VhFj"dZdZdZddlZddlmZddlmZddlmZddlm Z dd l m Z dd l m Z dd lmZdd lmZ dd lmZddlmZeedddgdedddgeddeeddeddeddeddeddeddedeeded !ededdeeddedeeded !"#ed$d%& #eddeedd'g(edeedd)d*g(+!,#ededd-d.g/edd$01Zd2dd3d4gfd2dd3gfgZdZ dMd5e d6ed7eed8eed9eed:ef d;ZdNdZd5e d?ed:efd@ZdAedBed:efdCZd5e dDed:efdEZ dOd5e dFeedGedHeefdIZ!d5e d8ed:efdJZ"dKZ#e$dLk(re#yy#e$rYwxYw)Pa# --- module: backup_plan version_added: 6.0.0 short_description: Manage AWS Backup Plans description: - Creates, updates, or deletes AWS Backup Plans. - For more information see the AWS documentation for Backup plans U(https://docs.aws.amazon.com/aws-backup/latest/devguide/about-backup-plans.html). author: - Kristof Imre Szabo (@krisek) - Alina Buzachis (@alinabuzachis) - Helen Bailey (@hakbailey) options: state: description: - Create/update or delete a backup plan. type: str default: present choices: ['present', 'absent'] backup_plan_name: description: - The display name of a backup plan. Must contain 1 to 50 alphanumeric or '-_.' characters. type: str required: true aliases: ['name'] rules: description: - An array of BackupRule objects, each of which specifies a scheduled task that is used to back up a selection of resources. - Required when O(state=present). type: list elements: dict suboptions: rule_name: description: Name of the rule. type: str required: true target_backup_vault_name: description: Name of the Backup Vault this rule should target. type: str required: true schedule_expression: description: A CRON expression in UTC specifying when Backup initiates a backup job. AWS default is used if not supplied. type: str default: 'cron(0 5 ? * * *)' start_window_minutes: description: - A value in minutes after a backup is scheduled before a job will be canceled if it doesn't start successfully. If this value is included, it must be at least 60 minutes to avoid errors. - AWS default if not supplied is V(480). type: int default: 480 completion_window_minutes: description: - A value in minutes after a backup job is successfully started before it must be completed or it will be canceled by Backup. - AWS default if not supplied is V(10080). type: int default: 10080 lifecycle: description: - The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup will transition and expire backups automatically according to the lifecycle that you define. - Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the "retention" setting must be 90 days greater than the "transition to cold after days" setting. The "transition to cold after days" setting cannot be changed after a backup has been transitioned to cold. type: dict suboptions: move_to_cold_storage_after_days: description: Specifies the number of days after creation that a recovery point is moved to cold storage. type: int delete_after_days: description: Specifies the number of days after creation that a recovery point is deleted. Must be greater than V(90) days plus O(rules.lifecycle.move_to_cold_storage_after_days). type: int recovery_point_tags: description: To help organize your resources, you can assign your own metadata to the resources that you create. type: dict copy_actions: description: An array of copy_action objects, which contains the details of the copy operation. type: list elements: dict suboptions: destination_backup_vault_arn: description: An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. type: str required: true lifecycle: description: - Contains an array of Transition objects specifying how long in days before a recovery point transitions to cold storage or is deleted. - Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, on the console, the "retention" setting must be 90 days greater than the "transition to cold after days" setting. The "transition to cold after days" setting cannot be changed after a backup has been transitioned to cold. type: dict suboptions: move_to_cold_storage_after_days: description: Specifies the number of days after creation that a recovery point is moved to cold storage. type: int delete_after_days: description: Specifies the number of days after creation that a recovery point is deleted. Must be greater than V(90) days plus O(rules.copy_actions.lifecycle.move_to_cold_storage_after_days). type: int enable_continuous_backup: description: - Specifies whether Backup creates continuous backups. True causes Backup to create continuous backups capable of point-in-time restore (PITR). False (or not specified) causes Backup to create snapshot backups. - AWS default if not supplied is V(false). type: bool default: false schedule_expression_timezone: description: - This is the timezone in which the schedule expression is set. - By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone. - This option requires botocore >= 1.31.36. type: str default: "Etc/UTC" required: false version_added: 7.3.0 advanced_backup_settings: description: - Specifies a list of advanced backup settings for each resource type. - These settings are only available for Windows Volume Shadow Copy Service (VSS) backup jobs. required: false type: list elements: dict suboptions: resource_type: description: - Specifies an object containing resource type and backup options. - The only supported resource type is Amazon EC2 instances with Windows Volume Shadow Copy Service (VSS). type: str choices: ['EC2'] backup_options: description: - Specifies the backup option for a selected resource. - This option is only available for Windows VSS backup jobs. type: dict suboptions: WindowsVSS: description: Enable or disable WindowsVSS backup option. type: str choices: ['enabled', 'disabled'] creator_request_id: description: Identifies the request and allows failed requests to be retried without the risk of running the operation twice. If the request includes a CreatorRequestId that matches an existing backup plan, that plan is returned. type: str tags: description: To help organize your resources, you can assign your own metadata to the resources that you create. Each tag is a key-value pair. The specified tags are assigned to all backups created with this plan. type: dict aliases: ['resource_tags', 'backup_plan_tags'] extends_documentation_fragment: - amazon.aws.common.modules - amazon.aws.region.modules - amazon.aws.boto3 - amazon.aws.tags a4 - name: Create an AWSbackup plan amazon.aws.backup_plan: state: present backup_plan_name: elastic rules: - rule_name: daily advanced_backup_settings: - resource_type: "EC2" backup_options: WindowsVSS: enabled target_backup_vault_name: "{{ backup_vault_name }}" schedule_expression: 'cron(0 5 ? * * *)' start_window_minutes: 60 completion_window_minutes: 1440 - name: Delete an AWS Backup plan amazon.aws.backup_plan: backup_plan_name: elastic state: absent a exists: description: Whether the resource exists. returned: always type: bool sample: true backup_plan_arn: description: ARN of the backup plan. returned: always type: str sample: arn:aws:backup:eu-central-1:111122223333:backup-plan:1111f877-1ecf-4d79-9718-a861cd09df3b backup_plan_id: description: ID of the backup plan. returned: always type: str sample: "1111f877-1ecf-4d79-9718-a861cd09df3b" backup_plan_name: description: Name of the backup plan. returned: always type: str sample: elastic creation_date: description: Creation date of the backup plan. returned: on create/update type: str sample: '2023-01-24T10:08:03.193000+01:00' deletion_date: description: Date the backup plan was deleted. returned: on delete type: str sample: '2023-05-05T16:24:51.987000-04:00' version_id: description: Version ID of the backup plan. returned: always type: str sample: ODM3MjVjNjItYWFkOC00NjExLWIwZTYtZDNiNGI5M2I0ZTY1 backup_plan: description: Backup plan details. returned: on create/update type: dict contains: backup_plan_name: description: The display name of a backup plan. returned: always type: str sample: elastic rules: description: - An array of BackupRule objects, each of which specifies a scheduled task that is used to back up a selection of resources. returned: always type: list elements: dict contains: rule_name: description: A display name for a backup rule. returned: always type: str sample: "daily" target_backup_vault_name: description: The name of a logical container where backups are stored. returned: always type: str sample: "09da67966fd5-backup-vault" schedule_expression: description: A cron expression in UTC specifying when Backup initiates a backup job. returned: always type: str sample: "cron(0 5 ? * * *)" start_window_minutes: description: - A value in minutes after a backup is scheduled before a job will be canceled if it doesn't start successfully. type: int returned: always sample: 480 completion_window_minutes: description: - A value in minutes after a backup job is successfully started before it must be completed or it will be canceled by Backup. type: int returned: always sample: 10080 lifecycle: description: - Defines when a protected resource is transitioned to cold storage and when it expires. type: dict returned: when configured. sample: { "delete_after_days": 100, "move_to_cold_storage_after_days": 10 } recovery_point_tags: description: - An array of key-value pair strings that are assigned to resources that are associated with this rule when restored from backup. type: dict returned: when configured. sample: { "Tagkey1": "TagValue1", "Tagkey2": "TagValue2" } rule_id: description: - Uniquely identifies a rule that is used to schedule the backup of a selection of resources. type: str returned: always sample: "973621ef-d863-41ef-b5c3-9e943a64ad0c" copy_actions: description: An array of CopyAction objects, which contains the details of the copy operation. returned: when configured. type: list elements: dict sample: [ { "destination_backup_vault_arn": "arn:aws:backup:us-west-2:123456789012:backup-vault:my-test-vault", "lifecycle": { "delete_after_days": 100, "move_to_cold_storage_after_days": 10 } } ] enable_continous_backup: description: Specifies whether Backup creates continuous backups. type: bool returned: always sample: false schedule_expression_timezone: description: - This is the timezone in which the schedule expression is set. - This information is returned for botocore versions >= 1.31.36. type: str returned: when botocore >= 1.31.36 sample: "Etc/UTC" version_added: 7.3.0 advanced_backup_settings: description: Advanced backup settings of the backup plan. returned: when configured. type: list elements: dict sample: [ { "backup_options": { "windows_vss": "enabled" }, "resource_type": "EC2" } ] contains: resource_type: description: Resource type of the advanced settings. type: str sample: "EC2" backup_options: description: Backup options of the advanced settings. type: dict sample: { "windows_vss": "enabled" } tags: description: Tags of the backup plan. returned: on create/update type: str sample: { "TagKey1": "TagValue1", "TagKey2": "TagValue2" } N)datetime)Optional)camel_dict_to_snake_dict)snake_dict_to_camel_dict)get_plan_details)AnsibleAWSModule)compare_aws_tags)scrub_none_parameters) BotoCoreError) ClientErrorstrpresentabsent)typechoicesdefaultTname)requiredraliaseslistdict)rrzcron(0 5 ? * * *))rrintii`'zEtc/UTC)r)move_to_cold_storage_after_daysdelete_after_days)roptions)destination_backup_vault_arn lifecycle)relementsrboolF) rule_nametarget_backup_vault_nameschedule_expressionstart_window_minutescompletion_window_minutesschedule_expression_timezonerrecovery_point_tags copy_actionsenable_continuous_backupEC2)rrenableddisabled) WindowsVSS) resource_typebackup_optionsbackup_plan_tags resource_tags)rr)rr)statebackup_plan_namerulesadvanced_backup_settingscreator_request_idtags purge_tagsr1r2r3moduleplanr6backup_plan_id operationreturnc dt|jDcic]\}}|dk7s ||c}}di}|dk(r|r||d<|jd}|r||d<|S|d k(r||d <|Scc}}w) a| Formats plan details to match boto3 backup client param expectations. module : AnsibleAWSModule object plan: Dict of plan details including name, rules, and advanced settings tags: Dict of plan tags backup_plan_id: ID of backup plan to update, only needed for update operation operation: Operation to add specific params for, either create or update BackupPlanr2T)capitalize_firstcreateBackupPlanTagsr5CreatorRequestIdupdate BackupPlanId)ritemsparams) r8r9r6r:r;kvrFr5s j/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/amazon/aws/plugins/modules/backup_plan.pyformat_client_paramsrJs" ."jjl Fdaa3E.EQT F! FH '+F# $#]]+?@ );F% & M h !/~ M Gs A( A( plan_namedeletec tjj}|r|dd|ddS|dd|d||d|d|ddS)a Formats plan details in check mode to match result expectations. plan_name: Name of backup plan plan: Dict of plan details including name, rules, and advanced settings tags: Optional dict of plan tags delete: Whether the response is for a delete action )r2r:backup_plan_arn deletion_date version_idr3r4)r2r3r4r6)r2r:rO creation_daterQ backup_plan)rnow isoformat)rKr9r6rL timestamps rIformat_check_mode_responserWsj ((*I ) !&   !* !&$-g,01K,L   create_paramsc |jdi|}|S#ttf$r}|j|dYd}~Sd}~wwxYw)z Creates a backup plan. module : AnsibleAWSModule object client : boto3 backup client connection object create_params : The boto3 backup client parameters to create a backup plan z"Failed to create backup plan {err}msgN)create_backup_planr r fail_json_aws)r8clientrYresponseerrs rIr^r^^L,6,,=}= O  L S&JKK O LA>A existing_plannew_planc d}tj|ddDcgc],}|jDcic]\}}|dk7s ||c}}.c}}}d}tj|dd}|r||k7rd}tj|djdgd}tj|jdgd} || k7rd}|Scc}}wcc}}}w)a. Determines whether existing and new plan rules/settings match. existing_plan: Dict of existing plan details including rules and advanced settings, in snake-case format new_plan: Dict of existing plan details including rules and advanced settings, in snake-case format FrSr3rule_idT) sort_keysr4)jsondumpsrEget) rerf update_neededrulekeyvalexisting_rules new_rules!existing_advanced_backup_settingsnew_advanced_backup_settingss rIplan_update_neededrusMZZQ^_lQmnuQvww4::< DxsC3)3C#s( DwN 8G,=I ^y8 )- m$(()CRH)%$(::hll;UWY.Zfj#k (,HH ! EwsC CC C C update_paramsc |jdi|}|S#ttf$r}|j|dYd}~Sd}~wwxYw)z Updates a backup plan. module : AnsibleAWSModule object client : boto3 backup client connection object update_params : The boto3 backup client parameters to update a backup plan z"Failed to update backup plan {err}r[Nr])update_backup_planr r r_)r8r`rvrarbs rIrxrx9rcrdnew_tagsplan_arn current_tagsc|s|sy|jry|xsi}|xsi}t|||jd\}}|s|sy|r |j|||r |j|| yy#tt f$r}|j |dYd}~?d}~wwxYw#tt f$r}|j |d Yd}~yd}~wwxYw) a` Creates, updates, and/or removes tags on a Backup Plan resource. module : AnsibleAWSModule object client : boto3 client connection object new_tags : Dict of tags converted from ansible_dict to boto3 list of dicts plan_arn : The ARN of the Backup Plan to operate on curr_tags : Dict of the current tags on resource, if any FTr7)r7) ResourceArn TagKeyListz#Failed to remove tags from the planr[N)r}TagszFailed to add tags to the plan) check_moder rFuntag_resourcer r r_ tag_resource)r8r`ryrzr{ tags_to_addtags_to_removerbs rItag_backup_planrKs" L ~2H%2L"2<V\VcVcdpVq"rK ~ Q  ! !h> ! R L   H;  G {+ Q  *O P P Q {+ L  *J K K  Ls0A0B0B?BBC .CC c |j|}|S#ttf$r}|j|dYd}~Sd}~wwxYw)z Deletes a Backup Plan module : AnsibleAWSModule object client : boto3 backup client connection object backup_plan_id : ID (*not* name or ARN) of Backup plan to delete )rDz Failed to delete the Backup Planr[N)delete_backup_planr r r_)r8r`r:rarbs rIrrxsWJ,,.,I O ; 'JS&HII OJrdcvtttt}t dd}|j d}|j d}|j d}|j d|j dxsgDcgc] }t|c}|j dxsgDcgc] }t|c}d }|j dr>|dD]6}|jd r|jd |jd 8|j d } t|||} | r| dd} | d} ndx} } |dk(r| b|jrt||| } n,t||| d} t||| }t|||d} d|d<d|d<|j!| nd|d<t#| |r-|jst||| d} t%||| d|d<t'||| | d| d rd|d<|jrt||| } nt|||d} |j!| nj|dk(re| |j)d|dnL|jrt|| | d}n t+||| }d|d<d|d<|j!t-||j.di|ycc}wcc}w)N) argument_spec required_ifsupports_check_modeF)changedexistsbackupr1r2r3r4)r2r3r4z1.31.36zhschedule_expression_timezone requires botocore >= 1.31.36. schedule_expression_timezone will be ignored.r%r6rr:rr@)r6r;TrrrC)r:r;rOrz Backup plan z not found.r[r])r ARGUMENT_SPEC REQUIRED_IFSUPPORTS_CHECK_MODErr`rFr botocore_at_leastwarnpoprrrWrJr^rCrurxrdebugrr exit_json)r8resultr`r1rKrnsettingr9eachr6reexisting_plan_idrS client_paramsras rImainrs #/F% .F]]8 $F MM' "E 01I#MM*<=:@--:P:VTVW$'-W:@--Hb:c:igi% /6 !' *%  D}}WM 9D++I6 ~78  9 == D%VVY?M(+,<=%a( +// (   #  8D$O 4VTX` a -ffmL.vvyI!L #F8  $F9  MM+ & $F8 !-6(($8'7"* %M 'vv}E$(y!/0f% %)y!  8D$O .vvyI!L MM+ & (   # LL|I;kBL C  5iPTVZ[-ff>NO $F9 $F8  MM28< =FvUX% s :J1#J6__main__)NNN)F)N)% DOCUMENTATIONEXAMPLESRETURNrjrtypingr0ansible.module_utils.common.dict_transformationsrr:ansible_collections.amazon.aws.plugins.module_utils.backupr;ansible_collections.amazon.aws.plugins.module_utils.modulesr;ansible_collections.amazon.aws.plugins.module_utils.taggingr Bansible_collections.amazon.aws.plugins.module_utils.transformationr botocore.exceptionsr r ImportErrorrrrrr rJrrWr^rurxrrr__name__r]rXrIrs0j X *f P UUWXXd 1/ EIx#8) L4efXF  Du5%)4e%D $%9L M!%5#!>&*u&E)-5))L48e4D&*&6!%& 115t%1P"# $<@e!  &*vu%E; " F" EE7;%)ZAX(YZ  ' 6$6#H IDv.g4 n i,g67 h+,-   $(# ! ! ! 4.!SM ! } !  !H # T  t `d D/QU$ddt@/QU.$( * *tn* * 4. *Z /  QU [| zFK   s G--G65G6