BucketObject

Provides a S3 bucket object resource.

Example Usage

Encrypting with KMS Key

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var examplekms = new Aws.Kms.Key("examplekms", new Aws.Kms.KeyArgs
        {
            Description = "KMS key 1",
            DeletionWindowInDays = 7,
        });
        var examplebucket = new Aws.S3.Bucket("examplebucket", new Aws.S3.BucketArgs
        {
            Acl = "private",
        });
        var examplebucketObject = new Aws.S3.BucketObject("examplebucketObject", new Aws.S3.BucketObjectArgs
        {
            Key = "someobject",
            Bucket = examplebucket.Id,
            Source = new FileAsset("index.html"),
            KmsKeyId = examplekms.Arn,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/kms"
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplekms, err := kms.NewKey(ctx, "examplekms", &kms.KeyArgs{
			Description:          pulumi.String("KMS key 1"),
			DeletionWindowInDays: pulumi.Int(7),
		})
		if err != nil {
			return err
		}
		examplebucket, err := s3.NewBucket(ctx, "examplebucket", &s3.BucketArgs{
			Acl: pulumi.String("private"),
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketObject(ctx, "examplebucketObject", &s3.BucketObjectArgs{
			Key:      pulumi.String("someobject"),
			Bucket:   examplebucket.ID(),
			Source:   pulumi.NewFileAsset("index.html"),
			KmsKeyId: examplekms.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_aws as aws

examplekms = aws.kms.Key("examplekms",
    description="KMS key 1",
    deletion_window_in_days=7)
examplebucket = aws.s3.Bucket("examplebucket", acl="private")
examplebucket_object = aws.s3.BucketObject("examplebucketObject",
    key="someobject",
    bucket=examplebucket.id,
    source=pulumi.FileAsset("index.html"),
    kms_key_id=examplekms.arn)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const examplekms = new aws.kms.Key("examplekms", {
    description: "KMS key 1",
    deletionWindowInDays: 7,
});
const examplebucket = new aws.s3.Bucket("examplebucket", {acl: "private"});
const examplebucketObject = new aws.s3.BucketObject("examplebucketObject", {
    key: "someobject",
    bucket: examplebucket.id,
    source: new pulumi.asset.FileAsset("index.html"),
    kmsKeyId: examplekms.arn,
});

Server Side Encryption with S3 Default Master Key

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var examplebucket = new Aws.S3.Bucket("examplebucket", new Aws.S3.BucketArgs
        {
            Acl = "private",
        });
        var examplebucketObject = new Aws.S3.BucketObject("examplebucketObject", new Aws.S3.BucketObjectArgs
        {
            Key = "someobject",
            Bucket = examplebucket.Id,
            Source = new FileAsset("index.html"),
            ServerSideEncryption = "aws:kms",
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplebucket, err := s3.NewBucket(ctx, "examplebucket", &s3.BucketArgs{
			Acl: pulumi.String("private"),
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketObject(ctx, "examplebucketObject", &s3.BucketObjectArgs{
			Key:                  pulumi.String("someobject"),
			Bucket:               examplebucket.ID(),
			Source:               pulumi.NewFileAsset("index.html"),
			ServerSideEncryption: pulumi.String("aws:kms"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_aws as aws

examplebucket = aws.s3.Bucket("examplebucket", acl="private")
examplebucket_object = aws.s3.BucketObject("examplebucketObject",
    key="someobject",
    bucket=examplebucket.id,
    source=pulumi.FileAsset("index.html"),
    server_side_encryption="aws:kms")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const examplebucket = new aws.s3.Bucket("examplebucket", {acl: "private"});
const examplebucketObject = new aws.s3.BucketObject("examplebucketObject", {
    key: "someobject",
    bucket: examplebucket.id,
    source: new pulumi.asset.FileAsset("index.html"),
    serverSideEncryption: "aws:kms",
});

Server Side Encryption with AWS-Managed Key

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var examplebucket = new Aws.S3.Bucket("examplebucket", new Aws.S3.BucketArgs
        {
            Acl = "private",
        });
        var examplebucketObject = new Aws.S3.BucketObject("examplebucketObject", new Aws.S3.BucketObjectArgs
        {
            Key = "someobject",
            Bucket = examplebucket.Id,
            Source = new FileAsset("index.html"),
            ServerSideEncryption = "AES256",
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplebucket, err := s3.NewBucket(ctx, "examplebucket", &s3.BucketArgs{
			Acl: pulumi.String("private"),
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketObject(ctx, "examplebucketObject", &s3.BucketObjectArgs{
			Key:                  pulumi.String("someobject"),
			Bucket:               examplebucket.ID(),
			Source:               pulumi.NewFileAsset("index.html"),
			ServerSideEncryption: pulumi.String("AES256"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_aws as aws

examplebucket = aws.s3.Bucket("examplebucket", acl="private")
examplebucket_object = aws.s3.BucketObject("examplebucketObject",
    key="someobject",
    bucket=examplebucket.id,
    source=pulumi.FileAsset("index.html"),
    server_side_encryption="AES256")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const examplebucket = new aws.s3.Bucket("examplebucket", {acl: "private"});
const examplebucketObject = new aws.s3.BucketObject("examplebucketObject", {
    key: "someobject",
    bucket: examplebucket.id,
    source: new pulumi.asset.FileAsset("index.html"),
    serverSideEncryption: "AES256",
});

S3 Object Lock

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var examplebucket = new Aws.S3.Bucket("examplebucket", new Aws.S3.BucketArgs
        {
            Acl = "private",
            Versioning = new Aws.S3.Inputs.BucketVersioningArgs
            {
                Enabled = true,
            },
            ObjectLockConfiguration = new Aws.S3.Inputs.BucketObjectLockConfigurationArgs
            {
                ObjectLockEnabled = "Enabled",
            },
        });
        var examplebucketObject = new Aws.S3.BucketObject("examplebucketObject", new Aws.S3.BucketObjectArgs
        {
            Key = "someobject",
            Bucket = examplebucket.Id,
            Source = new FileAsset("important.txt"),
            ObjectLockLegalHoldStatus = "ON",
            ObjectLockMode = "GOVERNANCE",
            ObjectLockRetainUntilDate = "2021-12-31T23:59:60Z",
            ForceDestroy = true,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplebucket, err := s3.NewBucket(ctx, "examplebucket", &s3.BucketArgs{
			Acl: pulumi.String("private"),
			Versioning: &s3.BucketVersioningArgs{
				Enabled: pulumi.Bool(true),
			},
			ObjectLockConfiguration: &s3.BucketObjectLockConfigurationArgs{
				ObjectLockEnabled: pulumi.String("Enabled"),
			},
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketObject(ctx, "examplebucketObject", &s3.BucketObjectArgs{
			Key:                       pulumi.String("someobject"),
			Bucket:                    examplebucket.ID(),
			Source:                    pulumi.NewFileAsset("important.txt"),
			ObjectLockLegalHoldStatus: pulumi.String("ON"),
			ObjectLockMode:            pulumi.String("GOVERNANCE"),
			ObjectLockRetainUntilDate: pulumi.String("2021-12-31T23:59:60Z"),
			ForceDestroy:              pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_aws as aws

examplebucket = aws.s3.Bucket("examplebucket",
    acl="private",
    versioning=aws.s3.BucketVersioningArgs(
        enabled=True,
    ),
    object_lock_configuration=aws.s3.BucketObjectLockConfigurationArgs(
        object_lock_enabled="Enabled",
    ))
examplebucket_object = aws.s3.BucketObject("examplebucketObject",
    key="someobject",
    bucket=examplebucket.id,
    source=pulumi.FileAsset("important.txt"),
    object_lock_legal_hold_status="ON",
    object_lock_mode="GOVERNANCE",
    object_lock_retain_until_date="2021-12-31T23:59:60Z",
    force_destroy=True)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const examplebucket = new aws.s3.Bucket("examplebucket", {
    acl: "private",
    versioning: {
        enabled: true,
    },
    objectLockConfiguration: {
        objectLockEnabled: "Enabled",
    },
});
const examplebucketObject = new aws.s3.BucketObject("examplebucketObject", {
    key: "someobject",
    bucket: examplebucket.id,
    source: new pulumi.asset.FileAsset("important.txt"),
    objectLockLegalHoldStatus: "ON",
    objectLockMode: "GOVERNANCE",
    objectLockRetainUntilDate: "2021-12-31T23:59:60Z",
    forceDestroy: true,
});

Create a BucketObject Resource

new BucketObject(name: string, args: BucketObjectArgs, opts?: CustomResourceOptions);
@overload
def BucketObject(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 acl: Optional[str] = None,
                 bucket: Optional[str] = None,
                 bucket_key_enabled: Optional[bool] = None,
                 cache_control: Optional[str] = None,
                 content: Optional[str] = None,
                 content_base64: Optional[str] = None,
                 content_disposition: Optional[str] = None,
                 content_encoding: Optional[str] = None,
                 content_language: Optional[str] = None,
                 content_type: Optional[str] = None,
                 etag: Optional[str] = None,
                 force_destroy: Optional[bool] = None,
                 key: Optional[str] = None,
                 kms_key_id: Optional[str] = None,
                 metadata: Optional[Mapping[str, str]] = None,
                 object_lock_legal_hold_status: Optional[str] = None,
                 object_lock_mode: Optional[str] = None,
                 object_lock_retain_until_date: Optional[str] = None,
                 server_side_encryption: Optional[str] = None,
                 source: Optional[Union[pulumi.Asset, pulumi.Archive]] = None,
                 storage_class: Optional[str] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 website_redirect: Optional[str] = None)
@overload
def BucketObject(resource_name: str,
                 args: BucketObjectArgs,
                 opts: Optional[ResourceOptions] = None)
func NewBucketObject(ctx *Context, name string, args BucketObjectArgs, opts ...ResourceOption) (*BucketObject, error)
public BucketObject(string name, BucketObjectArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args BucketObjectArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args BucketObjectArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args BucketObjectArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args BucketObjectArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

BucketObject Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The BucketObject resource accepts the following input properties:

Bucket string | string
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
Acl string
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
BucketKeyEnabled bool
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
CacheControl string
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
Content string
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
ContentBase64 string
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
ContentDisposition string
Specifies presentational information for the object. Read w3c content_disposition for further information.
ContentEncoding string
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
ContentLanguage string
The language the content is in e.g. en-US or en-GB.
ContentType string
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
Etag string
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
ForceDestroy bool
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
Key string
The name of the object once it is in the bucket.
KmsKeyId string
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
Metadata Dictionary<string, string>
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
ObjectLockLegalHoldStatus string
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
ObjectLockMode string
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
ObjectLockRetainUntilDate string
The date and time, in RFC3339 format, when this object’s object lock will expire.
ServerSideEncryption string
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
Source AssetOrArchive
The path to a file that will be read and uploaded as raw bytes for the object content.
StorageClass string
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
Tags Dictionary<string, string>
A map of tags to assign to the object.
WebsiteRedirect string
Specifies a target URL for website redirect.
Bucket string | string
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
Acl string
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
BucketKeyEnabled bool
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
CacheControl string
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
Content string
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
ContentBase64 string
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
ContentDisposition string
Specifies presentational information for the object. Read w3c content_disposition for further information.
ContentEncoding string
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
ContentLanguage string
The language the content is in e.g. en-US or en-GB.
ContentType string
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
Etag string
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
ForceDestroy bool
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
Key string
The name of the object once it is in the bucket.
KmsKeyId string
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
Metadata map[string]string
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
ObjectLockLegalHoldStatus string
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
ObjectLockMode string
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
ObjectLockRetainUntilDate string
The date and time, in RFC3339 format, when this object’s object lock will expire.
ServerSideEncryption string
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
Source pulumi.AssetOrArchive
The path to a file that will be read and uploaded as raw bytes for the object content.
StorageClass string
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
Tags map[string]string
A map of tags to assign to the object.
WebsiteRedirect string
Specifies a target URL for website redirect.
bucket string | Bucket
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
acl string
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
bucketKeyEnabled boolean
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
cacheControl string
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
content string
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
contentBase64 string
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
contentDisposition string
Specifies presentational information for the object. Read w3c content_disposition for further information.
contentEncoding string
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
contentLanguage string
The language the content is in e.g. en-US or en-GB.
contentType string
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
etag string
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
forceDestroy boolean
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
key string
The name of the object once it is in the bucket.
kmsKeyId string
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
metadata {[key: string]: string}
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
objectLockLegalHoldStatus string
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
objectLockMode string
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
objectLockRetainUntilDate string
The date and time, in RFC3339 format, when this object’s object lock will expire.
serverSideEncryption string
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
source pulumi.asset.Asset | pulumi.asset.Archive
The path to a file that will be read and uploaded as raw bytes for the object content.
storageClass string
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
tags {[key: string]: string}
A map of tags to assign to the object.
websiteRedirect string
Specifies a target URL for website redirect.
bucket str | str
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
acl str
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
bucket_key_enabled bool
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
cache_control str
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
content str
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
content_base64 str
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
content_disposition str
Specifies presentational information for the object. Read w3c content_disposition for further information.
content_encoding str
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
content_language str
The language the content is in e.g. en-US or en-GB.
content_type str
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
etag str
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
force_destroy bool
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
key str
The name of the object once it is in the bucket.
kms_key_id str
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
metadata Mapping[str, str]
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
object_lock_legal_hold_status str
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
object_lock_mode str
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
object_lock_retain_until_date str
The date and time, in RFC3339 format, when this object’s object lock will expire.
server_side_encryption str
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
source Union[pulumi.Asset, pulumi.Archive]
The path to a file that will be read and uploaded as raw bytes for the object content.
storage_class str
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
tags Mapping[str, str]
A map of tags to assign to the object.
website_redirect str
Specifies a target URL for website redirect.

Outputs

All input properties are implicitly available as output properties. Additionally, the BucketObject resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
VersionId string
A unique version ID value for the object, if bucket versioning is enabled.
Id string
The provider-assigned unique ID for this managed resource.
VersionId string
A unique version ID value for the object, if bucket versioning is enabled.
id string
The provider-assigned unique ID for this managed resource.
versionId string
A unique version ID value for the object, if bucket versioning is enabled.
id str
The provider-assigned unique ID for this managed resource.
version_id str
A unique version ID value for the object, if bucket versioning is enabled.

Look up an Existing BucketObject Resource

Get an existing BucketObject resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: BucketObjectState, opts?: CustomResourceOptions): BucketObject
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        acl: Optional[str] = None,
        bucket: Optional[str] = None,
        bucket_key_enabled: Optional[bool] = None,
        cache_control: Optional[str] = None,
        content: Optional[str] = None,
        content_base64: Optional[str] = None,
        content_disposition: Optional[str] = None,
        content_encoding: Optional[str] = None,
        content_language: Optional[str] = None,
        content_type: Optional[str] = None,
        etag: Optional[str] = None,
        force_destroy: Optional[bool] = None,
        key: Optional[str] = None,
        kms_key_id: Optional[str] = None,
        metadata: Optional[Mapping[str, str]] = None,
        object_lock_legal_hold_status: Optional[str] = None,
        object_lock_mode: Optional[str] = None,
        object_lock_retain_until_date: Optional[str] = None,
        server_side_encryption: Optional[str] = None,
        source: Optional[Union[pulumi.Asset, pulumi.Archive]] = None,
        storage_class: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        version_id: Optional[str] = None,
        website_redirect: Optional[str] = None) -> BucketObject
func GetBucketObject(ctx *Context, name string, id IDInput, state *BucketObjectState, opts ...ResourceOption) (*BucketObject, error)
public static BucketObject Get(string name, Input<string> id, BucketObjectState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Acl string
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
Bucket string | string
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
BucketKeyEnabled bool
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
CacheControl string
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
Content string
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
ContentBase64 string
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
ContentDisposition string
Specifies presentational information for the object. Read w3c content_disposition for further information.
ContentEncoding string
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
ContentLanguage string
The language the content is in e.g. en-US or en-GB.
ContentType string
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
Etag string
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
ForceDestroy bool
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
Key string
The name of the object once it is in the bucket.
KmsKeyId string
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
Metadata Dictionary<string, string>
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
ObjectLockLegalHoldStatus string
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
ObjectLockMode string
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
ObjectLockRetainUntilDate string
The date and time, in RFC3339 format, when this object’s object lock will expire.
ServerSideEncryption string
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
Source AssetOrArchive
The path to a file that will be read and uploaded as raw bytes for the object content.
StorageClass string
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
Tags Dictionary<string, string>
A map of tags to assign to the object.
VersionId string
A unique version ID value for the object, if bucket versioning is enabled.
WebsiteRedirect string
Specifies a target URL for website redirect.
Acl string
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
Bucket string | string
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
BucketKeyEnabled bool
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
CacheControl string
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
Content string
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
ContentBase64 string
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
ContentDisposition string
Specifies presentational information for the object. Read w3c content_disposition for further information.
ContentEncoding string
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
ContentLanguage string
The language the content is in e.g. en-US or en-GB.
ContentType string
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
Etag string
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
ForceDestroy bool
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
Key string
The name of the object once it is in the bucket.
KmsKeyId string
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
Metadata map[string]string
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
ObjectLockLegalHoldStatus string
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
ObjectLockMode string
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
ObjectLockRetainUntilDate string
The date and time, in RFC3339 format, when this object’s object lock will expire.
ServerSideEncryption string
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
Source pulumi.AssetOrArchive
The path to a file that will be read and uploaded as raw bytes for the object content.
StorageClass string
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
Tags map[string]string
A map of tags to assign to the object.
VersionId string
A unique version ID value for the object, if bucket versioning is enabled.
WebsiteRedirect string
Specifies a target URL for website redirect.
acl string
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
bucket string | Bucket
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
bucketKeyEnabled boolean
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
cacheControl string
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
content string
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
contentBase64 string
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
contentDisposition string
Specifies presentational information for the object. Read w3c content_disposition for further information.
contentEncoding string
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
contentLanguage string
The language the content is in e.g. en-US or en-GB.
contentType string
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
etag string
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
forceDestroy boolean
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
key string
The name of the object once it is in the bucket.
kmsKeyId string
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
metadata {[key: string]: string}
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
objectLockLegalHoldStatus string
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
objectLockMode string
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
objectLockRetainUntilDate string
The date and time, in RFC3339 format, when this object’s object lock will expire.
serverSideEncryption string
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
source pulumi.asset.Asset | pulumi.asset.Archive
The path to a file that will be read and uploaded as raw bytes for the object content.
storageClass string
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
tags {[key: string]: string}
A map of tags to assign to the object.
versionId string
A unique version ID value for the object, if bucket versioning is enabled.
websiteRedirect string
Specifies a target URL for website redirect.
acl str
The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private.
bucket str | str
The name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified.
bucket_key_enabled bool
Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
cache_control str
Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
content str
Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.
content_base64 str
Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the gzipbase64 function with small text strings. For larger objects, use source to stream the content from a disk file.
content_disposition str
Specifies presentational information for the object. Read w3c content_disposition for further information.
content_encoding str
Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
content_language str
The language the content is in e.g. en-US or en-GB.
content_type str
A standard MIME type describing the format of the object data, e.g. application/octet-stream. All Valid MIME Types are valid for this input.
etag str
Used to trigger updates. The only meaningful value is ${filemd5("path/to/file")} (this provider 0.11.12 or later) or ${md5(file("path/to/file"))} (this provider 0.11.11 or earlier). This attribute is not compatible with KMS encryption, kms_key_id or server_side_encryption = "aws:kms".
force_destroy bool
Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
key str
The name of the object once it is in the bucket.
kms_key_id str
Amazon Resource Name (ARN) of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the aws.kms.Key resource, use the arn attribute. If referencing the aws.kms.Alias data source or resource, use the target_key_arn attribute. The provider will only perform drift detection if a configuration value is provided.
metadata Mapping[str, str]
A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
object_lock_legal_hold_status str
The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
object_lock_mode str
The object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
object_lock_retain_until_date str
The date and time, in RFC3339 format, when this object’s object lock will expire.
server_side_encryption str
Specifies server-side encryption of the object in S3. Valid values are “AES256” and “aws:kms”.
source Union[pulumi.Asset, pulumi.Archive]
The path to a file that will be read and uploaded as raw bytes for the object content.
storage_class str
Specifies the desired Storage Class for the object. Can be either “STANDARD”, “REDUCED_REDUNDANCY”, “ONEZONE_IA”, “INTELLIGENT_TIERING”, “GLACIER”, “DEEP_ARCHIVE”, or “STANDARD_IA”. Defaults to “STANDARD”.
tags Mapping[str, str]
A map of tags to assign to the object.
version_id str
A unique version ID value for the object, if bucket versioning is enabled.
website_redirect str
Specifies a target URL for website redirect.

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes
This Pulumi package is based on the aws Terraform Provider.