Creates a framework with one or more controls. A framework is a collection of controls that you can use to evaluate your backup practices. By using pre-built customizable controls to define your policies, you can evaluate whether your backup practices comply with your policies and which resources are not yet in compliance.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-framework
--framework-name <value>
[--framework-description <value>]
--framework-controls <value>
[--idempotency-token <value>]
[--framework-tags <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--framework-name
(string)
The unique name of the framework. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).
--framework-description
(string)
An optional description of the framework with a maximum of 1,024 characters.
--framework-controls
(list)
A list of the controls that make up the framework. Each control in the list has a name, input parameters, and scope.
(structure)
Contains detailed information about all of the controls of a framework. Each framework must contain at least one control.
ControlName -> (string)
The name of a control. This name is between 1 and 256 characters.
ControlInputParameters -> (list)
A list of
ParameterName
andParameterValue
pairs.(structure)
A list of parameters for a control. A control can have zero, one, or more than one parameter. An example of a control with two parameters is: “backup plan frequency is at least
daily
and the retention period is at least1 year
“. The first parameter isdaily
. The second parameter is1 year
.ParameterName -> (string)
The name of a parameter, for example,
BackupPlanFrequency
.ParameterValue -> (string)
The value of parameter, for example,
hourly
.ControlScope -> (structure)
The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. For more information, see
ControlScope
.ComplianceResourceIds -> (list)
The ID of the only Amazon Web Services resource that you want your control scope to contain.
(string)
ComplianceResourceTypes -> (list)
Describes whether the control scope includes one or more types of resources, such as
EFS
orRDS
.(string)
Tags -> (map)
Describes whether the control scope includes resources with one or more tags. Each tag is a key-value pair.
key -> (string)
value -> (string)
Shorthand Syntax:
ControlName=string,ControlInputParameters=[{ParameterName=string,ParameterValue=string},{ParameterName=string,ParameterValue=string}],ControlScope={ComplianceResourceIds=[string,string],ComplianceResourceTypes=[string,string],Tags={KeyName1=string,KeyName2=string}} ...
JSON Syntax:
[
{
"ControlName": "string",
"ControlInputParameters": [
{
"ParameterName": "string",
"ParameterValue": "string"
}
...
],
"ControlScope": {
"ComplianceResourceIds": ["string", ...],
"ComplianceResourceTypes": ["string", ...],
"Tags": {"string": "string"
...}
}
}
...
]
--idempotency-token
(string)
A customer-chosen string that you can use to distinguish between otherwise identical calls to
CreateFrameworkInput
. Retrying a successful request with the same idempotency token results in a success message with no action taken.
--framework-tags
(map)
Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair.
key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
JSON Syntax:
{"string": "string"
...}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
FrameworkName -> (string)
The unique name of the framework. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).
FrameworkArn -> (string)
An Amazon Resource Name (ARN) that uniquely identifies a resource. The format of the ARN depends on the resource type.