourceResourceId: exampleBackupVault.ID(),
* })
* if err != nil {
* return err
* }
* exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
* Name: pulumi.String("example"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* AccountTier: pulumi.String("Standard"),
* AccountReplicationType: pulumi.String("LRS"),
* })
* if err != nil {
* return err
* }
* exampleContainer, err := storage.NewContainer(ctx, "example", &storage.ContainerArgs{
* Name: pulumi.String("example"),
* StorageAccountName: exampleAccount.Name,
* ContainerAccessType: pulumi.String("private"),
* })
* if err != nil {
* return err
* }
* exampleKubernetesClusterExtension, err := containerservice.NewKubernetesClusterExtension(ctx, "example", &containerservice.KubernetesClusterExtensionArgs{
* Name: pulumi.String("example"),
* ClusterId: exampleKubernetesCluster.ID(),
* ExtensionType: pulumi.String("Microsoft.DataProtection.Kubernetes"),
* ReleaseTrain: pulumi.String("stable"),
* ReleaseNamespace: pulumi.String("dataprotection-microsoft"),
* ConfigurationSettings: pulumi.StringMap{
* "configuration.backupStorageLocation.bucket": exampleContainer.Name,
* "configuration.backupStorageLocation.config.resourceGroup": example.Name,
* "configuration.backupStorageLocation.config.storageAccount": exampleAccount.Name,
* "configuration.backupStorageLocation.config.subscriptionId": pulumi.String(current.SubscriptionId),
* "credentials.tenantId": pulumi.String(current.TenantId),
* },
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "extension_and_storage_account_permission", &authorization.AssignmentArgs{
* Scope: exampleAccount.ID(),
* RoleDefinitionName: pulumi.String("Storage Account Contributor"),
* PrincipalId: exampleKubernetesClusterExtension.AksAssignedIdentities.ApplyT(func(aksAssignedIdentities []containerservice.KubernetesClusterExtensionAksAssignedIdentity) (*string, error) {
* return &aksAssignedIdentities[0].PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "vault_msi_read_on_cluster", &authorization.AssignmentArgs{
* Scope: exampleKubernetesCluster.ID(),
* RoleDefinitionName: pulumi.String("Reader"),
* PrincipalId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "vault_msi_read_on_snap_rg", &authorization.AssignmentArgs{
* Scope: snap.ID(),
* RoleDefinitionName: pulumi.String("Reader"),
* PrincipalId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "test_vault_msi_snapshot_contributor_on_snap_rg", &authorization.AssignmentArgs{
* Scope: snap.ID(),
* RoleDefinitionName: pulumi.String("Disk Snapshot Contributor"),
* PrincipalId: pulumi.Any(test.Identity[0].PrincipalId),
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "test_vault_data_operator_on_snap_rg", &authorization.AssignmentArgs{
* Scope: snap.ID(),
* RoleDefinitionName: pulumi.String("Data Operator for Managed Disks"),
* PrincipalId: pulumi.Any(test.Identity[0].PrincipalId),
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "test_vault_data_contributor_on_storage", &authorization.AssignmentArgs{
* Scope: pulumi.Any(testAzurermStorageAccount.Id),
* RoleDefinitionName: pulumi.String("Storage Blob Data Contributor"),
* PrincipalId: pulumi.Any(test.Identity[0].PrincipalId),
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "cluster_msi_contributor_on_snap_rg", &authorization.AssignmentArgs{
* Scope: snap.ID(),
* RoleDefinitionName: pulumi.String("Contributor"),
* PrincipalId: exampleKubernetesCluster.Identity.ApplyT(func(identity containerservice.KubernetesClusterIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* })
* if err != nil {
* return err
* }
* exampleBackupPolicyKubernetesCluster, err := dataprotection.NewBackupPolicyKubernetesCluster(ctx, "example", &dataprotection.BackupPolicyKubernetesClusterArgs{
* Name: pulumi.String("example"),
* ResourceGroupName: example.Name,
* VaultName: exampleBackupVault.Name,
* BackupRepeatingTimeIntervals: pulumi.StringArray{
* pulumi.String("R/2023-05-23T02:30:00+00:00/P1W"),
* },
* RetentionRules: dataprotection.BackupPolicyKubernetesClusterRetentionRuleArray{
* &dataprotection.BackupPolicyKubernetesClusterRetentionRuleArgs{
* Name: pulumi.String("Daily"),
* Priority: pulumi.Int(25),
* LifeCycles: dataprotection.BackupPolicyKubernetesClusterRetentionRuleLifeCycleArray{
* &dataprotection.BackupPolicyKubernetesClusterRetentionRuleLifeCycleArgs{
* Duration: pulumi.String("P84D"),
* DataStoreType: pulumi.String("OperationalStore"),
* },
* },
* Criteria: &dataprotection.BackupPolicyKubernetesClusterRetentionRuleCriteriaArgs{
* DaysOfWeeks: pulumi.StringArray{
* pulumi.String("Thursday"),
* },
* MonthsOfYears: pulumi.StringArray{
* pulumi.String("November"),
* },
* WeeksOfMonths: pulumi.StringArray{
* pulumi.String("First"),
* },
* ScheduledBackupTimes: pulumi.StringArray{
* pulumi.String("2023-05-23T02:30:00Z"),
* },
* },
* },
* },
* DefaultRetentionRule: &dataprotection.BackupPolicyKubernetesClusterDefaultRetentionRuleArgs{
* LifeCycles: dataprotection.BackupPolicyKubernetesClusterDefaultRetentionRuleLifeCycleArray{
* &dataprotection.BackupPolicyKubernetesClusterDefaultRetentionRuleLifeCycleArgs{
* Duration: pulumi.String("P14D"),
* DataStoreType: pulumi.String("OperationalStore"),
* },
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = dataprotection.NewBackupInstanceKubernetesCluster(ctx, "example", &dataprotection.BackupInstanceKubernetesClusterArgs{
* Name: pulumi.String("example"),
* Location: example.Location,
* VaultId: exampleBackupVault.ID(),
* KubernetesClusterId: exampleKubernetesCluster.ID(),
* SnapshotResourceGroupName: snap.Name,
* BackupPolicyId: exampleBackupPolicyKubernetesCluster.ID(),
* BackupDatasourceParameters: &dataprotection.BackupInstanceKubernetesClusterBackupDatasourceParametersArgs{
* ExcludedNamespaces: pulumi.StringArray{
* pulumi.String("test-excluded-namespaces"),
* },
* ExcludedResourceTypes: pulumi.StringArray{
* pulumi.String("exvolumesnapshotcontents.snapshot.storage.k8s.io"),
* },
* ClusterScopedResourcesEnabled: pulumi.Bool(true),
* IncludedNamespaces: pulumi.StringArray{
* pulumi.String("test-included-namespaces"),
* },
* IncludedResourceTypes: pulumi.StringArray{
* pulumi.String("involumesnapshotcontents.snapshot.storage.k8s.io"),
* },
* LabelSelectors: pulumi.StringArray{
* pulumi.String("kubernetes.io/metadata.name:test"),
* },
* VolumeSnapshotEnabled: pulumi.Bool(true),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.dataprotection.BackupVault;
* import com.pulumi.azure.dataprotection.BackupVaultArgs;
* import com.pulumi.azure.dataprotection.inputs.BackupVaultIdentityArgs;
* import com.pulumi.azure.containerservice.KubernetesCluster;
* import com.pulumi.azure.containerservice.KubernetesClusterArgs;
* import com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;
* import com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;
* import com.pulumi.azure.containerservice.ClusterTrustedAccessRoleBinding;
* import com.pulumi.azure.containerservice.ClusterTrustedAccessRoleBindingArgs;
* import com.pulumi.azure.storage.Account;
* import com.pulumi.azure.storage.AccountArgs;
* import com.pulumi.azure.storage.Container;
* import com.pulumi.azure.storage.ContainerArgs;
* import com.pulumi.azure.containerservice.KubernetesClusterExtension;
* import com.pulumi.azure.containerservice.KubernetesClusterExtensionArgs;
* import com.pulumi.azure.authorization.Assignment;
* import com.pulumi.azure.authorization.AssignmentArgs;
* import com.pulumi.azure.dataprotection.BackupPolicyKubernetesCluster;
* import com.pulumi.azure.dataprotection.BackupPolicyKubernetesClusterArgs;
* import com.pulumi.azure.dataprotection.inputs.BackupPolicyKubernetesClusterRetentionRuleArgs;
* import com.pulumi.azure.dataprotection.inputs.BackupPolicyKubernetesClusterRetentionRuleCriteriaArgs;
* import com.pulumi.azure.dataprotection.inputs.BackupPolicyKubernetesClusterDefaultRetentionRuleArgs;
* import com.pulumi.azure.dataprotection.BackupInstanceKubernetesCluster;
* import com.pulumi.azure.dataprotection.BackupInstanceKubernetesClusterArgs;
* import com.pulumi.azure.dataprotection.inputs.BackupInstanceKubernetesClusterBackupDatasourceParametersArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = CoreFunctions.getClientConfig();
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example")
* .location("West Europe")
* .build());
* var snap = new ResourceGroup("snap", ResourceGroupArgs.builder()
* .name("example-snap")
* .location("West Europe")
* .build());
* var exampleBackupVault = new BackupVault("exampleBackupVault", BackupVaultArgs.builder()
* .name("example")
* .resourceGroupName(example.name())
* .location(example.location())
* .datastoreType("VaultStore")
* .redundancy("LocallyRedundant")
* .identity(BackupVaultIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var exampleKubernetesCluster = new KubernetesCluster("exampleKubernetesCluster", KubernetesClusterArgs.builder()
* .name("example")
* .location(example.location())
* .resourceGroupName(example.name())
* .dnsPrefix("dns")
* .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()
* .name("default")
* .nodeCount(1)
* .vmSize("Standard_DS2_v2")
* .enableHostEncryption(true)
* .build())
* .identity(KubernetesClusterIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var aksClusterTrustedAccess = new ClusterTrustedAccessRoleBinding("aksClusterTrustedAccess", ClusterTrustedAccessRoleBindingArgs.builder()
* .kubernetesClusterId(exampleKubernetesCluster.id())
* .name("example")
* .roles("Microsoft.DataProtection/backupVaults/backup-operator")
* .sourceResourceId(exampleBackupVault.id())
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("example")
* .resourceGroupName(example.name())
* .location(example.location())
* .accountTier("Standard")
* .accountReplicationType("LRS")
* .build());
* var exampleContainer = new Container("exampleContainer", ContainerArgs.builder()
* .name("example")
* .storageAccountName(exampleAccount.name())
* .containerAccessType("private")
* .build());
* var exampleKubernetesClusterExtension = new KubernetesClusterExtension("exampleKubernetesClusterExtension", KubernetesClusterExtensionArgs.builder()
* .name("example")
* .clusterId(exampleKubernetesCluster.id())
* .extensionType("Microsoft.DataProtection.Kubernetes")
* .releaseTrain("stable")
* .releaseNamespace("dataprotection-microsoft")
* .configurationSettings(Map.ofEntries(
* Map.entry("configuration.backupStorageLocation.bucket", exampleContainer.name()),
* Map.entry("configuration.backupStorageLocation.config.resourceGroup", example.name()),
* Map.entry("configuration.backupStorageLocation.config.storageAccount", exampleAccount.name()),
* Map.entry("configuration.backupStorageLocation.config.subscriptionId", current.applyValue(getClientConfigResult -> getClientConfigResult.subscriptionId())),
* Map.entry("credentials.tenantId", current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* ))
* .build());
* var extensionAndStorageAccountPermission = new Assignment("extensionAndStorageAccountPermission", AssignmentArgs.builder()
* .scope(exampleAccount.id())
* .roleDefinitionName("Storage Account Contributor")
* .principalId(exampleKubernetesClusterExtension.aksAssignedIdentities().applyValue(aksAssignedIdentities -> aksAssignedIdentities[0].principalId()))
* .build());
* var vaultMsiReadOnCluster = new Assignment("vaultMsiReadOnCluster", AssignmentArgs.builder()
* .scope(exampleKubernetesCluster.id())
* .roleDefinitionName("Reader")
* .principalId(exampleBackupVault.identity().applyValue(identity -> identity.principalId()))
* .build());
* var vaultMsiReadOnSnapRg = new Assignment("vaultMsiReadOnSnapRg", AssignmentArgs.builder()
* .scope(snap.id())
* .roleDefinitionName("Reader")
* .principalId(exampleBackupVault.identity().applyValue(identity -> identity.principalId()))
* .build());
* var testVaultMsiSnapshotContributorOnSnapRg = new Assignment("testVaultMsiSnapshotContributorOnSnapRg", AssignmentArgs.builder()
* .scope(snap.id())
* .roleDefinitionName("Disk Snapshot Contributor")
* .principalId(test.identity()[0].principalId())
* .build());
* var testVaultDataOperatorOnSnapRg = new Assignment("testVaultDataOperatorOnSnapRg", AssignmentArgs.builder()
* .scope(snap.id())
* .roleDefinitionName("Data Operator for Managed Disks")
* .principalId(test.identity()[0].principalId())
* .build());
* var testVaultDataContributorOnStorage = new Assignment("testVaultDataContributorOnStorage", AssignmentArgs.builder()
* .scope(testAzurermStorageAccount.id())
* .roleDefinitionName("Storage Blob Data Contributor")
* .principalId(test.identity()[0].principalId())
* .build());
* var clusterMsiContributorOnSnapRg = new Assignment("clusterMsiContributorOnSnapRg", AssignmentArgs.builder()
* .scope(snap.id())
* .roleDefinitionName("Contributor")
* .principalId(exampleKubernetesCluster.identity().applyValue(identity -> identity.principalId()))
* .build());
* var exampleBackupPolicyKubernetesCluster = new BackupPolicyKubernetesCluster("exampleBackupPolicyKubernetesCluster", BackupPolicyKubernetesClusterArgs.builder()
* .name("example")
* .resourceGroupName(example.name())
* .vaultName(exampleBackupVault.name())
* .backupRepeatingTimeIntervals("R/2023-05-23T02:30:00+00:00/P1W")
* .retentionRules(BackupPolicyKubernetesClusterRetentionRuleArgs.builder()
* .name("Daily")
* .priority(25)
* .lifeCycles(BackupPolicyKubernetesClusterRetentionRuleLifeCycleArgs.builder()
* .duration("P84D")
* .dataStoreType("OperationalStore")
* .build())
* .criteria(BackupPolicyKubernetesClusterRetentionRuleCriteriaArgs.builder()
* .daysOfWeeks("Thursday")
* .monthsOfYears("November")
* .weeksOfMonths("First")
* .scheduledBackupTimes("2023-05-23T02:30:00Z")
* .build())
* .build())
* .defaultRetentionRule(BackupPolicyKubernetesClusterDefaultRetentionRuleArgs.builder()
* .lifeCycles(BackupPolicyKubernetesClusterDefaultRetentionRuleLifeCycleArgs.builder()
* .duration("P14D")
* .dataStoreType("OperationalStore")
* .build())
* .build())
* .build());
* var exampleBackupInstanceKubernetesCluster = new BackupInstanceKubernetesCluster("exampleBackupInstanceKubernetesCluster", BackupInstanceKubernetesClusterArgs.builder()
* .name("example")
* .location(example.location())
* .vaultId(exampleBackupVault.id())
* .kubernetesClusterId(exampleKubernetesCluster.id())
* .snapshotResourceGroupName(snap.name())
* .backupPolicyId(exampleBackupPolicyKubernetesCluster.id())
* .backupDatasourceParameters(BackupInstanceKubernetesClusterBackupDatasourceParametersArgs.builder()
* .excludedNamespaces("test-excluded-namespaces")
* .excludedResourceTypes("exvolumesnapshotcontents.snapshot.storage.k8s.io")
* .clusterScopedResourcesEnabled(true)
* .includedNamespaces("test-included-namespaces")
* .includedResourceTypes("involumesnapshotcontents.snapshot.storage.k8s.io")
* .labelSelectors("kubernetes.io/metadata.name:test")
* .volumeSnapshotEnabled(true)
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example
* location: West Europe
* snap:
* type: azure:core:ResourceGroup
* properties:
* name: example-snap
* location: West Europe
* exampleBackupVault:
* type: azure:dataprotection:BackupVault
* name: example
* properties:
* name: example
* resourceGroupName: ${example.name}
* location: ${example.location}
* datastoreType: VaultStore
* redundancy: LocallyRedundant
* identity:
* type: SystemAssigned
* exampleKubernetesCluster:
* type: azure:containerservice:KubernetesCluster
* name: example
* properties:
* name: example
* location: ${example.location}
* resourceGroupName: ${example.name}
* dnsPrefix: dns
* defaultNodePool:
* name: default
* nodeCount: 1
* vmSize: Standard_DS2_v2
* enableHostEncryption: true
* identity:
* type: SystemAssigned
* aksClusterTrustedAccess:
* type: azure:containerservice:ClusterTrustedAccessRoleBinding
* name: aks_cluster_trusted_access
* properties:
* kubernetesClusterId: ${exampleKubernetesCluster.id}
* name: example
* roles:
* - Microsoft.DataProtection/backupVaults/backup-operator
* sourceResourceId: ${exampleBackupVault.id}
* exampleAccount:
* type: azure:storage:Account
* name: example
* properties:
* name: example
* resourceGroupName: ${example.name}
* location: ${example.location}
* accountTier: Standard
* accountReplicationType: LRS
* exampleContainer:
* type: azure:storage:Container
* name: example
* properties:
* name: example
* storageAccountName: ${exampleAccount.name}
* containerAccessType: private
* exampleKubernetesClusterExtension:
* type: azure:containerservice:KubernetesClusterExtension
* name: example
* properties:
* name: example
* clusterId: ${exampleKubernetesCluster.id}
* extensionType: Microsoft.DataProtection.Kubernetes
* releaseTrain: stable
* releaseNamespace: dataprotection-microsoft
* configurationSettings:
* configuration.backupStorageLocation.bucket: ${exampleContainer.name}
* configuration.backupStorageLocation.config.resourceGroup: ${example.name}
* configuration.backupStorageLocation.config.storageAccount: ${exampleAccount.name}
* configuration.backupStorageLocation.config.subscriptionId: ${current.subscriptionId}
* credentials.tenantId: ${current.tenantId}
* extensionAndStorageAccountPermission:
* type: azure:authorization:Assignment
* name: extension_and_storage_account_permission
* properties:
* scope: ${exampleAccount.id}
* roleDefinitionName: Storage Account Contributor
* principalId: ${exampleKubernetesClusterExtension.aksAssignedIdentities[0].principalId}
* vaultMsiReadOnCluster:
* type: azure:authorization:Assignment
* name: vault_msi_read_on_cluster
* properties:
* scope: ${exampleKubernetesCluster.id}
* roleDefinitionName: Reader
* principalId: ${exampleBackupVault.identity.principalId}
* vaultMsiReadOnSnapRg:
* type: azure:authorization:Assignment
* name: vault_msi_read_on_snap_rg
* properties:
* scope: ${snap.id}
* roleDefinitionName: Reader
* principalId: ${exampleBackupVault.identity.principalId}
* testVaultMsiSnapshotContributorOnSnapRg:
* type: azure:authorization:Assignment
* name: test_vault_msi_snapshot_contributor_on_snap_rg
* properties:
* scope: ${snap.id}
* roleDefinitionName: Disk Snapshot Contributor
* principalId: ${test.identity[0].principalId}
* testVaultDataOperatorOnSnapRg:
* type: azure:authorization:Assignment
* name: test_vault_data_operator_on_snap_rg
* properties:
* scope: ${snap.id}
* roleDefinitionName: Data Operator for Managed Disks
* principalId: ${test.identity[0].principalId}
* testVaultDataContributorOnStorage:
* type: azure:authorization:Assignment
* name: test_vault_data_contributor_on_storage
* properties:
* scope: ${testAzurermStorageAccount.id}
* roleDefinitionName: Storage Blob Data Contributor
* principalId: ${test.identity[0].principalId}
* clusterMsiContributorOnSnapRg:
* type: azure:authorization:Assignment
* name: cluster_msi_contributor_on_snap_rg
* properties:
* scope: ${snap.id}
* roleDefinitionName: Contributor
* principalId: ${exampleKubernetesCluster.identity.principalId}
* exampleBackupPolicyKubernetesCluster:
* type: azure:dataprotection:BackupPolicyKubernetesCluster
* name: example
* properties:
* name: example
* resourceGroupName: ${example.name}
* vaultName: ${exampleBackupVault.name}
* backupRepeatingTimeIntervals:
* - R/2023-05-23T02:30:00+00:00/P1W
* retentionRules:
* - name: Daily
* priority: 25
* lifeCycles:
* - duration: P84D
* dataStoreType: OperationalStore
* criteria:
* daysOfWeeks:
* - Thursday
* monthsOfYears:
* - November
* weeksOfMonths:
* - First
* scheduledBackupTimes:
* - 2023-05-23T02:30:00Z
* defaultRetentionRule:
* lifeCycles:
* - duration: P14D
* dataStoreType: OperationalStore
* exampleBackupInstanceKubernetesCluster:
* type: azure:dataprotection:BackupInstanceKubernetesCluster
* name: example
* properties:
* name: example
* location: ${example.location}
* vaultId: ${exampleBackupVault.id}
* kubernetesClusterId: ${exampleKubernetesCluster.id}
* snapshotResourceGroupName: ${snap.name}
* backupPolicyId: ${exampleBackupPolicyKubernetesCluster.id}
* backupDatasourceParameters:
* excludedNamespaces:
* - test-excluded-namespaces
* excludedResourceTypes:
* - exvolumesnapshotcontents.snapshot.storage.k8s.io
* clusterScopedResourcesEnabled: true
* includedNamespaces:
* - test-included-namespaces
* includedResourceTypes:
* - involumesnapshotcontents.snapshot.storage.k8s.io
* labelSelectors:
* - kubernetes.io/metadata.name:test
* volumeSnapshotEnabled: true
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* Backup Instance Kubernetes Cluster can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:dataprotection/backupInstanceKubernetesCluster:BackupInstanceKubernetesCluster example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.DataProtection/backupVaults/vault1/backupInstances/backupInstance1
* ```
* @property backupDatasourceParameters A `backup_datasource_parameters` block as defined below.
* @property backupPolicyId The ID of the Backup Policy. Changing this forces a new resource to be created.
* @property kubernetesClusterId The ID of the Kubernetes Cluster. Changing this forces a new resource to be created.
* @property location The location of the Backup Instance Kubernetes Cluster. Changing this forces a new resource to be created.
* @property name The name which should be used for this Backup Instance Kubernetes Cluster. Changing this forces a new resource to be created.
* @property snapshotResourceGroupName The name of the Resource Group where snapshots are stored. Changing this forces a new resource to be created.
* @property vaultId The ID of the Backup Vault within which the Backup Instance Kubernetes Cluster should exist. Changing this forces a new resource to be created.
*/
public data class BackupInstanceKubernetesClusterArgs(
public val backupDatasourceParameters:
Output? = null,
public val backupPolicyId: Output? = null,
public val kubernetesClusterId: Output? = null,
public val location: Output? = null,
public val name: Output? = null,
public val snapshotResourceGroupName: Output? = null,
public val vaultId: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.dataprotection.BackupInstanceKubernetesClusterArgs =
com.pulumi.azure.dataprotection.BackupInstanceKubernetesClusterArgs.builder()
.backupDatasourceParameters(
backupDatasourceParameters?.applyValue({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
}),
)
.backupPolicyId(backupPolicyId?.applyValue({ args0 -> args0 }))
.kubernetesClusterId(kubernetesClusterId?.applyValue({ args0 -> args0 }))
.location(location?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.snapshotResourceGroupName(snapshotResourceGroupName?.applyValue({ args0 -> args0 }))
.vaultId(vaultId?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [BackupInstanceKubernetesClusterArgs].
*/
@PulumiTagMarker
public class BackupInstanceKubernetesClusterArgsBuilder internal constructor() {
private var backupDatasourceParameters:
Output? = null
private var backupPolicyId: Output? = null
private var kubernetesClusterId: Output? = null
private var location: Output? = null
private var name: Output? = null
private var snapshotResourceGroupName: Output? = null
private var vaultId: Output? = null
/**
* @param value A `backup_datasource_parameters` block as defined below.
*/
@JvmName("thytkfdqxpfstxvx")
public suspend
fun backupDatasourceParameters(`value`: Output) {
this.backupDatasourceParameters = value
}
/**
* @param value The ID of the Backup Policy. Changing this forces a new resource to be created.
*/
@JvmName("eplarwiuyusplbmm")
public suspend fun backupPolicyId(`value`: Output) {
this.backupPolicyId = value
}
/**
* @param value The ID of the Kubernetes Cluster. Changing this forces a new resource to be created.
*/
@JvmName("sqdeogycwbbgtwpq")
public suspend fun kubernetesClusterId(`value`: Output) {
this.kubernetesClusterId = value
}
/**
* @param value The location of the Backup Instance Kubernetes Cluster. Changing this forces a new resource to be created.
*/
@JvmName("tecylumvsiitmrdv")
public suspend fun location(`value`: Output) {
this.location = value
}
/**
* @param value The name which should be used for this Backup Instance Kubernetes Cluster. Changing this forces a new resource to be created.
*/
@JvmName("eoowalfahdqurafh")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value The name of the Resource Group where snapshots are stored. Changing this forces a new resource to be created.
*/
@JvmName("trtpvciufsgbgbof")
public suspend fun snapshotResourceGroupName(`value`: Output) {
this.snapshotResourceGroupName = value
}
/**
* @param value The ID of the Backup Vault within which the Backup Instance Kubernetes Cluster should exist. Changing this forces a new resource to be created.
*/
@JvmName("pshotjmgooqvwjje")
public suspend fun vaultId(`value`: Output) {
this.vaultId = value
}
/**
* @param value A `backup_datasource_parameters` block as defined below.
*/
@JvmName("cnwfshrkgkorvedm")
public suspend
fun backupDatasourceParameters(`value`: BackupInstanceKubernetesClusterBackupDatasourceParametersArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.backupDatasourceParameters = mapped
}
/**
* @param argument A `backup_datasource_parameters` block as defined below.
*/
@JvmName("mvxyiuhfxxnaktyr")
public suspend
fun backupDatasourceParameters(argument: suspend BackupInstanceKubernetesClusterBackupDatasourceParametersArgsBuilder.() -> Unit) {
val toBeMapped =
BackupInstanceKubernetesClusterBackupDatasourceParametersArgsBuilder().applySuspend {
argument()
}.build()
val mapped = of(toBeMapped)
this.backupDatasourceParameters = mapped
}
/**
* @param value The ID of the Backup Policy. Changing this forces a new resource to be created.
*/
@JvmName("nnrnbihwvwypnlla")
public suspend fun backupPolicyId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.backupPolicyId = mapped
}
/**
* @param value The ID of the Kubernetes Cluster. Changing this forces a new resource to be created.
*/
@JvmName("jhdqreswdjhoipor")
public suspend fun kubernetesClusterId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.kubernetesClusterId = mapped
}
/**
* @param value The location of the Backup Instance Kubernetes Cluster. Changing this forces a new resource to be created.
*/
@JvmName("pqyvjrscmwnkjxmm")
public suspend fun location(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.location = mapped
}
/**
* @param value The name which should be used for this Backup Instance Kubernetes Cluster. Changing this forces a new resource to be created.
*/
@JvmName("iflamybmswhfgmwr")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value The name of the Resource Group where snapshots are stored. Changing this forces a new resource to be created.
*/
@JvmName("jlxcqvqjlhqhbjhr")
public suspend fun snapshotResourceGroupName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.snapshotResourceGroupName = mapped
}
/**
* @param value The ID of the Backup Vault within which the Backup Instance Kubernetes Cluster should exist. Changing this forces a new resource to be created.
*/
@JvmName("qmxenfsdgnftgkcj")
public suspend fun vaultId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.vaultId = mapped
}
internal fun build(): BackupInstanceKubernetesClusterArgs = BackupInstanceKubernetesClusterArgs(
backupDatasourceParameters = backupDatasourceParameters,
backupPolicyId = backupPolicyId,
kubernetesClusterId = kubernetesClusterId,
location = location,
name = name,
snapshotResourceGroupName = snapshotResourceGroupName,
vaultId = vaultId,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy