[ aws . backup ]

create-framework

Description

Creates a framework with one or more controls. A framework is a collection of controls that you can use to evaluate your backup practices. By using pre-built customizable controls to define your policies, you can evaluate whether your backup practices comply with your policies and which resources are not yet in compliance.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  create-framework
--framework-name <value>
[--framework-description <value>]
--framework-controls <value>
[--idempotency-token <value>]
[--framework-tags <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--framework-name (string)

The unique name of the framework. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).

--framework-description (string)

An optional description of the framework with a maximum of 1,024 characters.

--framework-controls (list)

A list of the controls that make up the framework. Each control in the list has a name, input parameters, and scope.

(structure)

Contains detailed information about all of the controls of a framework. Each framework must contain at least one control.

ControlName -> (string)

The name of a control. This name is between 1 and 256 characters.

ControlInputParameters -> (list)

A list of ParameterName and ParameterValue pairs.

(structure)

A list of parameters for a control. A control can have zero, one, or more than one parameter. An example of a control with two parameters is: “backup plan frequency is at least daily and the retention period is at least 1 year “. The first parameter is daily . The second parameter is 1 year .

ParameterName -> (string)

The name of a parameter, for example, BackupPlanFrequency .

ParameterValue -> (string)

The value of parameter, for example, hourly .

ControlScope -> (structure)

The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. For more information, see ControlScope .

ComplianceResourceIds -> (list)

The ID of the only Amazon Web Services resource that you want your control scope to contain.

(string)

ComplianceResourceTypes -> (list)

Describes whether the control scope includes one or more types of resources, such as EFS or RDS .

(string)

Tags -> (map)

The tag key-value pair applied to those Amazon Web Services resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided. The tag value is optional, but it cannot be an empty string. The structure to assign a tag is: [{"Key":"string","Value":"string"}] .

key -> (string)

value -> (string)

Shorthand Syntax:

ControlName=string,ControlInputParameters=[{ParameterName=string,ParameterValue=string},{ParameterName=string,ParameterValue=string}],ControlScope={ComplianceResourceIds=[string,string],ComplianceResourceTypes=[string,string],Tags={KeyName1=string,KeyName2=string}} ...

JSON Syntax:

[
  {
    "ControlName": "string",
    "ControlInputParameters": [
      {
        "ParameterName": "string",
        "ParameterValue": "string"
      }
      ...
    ],
    "ControlScope": {
      "ComplianceResourceIds": ["string", ...],
      "ComplianceResourceTypes": ["string", ...],
      "Tags": {"string": "string"
        ...}
    }
  }
  ...
]

--idempotency-token (string)

A customer-chosen string that you can use to distinguish between otherwise identical calls to CreateFrameworkInput . Retrying a successful request with the same idempotency token results in a success message with no action taken.

--framework-tags (map)

Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair.

key -> (string)

value -> (string)

Shorthand Syntax:

KeyName1=string,KeyName2=string

JSON Syntax:

{"string": "string"
  ...}

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Output

FrameworkName -> (string)

The unique name of the framework. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).

FrameworkArn -> (string)

An Amazon Resource Name (ARN) that uniquely identifies a resource. The format of the ARN depends on the resource type.