fix(backup): vault name may exceed 50 characters (#8653)

Remove `AWS::StackName` from the CDK generated vault name, it's already
included in the `uniqueId`.

BREAKING CHANGE: existing vaults that use a generated name will be replaced but
existing recovery points won't be lost. The default vault removal policy is
`RETAIN` and if it was set to `DESTROY` the deployment will fail because
vault with recovery points cannot be deleted.

Fixes #8627


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

packages/@aws-cdk/aws-backup/README.md

@@ -6,6 +6,10 @@
 
 > All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use.
 
+![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge)
+
+> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
+
 ---
 <!--END STABILITY BANNER-->
 

packages/@aws-cdk/aws-backup/lib/vault.ts

@@ -1,7 +1,7 @@
 import * as iam from '@aws-cdk/aws-iam';
 import * as kms from '@aws-cdk/aws-kms';
 import * as sns from '@aws-cdk/aws-sns';
-import { Aws, Construct, IResource, RemovalPolicy, Resource } from '@aws-cdk/core';
+import { Construct, IResource, RemovalPolicy, Resource } from '@aws-cdk/core';
 import { CfnBackupVault } from './backup.generated';
 
 /**
@@ -21,7 +21,9 @@ export interface IBackupVault extends IResource {
  */
 export interface BackupVaultProps {
   /**
-   * The name of a logical container where backups are stored.
+   * The name of a logical container where backups are stored. Backup vaults
+   * are identified by names that are unique to the account used to create
+   * them and the AWS Region where they are created.
    *
    * @default - A CDK generated name
    */
@@ -158,7 +160,7 @@ export class BackupVault extends Resource implements IBackupVault {
 
   private uniqueVaultName() {
     // Max length of 50 chars, get the last 50 chars
-    const id = `${this.node.uniqueId}${Aws.STACK_NAME}`;
+    const id = this.node.uniqueId;
     return id.substring(Math.max(id.length - 50, 0), id.length);
   }
 }

packages/@aws-cdk/aws-backup/package.json

@@ -99,7 +99,7 @@
     "node": ">= 10.13.0 <13 || >=13.7.0"
   },
   "stability": "experimental",
-  "maturity": "cfn-only",
+  "maturity": "experimental",
   "awscdkio": {
     "announce": false
   }

packages/@aws-cdk/aws-backup/test/integ.backup.expected.json

@@ -29,17 +29,7 @@
     "Vault23237E5B": {
       "Type": "AWS::Backup::BackupVault",
       "Properties": {
-        "BackupVaultName": {
-          "Fn::Join": [
-            "",
-            [
-              "cdkbackupVaultC2A6D3CB",
-              {
-                "Ref": "AWS::StackName"
-              }
-            ]
-          ]
-        }
+        "BackupVaultName": "cdkbackupVaultC2A6D3CB"
       },
       "UpdateReplacePolicy": "Delete",
       "DeletionPolicy": "Delete"

packages/@aws-cdk/aws-backup/test/vault.test.ts

@@ -16,17 +16,7 @@ test('create a vault', () => {
 
   // THEN
   expect(stack).toHaveResource('AWS::Backup::BackupVault', {
-    BackupVaultName: {
-      'Fn::Join': [
-        '',
-        [
-          'Vault',
-          {
-            Ref: 'AWS::StackName',
-          },
-        ],
-      ],
-    },
+    BackupVaultName: 'Vault',
   });
 });