We recommend new projects start with resources from the AWS provider.
aws-native.s3.Bucket
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
The AWS::S3::Bucket
resource creates an Amazon S3 bucket in the same AWS Region where you create the AWS CloudFormation stack.
To control how AWS CloudFormation handles the bucket when the stack is deleted, you can set a deletion policy for your bucket. You can choose to retain the bucket or to delete the bucket. For more information, see DeletionPolicy Attribute.
You can only delete empty buckets. Deletion fails for buckets that have contents.
Example Usage
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var s3Bucket = new AwsNative.S3.Bucket("s3Bucket");
var recordingConfiguration = new AwsNative.Ivs.RecordingConfiguration("recordingConfiguration", new()
{
Name = "MyRecordingConfiguration",
DestinationConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationDestinationConfigurationArgs
{
S3 = new AwsNative.Ivs.Inputs.RecordingConfigurationS3DestinationConfigurationArgs
{
BucketName = s3Bucket.Id,
},
},
ThumbnailConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationThumbnailConfigurationArgs
{
RecordingMode = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
TargetIntervalSeconds = 60,
Storage = new[]
{
AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
},
Resolution = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
},
RenditionConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationRenditionConfigurationArgs
{
RenditionSelection = AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
Renditions = new[]
{
AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
},
},
}, new CustomResourceOptions
{
DependsOn =
{
s3Bucket,
},
});
var channel = new AwsNative.Ivs.Channel("channel", new()
{
Name = "MyRecordedChannel",
RecordingConfigurationArn = recordingConfiguration.Id,
}, new CustomResourceOptions
{
DependsOn =
{
recordingConfiguration,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ivs"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
s3Bucket, err := s3.NewBucket(ctx, "s3Bucket", nil)
if err != nil {
return err
}
recordingConfiguration, err := ivs.NewRecordingConfiguration(ctx, "recordingConfiguration", &ivs.RecordingConfigurationArgs{
Name: pulumi.String("MyRecordingConfiguration"),
DestinationConfiguration: &ivs.RecordingConfigurationDestinationConfigurationArgs{
S3: &ivs.RecordingConfigurationS3DestinationConfigurationArgs{
BucketName: s3Bucket.ID(),
},
},
ThumbnailConfiguration: &ivs.RecordingConfigurationThumbnailConfigurationArgs{
RecordingMode: ivs.RecordingConfigurationThumbnailConfigurationRecordingModeInterval,
TargetIntervalSeconds: pulumi.Int(60),
Storage: ivs.RecordingConfigurationThumbnailConfigurationStorageItemArray{
ivs.RecordingConfigurationThumbnailConfigurationStorageItemSequential,
ivs.RecordingConfigurationThumbnailConfigurationStorageItemLatest,
},
Resolution: ivs.RecordingConfigurationThumbnailConfigurationResolutionHd,
},
RenditionConfiguration: &ivs.RecordingConfigurationRenditionConfigurationArgs{
RenditionSelection: ivs.RecordingConfigurationRenditionConfigurationRenditionSelectionCustom,
Renditions: ivs.RecordingConfigurationRenditionConfigurationRenditionsItemArray{
ivs.RecordingConfigurationRenditionConfigurationRenditionsItemHd,
ivs.RecordingConfigurationRenditionConfigurationRenditionsItemSd,
},
},
}, pulumi.DependsOn([]pulumi.Resource{
s3Bucket,
}))
if err != nil {
return err
}
_, err = ivs.NewChannel(ctx, "channel", &ivs.ChannelArgs{
Name: pulumi.String("MyRecordedChannel"),
RecordingConfigurationArn: recordingConfiguration.ID(),
}, pulumi.DependsOn([]pulumi.Resource{
recordingConfiguration,
}))
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
s3_bucket = aws_native.s3.Bucket("s3Bucket")
recording_configuration = aws_native.ivs.RecordingConfiguration("recordingConfiguration",
name="MyRecordingConfiguration",
destination_configuration={
"s3": {
"bucket_name": s3_bucket.id,
},
},
thumbnail_configuration={
"recording_mode": aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.INTERVAL,
"target_interval_seconds": 60,
"storage": [
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.SEQUENTIAL,
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.LATEST,
],
"resolution": aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.HD,
},
rendition_configuration={
"rendition_selection": aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.CUSTOM,
"renditions": [
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.HD,
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.SD,
],
},
opts = pulumi.ResourceOptions(depends_on=[s3_bucket]))
channel = aws_native.ivs.Channel("channel",
name="MyRecordedChannel",
recording_configuration_arn=recording_configuration.id,
opts = pulumi.ResourceOptions(depends_on=[recording_configuration]))
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const s3Bucket = new aws_native.s3.Bucket("s3Bucket", {});
const recordingConfiguration = new aws_native.ivs.RecordingConfiguration("recordingConfiguration", {
name: "MyRecordingConfiguration",
destinationConfiguration: {
s3: {
bucketName: s3Bucket.id,
},
},
thumbnailConfiguration: {
recordingMode: aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
targetIntervalSeconds: 60,
storage: [
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
],
resolution: aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
},
renditionConfiguration: {
renditionSelection: aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
renditions: [
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
],
},
}, {
dependsOn: [s3Bucket],
});
const channel = new aws_native.ivs.Channel("channel", {
name: "MyRecordedChannel",
recordingConfigurationArn: recordingConfiguration.id,
}, {
dependsOn: [recordingConfiguration],
});
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var s3Bucket = new AwsNative.S3.Bucket("s3Bucket");
var recordingConfiguration = new AwsNative.Ivs.RecordingConfiguration("recordingConfiguration", new()
{
Name = "MyRecordingConfiguration",
DestinationConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationDestinationConfigurationArgs
{
S3 = new AwsNative.Ivs.Inputs.RecordingConfigurationS3DestinationConfigurationArgs
{
BucketName = s3Bucket.Id,
},
},
ThumbnailConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationThumbnailConfigurationArgs
{
RecordingMode = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
TargetIntervalSeconds = 60,
Resolution = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
Storage = new[]
{
AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
},
},
RenditionConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationRenditionConfigurationArgs
{
RenditionSelection = AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
Renditions = new[]
{
AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
},
},
}, new CustomResourceOptions
{
DependsOn =
{
s3Bucket,
},
});
var channel = new AwsNative.Ivs.Channel("channel", new()
{
Name = "MyRecordedChannel",
RecordingConfigurationArn = recordingConfiguration.Id,
}, new CustomResourceOptions
{
DependsOn =
{
recordingConfiguration,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ivs"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
s3Bucket, err := s3.NewBucket(ctx, "s3Bucket", nil)
if err != nil {
return err
}
recordingConfiguration, err := ivs.NewRecordingConfiguration(ctx, "recordingConfiguration", &ivs.RecordingConfigurationArgs{
Name: pulumi.String("MyRecordingConfiguration"),
DestinationConfiguration: &ivs.RecordingConfigurationDestinationConfigurationArgs{
S3: &ivs.RecordingConfigurationS3DestinationConfigurationArgs{
BucketName: s3Bucket.ID(),
},
},
ThumbnailConfiguration: &ivs.RecordingConfigurationThumbnailConfigurationArgs{
RecordingMode: ivs.RecordingConfigurationThumbnailConfigurationRecordingModeInterval,
TargetIntervalSeconds: pulumi.Int(60),
Resolution: ivs.RecordingConfigurationThumbnailConfigurationResolutionHd,
Storage: ivs.RecordingConfigurationThumbnailConfigurationStorageItemArray{
ivs.RecordingConfigurationThumbnailConfigurationStorageItemSequential,
ivs.RecordingConfigurationThumbnailConfigurationStorageItemLatest,
},
},
RenditionConfiguration: &ivs.RecordingConfigurationRenditionConfigurationArgs{
RenditionSelection: ivs.RecordingConfigurationRenditionConfigurationRenditionSelectionCustom,
Renditions: ivs.RecordingConfigurationRenditionConfigurationRenditionsItemArray{
ivs.RecordingConfigurationRenditionConfigurationRenditionsItemHd,
ivs.RecordingConfigurationRenditionConfigurationRenditionsItemSd,
},
},
}, pulumi.DependsOn([]pulumi.Resource{
s3Bucket,
}))
if err != nil {
return err
}
_, err = ivs.NewChannel(ctx, "channel", &ivs.ChannelArgs{
Name: pulumi.String("MyRecordedChannel"),
RecordingConfigurationArn: recordingConfiguration.ID(),
}, pulumi.DependsOn([]pulumi.Resource{
recordingConfiguration,
}))
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
s3_bucket = aws_native.s3.Bucket("s3Bucket")
recording_configuration = aws_native.ivs.RecordingConfiguration("recordingConfiguration",
name="MyRecordingConfiguration",
destination_configuration={
"s3": {
"bucket_name": s3_bucket.id,
},
},
thumbnail_configuration={
"recording_mode": aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.INTERVAL,
"target_interval_seconds": 60,
"resolution": aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.HD,
"storage": [
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.SEQUENTIAL,
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.LATEST,
],
},
rendition_configuration={
"rendition_selection": aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.CUSTOM,
"renditions": [
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.HD,
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.SD,
],
},
opts = pulumi.ResourceOptions(depends_on=[s3_bucket]))
channel = aws_native.ivs.Channel("channel",
name="MyRecordedChannel",
recording_configuration_arn=recording_configuration.id,
opts = pulumi.ResourceOptions(depends_on=[recording_configuration]))
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const s3Bucket = new aws_native.s3.Bucket("s3Bucket", {});
const recordingConfiguration = new aws_native.ivs.RecordingConfiguration("recordingConfiguration", {
name: "MyRecordingConfiguration",
destinationConfiguration: {
s3: {
bucketName: s3Bucket.id,
},
},
thumbnailConfiguration: {
recordingMode: aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
targetIntervalSeconds: 60,
resolution: aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
storage: [
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
],
},
renditionConfiguration: {
renditionSelection: aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
renditions: [
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
],
},
}, {
dependsOn: [s3Bucket],
});
const channel = new aws_native.ivs.Channel("channel", {
name: "MyRecordedChannel",
recordingConfigurationArn: recordingConfiguration.id,
}, {
dependsOn: [recordingConfiguration],
});
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var latestAmiId = config.Get("latestAmiId") ?? "";
var latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : AwsNative.GetSsmParameterString.Invoke(new()
{
Name = latestAmiId,
}).Apply(invoke => invoke.Value);
var gitHubOwner = config.Require("gitHubOwner");
var gitHubRepo = config.Require("gitHubRepo");
var gitHubBranch = config.Require("gitHubBranch");
var ssmAssocLogs = new AwsNative.S3.Bucket("ssmAssocLogs");
var ssmInstanceRole = new AwsNative.Iam.Role("ssmInstanceRole", new()
{
Policies = new[]
{
new AwsNative.Iam.Inputs.RolePolicyArgs
{
PolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["action"] = new[]
{
"s3:GetObject",
},
["resource"] = new[]
{
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
},
["effect"] = "Allow",
},
},
},
PolicyName = "ssm-custom-s3-policy",
},
new AwsNative.Iam.Inputs.RolePolicyArgs
{
PolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["action"] = new[]
{
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
},
["resource"] = new[]
{
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
},
["effect"] = "Allow",
},
},
},
PolicyName = "s3-instance-bucket-policy",
},
},
Path = "/",
ManagedPolicyArns = new[]
{
"arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
},
AssumeRolePolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["effect"] = "Allow",
["principal"] = new Dictionary<string, object?>
{
["service"] = new[]
{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
["action"] = "sts:AssumeRole",
},
},
},
});
var ssmInstanceProfile = new AwsNative.Iam.InstanceProfile("ssmInstanceProfile", new()
{
Roles = new[]
{
"SSMInstanceRole",
},
});
var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
{
ImageId = "LatestAmiId",
InstanceType = "t3.small",
IamInstanceProfile = "SSMInstanceProfile",
});
var ansibleAssociation = new AwsNative.Ssm.Association("ansibleAssociation", new()
{
Name = "AWS-ApplyAnsiblePlaybooks",
Targets = new[]
{
new AwsNative.Ssm.Inputs.AssociationTargetArgs
{
Key = "InstanceIds",
Values = new[]
{
"EC2Instance",
},
},
},
OutputLocation = new AwsNative.Ssm.Inputs.AssociationInstanceAssociationOutputLocationArgs
{
S3Location = new AwsNative.Ssm.Inputs.AssociationS3OutputLocationArgs
{
OutputS3BucketName = "SSMAssocLogs",
OutputS3KeyPrefix = "logs/",
},
},
Parameters =
{
{ "sourceType", new[]
{
"GitHub",
} },
{ "sourceInfo", new[]
{
@"{""owner"":""${GitHubOwner}"",
""repository"":""${GitHubRepo}"",
""path"":"""",
""getOptions"":""branch:${GitHubBranch}""}
",
} },
{ "installDependencies", new[]
{
"True",
} },
{ "playbookFile", new[]
{
"playbook.yml",
} },
{ "extraVariables", new[]
{
"SSM=True",
} },
{ "check", new[]
{
"False",
} },
{ "verbose", new[]
{
"-v",
} },
},
});
return new Dictionary<string, object?>
{
["webServerPublic"] = "EC2Instance.PublicDnsName",
};
});
package main
import (
awsnative "github.com/pulumi/pulumi-aws-native/sdk/go/aws"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
latestAmiId := ""
if param := cfg.Get("latestAmiId"); param != "" {
latestAmiId = param
}
var tmp0 string
if latestAmiId == "" {
tmp0 = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
} else {
tmp0 = awsnative.GetSsmParameterString(ctx, &aws.GetSsmParameterStringArgs{
Name: latestAmiId,
}, nil).Value
}
_ := tmp0
gitHubOwner := cfg.Require("gitHubOwner")
gitHubRepo := cfg.Require("gitHubRepo")
gitHubBranch := cfg.Require("gitHubBranch")
_, err := s3.NewBucket(ctx, "ssmAssocLogs", nil)
if err != nil {
return err
}
_, err = iam.NewRole(ctx, "ssmInstanceRole", &iam.RoleArgs{
Policies: iam.RolePolicyTypeArray{
&iam.RolePolicyTypeArgs{
PolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"action": []string{
"s3:GetObject",
},
"resource": []string{
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
},
"effect": "Allow",
},
},
}),
PolicyName: pulumi.String("ssm-custom-s3-policy"),
},
&iam.RolePolicyTypeArgs{
PolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"action": []string{
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
},
"resource": []string{
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
},
"effect": "Allow",
},
},
}),
PolicyName: pulumi.String("s3-instance-bucket-policy"),
},
},
Path: pulumi.String("/"),
ManagedPolicyArns: pulumi.StringArray{
pulumi.String("arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"),
},
AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"effect": "Allow",
"principal": map[string]interface{}{
"service": []string{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
"action": "sts:AssumeRole",
},
},
}),
})
if err != nil {
return err
}
_, err = iam.NewInstanceProfile(ctx, "ssmInstanceProfile", &iam.InstanceProfileArgs{
Roles: pulumi.StringArray{
pulumi.String("SSMInstanceRole"),
},
})
if err != nil {
return err
}
_, err = ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
ImageId: pulumi.String("LatestAmiId"),
InstanceType: pulumi.String("t3.small"),
IamInstanceProfile: pulumi.String("SSMInstanceProfile"),
})
if err != nil {
return err
}
_, err = ssm.NewAssociation(ctx, "ansibleAssociation", &ssm.AssociationArgs{
Name: pulumi.String("AWS-ApplyAnsiblePlaybooks"),
Targets: ssm.AssociationTargetArray{
&ssm.AssociationTargetArgs{
Key: pulumi.String("InstanceIds"),
Values: pulumi.StringArray{
pulumi.String("EC2Instance"),
},
},
},
OutputLocation: &ssm.AssociationInstanceAssociationOutputLocationArgs{
S3Location: &ssm.AssociationS3OutputLocationArgs{
OutputS3BucketName: pulumi.String("SSMAssocLogs"),
OutputS3KeyPrefix: pulumi.String("logs/"),
},
},
Parameters: pulumi.StringArrayMap{
"sourceType": pulumi.StringArray{
pulumi.String("GitHub"),
},
"sourceInfo": pulumi.StringArray{
pulumi.String("{\"owner\":\"${GitHubOwner}\",\n\"repository\":\"${GitHubRepo}\",\n\"path\":\"\",\n\"getOptions\":\"branch:${GitHubBranch}\"}\n"),
},
"installDependencies": pulumi.StringArray{
pulumi.String("True"),
},
"playbookFile": pulumi.StringArray{
pulumi.String("playbook.yml"),
},
"extraVariables": pulumi.StringArray{
pulumi.String("SSM=True"),
},
"check": pulumi.StringArray{
pulumi.String("False"),
},
"verbose": pulumi.StringArray{
pulumi.String("-v"),
},
},
})
if err != nil {
return err
}
ctx.Export("webServerPublic", pulumi.String("EC2Instance.PublicDnsName"))
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
config = pulumi.Config()
latest_ami_id = config.get("latestAmiId")
if latest_ami_id is None:
latest_ami_id = ""
latest_ami_id_value = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" if latest_ami_id == "" else aws_native.get_ssm_parameter_string(name=latest_ami_id).value
git_hub_owner = config.require("gitHubOwner")
git_hub_repo = config.require("gitHubRepo")
git_hub_branch = config.require("gitHubBranch")
ssm_assoc_logs = aws_native.s3.Bucket("ssmAssocLogs")
ssm_instance_role = aws_native.iam.Role("ssmInstanceRole",
policies=[
{
"policy_document": {
"version": "2012-10-17",
"statement": [{
"action": ["s3:GetObject"],
"resource": [
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
],
"effect": "Allow",
}],
},
"policy_name": "ssm-custom-s3-policy",
},
{
"policy_document": {
"version": "2012-10-17",
"statement": [{
"action": [
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
],
"resource": [
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
],
"effect": "Allow",
}],
},
"policy_name": "s3-instance-bucket-policy",
},
],
path="/",
managed_policy_arns=["arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"],
assume_role_policy_document={
"version": "2012-10-17",
"statement": [{
"effect": "Allow",
"principal": {
"service": [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
"action": "sts:AssumeRole",
}],
})
ssm_instance_profile = aws_native.iam.InstanceProfile("ssmInstanceProfile", roles=["SSMInstanceRole"])
ec2_instance = aws_native.ec2.Instance("ec2Instance",
image_id="LatestAmiId",
instance_type="t3.small",
iam_instance_profile="SSMInstanceProfile")
ansible_association = aws_native.ssm.Association("ansibleAssociation",
name="AWS-ApplyAnsiblePlaybooks",
targets=[{
"key": "InstanceIds",
"values": ["EC2Instance"],
}],
output_location={
"s3_location": {
"output_s3_bucket_name": "SSMAssocLogs",
"output_s3_key_prefix": "logs/",
},
},
parameters={
"sourceType": ["GitHub"],
"sourceInfo": ["""{"owner":"${GitHubOwner}",
"repository":"${GitHubRepo}",
"path":"",
"getOptions":"branch:${GitHubBranch}"}
"""],
"installDependencies": ["True"],
"playbookFile": ["playbook.yml"],
"extraVariables": ["SSM=True"],
"check": ["False"],
"verbose": ["-v"],
})
pulumi.export("webServerPublic", "EC2Instance.PublicDnsName")
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const config = new pulumi.Config();
const latestAmiId = config.get("latestAmiId") || "";
const latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : aws_native.getSsmParameterString({
name: latestAmiId,
}).then(invoke => invoke.value);
const gitHubOwner = config.require("gitHubOwner");
const gitHubRepo = config.require("gitHubRepo");
const gitHubBranch = config.require("gitHubBranch");
const ssmAssocLogs = new aws_native.s3.Bucket("ssmAssocLogs", {});
const ssmInstanceRole = new aws_native.iam.Role("ssmInstanceRole", {
policies: [
{
policyDocument: {
version: "2012-10-17",
statement: [{
action: ["s3:GetObject"],
resource: [
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
],
effect: "Allow",
}],
},
policyName: "ssm-custom-s3-policy",
},
{
policyDocument: {
version: "2012-10-17",
statement: [{
action: [
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
],
resource: [
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
],
effect: "Allow",
}],
},
policyName: "s3-instance-bucket-policy",
},
],
path: "/",
managedPolicyArns: ["arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"],
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
action: "sts:AssumeRole",
}],
},
});
const ssmInstanceProfile = new aws_native.iam.InstanceProfile("ssmInstanceProfile", {roles: ["SSMInstanceRole"]});
const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
imageId: "LatestAmiId",
instanceType: "t3.small",
iamInstanceProfile: "SSMInstanceProfile",
});
const ansibleAssociation = new aws_native.ssm.Association("ansibleAssociation", {
name: "AWS-ApplyAnsiblePlaybooks",
targets: [{
key: "InstanceIds",
values: ["EC2Instance"],
}],
outputLocation: {
s3Location: {
outputS3BucketName: "SSMAssocLogs",
outputS3KeyPrefix: "logs/",
},
},
parameters: {
sourceType: ["GitHub"],
sourceInfo: [`{"owner":"\${GitHubOwner}",
"repository":"\${GitHubRepo}",
"path":"",
"getOptions":"branch:\${GitHubBranch}"}
`],
installDependencies: ["True"],
playbookFile: ["playbook.yml"],
extraVariables: ["SSM=True"],
check: ["False"],
verbose: ["-v"],
},
});
export const webServerPublic = "EC2Instance.PublicDnsName";
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var latestAmiId = config.Get("latestAmiId") ?? "";
var latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : AwsNative.GetSsmParameterString.Invoke(new()
{
Name = latestAmiId,
}).Apply(invoke => invoke.Value);
var ssmAssocLogs = new AwsNative.S3.Bucket("ssmAssocLogs");
var ssmInstanceRole = new AwsNative.Iam.Role("ssmInstanceRole", new()
{
Policies = new[]
{
new AwsNative.Iam.Inputs.RolePolicyArgs
{
PolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["action"] = new[]
{
"s3:GetObject",
},
["resource"] = new[]
{
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
},
["effect"] = "Allow",
},
},
},
PolicyName = "ssm-custom-s3-policy",
},
new AwsNative.Iam.Inputs.RolePolicyArgs
{
PolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["action"] = new[]
{
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
},
["resource"] = new[]
{
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
},
["effect"] = "Allow",
},
},
},
PolicyName = "s3-instance-bucket-policy",
},
},
Path = "/",
ManagedPolicyArns = new[]
{
"arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
"arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
},
AssumeRolePolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["effect"] = "Allow",
["principal"] = new Dictionary<string, object?>
{
["service"] = new[]
{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
["action"] = "sts:AssumeRole",
},
},
},
});
var ssmInstanceProfile = new AwsNative.Iam.InstanceProfile("ssmInstanceProfile", new()
{
Roles = new[]
{
"SSMInstanceRole",
},
});
var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
{
ImageId = "LatestAmiId",
InstanceType = "t3.medium",
IamInstanceProfile = "SSMInstanceProfile",
Tags = new[]
{
new AwsNative.Inputs.TagArgs
{
Key = "nginx",
Value = "yes",
},
},
});
var nginxAssociation = new AwsNative.Ssm.Association("nginxAssociation", new()
{
Name = "AWS-RunShellScript",
Targets = new[]
{
new AwsNative.Ssm.Inputs.AssociationTargetArgs
{
Key = "tag:nginx",
Values = new[]
{
"yes",
},
},
},
OutputLocation = new AwsNative.Ssm.Inputs.AssociationInstanceAssociationOutputLocationArgs
{
S3Location = new AwsNative.Ssm.Inputs.AssociationS3OutputLocationArgs
{
OutputS3BucketName = "SSMAssocLogs",
OutputS3KeyPrefix = "logs/",
},
},
Parameters =
{
{ "commands", new[]
{
@"sudo amazon-linux-extras install nginx1 -y
sudo service nginx start
",
} },
},
}, new CustomResourceOptions
{
DependsOn =
{
ec2Instance,
},
});
return new Dictionary<string, object?>
{
["webServerPublic"] = "EC2Instance.PublicDnsName",
};
});
package main
import (
awsnative "github.com/pulumi/pulumi-aws-native/sdk/go/aws"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
latestAmiId := ""
if param := cfg.Get("latestAmiId"); param != "" {
latestAmiId = param
}
var tmp0 string
if latestAmiId == "" {
tmp0 = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
} else {
tmp0 = awsnative.GetSsmParameterString(ctx, &aws.GetSsmParameterStringArgs{
Name: latestAmiId,
}, nil).Value
}
_ := tmp0
_, err := s3.NewBucket(ctx, "ssmAssocLogs", nil)
if err != nil {
return err
}
_, err = iam.NewRole(ctx, "ssmInstanceRole", &iam.RoleArgs{
Policies: iam.RolePolicyTypeArray{
&iam.RolePolicyTypeArgs{
PolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"action": []string{
"s3:GetObject",
},
"resource": []string{
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
},
"effect": "Allow",
},
},
}),
PolicyName: pulumi.String("ssm-custom-s3-policy"),
},
&iam.RolePolicyTypeArgs{
PolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"action": []string{
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
},
"resource": []string{
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
},
"effect": "Allow",
},
},
}),
PolicyName: pulumi.String("s3-instance-bucket-policy"),
},
},
Path: pulumi.String("/"),
ManagedPolicyArns: pulumi.StringArray{
pulumi.String("arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"),
pulumi.String("arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy"),
},
AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"effect": "Allow",
"principal": map[string]interface{}{
"service": []string{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
"action": "sts:AssumeRole",
},
},
}),
})
if err != nil {
return err
}
_, err = iam.NewInstanceProfile(ctx, "ssmInstanceProfile", &iam.InstanceProfileArgs{
Roles: pulumi.StringArray{
pulumi.String("SSMInstanceRole"),
},
})
if err != nil {
return err
}
ec2Instance, err := ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
ImageId: pulumi.String("LatestAmiId"),
InstanceType: pulumi.String("t3.medium"),
IamInstanceProfile: pulumi.String("SSMInstanceProfile"),
Tags: aws.TagArray{
&aws.TagArgs{
Key: pulumi.String("nginx"),
Value: pulumi.String("yes"),
},
},
})
if err != nil {
return err
}
_, err = ssm.NewAssociation(ctx, "nginxAssociation", &ssm.AssociationArgs{
Name: pulumi.String("AWS-RunShellScript"),
Targets: ssm.AssociationTargetArray{
&ssm.AssociationTargetArgs{
Key: pulumi.String("tag:nginx"),
Values: pulumi.StringArray{
pulumi.String("yes"),
},
},
},
OutputLocation: &ssm.AssociationInstanceAssociationOutputLocationArgs{
S3Location: &ssm.AssociationS3OutputLocationArgs{
OutputS3BucketName: pulumi.String("SSMAssocLogs"),
OutputS3KeyPrefix: pulumi.String("logs/"),
},
},
Parameters: pulumi.StringArrayMap{
"commands": pulumi.StringArray{
pulumi.String("sudo amazon-linux-extras install nginx1 -y\nsudo service nginx start\n"),
},
},
}, pulumi.DependsOn([]pulumi.Resource{
ec2Instance,
}))
if err != nil {
return err
}
ctx.Export("webServerPublic", pulumi.String("EC2Instance.PublicDnsName"))
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
config = pulumi.Config()
latest_ami_id = config.get("latestAmiId")
if latest_ami_id is None:
latest_ami_id = ""
latest_ami_id_value = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" if latest_ami_id == "" else aws_native.get_ssm_parameter_string(name=latest_ami_id).value
ssm_assoc_logs = aws_native.s3.Bucket("ssmAssocLogs")
ssm_instance_role = aws_native.iam.Role("ssmInstanceRole",
policies=[
{
"policy_document": {
"version": "2012-10-17",
"statement": [{
"action": ["s3:GetObject"],
"resource": [
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
],
"effect": "Allow",
}],
},
"policy_name": "ssm-custom-s3-policy",
},
{
"policy_document": {
"version": "2012-10-17",
"statement": [{
"action": [
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
],
"resource": [
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
],
"effect": "Allow",
}],
},
"policy_name": "s3-instance-bucket-policy",
},
],
path="/",
managed_policy_arns=[
"arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
"arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
],
assume_role_policy_document={
"version": "2012-10-17",
"statement": [{
"effect": "Allow",
"principal": {
"service": [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
"action": "sts:AssumeRole",
}],
})
ssm_instance_profile = aws_native.iam.InstanceProfile("ssmInstanceProfile", roles=["SSMInstanceRole"])
ec2_instance = aws_native.ec2.Instance("ec2Instance",
image_id="LatestAmiId",
instance_type="t3.medium",
iam_instance_profile="SSMInstanceProfile",
tags=[{
"key": "nginx",
"value": "yes",
}])
nginx_association = aws_native.ssm.Association("nginxAssociation",
name="AWS-RunShellScript",
targets=[{
"key": "tag:nginx",
"values": ["yes"],
}],
output_location={
"s3_location": {
"output_s3_bucket_name": "SSMAssocLogs",
"output_s3_key_prefix": "logs/",
},
},
parameters={
"commands": ["""sudo amazon-linux-extras install nginx1 -y
sudo service nginx start
"""],
},
opts = pulumi.ResourceOptions(depends_on=[ec2_instance]))
pulumi.export("webServerPublic", "EC2Instance.PublicDnsName")
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const config = new pulumi.Config();
const latestAmiId = config.get("latestAmiId") || "";
const latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : aws_native.getSsmParameterString({
name: latestAmiId,
}).then(invoke => invoke.value);
const ssmAssocLogs = new aws_native.s3.Bucket("ssmAssocLogs", {});
const ssmInstanceRole = new aws_native.iam.Role("ssmInstanceRole", {
policies: [
{
policyDocument: {
version: "2012-10-17",
statement: [{
action: ["s3:GetObject"],
resource: [
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
],
effect: "Allow",
}],
},
policyName: "ssm-custom-s3-policy",
},
{
policyDocument: {
version: "2012-10-17",
statement: [{
action: [
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
],
resource: [
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
],
effect: "Allow",
}],
},
policyName: "s3-instance-bucket-policy",
},
],
path: "/",
managedPolicyArns: [
"arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
"arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
],
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
action: "sts:AssumeRole",
}],
},
});
const ssmInstanceProfile = new aws_native.iam.InstanceProfile("ssmInstanceProfile", {roles: ["SSMInstanceRole"]});
const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
imageId: "LatestAmiId",
instanceType: "t3.medium",
iamInstanceProfile: "SSMInstanceProfile",
tags: [{
key: "nginx",
value: "yes",
}],
});
const nginxAssociation = new aws_native.ssm.Association("nginxAssociation", {
name: "AWS-RunShellScript",
targets: [{
key: "tag:nginx",
values: ["yes"],
}],
outputLocation: {
s3Location: {
outputS3BucketName: "SSMAssocLogs",
outputS3KeyPrefix: "logs/",
},
},
parameters: {
commands: [`sudo amazon-linux-extras install nginx1 -y
sudo service nginx start
`],
},
}, {
dependsOn: [ec2Instance],
});
export const webServerPublic = "EC2Instance.PublicDnsName";
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var latestAmiId = config.Get("latestAmiId") ?? "";
var latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : AwsNative.GetSsmParameterString.Invoke(new()
{
Name = latestAmiId,
}).Apply(invoke => invoke.Value);
var ssmAssocLogs = new AwsNative.S3.Bucket("ssmAssocLogs");
var nginxInstallAutomation = new AwsNative.Ssm.Document("nginxInstallAutomation", new()
{
DocumentType = AwsNative.Ssm.DocumentType.Automation,
Content = new Dictionary<string, object?>
{
["schemaVersion"] = "0.3",
["description"] = "Updates AMI with Linux distribution packages and installs Nginx software",
["assumeRole"] = "{{AutomationAssumeRole}}",
["parameters"] = new Dictionary<string, object?>
{
["instanceId"] = new Dictionary<string, object?>
{
["description"] = "ID of the Instance.",
["type"] = "String",
},
["automationAssumeRole"] = new Dictionary<string, object?>
{
["default"] = "",
["description"] = "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
["type"] = "String",
},
},
["mainSteps"] = new[]
{
new Dictionary<string, object?>
{
["name"] = "updateOSSoftware",
["action"] = "aws:runCommand",
["maxAttempts"] = 3,
["timeoutSeconds"] = 3600,
["inputs"] = new Dictionary<string, object?>
{
["documentName"] = "AWS-RunShellScript",
["instanceIds"] = new[]
{
"{{InstanceId}}",
},
["cloudWatchOutputConfig"] = new Dictionary<string, object?>
{
["cloudWatchOutputEnabled"] = "true",
},
["parameters"] = new Dictionary<string, object?>
{
["commands"] = new[]
{
@"#!/bin/bash
sudo yum update -y
needs-restarting -r
if [ $? -eq 1 ]
then
exit 194
else
exit 0
fi
",
},
},
},
},
new Dictionary<string, object?>
{
["name"] = "InstallNginx",
["action"] = "aws:runCommand",
["inputs"] = new Dictionary<string, object?>
{
["documentName"] = "AWS-RunShellScript",
["instanceIds"] = new[]
{
"{{InstanceId}}",
},
["cloudWatchOutputConfig"] = new Dictionary<string, object?>
{
["cloudWatchOutputEnabled"] = "true",
},
["parameters"] = new Dictionary<string, object?>
{
["commands"] = new[]
{
@"sudo amazon-linux-extras install nginx1 -y
sudo service nginx start
",
},
},
},
},
new Dictionary<string, object?>
{
["name"] = "TestInstall",
["action"] = "aws:runCommand",
["maxAttempts"] = 3,
["timeoutSeconds"] = 3600,
["onFailure"] = "Abort",
["inputs"] = new Dictionary<string, object?>
{
["documentName"] = "AWS-RunShellScript",
["instanceIds"] = new[]
{
"{{InstanceId}}",
},
["parameters"] = new Dictionary<string, object?>
{
["commands"] = new[]
{
@"curl localhost
",
},
},
},
},
},
},
});
var ssmExecutionRole = new AwsNative.Iam.Role("ssmExecutionRole", new()
{
Policies = new[]
{
new AwsNative.Iam.Inputs.RolePolicyArgs
{
PolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["action"] = new[]
{
"ssm:StartAssociationsOnce",
"ssm:CreateAssociation",
"ssm:CreateAssociationBatch",
"ssm:UpdateAssociation",
},
["resource"] = "*",
["effect"] = "Allow",
},
},
},
PolicyName = "ssm-association",
},
},
Path = "/",
ManagedPolicyArns = new[]
{
"arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole",
},
AssumeRolePolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["effect"] = "Allow",
["principal"] = new Dictionary<string, object?>
{
["service"] = new[]
{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
["action"] = "sts:AssumeRole",
},
},
},
});
var ssmInstanceRole = new AwsNative.Iam.Role("ssmInstanceRole", new()
{
Policies = new[]
{
new AwsNative.Iam.Inputs.RolePolicyArgs
{
PolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["action"] = new[]
{
"s3:GetObject",
},
["resource"] = new[]
{
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
},
["effect"] = "Allow",
},
},
},
PolicyName = "ssm-custom-s3-policy",
},
new AwsNative.Iam.Inputs.RolePolicyArgs
{
PolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["action"] = new[]
{
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
},
["resource"] = new[]
{
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
},
["effect"] = "Allow",
},
},
},
PolicyName = "s3-instance-bucket-policy",
},
},
Path = "/",
ManagedPolicyArns = new[]
{
"arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
"arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
},
AssumeRolePolicyDocument = new Dictionary<string, object?>
{
["version"] = "2012-10-17",
["statement"] = new[]
{
new Dictionary<string, object?>
{
["effect"] = "Allow",
["principal"] = new Dictionary<string, object?>
{
["service"] = new[]
{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
["action"] = "sts:AssumeRole",
},
},
},
});
var ssmInstanceProfile = new AwsNative.Iam.InstanceProfile("ssmInstanceProfile", new()
{
Roles = new[]
{
"SSMInstanceRole",
},
});
var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
{
ImageId = "LatestAmiId",
InstanceType = "t3.medium",
IamInstanceProfile = "SSMInstanceProfile",
Tags = new[]
{
new AwsNative.Inputs.TagArgs
{
Key = "nginx",
Value = "true",
},
},
});
var nginxAssociation = new AwsNative.Ssm.Association("nginxAssociation", new()
{
Name = "nginxInstallAutomation",
OutputLocation = new AwsNative.Ssm.Inputs.AssociationInstanceAssociationOutputLocationArgs
{
S3Location = new AwsNative.Ssm.Inputs.AssociationS3OutputLocationArgs
{
OutputS3BucketName = "SSMAssocLogs",
OutputS3KeyPrefix = "logs/",
},
},
AutomationTargetParameterName = "InstanceId",
Parameters =
{
{ "automationAssumeRole", new[]
{
"SSMExecutionRole.Arn",
} },
},
Targets = new[]
{
new AwsNative.Ssm.Inputs.AssociationTargetArgs
{
Key = "tag:nginx",
Values = new[]
{
"true",
},
},
},
}, new CustomResourceOptions
{
DependsOn =
{
ec2Instance,
},
});
return new Dictionary<string, object?>
{
["webServerPublic"] = "EC2Instance.PublicDnsName",
};
});
package main
import (
awsnative "github.com/pulumi/pulumi-aws-native/sdk/go/aws"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
latestAmiId := ""
if param := cfg.Get("latestAmiId"); param != "" {
latestAmiId = param
}
var tmp0 string
if latestAmiId == "" {
tmp0 = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
} else {
tmp0 = awsnative.GetSsmParameterString(ctx, &aws.GetSsmParameterStringArgs{
Name: latestAmiId,
}, nil).Value
}
_ := tmp0
_, err := s3.NewBucket(ctx, "ssmAssocLogs", nil)
if err != nil {
return err
}
_, err = ssm.NewDocument(ctx, "nginxInstallAutomation", &ssm.DocumentArgs{
DocumentType: ssm.DocumentTypeAutomation,
Content: pulumi.Any(map[string]interface{}{
"schemaVersion": "0.3",
"description": "Updates AMI with Linux distribution packages and installs Nginx software",
"assumeRole": "{{AutomationAssumeRole}}",
"parameters": map[string]interface{}{
"instanceId": map[string]interface{}{
"description": "ID of the Instance.",
"type": "String",
},
"automationAssumeRole": map[string]interface{}{
"default": "",
"description": "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
"type": "String",
},
},
"mainSteps": []interface{}{
map[string]interface{}{
"name": "updateOSSoftware",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 3600,
"inputs": map[string]interface{}{
"documentName": "AWS-RunShellScript",
"instanceIds": []string{
"{{InstanceId}}",
},
"cloudWatchOutputConfig": map[string]interface{}{
"cloudWatchOutputEnabled": "true",
},
"parameters": map[string]interface{}{
"commands": []string{
`#!/bin/bash
sudo yum update -y
needs-restarting -r
if [ $? -eq 1 ]
then
exit 194
else
exit 0
fi
`,
},
},
},
},
map[string]interface{}{
"name": "InstallNginx",
"action": "aws:runCommand",
"inputs": map[string]interface{}{
"documentName": "AWS-RunShellScript",
"instanceIds": []string{
"{{InstanceId}}",
},
"cloudWatchOutputConfig": map[string]interface{}{
"cloudWatchOutputEnabled": "true",
},
"parameters": map[string]interface{}{
"commands": []string{
"sudo amazon-linux-extras install nginx1 -y\nsudo service nginx start\n",
},
},
},
},
map[string]interface{}{
"name": "TestInstall",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 3600,
"onFailure": "Abort",
"inputs": map[string]interface{}{
"documentName": "AWS-RunShellScript",
"instanceIds": []string{
"{{InstanceId}}",
},
"parameters": map[string]interface{}{
"commands": []string{
"curl localhost\n",
},
},
},
},
},
}),
})
if err != nil {
return err
}
_, err = iam.NewRole(ctx, "ssmExecutionRole", &iam.RoleArgs{
Policies: iam.RolePolicyTypeArray{
&iam.RolePolicyTypeArgs{
PolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"action": []string{
"ssm:StartAssociationsOnce",
"ssm:CreateAssociation",
"ssm:CreateAssociationBatch",
"ssm:UpdateAssociation",
},
"resource": "*",
"effect": "Allow",
},
},
}),
PolicyName: pulumi.String("ssm-association"),
},
},
Path: pulumi.String("/"),
ManagedPolicyArns: pulumi.StringArray{
pulumi.String("arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole"),
},
AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"effect": "Allow",
"principal": map[string]interface{}{
"service": []string{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
"action": "sts:AssumeRole",
},
},
}),
})
if err != nil {
return err
}
_, err = iam.NewRole(ctx, "ssmInstanceRole", &iam.RoleArgs{
Policies: iam.RolePolicyTypeArray{
&iam.RolePolicyTypeArgs{
PolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"action": []string{
"s3:GetObject",
},
"resource": []string{
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
},
"effect": "Allow",
},
},
}),
PolicyName: pulumi.String("ssm-custom-s3-policy"),
},
&iam.RolePolicyTypeArgs{
PolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"action": []string{
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
},
"resource": []string{
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
},
"effect": "Allow",
},
},
}),
PolicyName: pulumi.String("s3-instance-bucket-policy"),
},
},
Path: pulumi.String("/"),
ManagedPolicyArns: pulumi.StringArray{
pulumi.String("arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"),
pulumi.String("arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy"),
},
AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
"version": "2012-10-17",
"statement": []map[string]interface{}{
map[string]interface{}{
"effect": "Allow",
"principal": map[string]interface{}{
"service": []string{
"ec2.amazonaws.com",
"ssm.amazonaws.com",
},
},
"action": "sts:AssumeRole",
},
},
}),
})
if err != nil {
return err
}
_, err = iam.NewInstanceProfile(ctx, "ssmInstanceProfile", &iam.InstanceProfileArgs{
Roles: pulumi.StringArray{
pulumi.String("SSMInstanceRole"),
},
})
if err != nil {
return err
}
ec2Instance, err := ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
ImageId: pulumi.String("LatestAmiId"),
InstanceType: pulumi.String("t3.medium"),
IamInstanceProfile: pulumi.String("SSMInstanceProfile"),
Tags: aws.TagArray{
&aws.TagArgs{
Key: pulumi.String("nginx"),
Value: pulumi.String("true"),
},
},
})
if err != nil {
return err
}
_, err = ssm.NewAssociation(ctx, "nginxAssociation", &ssm.AssociationArgs{
Name: pulumi.String("nginxInstallAutomation"),
OutputLocation: &ssm.AssociationInstanceAssociationOutputLocationArgs{
S3Location: &ssm.AssociationS3OutputLocationArgs{
OutputS3BucketName: pulumi.String("SSMAssocLogs"),
OutputS3KeyPrefix: pulumi.String("logs/"),
},
},
AutomationTargetParameterName: pulumi.String("InstanceId"),
Parameters: pulumi.StringArrayMap{
"automationAssumeRole": pulumi.StringArray{
pulumi.String("SSMExecutionRole.Arn"),
},
},
Targets: ssm.AssociationTargetArray{
&ssm.AssociationTargetArgs{
Key: pulumi.String("tag:nginx"),
Values: pulumi.StringArray{
pulumi.String("true"),
},
},
},
}, pulumi.DependsOn([]pulumi.Resource{
ec2Instance,
}))
if err != nil {
return err
}
ctx.Export("webServerPublic", pulumi.String("EC2Instance.PublicDnsName"))
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
config = pulumi.Config()
latest_ami_id = config.get("latestAmiId")
if latest_ami_id is None:
latest_ami_id = ""
latest_ami_id_value = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" if latest_ami_id == "" else aws_native.get_ssm_parameter_string(name=latest_ami_id).value
ssm_assoc_logs = aws_native.s3.Bucket("ssmAssocLogs")
nginx_install_automation = aws_native.ssm.Document("nginxInstallAutomation",
document_type=aws_native.ssm.DocumentType.AUTOMATION,
content={
"schemaVersion": "0.3",
"description": "Updates AMI with Linux distribution packages and installs Nginx software",
"assumeRole": "{{AutomationAssumeRole}}",
"parameters": {
"instanceId": {
"description": "ID of the Instance.",
"type": "String",
},
"automationAssumeRole": {
"default": "",
"description": "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
"type": "String",
},
},
"mainSteps": [
{
"name": "updateOSSoftware",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 3600,
"inputs": {
"documentName": "AWS-RunShellScript",
"instanceIds": ["{{InstanceId}}"],
"cloudWatchOutputConfig": {
"cloudWatchOutputEnabled": "true",
},
"parameters": {
"commands": ["""#!/bin/bash
sudo yum update -y
needs-restarting -r
if [ $? -eq 1 ]
then
exit 194
else
exit 0
fi
"""],
},
},
},
{
"name": "InstallNginx",
"action": "aws:runCommand",
"inputs": {
"documentName": "AWS-RunShellScript",
"instanceIds": ["{{InstanceId}}"],
"cloudWatchOutputConfig": {
"cloudWatchOutputEnabled": "true",
},
"parameters": {
"commands": ["""sudo amazon-linux-extras install nginx1 -y
sudo service nginx start
"""],
},
},
},
{
"name": "TestInstall",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 3600,
"onFailure": "Abort",
"inputs": {
"documentName": "AWS-RunShellScript",
"instanceIds": ["{{InstanceId}}"],
"parameters": {
"commands": ["curl localhost\n"],
},
},
},
],
})
ssm_execution_role = aws_native.iam.Role("ssmExecutionRole",
policies=[{
"policy_document": {
"version": "2012-10-17",
"statement": [{
"action": [
"ssm:StartAssociationsOnce",
"ssm:CreateAssociation",
"ssm:CreateAssociationBatch",
"ssm:UpdateAssociation",
],
"resource": "*",
"effect": "Allow",
}],
},
"policy_name": "ssm-association",
}],
path="/",
managed_policy_arns=["arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole"],
assume_role_policy_document={
"version": "2012-10-17",
"statement": [{
"effect": "Allow",
"principal": {
"service": [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
"action": "sts:AssumeRole",
}],
})
ssm_instance_role = aws_native.iam.Role("ssmInstanceRole",
policies=[
{
"policy_document": {
"version": "2012-10-17",
"statement": [{
"action": ["s3:GetObject"],
"resource": [
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
],
"effect": "Allow",
}],
},
"policy_name": "ssm-custom-s3-policy",
},
{
"policy_document": {
"version": "2012-10-17",
"statement": [{
"action": [
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
],
"resource": [
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
],
"effect": "Allow",
}],
},
"policy_name": "s3-instance-bucket-policy",
},
],
path="/",
managed_policy_arns=[
"arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
"arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
],
assume_role_policy_document={
"version": "2012-10-17",
"statement": [{
"effect": "Allow",
"principal": {
"service": [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
"action": "sts:AssumeRole",
}],
})
ssm_instance_profile = aws_native.iam.InstanceProfile("ssmInstanceProfile", roles=["SSMInstanceRole"])
ec2_instance = aws_native.ec2.Instance("ec2Instance",
image_id="LatestAmiId",
instance_type="t3.medium",
iam_instance_profile="SSMInstanceProfile",
tags=[{
"key": "nginx",
"value": "true",
}])
nginx_association = aws_native.ssm.Association("nginxAssociation",
name="nginxInstallAutomation",
output_location={
"s3_location": {
"output_s3_bucket_name": "SSMAssocLogs",
"output_s3_key_prefix": "logs/",
},
},
automation_target_parameter_name="InstanceId",
parameters={
"automationAssumeRole": ["SSMExecutionRole.Arn"],
},
targets=[{
"key": "tag:nginx",
"values": ["true"],
}],
opts = pulumi.ResourceOptions(depends_on=[ec2_instance]))
pulumi.export("webServerPublic", "EC2Instance.PublicDnsName")
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const config = new pulumi.Config();
const latestAmiId = config.get("latestAmiId") || "";
const latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : aws_native.getSsmParameterString({
name: latestAmiId,
}).then(invoke => invoke.value);
const ssmAssocLogs = new aws_native.s3.Bucket("ssmAssocLogs", {});
const nginxInstallAutomation = new aws_native.ssm.Document("nginxInstallAutomation", {
documentType: aws_native.ssm.DocumentType.Automation,
content: {
schemaVersion: "0.3",
description: "Updates AMI with Linux distribution packages and installs Nginx software",
assumeRole: "{{AutomationAssumeRole}}",
parameters: {
instanceId: {
description: "ID of the Instance.",
type: "String",
},
automationAssumeRole: {
"default": "",
description: "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
type: "String",
},
},
mainSteps: [
{
name: "updateOSSoftware",
action: "aws:runCommand",
maxAttempts: 3,
timeoutSeconds: 3600,
inputs: {
documentName: "AWS-RunShellScript",
instanceIds: ["{{InstanceId}}"],
cloudWatchOutputConfig: {
cloudWatchOutputEnabled: "true",
},
parameters: {
commands: [`#!/bin/bash
sudo yum update -y
needs-restarting -r
if [ ? -eq 1 ]
then
exit 194
else
exit 0
fi
`],
},
},
},
{
name: "InstallNginx",
action: "aws:runCommand",
inputs: {
documentName: "AWS-RunShellScript",
instanceIds: ["{{InstanceId}}"],
cloudWatchOutputConfig: {
cloudWatchOutputEnabled: "true",
},
parameters: {
commands: [`sudo amazon-linux-extras install nginx1 -y
sudo service nginx start
`],
},
},
},
{
name: "TestInstall",
action: "aws:runCommand",
maxAttempts: 3,
timeoutSeconds: 3600,
onFailure: "Abort",
inputs: {
documentName: "AWS-RunShellScript",
instanceIds: ["{{InstanceId}}"],
parameters: {
commands: ["curl localhost\n"],
},
},
},
],
},
});
const ssmExecutionRole = new aws_native.iam.Role("ssmExecutionRole", {
policies: [{
policyDocument: {
version: "2012-10-17",
statement: [{
action: [
"ssm:StartAssociationsOnce",
"ssm:CreateAssociation",
"ssm:CreateAssociationBatch",
"ssm:UpdateAssociation",
],
resource: "*",
effect: "Allow",
}],
},
policyName: "ssm-association",
}],
path: "/",
managedPolicyArns: ["arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole"],
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
action: "sts:AssumeRole",
}],
},
});
const ssmInstanceRole = new aws_native.iam.Role("ssmInstanceRole", {
policies: [
{
policyDocument: {
version: "2012-10-17",
statement: [{
action: ["s3:GetObject"],
resource: [
"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
],
effect: "Allow",
}],
},
policyName: "ssm-custom-s3-policy",
},
{
policyDocument: {
version: "2012-10-17",
statement: [{
action: [
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListBucket",
],
resource: [
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
],
effect: "Allow",
}],
},
policyName: "s3-instance-bucket-policy",
},
],
path: "/",
managedPolicyArns: [
"arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
"arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
],
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: [
"ec2.amazonaws.com",
"ssm.amazonaws.com",
],
},
action: "sts:AssumeRole",
}],
},
});
const ssmInstanceProfile = new aws_native.iam.InstanceProfile("ssmInstanceProfile", {roles: ["SSMInstanceRole"]});
const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
imageId: "LatestAmiId",
instanceType: "t3.medium",
iamInstanceProfile: "SSMInstanceProfile",
tags: [{
key: "nginx",
value: "true",
}],
});
const nginxAssociation = new aws_native.ssm.Association("nginxAssociation", {
name: "nginxInstallAutomation",
outputLocation: {
s3Location: {
outputS3BucketName: "SSMAssocLogs",
outputS3KeyPrefix: "logs/",
},
},
automationTargetParameterName: "InstanceId",
parameters: {
automationAssumeRole: ["SSMExecutionRole.Arn"],
},
targets: [{
key: "tag:nginx",
values: ["true"],
}],
}, {
dependsOn: [ec2Instance],
});
export const webServerPublic = "EC2Instance.PublicDnsName";
Coming soon!
Create Bucket Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Bucket(name: string, args?: BucketArgs, opts?: CustomResourceOptions);
@overload
def Bucket(resource_name: str,
args: Optional[BucketArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Bucket(resource_name: str,
opts: Optional[ResourceOptions] = None,
accelerate_configuration: Optional[BucketAccelerateConfigurationArgs] = None,
access_control: Optional[BucketAccessControl] = None,
analytics_configurations: Optional[Sequence[BucketAnalyticsConfigurationArgs]] = None,
bucket_encryption: Optional[BucketEncryptionArgs] = None,
bucket_name: Optional[str] = None,
cors_configuration: Optional[BucketCorsConfigurationArgs] = None,
intelligent_tiering_configurations: Optional[Sequence[BucketIntelligentTieringConfigurationArgs]] = None,
inventory_configurations: Optional[Sequence[BucketInventoryConfigurationArgs]] = None,
lifecycle_configuration: Optional[BucketLifecycleConfigurationArgs] = None,
logging_configuration: Optional[BucketLoggingConfigurationArgs] = None,
metrics_configurations: Optional[Sequence[BucketMetricsConfigurationArgs]] = None,
notification_configuration: Optional[BucketNotificationConfigurationArgs] = None,
object_lock_configuration: Optional[BucketObjectLockConfigurationArgs] = None,
object_lock_enabled: Optional[bool] = None,
ownership_controls: Optional[BucketOwnershipControlsArgs] = None,
public_access_block_configuration: Optional[BucketPublicAccessBlockConfigurationArgs] = None,
replication_configuration: Optional[BucketReplicationConfigurationArgs] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
versioning_configuration: Optional[BucketVersioningConfigurationArgs] = None,
website_configuration: Optional[BucketWebsiteConfigurationArgs] = None)
func NewBucket(ctx *Context, name string, args *BucketArgs, opts ...ResourceOption) (*Bucket, error)
public Bucket(string name, BucketArgs? args = null, CustomResourceOptions? opts = null)
public Bucket(String name, BucketArgs args)
public Bucket(String name, BucketArgs args, CustomResourceOptions options)
type: aws-native:s3:Bucket
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args BucketArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args BucketArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args BucketArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BucketArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args BucketArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Bucket Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Bucket resource accepts the following input properties:
- Accelerate
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Accelerate Configuration - Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
- Access
Control Pulumi.Aws Native. S3. Bucket Access Control - This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
- Analytics
Configurations List<Pulumi.Aws Native. S3. Inputs. Bucket Analytics Configuration> - Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- Bucket
Encryption Pulumi.Aws Native. S3. Inputs. Bucket Encryption - Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
- Bucket
Name string - A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
- Cors
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Cors Configuration - Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
- Intelligent
Tiering List<Pulumi.Configurations Aws Native. S3. Inputs. Bucket Intelligent Tiering Configuration> - Defines how Amazon S3 handles Intelligent-Tiering storage.
- Inventory
Configurations List<Pulumi.Aws Native. S3. Inputs. Bucket Inventory Configuration> - Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
- Lifecycle
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Lifecycle Configuration - Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
- Logging
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Logging Configuration - Settings that define where logs are stored.
- Metrics
Configurations List<Pulumi.Aws Native. S3. Inputs. Bucket Metrics Configuration> - Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
- Notification
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Notification Configuration - Configuration that defines how Amazon S3 handles bucket notifications.
- Object
Lock Pulumi.Configuration Aws Native. S3. Inputs. Bucket Object Lock Configuration - This operation is not supported by directory buckets.
Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.
- The
DefaultRetention
settings require both a mode and a period. - The
DefaultRetention
period can be eitherDays
orYears
but you must select one. You cannot specifyDays
andYears
at the same time. - You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
- The
- Object
Lock boolEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - Ownership
Controls Pulumi.Aws Native. S3. Inputs. Bucket Ownership Controls - Configuration that defines how Amazon S3 handles Object Ownership rules.
- Public
Access Pulumi.Block Configuration Aws Native. S3. Inputs. Bucket Public Access Block Configuration - Configuration that defines how Amazon S3 handles public access.
- Replication
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Replication Configuration - Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the
VersioningConfiguration
property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. - List<Pulumi.
Aws Native. Inputs. Tag> - An arbitrary set of tags (key-value pairs) for this S3 bucket.
- Versioning
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Versioning Configuration - Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (
PUT
orDELETE
) on objects in the bucket. - Website
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Website Configuration - Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
- Accelerate
Configuration BucketAccelerate Configuration Args - Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
- Access
Control BucketAccess Control - This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
- Analytics
Configurations []BucketAnalytics Configuration Args - Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- Bucket
Encryption BucketEncryption Args - Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
- Bucket
Name string - A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
- Cors
Configuration BucketCors Configuration Args - Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
- Intelligent
Tiering []BucketConfigurations Intelligent Tiering Configuration Args - Defines how Amazon S3 handles Intelligent-Tiering storage.
- Inventory
Configurations []BucketInventory Configuration Args - Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
- Lifecycle
Configuration BucketLifecycle Configuration Args - Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
- Logging
Configuration BucketLogging Configuration Args - Settings that define where logs are stored.
- Metrics
Configurations []BucketMetrics Configuration Args - Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
- Notification
Configuration BucketNotification Configuration Args - Configuration that defines how Amazon S3 handles bucket notifications.
- Object
Lock BucketConfiguration Object Lock Configuration Args - This operation is not supported by directory buckets.
Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.
- The
DefaultRetention
settings require both a mode and a period. - The
DefaultRetention
period can be eitherDays
orYears
but you must select one. You cannot specifyDays
andYears
at the same time. - You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
- The
- Object
Lock boolEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - Ownership
Controls BucketOwnership Controls Args - Configuration that defines how Amazon S3 handles Object Ownership rules.
- Public
Access BucketBlock Configuration Public Access Block Configuration Args - Configuration that defines how Amazon S3 handles public access.
- Replication
Configuration BucketReplication Configuration Args - Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the
VersioningConfiguration
property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. - Tag
Args - An arbitrary set of tags (key-value pairs) for this S3 bucket.
- Versioning
Configuration BucketVersioning Configuration Args - Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (
PUT
orDELETE
) on objects in the bucket. - Website
Configuration BucketWebsite Configuration Args - Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
- accelerate
Configuration BucketAccelerate Configuration - Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
- access
Control BucketAccess Control - This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
- analytics
Configurations List<BucketAnalytics Configuration> - Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- bucket
Encryption BucketEncryption - Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
- bucket
Name String - A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
- cors
Configuration BucketCors Configuration - Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
- intelligent
Tiering List<BucketConfigurations Intelligent Tiering Configuration> - Defines how Amazon S3 handles Intelligent-Tiering storage.
- inventory
Configurations List<BucketInventory Configuration> - Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
- lifecycle
Configuration BucketLifecycle Configuration - Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
- logging
Configuration BucketLogging Configuration - Settings that define where logs are stored.
- metrics
Configurations List<BucketMetrics Configuration> - Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
- notification
Configuration BucketNotification Configuration - Configuration that defines how Amazon S3 handles bucket notifications.
- object
Lock BucketConfiguration Object Lock Configuration - This operation is not supported by directory buckets.
Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.
- The
DefaultRetention
settings require both a mode and a period. - The
DefaultRetention
period can be eitherDays
orYears
but you must select one. You cannot specifyDays
andYears
at the same time. - You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
- The
- object
Lock BooleanEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - ownership
Controls BucketOwnership Controls - Configuration that defines how Amazon S3 handles Object Ownership rules.
- public
Access BucketBlock Configuration Public Access Block Configuration - Configuration that defines how Amazon S3 handles public access.
- replication
Configuration BucketReplication Configuration - Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the
VersioningConfiguration
property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. - List<Tag>
- An arbitrary set of tags (key-value pairs) for this S3 bucket.
- versioning
Configuration BucketVersioning Configuration - Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (
PUT
orDELETE
) on objects in the bucket. - website
Configuration BucketWebsite Configuration - Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
- accelerate
Configuration BucketAccelerate Configuration - Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
- access
Control BucketAccess Control - This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
- analytics
Configurations BucketAnalytics Configuration[] - Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- bucket
Encryption BucketEncryption - Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
- bucket
Name string - A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
- cors
Configuration BucketCors Configuration - Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
- intelligent
Tiering BucketConfigurations Intelligent Tiering Configuration[] - Defines how Amazon S3 handles Intelligent-Tiering storage.
- inventory
Configurations BucketInventory Configuration[] - Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
- lifecycle
Configuration BucketLifecycle Configuration - Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
- logging
Configuration BucketLogging Configuration - Settings that define where logs are stored.
- metrics
Configurations BucketMetrics Configuration[] - Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
- notification
Configuration BucketNotification Configuration - Configuration that defines how Amazon S3 handles bucket notifications.
- object
Lock BucketConfiguration Object Lock Configuration - This operation is not supported by directory buckets.
Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.
- The
DefaultRetention
settings require both a mode and a period. - The
DefaultRetention
period can be eitherDays
orYears
but you must select one. You cannot specifyDays
andYears
at the same time. - You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
- The
- object
Lock booleanEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - ownership
Controls BucketOwnership Controls - Configuration that defines how Amazon S3 handles Object Ownership rules.
- public
Access BucketBlock Configuration Public Access Block Configuration - Configuration that defines how Amazon S3 handles public access.
- replication
Configuration BucketReplication Configuration - Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the
VersioningConfiguration
property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. - Tag[]
- An arbitrary set of tags (key-value pairs) for this S3 bucket.
- versioning
Configuration BucketVersioning Configuration - Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (
PUT
orDELETE
) on objects in the bucket. - website
Configuration BucketWebsite Configuration - Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
- accelerate_
configuration BucketAccelerate Configuration Args - Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
- access_
control BucketAccess Control - This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
- analytics_
configurations Sequence[BucketAnalytics Configuration Args] - Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- bucket_
encryption BucketEncryption Args - Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
- bucket_
name str - A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
- cors_
configuration BucketCors Configuration Args - Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
- intelligent_
tiering_ Sequence[Bucketconfigurations Intelligent Tiering Configuration Args] - Defines how Amazon S3 handles Intelligent-Tiering storage.
- inventory_
configurations Sequence[BucketInventory Configuration Args] - Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
- lifecycle_
configuration BucketLifecycle Configuration Args - Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
- logging_
configuration BucketLogging Configuration Args - Settings that define where logs are stored.
- metrics_
configurations Sequence[BucketMetrics Configuration Args] - Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
- notification_
configuration BucketNotification Configuration Args - Configuration that defines how Amazon S3 handles bucket notifications.
- object_
lock_ Bucketconfiguration Object Lock Configuration Args - This operation is not supported by directory buckets.
Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.
- The
DefaultRetention
settings require both a mode and a period. - The
DefaultRetention
period can be eitherDays
orYears
but you must select one. You cannot specifyDays
andYears
at the same time. - You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
- The
- object_
lock_ boolenabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - ownership_
controls BucketOwnership Controls Args - Configuration that defines how Amazon S3 handles Object Ownership rules.
- public_
access_ Bucketblock_ configuration Public Access Block Configuration Args - Configuration that defines how Amazon S3 handles public access.
- replication_
configuration BucketReplication Configuration Args - Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the
VersioningConfiguration
property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. - Sequence[Tag
Args] - An arbitrary set of tags (key-value pairs) for this S3 bucket.
- versioning_
configuration BucketVersioning Configuration Args - Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (
PUT
orDELETE
) on objects in the bucket. - website_
configuration BucketWebsite Configuration Args - Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
- accelerate
Configuration Property Map - Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
- access
Control "AuthenticatedRead" | "Aws Exec Read" | "Bucket Owner Full Control" | "Bucket Owner Read" | "Log Delivery Write" | "Private" | "Public Read" | "Public Read Write" - This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
- analytics
Configurations List<Property Map> - Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- bucket
Encryption Property Map - Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
- bucket
Name String - A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
- cors
Configuration Property Map - Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
- intelligent
Tiering List<Property Map>Configurations - Defines how Amazon S3 handles Intelligent-Tiering storage.
- inventory
Configurations List<Property Map> - Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
- lifecycle
Configuration Property Map - Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
- logging
Configuration Property Map - Settings that define where logs are stored.
- metrics
Configurations List<Property Map> - Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
- notification
Configuration Property Map - Configuration that defines how Amazon S3 handles bucket notifications.
- object
Lock Property MapConfiguration - This operation is not supported by directory buckets.
Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.
- The
DefaultRetention
settings require both a mode and a period. - The
DefaultRetention
period can be eitherDays
orYears
but you must select one. You cannot specifyDays
andYears
at the same time. - You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
- The
- object
Lock BooleanEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - ownership
Controls Property Map - Configuration that defines how Amazon S3 handles Object Ownership rules.
- public
Access Property MapBlock Configuration - Configuration that defines how Amazon S3 handles public access.
- replication
Configuration Property Map - Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the
VersioningConfiguration
property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. - List<Property Map>
- An arbitrary set of tags (key-value pairs) for this S3 bucket.
- versioning
Configuration Property Map - Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (
PUT
orDELETE
) on objects in the bucket. - website
Configuration Property Map - Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
Outputs
All input properties are implicitly available as output properties. Additionally, the Bucket resource produces the following output properties:
- Arn string
Returns the Amazon Resource Name (ARN) of the specified bucket.
Example:
arn:aws:s3:::DOC-EXAMPLE-BUCKET
- Domain
Name string Returns the IPv4 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.amazonaws.com
- Dual
Stack stringDomain Name Returns the IPv6 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .
- Id string
- The provider-assigned unique ID for this managed resource.
- Regional
Domain stringName Returns the regional domain name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com
- Website
Url string Returns the Amazon S3 website endpoint for the specified bucket.
Example (IPv4):
http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com
Example (IPv6):
http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
- Arn string
Returns the Amazon Resource Name (ARN) of the specified bucket.
Example:
arn:aws:s3:::DOC-EXAMPLE-BUCKET
- Domain
Name string Returns the IPv4 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.amazonaws.com
- Dual
Stack stringDomain Name Returns the IPv6 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .
- Id string
- The provider-assigned unique ID for this managed resource.
- Regional
Domain stringName Returns the regional domain name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com
- Website
Url string Returns the Amazon S3 website endpoint for the specified bucket.
Example (IPv4):
http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com
Example (IPv6):
http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
- arn String
Returns the Amazon Resource Name (ARN) of the specified bucket.
Example:
arn:aws:s3:::DOC-EXAMPLE-BUCKET
- domain
Name String Returns the IPv4 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.amazonaws.com
- dual
Stack StringDomain Name Returns the IPv6 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .
- id String
- The provider-assigned unique ID for this managed resource.
- regional
Domain StringName Returns the regional domain name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com
- website
Url String Returns the Amazon S3 website endpoint for the specified bucket.
Example (IPv4):
http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com
Example (IPv6):
http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
- arn string
Returns the Amazon Resource Name (ARN) of the specified bucket.
Example:
arn:aws:s3:::DOC-EXAMPLE-BUCKET
- domain
Name string Returns the IPv4 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.amazonaws.com
- dual
Stack stringDomain Name Returns the IPv6 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .
- id string
- The provider-assigned unique ID for this managed resource.
- regional
Domain stringName Returns the regional domain name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com
- website
Url string Returns the Amazon S3 website endpoint for the specified bucket.
Example (IPv4):
http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com
Example (IPv6):
http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
- arn str
Returns the Amazon Resource Name (ARN) of the specified bucket.
Example:
arn:aws:s3:::DOC-EXAMPLE-BUCKET
- domain_
name str Returns the IPv4 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.amazonaws.com
- dual_
stack_ strdomain_ name Returns the IPv6 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .
- id str
- The provider-assigned unique ID for this managed resource.
- regional_
domain_ strname Returns the regional domain name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com
- website_
url str Returns the Amazon S3 website endpoint for the specified bucket.
Example (IPv4):
http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com
Example (IPv6):
http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
- arn String
Returns the Amazon Resource Name (ARN) of the specified bucket.
Example:
arn:aws:s3:::DOC-EXAMPLE-BUCKET
- domain
Name String Returns the IPv4 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.amazonaws.com
- dual
Stack StringDomain Name Returns the IPv6 DNS name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .
- id String
- The provider-assigned unique ID for this managed resource.
- regional
Domain StringName Returns the regional domain name of the specified bucket.
Example:
DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com
- website
Url String Returns the Amazon S3 website endpoint for the specified bucket.
Example (IPv4):
http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com
Example (IPv6):
http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com
Supporting Types
BucketAbortIncompleteMultipartUpload, BucketAbortIncompleteMultipartUploadArgs
- Days
After intInitiation - Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
- Days
After intInitiation - Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
- days
After IntegerInitiation - Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
- days
After numberInitiation - Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
- days_
after_ intinitiation - Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
- days
After NumberInitiation - Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
BucketAccelerateConfiguration, BucketAccelerateConfigurationArgs
- Acceleration
Status Pulumi.Aws Native. S3. Bucket Accelerate Configuration Acceleration Status - Specifies the transfer acceleration status of the bucket.
- Acceleration
Status BucketAccelerate Configuration Acceleration Status - Specifies the transfer acceleration status of the bucket.
- acceleration
Status BucketAccelerate Configuration Acceleration Status - Specifies the transfer acceleration status of the bucket.
- acceleration
Status BucketAccelerate Configuration Acceleration Status - Specifies the transfer acceleration status of the bucket.
- acceleration_
status BucketAccelerate Configuration Acceleration Status - Specifies the transfer acceleration status of the bucket.
- acceleration
Status "Enabled" | "Suspended" - Specifies the transfer acceleration status of the bucket.
BucketAccelerateConfigurationAccelerationStatus, BucketAccelerateConfigurationAccelerationStatusArgs
- Enabled
- Enabled
- Suspended
- Suspended
- Bucket
Accelerate Configuration Acceleration Status Enabled - Enabled
- Bucket
Accelerate Configuration Acceleration Status Suspended - Suspended
- Enabled
- Enabled
- Suspended
- Suspended
- Enabled
- Enabled
- Suspended
- Suspended
- ENABLED
- Enabled
- SUSPENDED
- Suspended
- "Enabled"
- Enabled
- "Suspended"
- Suspended
BucketAccessControl, BucketAccessControlArgs
- Authenticated
Read - AuthenticatedRead
- Aws
Exec Read - AwsExecRead
- Bucket
Owner Full Control - BucketOwnerFullControl
- Bucket
Owner Read - BucketOwnerRead
- Log
Delivery Write - LogDeliveryWrite
- Private
- Private
- Public
Read - PublicRead
- Public
Read Write - PublicReadWrite
- Bucket
Access Control Authenticated Read - AuthenticatedRead
- Bucket
Access Control Aws Exec Read - AwsExecRead
- Bucket
Access Control Bucket Owner Full Control - BucketOwnerFullControl
- Bucket
Access Control Bucket Owner Read - BucketOwnerRead
- Bucket
Access Control Log Delivery Write - LogDeliveryWrite
- Bucket
Access Control Private - Private
- Bucket
Access Control Public Read - PublicRead
- Bucket
Access Control Public Read Write - PublicReadWrite
- Authenticated
Read - AuthenticatedRead
- Aws
Exec Read - AwsExecRead
- Bucket
Owner Full Control - BucketOwnerFullControl
- Bucket
Owner Read - BucketOwnerRead
- Log
Delivery Write - LogDeliveryWrite
- Private
- Private
- Public
Read - PublicRead
- Public
Read Write - PublicReadWrite
- Authenticated
Read - AuthenticatedRead
- Aws
Exec Read - AwsExecRead
- Bucket
Owner Full Control - BucketOwnerFullControl
- Bucket
Owner Read - BucketOwnerRead
- Log
Delivery Write - LogDeliveryWrite
- Private
- Private
- Public
Read - PublicRead
- Public
Read Write - PublicReadWrite
- AUTHENTICATED_READ
- AuthenticatedRead
- AWS_EXEC_READ
- AwsExecRead
- BUCKET_OWNER_FULL_CONTROL
- BucketOwnerFullControl
- BUCKET_OWNER_READ
- BucketOwnerRead
- LOG_DELIVERY_WRITE
- LogDeliveryWrite
- PRIVATE
- Private
- PUBLIC_READ
- PublicRead
- PUBLIC_READ_WRITE
- PublicReadWrite
- "Authenticated
Read" - AuthenticatedRead
- "Aws
Exec Read" - AwsExecRead
- "Bucket
Owner Full Control" - BucketOwnerFullControl
- "Bucket
Owner Read" - BucketOwnerRead
- "Log
Delivery Write" - LogDeliveryWrite
- "Private"
- Private
- "Public
Read" - PublicRead
- "Public
Read Write" - PublicReadWrite
BucketAccessControlTranslation, BucketAccessControlTranslationArgs
- Owner string
- Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
- Owner string
- Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
- owner String
- Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
- owner string
- Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
- owner str
- Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
- owner String
- Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
BucketAnalyticsConfiguration, BucketAnalyticsConfigurationArgs
- Id string
- The ID that identifies the analytics configuration.
- Storage
Class Pulumi.Analysis Aws Native. S3. Inputs. Bucket Storage Class Analysis - Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
- Prefix string
- The prefix that an object must have to be included in the analytics results.
- Tag
Filters List<Pulumi.Aws Native. S3. Inputs. Bucket Tag Filter> - The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
- Id string
- The ID that identifies the analytics configuration.
- Storage
Class BucketAnalysis Storage Class Analysis - Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
- Prefix string
- The prefix that an object must have to be included in the analytics results.
- Tag
Filters []BucketTag Filter - The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
- id String
- The ID that identifies the analytics configuration.
- storage
Class BucketAnalysis Storage Class Analysis - Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
- prefix String
- The prefix that an object must have to be included in the analytics results.
- tag
Filters List<BucketTag Filter> - The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
- id string
- The ID that identifies the analytics configuration.
- storage
Class BucketAnalysis Storage Class Analysis - Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
- prefix string
- The prefix that an object must have to be included in the analytics results.
- tag
Filters BucketTag Filter[] - The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
- id str
- The ID that identifies the analytics configuration.
- storage_
class_ Bucketanalysis Storage Class Analysis - Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
- prefix str
- The prefix that an object must have to be included in the analytics results.
- tag_
filters Sequence[BucketTag Filter] - The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
- id String
- The ID that identifies the analytics configuration.
- storage
Class Property MapAnalysis - Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
- prefix String
- The prefix that an object must have to be included in the analytics results.
- tag
Filters List<Property Map> - The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
BucketCorsConfiguration, BucketCorsConfigurationArgs
- Cors
Rules List<Pulumi.Aws Native. S3. Inputs. Bucket Cors Rule> - A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
- Cors
Rules []BucketCors Rule - A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
- cors
Rules List<BucketCors Rule> - A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
- cors
Rules BucketCors Rule[] - A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
- cors_
rules Sequence[BucketCors Rule] - A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
- cors
Rules List<Property Map> - A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
BucketCorsRule, BucketCorsRuleArgs
- Allowed
Methods List<Pulumi.Aws Native. S3. Bucket Cors Rule Allowed Methods Item> - An HTTP method that you allow the origin to run.
Allowed values:
GET
|PUT
|HEAD
|POST
|DELETE
- Allowed
Origins List<string> - One or more origins you want customers to be able to access the bucket from.
- Allowed
Headers List<string> - Headers that are specified in the
Access-Control-Request-Headers
header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. - Exposed
Headers List<string> - One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object). - Id string
- A unique identifier for this rule. The value must be no more than 255 characters.
- Max
Age int - The time in seconds that your browser is to cache the preflight response for the specified resource.
- Allowed
Methods []BucketCors Rule Allowed Methods Item - An HTTP method that you allow the origin to run.
Allowed values:
GET
|PUT
|HEAD
|POST
|DELETE
- Allowed
Origins []string - One or more origins you want customers to be able to access the bucket from.
- Allowed
Headers []string - Headers that are specified in the
Access-Control-Request-Headers
header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. - Exposed
Headers []string - One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object). - Id string
- A unique identifier for this rule. The value must be no more than 255 characters.
- Max
Age int - The time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed
Methods List<BucketCors Rule Allowed Methods Item> - An HTTP method that you allow the origin to run.
Allowed values:
GET
|PUT
|HEAD
|POST
|DELETE
- allowed
Origins List<String> - One or more origins you want customers to be able to access the bucket from.
- allowed
Headers List<String> - Headers that are specified in the
Access-Control-Request-Headers
header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. - exposed
Headers List<String> - One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object). - id String
- A unique identifier for this rule. The value must be no more than 255 characters.
- max
Age Integer - The time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed
Methods BucketCors Rule Allowed Methods Item[] - An HTTP method that you allow the origin to run.
Allowed values:
GET
|PUT
|HEAD
|POST
|DELETE
- allowed
Origins string[] - One or more origins you want customers to be able to access the bucket from.
- allowed
Headers string[] - Headers that are specified in the
Access-Control-Request-Headers
header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. - exposed
Headers string[] - One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object). - id string
- A unique identifier for this rule. The value must be no more than 255 characters.
- max
Age number - The time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed_
methods Sequence[BucketCors Rule Allowed Methods Item] - An HTTP method that you allow the origin to run.
Allowed values:
GET
|PUT
|HEAD
|POST
|DELETE
- allowed_
origins Sequence[str] - One or more origins you want customers to be able to access the bucket from.
- allowed_
headers Sequence[str] - Headers that are specified in the
Access-Control-Request-Headers
header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. - exposed_
headers Sequence[str] - One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object). - id str
- A unique identifier for this rule. The value must be no more than 255 characters.
- max_
age int - The time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed
Methods List<"GET" | "PUT" | "HEAD" | "POST" | "DELETE"> - An HTTP method that you allow the origin to run.
Allowed values:
GET
|PUT
|HEAD
|POST
|DELETE
- allowed
Origins List<String> - One or more origins you want customers to be able to access the bucket from.
- allowed
Headers List<String> - Headers that are specified in the
Access-Control-Request-Headers
header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. - exposed
Headers List<String> - One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object). - id String
- A unique identifier for this rule. The value must be no more than 255 characters.
- max
Age Number - The time in seconds that your browser is to cache the preflight response for the specified resource.
BucketCorsRuleAllowedMethodsItem, BucketCorsRuleAllowedMethodsItemArgs
- Get
- GET
- Put
- PUT
- Head
- HEAD
- Post
- POST
- Delete
- DELETE
- Bucket
Cors Rule Allowed Methods Item Get - GET
- Bucket
Cors Rule Allowed Methods Item Put - PUT
- Bucket
Cors Rule Allowed Methods Item Head - HEAD
- Bucket
Cors Rule Allowed Methods Item Post - POST
- Bucket
Cors Rule Allowed Methods Item Delete - DELETE
- Get
- GET
- Put
- PUT
- Head
- HEAD
- Post
- POST
- Delete
- DELETE
- Get
- GET
- Put
- PUT
- Head
- HEAD
- Post
- POST
- Delete
- DELETE
- GET
- GET
- PUT
- PUT
- HEAD
- HEAD
- POST
- POST
- DELETE
- DELETE
- "GET"
- GET
- "PUT"
- PUT
- "HEAD"
- HEAD
- "POST"
- POST
- "DELETE"
- DELETE
BucketDataExport, BucketDataExportArgs
- Destination
Pulumi.
Aws Native. S3. Inputs. Bucket Destination - The place to store the data for an analysis.
- Output
Schema stringVersion - The version of the output schema to use when exporting data. Must be
V_1
.
- Destination
Bucket
Destination - The place to store the data for an analysis.
- Output
Schema stringVersion - The version of the output schema to use when exporting data. Must be
V_1
.
- destination
Bucket
Destination - The place to store the data for an analysis.
- output
Schema StringVersion - The version of the output schema to use when exporting data. Must be
V_1
.
- destination
Bucket
Destination - The place to store the data for an analysis.
- output
Schema stringVersion - The version of the output schema to use when exporting data. Must be
V_1
.
- destination
Bucket
Destination - The place to store the data for an analysis.
- output_
schema_ strversion - The version of the output schema to use when exporting data. Must be
V_1
.
- destination Property Map
- The place to store the data for an analysis.
- output
Schema StringVersion - The version of the output schema to use when exporting data. Must be
V_1
.
BucketDefaultRetention, BucketDefaultRetentionArgs
- Days int
- The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - Mode
Pulumi.
Aws Native. S3. Bucket Default Retention Mode - The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - Years int
- The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
.
- Days int
- The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - Mode
Bucket
Default Retention Mode - The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - Years int
- The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
.
- days Integer
- The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - mode
Bucket
Default Retention Mode - The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - years Integer
- The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
.
- days number
- The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - mode
Bucket
Default Retention Mode - The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - years number
- The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
.
- days int
- The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - mode
Bucket
Default Retention Mode - The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - years int
- The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
.
- days Number
- The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - mode "COMPLIANCE" | "GOVERNANCE"
- The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
. - years Number
- The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify
Mode
and specify eitherDays
orYears
.
BucketDefaultRetentionMode, BucketDefaultRetentionModeArgs
- Compliance
- COMPLIANCE
- Governance
- GOVERNANCE
- Bucket
Default Retention Mode Compliance - COMPLIANCE
- Bucket
Default Retention Mode Governance - GOVERNANCE
- Compliance
- COMPLIANCE
- Governance
- GOVERNANCE
- Compliance
- COMPLIANCE
- Governance
- GOVERNANCE
- COMPLIANCE
- COMPLIANCE
- GOVERNANCE
- GOVERNANCE
- "COMPLIANCE"
- COMPLIANCE
- "GOVERNANCE"
- GOVERNANCE
BucketDeleteMarkerReplication, BucketDeleteMarkerReplicationArgs
- Status
Pulumi.
Aws Native. S3. Bucket Delete Marker Replication Status - Indicates whether to replicate delete markers. Disabled by default.
- Status
Bucket
Delete Marker Replication Status - Indicates whether to replicate delete markers. Disabled by default.
- status
Bucket
Delete Marker Replication Status - Indicates whether to replicate delete markers. Disabled by default.
- status
Bucket
Delete Marker Replication Status - Indicates whether to replicate delete markers. Disabled by default.
- status
Bucket
Delete Marker Replication Status - Indicates whether to replicate delete markers. Disabled by default.
- status "Disabled" | "Enabled"
- Indicates whether to replicate delete markers. Disabled by default.
BucketDeleteMarkerReplicationStatus, BucketDeleteMarkerReplicationStatusArgs
- Disabled
- Disabled
- Enabled
- Enabled
- Bucket
Delete Marker Replication Status Disabled - Disabled
- Bucket
Delete Marker Replication Status Enabled - Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- DISABLED
- Disabled
- ENABLED
- Enabled
- "Disabled"
- Disabled
- "Enabled"
- Enabled
BucketDestination, BucketDestinationArgs
- Bucket
Arn string - The Amazon Resource Name (ARN) of the bucket to which data is exported.
- Format
Pulumi.
Aws Native. S3. Bucket Destination Format - Specifies the file format used when exporting data to Amazon S3.
Allowed values:
CSV
|ORC
|Parquet
- Bucket
Account stringId - The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
- Prefix string
- The prefix to use when exporting data. The prefix is prepended to all results.
- Bucket
Arn string - The Amazon Resource Name (ARN) of the bucket to which data is exported.
- Format
Bucket
Destination Format - Specifies the file format used when exporting data to Amazon S3.
Allowed values:
CSV
|ORC
|Parquet
- Bucket
Account stringId - The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
- Prefix string
- The prefix to use when exporting data. The prefix is prepended to all results.
- bucket
Arn String - The Amazon Resource Name (ARN) of the bucket to which data is exported.
- format
Bucket
Destination Format - Specifies the file format used when exporting data to Amazon S3.
Allowed values:
CSV
|ORC
|Parquet
- bucket
Account StringId - The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
- prefix String
- The prefix to use when exporting data. The prefix is prepended to all results.
- bucket
Arn string - The Amazon Resource Name (ARN) of the bucket to which data is exported.
- format
Bucket
Destination Format - Specifies the file format used when exporting data to Amazon S3.
Allowed values:
CSV
|ORC
|Parquet
- bucket
Account stringId - The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
- prefix string
- The prefix to use when exporting data. The prefix is prepended to all results.
- bucket_
arn str - The Amazon Resource Name (ARN) of the bucket to which data is exported.
- format
Bucket
Destination Format - Specifies the file format used when exporting data to Amazon S3.
Allowed values:
CSV
|ORC
|Parquet
- bucket_
account_ strid - The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
- prefix str
- The prefix to use when exporting data. The prefix is prepended to all results.
- bucket
Arn String - The Amazon Resource Name (ARN) of the bucket to which data is exported.
- format "CSV" | "ORC" | "Parquet"
- Specifies the file format used when exporting data to Amazon S3.
Allowed values:
CSV
|ORC
|Parquet
- bucket
Account StringId - The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
- prefix String
- The prefix to use when exporting data. The prefix is prepended to all results.
BucketDestinationFormat, BucketDestinationFormatArgs
- Csv
- CSV
- Orc
- ORC
- Parquet
- Parquet
- Bucket
Destination Format Csv - CSV
- Bucket
Destination Format Orc - ORC
- Bucket
Destination Format Parquet - Parquet
- Csv
- CSV
- Orc
- ORC
- Parquet
- Parquet
- Csv
- CSV
- Orc
- ORC
- Parquet
- Parquet
- CSV
- CSV
- ORC
- ORC
- PARQUET
- Parquet
- "CSV"
- CSV
- "ORC"
- ORC
- "Parquet"
- Parquet
BucketEncryption, BucketEncryptionArgs
- Server
Side List<Pulumi.Encryption Configuration Aws Native. S3. Inputs. Bucket Server Side Encryption Rule> - Specifies the default server-side-encryption configuration.
- Server
Side []BucketEncryption Configuration Server Side Encryption Rule - Specifies the default server-side-encryption configuration.
- server
Side List<BucketEncryption Configuration Server Side Encryption Rule> - Specifies the default server-side-encryption configuration.
- server
Side BucketEncryption Configuration Server Side Encryption Rule[] - Specifies the default server-side-encryption configuration.
- server_
side_ Sequence[Bucketencryption_ configuration Server Side Encryption Rule] - Specifies the default server-side-encryption configuration.
- server
Side List<Property Map>Encryption Configuration - Specifies the default server-side-encryption configuration.
BucketEncryptionConfiguration, BucketEncryptionConfigurationArgs
- Replica
Kms stringKey Id - Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
- Replica
Kms stringKey Id - Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
- replica
Kms StringKey Id - Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
- replica
Kms stringKey Id - Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
- replica_
kms_ strkey_ id - Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
- replica
Kms StringKey Id - Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
BucketEventBridgeConfiguration, BucketEventBridgeConfigurationArgs
- Event
Bridge boolEnabled - Enables delivery of events to Amazon EventBridge.
- Event
Bridge boolEnabled - Enables delivery of events to Amazon EventBridge.
- event
Bridge BooleanEnabled - Enables delivery of events to Amazon EventBridge.
- event
Bridge booleanEnabled - Enables delivery of events to Amazon EventBridge.
- event_
bridge_ boolenabled - Enables delivery of events to Amazon EventBridge.
- event
Bridge BooleanEnabled - Enables delivery of events to Amazon EventBridge.
BucketFilterRule, BucketFilterRuleArgs
- Name string
- The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
- Value string
- The value that the filter searches for in object key names.
- Name string
- The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
- Value string
- The value that the filter searches for in object key names.
- name String
- The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
- value String
- The value that the filter searches for in object key names.
- name string
- The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
- value string
- The value that the filter searches for in object key names.
- name str
- The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
- value str
- The value that the filter searches for in object key names.
- name String
- The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
- value String
- The value that the filter searches for in object key names.
BucketIntelligentTieringConfiguration, BucketIntelligentTieringConfigurationArgs
- Id string
- The ID used to identify the S3 Intelligent-Tiering configuration.
- Status
Pulumi.
Aws Native. S3. Bucket Intelligent Tiering Configuration Status - Specifies the status of the configuration.
- Tierings
List<Pulumi.
Aws Native. S3. Inputs. Bucket Tiering> - Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier:
ARCHIVE_ACCESS
andDEEP_ARCHIVE_ACCESS
. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. - Prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies.
- Tag
Filters List<Pulumi.Aws Native. S3. Inputs. Bucket Tag Filter> - A container for a key-value pair.
- Id string
- The ID used to identify the S3 Intelligent-Tiering configuration.
- Status
Bucket
Intelligent Tiering Configuration Status - Specifies the status of the configuration.
- Tierings
[]Bucket
Tiering - Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier:
ARCHIVE_ACCESS
andDEEP_ARCHIVE_ACCESS
. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. - Prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies.
- Tag
Filters []BucketTag Filter - A container for a key-value pair.
- id String
- The ID used to identify the S3 Intelligent-Tiering configuration.
- status
Bucket
Intelligent Tiering Configuration Status - Specifies the status of the configuration.
- tierings
List<Bucket
Tiering> - Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier:
ARCHIVE_ACCESS
andDEEP_ARCHIVE_ACCESS
. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. - prefix String
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag
Filters List<BucketTag Filter> - A container for a key-value pair.
- id string
- The ID used to identify the S3 Intelligent-Tiering configuration.
- status
Bucket
Intelligent Tiering Configuration Status - Specifies the status of the configuration.
- tierings
Bucket
Tiering[] - Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier:
ARCHIVE_ACCESS
andDEEP_ARCHIVE_ACCESS
. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. - prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag
Filters BucketTag Filter[] - A container for a key-value pair.
- id str
- The ID used to identify the S3 Intelligent-Tiering configuration.
- status
Bucket
Intelligent Tiering Configuration Status - Specifies the status of the configuration.
- tierings
Sequence[Bucket
Tiering] - Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier:
ARCHIVE_ACCESS
andDEEP_ARCHIVE_ACCESS
. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. - prefix str
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag_
filters Sequence[BucketTag Filter] - A container for a key-value pair.
- id String
- The ID used to identify the S3 Intelligent-Tiering configuration.
- status "Disabled" | "Enabled"
- Specifies the status of the configuration.
- tierings List<Property Map>
- Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier:
ARCHIVE_ACCESS
andDEEP_ARCHIVE_ACCESS
. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. - prefix String
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag
Filters List<Property Map> - A container for a key-value pair.
BucketIntelligentTieringConfigurationStatus, BucketIntelligentTieringConfigurationStatusArgs
- Disabled
- Disabled
- Enabled
- Enabled
- Bucket
Intelligent Tiering Configuration Status Disabled - Disabled
- Bucket
Intelligent Tiering Configuration Status Enabled - Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- DISABLED
- Disabled
- ENABLED
- Enabled
- "Disabled"
- Disabled
- "Enabled"
- Enabled
BucketInventoryConfiguration, BucketInventoryConfigurationArgs
- Destination
Pulumi.
Aws Native. S3. Inputs. Bucket Destination - Contains information about where to publish the inventory results.
- Enabled bool
- Specifies whether the inventory is enabled or disabled. If set to
True
, an inventory list is generated. If set toFalse
, no inventory list is generated. - Id string
- The ID used to identify the inventory configuration.
- Included
Object Pulumi.Versions Aws Native. S3. Bucket Inventory Configuration Included Object Versions - Object versions to include in the inventory list. If set to
All
, the list includes all the object versions, which adds the version-related fieldsVersionId
,IsLatest
, andDeleteMarker
to the list. If set toCurrent
, the list does not contain these version-related fields. - Schedule
Frequency Pulumi.Aws Native. S3. Bucket Inventory Configuration Schedule Frequency - Specifies the schedule for generating inventory results.
- Optional
Fields List<Pulumi.Aws Native. S3. Bucket Inventory Configuration Optional Fields Item> - Contains the optional fields that are included in the inventory results.
- Prefix string
- Specifies the inventory filter prefix.
- Destination
Bucket
Destination - Contains information about where to publish the inventory results.
- Enabled bool
- Specifies whether the inventory is enabled or disabled. If set to
True
, an inventory list is generated. If set toFalse
, no inventory list is generated. - Id string
- The ID used to identify the inventory configuration.
- Included
Object BucketVersions Inventory Configuration Included Object Versions - Object versions to include in the inventory list. If set to
All
, the list includes all the object versions, which adds the version-related fieldsVersionId
,IsLatest
, andDeleteMarker
to the list. If set toCurrent
, the list does not contain these version-related fields. - Schedule
Frequency BucketInventory Configuration Schedule Frequency - Specifies the schedule for generating inventory results.
- Optional
Fields []BucketInventory Configuration Optional Fields Item - Contains the optional fields that are included in the inventory results.
- Prefix string
- Specifies the inventory filter prefix.
- destination
Bucket
Destination - Contains information about where to publish the inventory results.
- enabled Boolean
- Specifies whether the inventory is enabled or disabled. If set to
True
, an inventory list is generated. If set toFalse
, no inventory list is generated. - id String
- The ID used to identify the inventory configuration.
- included
Object BucketVersions Inventory Configuration Included Object Versions - Object versions to include in the inventory list. If set to
All
, the list includes all the object versions, which adds the version-related fieldsVersionId
,IsLatest
, andDeleteMarker
to the list. If set toCurrent
, the list does not contain these version-related fields. - schedule
Frequency BucketInventory Configuration Schedule Frequency - Specifies the schedule for generating inventory results.
- optional
Fields List<BucketInventory Configuration Optional Fields Item> - Contains the optional fields that are included in the inventory results.
- prefix String
- Specifies the inventory filter prefix.
- destination
Bucket
Destination - Contains information about where to publish the inventory results.
- enabled boolean
- Specifies whether the inventory is enabled or disabled. If set to
True
, an inventory list is generated. If set toFalse
, no inventory list is generated. - id string
- The ID used to identify the inventory configuration.
- included
Object BucketVersions Inventory Configuration Included Object Versions - Object versions to include in the inventory list. If set to
All
, the list includes all the object versions, which adds the version-related fieldsVersionId
,IsLatest
, andDeleteMarker
to the list. If set toCurrent
, the list does not contain these version-related fields. - schedule
Frequency BucketInventory Configuration Schedule Frequency - Specifies the schedule for generating inventory results.
- optional
Fields BucketInventory Configuration Optional Fields Item[] - Contains the optional fields that are included in the inventory results.
- prefix string
- Specifies the inventory filter prefix.
- destination
Bucket
Destination - Contains information about where to publish the inventory results.
- enabled bool
- Specifies whether the inventory is enabled or disabled. If set to
True
, an inventory list is generated. If set toFalse
, no inventory list is generated. - id str
- The ID used to identify the inventory configuration.
- included_
object_ Bucketversions Inventory Configuration Included Object Versions - Object versions to include in the inventory list. If set to
All
, the list includes all the object versions, which adds the version-related fieldsVersionId
,IsLatest
, andDeleteMarker
to the list. If set toCurrent
, the list does not contain these version-related fields. - schedule_
frequency BucketInventory Configuration Schedule Frequency - Specifies the schedule for generating inventory results.
- optional_
fields Sequence[BucketInventory Configuration Optional Fields Item] - Contains the optional fields that are included in the inventory results.
- prefix str
- Specifies the inventory filter prefix.
- destination Property Map
- Contains information about where to publish the inventory results.
- enabled Boolean
- Specifies whether the inventory is enabled or disabled. If set to
True
, an inventory list is generated. If set toFalse
, no inventory list is generated. - id String
- The ID used to identify the inventory configuration.
- included
Object "All" | "Current"Versions - Object versions to include in the inventory list. If set to
All
, the list includes all the object versions, which adds the version-related fieldsVersionId
,IsLatest
, andDeleteMarker
to the list. If set toCurrent
, the list does not contain these version-related fields. - schedule
Frequency "Daily" | "Weekly" - Specifies the schedule for generating inventory results.
- optional
Fields List<"Size" | "LastModified Date" | "Storage Class" | "ETag" | "Is Multipart Uploaded" | "Replication Status" | "Encryption Status" | "Object Lock Retain Until Date" | "Object Lock Mode" | "Object Lock Legal Hold Status" | "Intelligent Tiering Access Tier" | "Bucket Key Status" | "Checksum Algorithm" | "Object Access Control List" | "Object Owner"> - Contains the optional fields that are included in the inventory results.
- prefix String
- Specifies the inventory filter prefix.
BucketInventoryConfigurationIncludedObjectVersions, BucketInventoryConfigurationIncludedObjectVersionsArgs
- All
- All
- Current
- Current
- Bucket
Inventory Configuration Included Object Versions All - All
- Bucket
Inventory Configuration Included Object Versions Current - Current
- All
- All
- Current
- Current
- All
- All
- Current
- Current
- ALL
- All
- CURRENT
- Current
- "All"
- All
- "Current"
- Current
BucketInventoryConfigurationOptionalFieldsItem, BucketInventoryConfigurationOptionalFieldsItemArgs
- Size
- Size
- Last
Modified Date - LastModifiedDate
- Storage
Class - StorageClass
- ETag
- ETag
- Is
Multipart Uploaded - IsMultipartUploaded
- Replication
Status - ReplicationStatus
- Encryption
Status - EncryptionStatus
- Object
Lock Retain Until Date - ObjectLockRetainUntilDate
- Object
Lock Mode - ObjectLockMode
- Object
Lock Legal Hold Status - ObjectLockLegalHoldStatus
- Intelligent
Tiering Access Tier - IntelligentTieringAccessTier
- Bucket
Key Status - BucketKeyStatus
- Checksum
Algorithm - ChecksumAlgorithm
- Object
Access Control List - ObjectAccessControlList
- Object
Owner - ObjectOwner
- Bucket
Inventory Configuration Optional Fields Item Size - Size
- Bucket
Inventory Configuration Optional Fields Item Last Modified Date - LastModifiedDate
- Bucket
Inventory Configuration Optional Fields Item Storage Class - StorageClass
- Bucket
Inventory Configuration Optional Fields Item ETag - ETag
- Bucket
Inventory Configuration Optional Fields Item Is Multipart Uploaded - IsMultipartUploaded
- Bucket
Inventory Configuration Optional Fields Item Replication Status - ReplicationStatus
- Bucket
Inventory Configuration Optional Fields Item Encryption Status - EncryptionStatus
- Bucket
Inventory Configuration Optional Fields Item Object Lock Retain Until Date - ObjectLockRetainUntilDate
- Bucket
Inventory Configuration Optional Fields Item Object Lock Mode - ObjectLockMode
- Bucket
Inventory Configuration Optional Fields Item Object Lock Legal Hold Status - ObjectLockLegalHoldStatus
- Bucket
Inventory Configuration Optional Fields Item Intelligent Tiering Access Tier - IntelligentTieringAccessTier
- Bucket
Inventory Configuration Optional Fields Item Bucket Key Status - BucketKeyStatus
- Bucket
Inventory Configuration Optional Fields Item Checksum Algorithm - ChecksumAlgorithm
- Bucket
Inventory Configuration Optional Fields Item Object Access Control List - ObjectAccessControlList
- Bucket
Inventory Configuration Optional Fields Item Object Owner - ObjectOwner
- Size
- Size
- Last
Modified Date - LastModifiedDate
- Storage
Class - StorageClass
- ETag
- ETag
- Is
Multipart Uploaded - IsMultipartUploaded
- Replication
Status - ReplicationStatus
- Encryption
Status - EncryptionStatus
- Object
Lock Retain Until Date - ObjectLockRetainUntilDate
- Object
Lock Mode - ObjectLockMode
- Object
Lock Legal Hold Status - ObjectLockLegalHoldStatus
- Intelligent
Tiering Access Tier - IntelligentTieringAccessTier
- Bucket
Key Status - BucketKeyStatus
- Checksum
Algorithm - ChecksumAlgorithm
- Object
Access Control List - ObjectAccessControlList
- Object
Owner - ObjectOwner
- Size
- Size
- Last
Modified Date - LastModifiedDate
- Storage
Class - StorageClass
- ETag
- ETag
- Is
Multipart Uploaded - IsMultipartUploaded
- Replication
Status - ReplicationStatus
- Encryption
Status - EncryptionStatus
- Object
Lock Retain Until Date - ObjectLockRetainUntilDate
- Object
Lock Mode - ObjectLockMode
- Object
Lock Legal Hold Status - ObjectLockLegalHoldStatus
- Intelligent
Tiering Access Tier - IntelligentTieringAccessTier
- Bucket
Key Status - BucketKeyStatus
- Checksum
Algorithm - ChecksumAlgorithm
- Object
Access Control List - ObjectAccessControlList
- Object
Owner - ObjectOwner
- SIZE
- Size
- LAST_MODIFIED_DATE
- LastModifiedDate
- STORAGE_CLASS
- StorageClass
- E_TAG
- ETag
- IS_MULTIPART_UPLOADED
- IsMultipartUploaded
- REPLICATION_STATUS
- ReplicationStatus
- ENCRYPTION_STATUS
- EncryptionStatus
- OBJECT_LOCK_RETAIN_UNTIL_DATE
- ObjectLockRetainUntilDate
- OBJECT_LOCK_MODE
- ObjectLockMode
- OBJECT_LOCK_LEGAL_HOLD_STATUS
- ObjectLockLegalHoldStatus
- INTELLIGENT_TIERING_ACCESS_TIER
- IntelligentTieringAccessTier
- BUCKET_KEY_STATUS
- BucketKeyStatus
- CHECKSUM_ALGORITHM
- ChecksumAlgorithm
- OBJECT_ACCESS_CONTROL_LIST
- ObjectAccessControlList
- OBJECT_OWNER
- ObjectOwner
- "Size"
- Size
- "Last
Modified Date" - LastModifiedDate
- "Storage
Class" - StorageClass
- "ETag"
- ETag
- "Is
Multipart Uploaded" - IsMultipartUploaded
- "Replication
Status" - ReplicationStatus
- "Encryption
Status" - EncryptionStatus
- "Object
Lock Retain Until Date" - ObjectLockRetainUntilDate
- "Object
Lock Mode" - ObjectLockMode
- "Object
Lock Legal Hold Status" - ObjectLockLegalHoldStatus
- "Intelligent
Tiering Access Tier" - IntelligentTieringAccessTier
- "Bucket
Key Status" - BucketKeyStatus
- "Checksum
Algorithm" - ChecksumAlgorithm
- "Object
Access Control List" - ObjectAccessControlList
- "Object
Owner" - ObjectOwner
BucketInventoryConfigurationScheduleFrequency, BucketInventoryConfigurationScheduleFrequencyArgs
- Daily
- Daily
- Weekly
- Weekly
- Bucket
Inventory Configuration Schedule Frequency Daily - Daily
- Bucket
Inventory Configuration Schedule Frequency Weekly - Weekly
- Daily
- Daily
- Weekly
- Weekly
- Daily
- Daily
- Weekly
- Weekly
- DAILY
- Daily
- WEEKLY
- Weekly
- "Daily"
- Daily
- "Weekly"
- Weekly
BucketLambdaConfiguration, BucketLambdaConfigurationArgs
- Event string
- The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
- Function string
- The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
- Filter
Pulumi.
Aws Native. S3. Inputs. Bucket Notification Filter - The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a
.jpg
extension invoke the function when they are added to the Amazon S3 bucket.
- Event string
- The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
- Function string
- The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
- Filter
Bucket
Notification Filter - The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a
.jpg
extension invoke the function when they are added to the Amazon S3 bucket.
- event String
- The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
- function String
- The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
- filter
Bucket
Notification Filter - The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a
.jpg
extension invoke the function when they are added to the Amazon S3 bucket.
- event string
- The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
- function string
- The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
- filter
Bucket
Notification Filter - The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a
.jpg
extension invoke the function when they are added to the Amazon S3 bucket.
- event str
- The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
- function str
- The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
- filter
Bucket
Notification Filter - The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a
.jpg
extension invoke the function when they are added to the Amazon S3 bucket.
- event String
- The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
- function String
- The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
- filter Property Map
- The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a
.jpg
extension invoke the function when they are added to the Amazon S3 bucket.
BucketLifecycleConfiguration, BucketLifecycleConfigurationArgs
- Rules
List<Pulumi.
Aws Native. S3. Inputs. Bucket Rule> - A lifecycle rule for individual objects in an Amazon S3 bucket.
- Transition
Default Pulumi.Minimum Object Size Aws Native. S3. Bucket Lifecycle Configuration Transition Default Minimum Object Size
- Rules
[]Bucket
Rule - A lifecycle rule for individual objects in an Amazon S3 bucket.
- Transition
Default BucketMinimum Object Size Lifecycle Configuration Transition Default Minimum Object Size
- rules
List<Bucket
Rule> - A lifecycle rule for individual objects in an Amazon S3 bucket.
- transition
Default BucketMinimum Object Size Lifecycle Configuration Transition Default Minimum Object Size
- rules
Bucket
Rule[] - A lifecycle rule for individual objects in an Amazon S3 bucket.
- transition
Default BucketMinimum Object Size Lifecycle Configuration Transition Default Minimum Object Size
- rules
Sequence[Bucket
Rule] - A lifecycle rule for individual objects in an Amazon S3 bucket.
- transition_
default_ Bucketminimum_ object_ size Lifecycle Configuration Transition Default Minimum Object Size
- rules List<Property Map>
- A lifecycle rule for individual objects in an Amazon S3 bucket.
- transition
Default "varies_Minimum Object Size by_ storage_ class" | "all_ storage_ classes_128K"
BucketLifecycleConfigurationTransitionDefaultMinimumObjectSize, BucketLifecycleConfigurationTransitionDefaultMinimumObjectSizeArgs
- Varies
By Storage Class - varies_by_storage_class
- All
Storage Classes128k - all_storage_classes_128K
- Bucket
Lifecycle Configuration Transition Default Minimum Object Size Varies By Storage Class - varies_by_storage_class
- Bucket
Lifecycle Configuration Transition Default Minimum Object Size All Storage Classes128k - all_storage_classes_128K
- Varies
By Storage Class - varies_by_storage_class
- All
Storage Classes128k - all_storage_classes_128K
- Varies
By Storage Class - varies_by_storage_class
- All
Storage Classes128k - all_storage_classes_128K
- VARIES_BY_STORAGE_CLASS
- varies_by_storage_class
- ALL_STORAGE_CLASSES128K
- all_storage_classes_128K
- "varies_
by_ storage_ class" - varies_by_storage_class
- "all_
storage_ classes_128K" - all_storage_classes_128K
BucketLoggingConfiguration, BucketLoggingConfigurationArgs
- Destination
Bucket stringName - The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the
LoggingConfiguration
property is defined. - Log
File stringPrefix - A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
- Target
Object Pulumi.Key Format Aws Native. S3. Inputs. Bucket Target Object Key Format - Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
- Destination
Bucket stringName - The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the
LoggingConfiguration
property is defined. - Log
File stringPrefix - A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
- Target
Object BucketKey Format Target Object Key Format - Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
- destination
Bucket StringName - The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the
LoggingConfiguration
property is defined. - log
File StringPrefix - A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
- target
Object BucketKey Format Target Object Key Format - Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
- destination
Bucket stringName - The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the
LoggingConfiguration
property is defined. - log
File stringPrefix - A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
- target
Object BucketKey Format Target Object Key Format - Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
- destination_
bucket_ strname - The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the
LoggingConfiguration
property is defined. - log_
file_ strprefix - A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
- target_
object_ Bucketkey_ format Target Object Key Format - Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
- destination
Bucket StringName - The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the
LoggingConfiguration
property is defined. - log
File StringPrefix - A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
- target
Object Property MapKey Format - Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
BucketMetrics, BucketMetricsArgs
- Status
Pulumi.
Aws Native. S3. Bucket Metrics Status - Specifies whether the replication metrics are enabled.
- Event
Threshold Pulumi.Aws Native. S3. Inputs. Bucket Replication Time Value - A container specifying the time threshold for emitting the
s3:Replication:OperationMissedThreshold
event.
- Status
Bucket
Metrics Status - Specifies whether the replication metrics are enabled.
- Event
Threshold BucketReplication Time Value - A container specifying the time threshold for emitting the
s3:Replication:OperationMissedThreshold
event.
- status
Bucket
Metrics Status - Specifies whether the replication metrics are enabled.
- event
Threshold BucketReplication Time Value - A container specifying the time threshold for emitting the
s3:Replication:OperationMissedThreshold
event.
- status
Bucket
Metrics Status - Specifies whether the replication metrics are enabled.
- event
Threshold BucketReplication Time Value - A container specifying the time threshold for emitting the
s3:Replication:OperationMissedThreshold
event.
- status
Bucket
Metrics Status - Specifies whether the replication metrics are enabled.
- event_
threshold BucketReplication Time Value - A container specifying the time threshold for emitting the
s3:Replication:OperationMissedThreshold
event.
- status "Disabled" | "Enabled"
- Specifies whether the replication metrics are enabled.
- event
Threshold Property Map - A container specifying the time threshold for emitting the
s3:Replication:OperationMissedThreshold
event.
BucketMetricsConfiguration, BucketMetricsConfigurationArgs
- Id string
- The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
- Access
Point stringArn - The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
- Prefix string
- The prefix that an object must have to be included in the metrics results.
- Tag
Filters List<Pulumi.Aws Native. S3. Inputs. Bucket Tag Filter> - Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
- Id string
- The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
- Access
Point stringArn - The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
- Prefix string
- The prefix that an object must have to be included in the metrics results.
- Tag
Filters []BucketTag Filter - Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
- id String
- The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
- access
Point StringArn - The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
- prefix String
- The prefix that an object must have to be included in the metrics results.
- tag
Filters List<BucketTag Filter> - Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
- id string
- The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
- access
Point stringArn - The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
- prefix string
- The prefix that an object must have to be included in the metrics results.
- tag
Filters BucketTag Filter[] - Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
- id str
- The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
- access_
point_ strarn - The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
- prefix str
- The prefix that an object must have to be included in the metrics results.
- tag_
filters Sequence[BucketTag Filter] - Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
- id String
- The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
- access
Point StringArn - The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
- prefix String
- The prefix that an object must have to be included in the metrics results.
- tag
Filters List<Property Map> - Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
BucketMetricsStatus, BucketMetricsStatusArgs
- Disabled
- Disabled
- Enabled
- Enabled
- Bucket
Metrics Status Disabled - Disabled
- Bucket
Metrics Status Enabled - Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- DISABLED
- Disabled
- ENABLED
- Enabled
- "Disabled"
- Disabled
- "Enabled"
- Enabled
BucketNoncurrentVersionExpiration, BucketNoncurrentVersionExpirationArgs
- Noncurrent
Days int - Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
- Newer
Noncurrent intVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- Noncurrent
Days int - Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
- Newer
Noncurrent intVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- noncurrent
Days Integer - Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
- newer
Noncurrent IntegerVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- noncurrent
Days number - Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
- newer
Noncurrent numberVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- noncurrent_
days int - Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
- newer_
noncurrent_ intversions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- noncurrent
Days Number - Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
- newer
Noncurrent NumberVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
BucketNoncurrentVersionTransition, BucketNoncurrentVersionTransitionArgs
- Storage
Class Pulumi.Aws Native. S3. Bucket Noncurrent Version Transition Storage Class - The class of storage used to store the object.
- Transition
In intDays - Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
- Newer
Noncurrent intVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- Storage
Class BucketNoncurrent Version Transition Storage Class - The class of storage used to store the object.
- Transition
In intDays - Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
- Newer
Noncurrent intVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- storage
Class BucketNoncurrent Version Transition Storage Class - The class of storage used to store the object.
- transition
In IntegerDays - Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
- newer
Noncurrent IntegerVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- storage
Class BucketNoncurrent Version Transition Storage Class - The class of storage used to store the object.
- transition
In numberDays - Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
- newer
Noncurrent numberVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- storage_
class BucketNoncurrent Version Transition Storage Class - The class of storage used to store the object.
- transition_
in_ intdays - Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
- newer_
noncurrent_ intversions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
- storage
Class "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA" - The class of storage used to store the object.
- transition
In NumberDays - Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
- newer
Noncurrent NumberVersions - Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
BucketNoncurrentVersionTransitionStorageClass, BucketNoncurrentVersionTransitionStorageClassArgs
- Deep
Archive - DEEP_ARCHIVE
- Glacier
- GLACIER
- Glacier
Ir - GLACIER_IR
- Intelligent
Tiering - INTELLIGENT_TIERING
- Onezone
Ia - ONEZONE_IA
- Standard
Ia - STANDARD_IA
- Bucket
Noncurrent Version Transition Storage Class Deep Archive - DEEP_ARCHIVE
- Bucket
Noncurrent Version Transition Storage Class Glacier - GLACIER
- Bucket
Noncurrent Version Transition Storage Class Glacier Ir - GLACIER_IR
- Bucket
Noncurrent Version Transition Storage Class Intelligent Tiering - INTELLIGENT_TIERING
- Bucket
Noncurrent Version Transition Storage Class Onezone Ia - ONEZONE_IA
- Bucket
Noncurrent Version Transition Storage Class Standard Ia - STANDARD_IA
- Deep
Archive - DEEP_ARCHIVE
- Glacier
- GLACIER
- Glacier
Ir - GLACIER_IR
- Intelligent
Tiering - INTELLIGENT_TIERING
- Onezone
Ia - ONEZONE_IA
- Standard
Ia - STANDARD_IA
- Deep
Archive - DEEP_ARCHIVE
- Glacier
- GLACIER
- Glacier
Ir - GLACIER_IR
- Intelligent
Tiering - INTELLIGENT_TIERING
- Onezone
Ia - ONEZONE_IA
- Standard
Ia - STANDARD_IA
- DEEP_ARCHIVE
- DEEP_ARCHIVE
- GLACIER
- GLACIER
- GLACIER_IR
- GLACIER_IR
- INTELLIGENT_TIERING
- INTELLIGENT_TIERING
- ONEZONE_IA
- ONEZONE_IA
- STANDARD_IA
- STANDARD_IA
- "DEEP_ARCHIVE"
- DEEP_ARCHIVE
- "GLACIER"
- GLACIER
- "GLACIER_IR"
- GLACIER_IR
- "INTELLIGENT_TIERING"
- INTELLIGENT_TIERING
- "ONEZONE_IA"
- ONEZONE_IA
- "STANDARD_IA"
- STANDARD_IA
BucketNotificationConfiguration, BucketNotificationConfigurationArgs
- Event
Bridge Pulumi.Configuration Aws Native. S3. Inputs. Bucket Event Bridge Configuration - Enables delivery of events to Amazon EventBridge.
- Lambda
Configurations List<Pulumi.Aws Native. S3. Inputs. Bucket Lambda Configuration> - Describes the LAMlong functions to invoke and the events for which to invoke them.
- Queue
Configurations List<Pulumi.Aws Native. S3. Inputs. Bucket Queue Configuration> - The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
- Topic
Configurations List<Pulumi.Aws Native. S3. Inputs. Bucket Topic Configuration> - The topic to which notifications are sent and the events for which notifications are generated.
- Event
Bridge BucketConfiguration Event Bridge Configuration - Enables delivery of events to Amazon EventBridge.
- Lambda
Configurations []BucketLambda Configuration - Describes the LAMlong functions to invoke and the events for which to invoke them.
- Queue
Configurations []BucketQueue Configuration - The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
- Topic
Configurations []BucketTopic Configuration - The topic to which notifications are sent and the events for which notifications are generated.
- event
Bridge BucketConfiguration Event Bridge Configuration - Enables delivery of events to Amazon EventBridge.
- lambda
Configurations List<BucketLambda Configuration> - Describes the LAMlong functions to invoke and the events for which to invoke them.
- queue
Configurations List<BucketQueue Configuration> - The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
- topic
Configurations List<BucketTopic Configuration> - The topic to which notifications are sent and the events for which notifications are generated.
- event
Bridge BucketConfiguration Event Bridge Configuration - Enables delivery of events to Amazon EventBridge.
- lambda
Configurations BucketLambda Configuration[] - Describes the LAMlong functions to invoke and the events for which to invoke them.
- queue
Configurations BucketQueue Configuration[] - The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
- topic
Configurations BucketTopic Configuration[] - The topic to which notifications are sent and the events for which notifications are generated.
- event_
bridge_ Bucketconfiguration Event Bridge Configuration - Enables delivery of events to Amazon EventBridge.
- lambda_
configurations Sequence[BucketLambda Configuration] - Describes the LAMlong functions to invoke and the events for which to invoke them.
- queue_
configurations Sequence[BucketQueue Configuration] - The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
- topic_
configurations Sequence[BucketTopic Configuration] - The topic to which notifications are sent and the events for which notifications are generated.
- event
Bridge Property MapConfiguration - Enables delivery of events to Amazon EventBridge.
- lambda
Configurations List<Property Map> - Describes the LAMlong functions to invoke and the events for which to invoke them.
- queue
Configurations List<Property Map> - The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
- topic
Configurations List<Property Map> - The topic to which notifications are sent and the events for which notifications are generated.
BucketNotificationFilter, BucketNotificationFilterArgs
- S3Key
Pulumi.
Aws Native. S3. Inputs. Bucket S3Key Filter - A container for object key name prefix and suffix filtering rules.
- S3Key
Bucket
S3Key Filter - A container for object key name prefix and suffix filtering rules.
- s3Key
Bucket
S3Key Filter - A container for object key name prefix and suffix filtering rules.
- s3Key
Bucket
S3Key Filter - A container for object key name prefix and suffix filtering rules.
- s3_
key BucketS3Key Filter - A container for object key name prefix and suffix filtering rules.
- s3Key Property Map
- A container for object key name prefix and suffix filtering rules.
BucketObjectLockConfiguration, BucketObjectLockConfigurationArgs
- Object
Lock stringEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - Rule
Pulumi.
Aws Native. S3. Inputs. Bucket Object Lock Rule - Specifies the Object Lock rule for the specified object. Enable this rule when you apply
ObjectLockConfiguration
to a bucket. If Object Lock is turned on, bucket settings require bothMode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information, see ObjectLockRule and DefaultRetention.
- Object
Lock stringEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - Rule
Bucket
Object Lock Rule - Specifies the Object Lock rule for the specified object. Enable this rule when you apply
ObjectLockConfiguration
to a bucket. If Object Lock is turned on, bucket settings require bothMode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information, see ObjectLockRule and DefaultRetention.
- object
Lock StringEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - rule
Bucket
Object Lock Rule - Specifies the Object Lock rule for the specified object. Enable this rule when you apply
ObjectLockConfiguration
to a bucket. If Object Lock is turned on, bucket settings require bothMode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information, see ObjectLockRule and DefaultRetention.
- object
Lock stringEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - rule
Bucket
Object Lock Rule - Specifies the Object Lock rule for the specified object. Enable this rule when you apply
ObjectLockConfiguration
to a bucket. If Object Lock is turned on, bucket settings require bothMode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information, see ObjectLockRule and DefaultRetention.
- object_
lock_ strenabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - rule
Bucket
Object Lock Rule - Specifies the Object Lock rule for the specified object. Enable this rule when you apply
ObjectLockConfiguration
to a bucket. If Object Lock is turned on, bucket settings require bothMode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information, see ObjectLockRule and DefaultRetention.
- object
Lock StringEnabled - Indicates whether this bucket has an Object Lock configuration enabled. Enable
ObjectLockEnabled
when you applyObjectLockConfiguration
to a bucket. - rule Property Map
- Specifies the Object Lock rule for the specified object. Enable this rule when you apply
ObjectLockConfiguration
to a bucket. If Object Lock is turned on, bucket settings require bothMode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information, see ObjectLockRule and DefaultRetention.
BucketObjectLockRule, BucketObjectLockRuleArgs
- Default
Retention Pulumi.Aws Native. S3. Inputs. Bucket Default Retention - The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both
Mode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information about allowable values for mode and period, see DefaultRetention.
- Default
Retention BucketDefault Retention - The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both
Mode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information about allowable values for mode and period, see DefaultRetention.
- default
Retention BucketDefault Retention - The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both
Mode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information about allowable values for mode and period, see DefaultRetention.
- default
Retention BucketDefault Retention - The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both
Mode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information about allowable values for mode and period, see DefaultRetention.
- default_
retention BucketDefault Retention - The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both
Mode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information about allowable values for mode and period, see DefaultRetention.
- default
Retention Property Map - The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both
Mode
and a period of eitherDays
orYears
. You cannot specifyDays
andYears
at the same time. For more information about allowable values for mode and period, see DefaultRetention.
BucketOwnershipControls, BucketOwnershipControlsArgs
- Rules
List<Pulumi.
Aws Native. S3. Inputs. Bucket Ownership Controls Rule> - Specifies the container element for Object Ownership rules.
- Rules
[]Bucket
Ownership Controls Rule - Specifies the container element for Object Ownership rules.
- rules
List<Bucket
Ownership Controls Rule> - Specifies the container element for Object Ownership rules.
- rules
Bucket
Ownership Controls Rule[] - Specifies the container element for Object Ownership rules.
- rules
Sequence[Bucket
Ownership Controls Rule] - Specifies the container element for Object Ownership rules.
- rules List<Property Map>
- Specifies the container element for Object Ownership rules.
BucketOwnershipControlsRule, BucketOwnershipControlsRuleArgs
- Object
Ownership Pulumi.Aws Native. S3. Bucket Ownership Controls Rule Object Ownership - Specifies an object ownership rule.
- Object
Ownership BucketOwnership Controls Rule Object Ownership - Specifies an object ownership rule.
- object
Ownership BucketOwnership Controls Rule Object Ownership - Specifies an object ownership rule.
- object
Ownership BucketOwnership Controls Rule Object Ownership - Specifies an object ownership rule.
- object_
ownership BucketOwnership Controls Rule Object Ownership - Specifies an object ownership rule.
- object
Ownership "ObjectWriter" | "Bucket Owner Preferred" | "Bucket Owner Enforced" - Specifies an object ownership rule.
BucketOwnershipControlsRuleObjectOwnership, BucketOwnershipControlsRuleObjectOwnershipArgs
- Object
Writer - ObjectWriter
- Bucket
Owner Preferred - BucketOwnerPreferred
- Bucket
Owner Enforced - BucketOwnerEnforced
- Bucket
Ownership Controls Rule Object Ownership Object Writer - ObjectWriter
- Bucket
Ownership Controls Rule Object Ownership Bucket Owner Preferred - BucketOwnerPreferred
- Bucket
Ownership Controls Rule Object Ownership Bucket Owner Enforced - BucketOwnerEnforced
- Object
Writer - ObjectWriter
- Bucket
Owner Preferred - BucketOwnerPreferred
- Bucket
Owner Enforced - BucketOwnerEnforced
- Object
Writer - ObjectWriter
- Bucket
Owner Preferred - BucketOwnerPreferred
- Bucket
Owner Enforced - BucketOwnerEnforced
- OBJECT_WRITER
- ObjectWriter
- BUCKET_OWNER_PREFERRED
- BucketOwnerPreferred
- BUCKET_OWNER_ENFORCED
- BucketOwnerEnforced
- "Object
Writer" - ObjectWriter
- "Bucket
Owner Preferred" - BucketOwnerPreferred
- "Bucket
Owner Enforced" - BucketOwnerEnforced
BucketPublicAccessBlockConfiguration, BucketPublicAccessBlockConfigurationArgs
- Block
Public boolAcls Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to
TRUE
causes the following behavior:- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
- PUT Object calls fail if the request includes a public ACL.
- PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
- Block
Public boolPolicy - Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to
TRUE
causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. - Ignore
Public boolAcls - Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to
TRUE
causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. - Restrict
Public boolBuckets - Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to
TRUE
restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
- Block
Public boolAcls Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to
TRUE
causes the following behavior:- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
- PUT Object calls fail if the request includes a public ACL.
- PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
- Block
Public boolPolicy - Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to
TRUE
causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. - Ignore
Public boolAcls - Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to
TRUE
causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. - Restrict
Public boolBuckets - Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to
TRUE
restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
- block
Public BooleanAcls Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to
TRUE
causes the following behavior:- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
- PUT Object calls fail if the request includes a public ACL.
- PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
- block
Public BooleanPolicy - Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to
TRUE
causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. - ignore
Public BooleanAcls - Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to
TRUE
causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. - restrict
Public BooleanBuckets - Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to
TRUE
restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
- block
Public booleanAcls Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to
TRUE
causes the following behavior:- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
- PUT Object calls fail if the request includes a public ACL.
- PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
- block
Public booleanPolicy - Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to
TRUE
causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. - ignore
Public booleanAcls - Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to
TRUE
causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. - restrict
Public booleanBuckets - Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to
TRUE
restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
- block_
public_ boolacls Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to
TRUE
causes the following behavior:- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
- PUT Object calls fail if the request includes a public ACL.
- PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
- block_
public_ boolpolicy - Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to
TRUE
causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. - ignore_
public_ boolacls - Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to
TRUE
causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. - restrict_
public_ boolbuckets - Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to
TRUE
restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
- block
Public BooleanAcls Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to
TRUE
causes the following behavior:- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
- PUT Object calls fail if the request includes a public ACL.
- PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
- block
Public BooleanPolicy - Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to
TRUE
causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. - ignore
Public BooleanAcls - Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to
TRUE
causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. - restrict
Public BooleanBuckets - Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to
TRUE
restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
BucketQueueConfiguration, BucketQueueConfigurationArgs
- Event string
- The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
- Queue string
- The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
- Filter
Pulumi.
Aws Native. S3. Inputs. Bucket Notification Filter - The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a
.jpg
extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
- Event string
- The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
- Queue string
- The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
- Filter
Bucket
Notification Filter - The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a
.jpg
extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
- event String
- The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
- queue String
- The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
- filter
Bucket
Notification Filter - The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a
.jpg
extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
- event string
- The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
- queue string
- The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
- filter
Bucket
Notification Filter - The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a
.jpg
extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
- event str
- The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
- queue str
- The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
- filter
Bucket
Notification Filter - The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a
.jpg
extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
- event String
- The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
- queue String
- The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
- filter Property Map
- The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a
.jpg
extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
BucketRedirectAllRequestsTo, BucketRedirectAllRequestsToArgs
- Host
Name string - Name of the host where requests are redirected.
- Protocol
Pulumi.
Aws Native. S3. Bucket Redirect All Requests To Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- Host
Name string - Name of the host where requests are redirected.
- Protocol
Bucket
Redirect All Requests To Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- host
Name String - Name of the host where requests are redirected.
- protocol
Bucket
Redirect All Requests To Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- host
Name string - Name of the host where requests are redirected.
- protocol
Bucket
Redirect All Requests To Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- host_
name str - Name of the host where requests are redirected.
- protocol
Bucket
Redirect All Requests To Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- host
Name String - Name of the host where requests are redirected.
- protocol "http" | "https"
- Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
BucketRedirectAllRequestsToProtocol, BucketRedirectAllRequestsToProtocolArgs
- Http
- http
- Https
- https
- Bucket
Redirect All Requests To Protocol Http - http
- Bucket
Redirect All Requests To Protocol Https - https
- Http
- http
- Https
- https
- Http
- http
- Https
- https
- HTTP
- http
- HTTPS
- https
- "http"
- http
- "https"
- https
BucketRedirectRule, BucketRedirectRuleArgs
- Host
Name string - The host name to use in the redirect request.
- Http
Redirect stringCode - The HTTP redirect code to use on the response. Not required if one of the siblings is present.
- Protocol
Pulumi.
Aws Native. S3. Bucket Redirect Rule Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- Replace
Key stringPrefix With - The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix
docs/
(objects in thedocs/
folder) todocuments/
, you can set a condition block withKeyPrefixEquals
set todocs/
and in the Redirect setReplaceKeyPrefixWith
to/documents
. Not required if one of the siblings is present. Can be present only ifReplaceKeyWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - Replace
Key stringWith - The specific object key to use in the redirect request. For example, redirect request to
error.html
. Not required if one of the siblings is present. Can be present only ifReplaceKeyPrefixWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- Host
Name string - The host name to use in the redirect request.
- Http
Redirect stringCode - The HTTP redirect code to use on the response. Not required if one of the siblings is present.
- Protocol
Bucket
Redirect Rule Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- Replace
Key stringPrefix With - The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix
docs/
(objects in thedocs/
folder) todocuments/
, you can set a condition block withKeyPrefixEquals
set todocs/
and in the Redirect setReplaceKeyPrefixWith
to/documents
. Not required if one of the siblings is present. Can be present only ifReplaceKeyWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - Replace
Key stringWith - The specific object key to use in the redirect request. For example, redirect request to
error.html
. Not required if one of the siblings is present. Can be present only ifReplaceKeyPrefixWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- host
Name String - The host name to use in the redirect request.
- http
Redirect StringCode - The HTTP redirect code to use on the response. Not required if one of the siblings is present.
- protocol
Bucket
Redirect Rule Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- replace
Key StringPrefix With - The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix
docs/
(objects in thedocs/
folder) todocuments/
, you can set a condition block withKeyPrefixEquals
set todocs/
and in the Redirect setReplaceKeyPrefixWith
to/documents
. Not required if one of the siblings is present. Can be present only ifReplaceKeyWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - replace
Key StringWith - The specific object key to use in the redirect request. For example, redirect request to
error.html
. Not required if one of the siblings is present. Can be present only ifReplaceKeyPrefixWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- host
Name string - The host name to use in the redirect request.
- http
Redirect stringCode - The HTTP redirect code to use on the response. Not required if one of the siblings is present.
- protocol
Bucket
Redirect Rule Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- replace
Key stringPrefix With - The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix
docs/
(objects in thedocs/
folder) todocuments/
, you can set a condition block withKeyPrefixEquals
set todocs/
and in the Redirect setReplaceKeyPrefixWith
to/documents
. Not required if one of the siblings is present. Can be present only ifReplaceKeyWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - replace
Key stringWith - The specific object key to use in the redirect request. For example, redirect request to
error.html
. Not required if one of the siblings is present. Can be present only ifReplaceKeyPrefixWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- host_
name str - The host name to use in the redirect request.
- http_
redirect_ strcode - The HTTP redirect code to use on the response. Not required if one of the siblings is present.
- protocol
Bucket
Redirect Rule Protocol - Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- replace_
key_ strprefix_ with - The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix
docs/
(objects in thedocs/
folder) todocuments/
, you can set a condition block withKeyPrefixEquals
set todocs/
and in the Redirect setReplaceKeyPrefixWith
to/documents
. Not required if one of the siblings is present. Can be present only ifReplaceKeyWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - replace_
key_ strwith - The specific object key to use in the redirect request. For example, redirect request to
error.html
. Not required if one of the siblings is present. Can be present only ifReplaceKeyPrefixWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- host
Name String - The host name to use in the redirect request.
- http
Redirect StringCode - The HTTP redirect code to use on the response. Not required if one of the siblings is present.
- protocol "http" | "https"
- Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
- replace
Key StringPrefix With - The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix
docs/
(objects in thedocs/
folder) todocuments/
, you can set a condition block withKeyPrefixEquals
set todocs/
and in the Redirect setReplaceKeyPrefixWith
to/documents
. Not required if one of the siblings is present. Can be present only ifReplaceKeyWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - replace
Key StringWith - The specific object key to use in the redirect request. For example, redirect request to
error.html
. Not required if one of the siblings is present. Can be present only ifReplaceKeyPrefixWith
is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
BucketRedirectRuleProtocol, BucketRedirectRuleProtocolArgs
- Http
- http
- Https
- https
- Bucket
Redirect Rule Protocol Http - http
- Bucket
Redirect Rule Protocol Https - https
- Http
- http
- Https
- https
- Http
- http
- Https
- https
- HTTP
- http
- HTTPS
- https
- "http"
- http
- "https"
- https
BucketReplicaModifications, BucketReplicaModificationsArgs
- Status
Pulumi.
Aws Native. S3. Bucket Replica Modifications Status - Specifies whether Amazon S3 replicates modifications on replicas.
Allowed values:
Enabled
|Disabled
- Status
Bucket
Replica Modifications Status - Specifies whether Amazon S3 replicates modifications on replicas.
Allowed values:
Enabled
|Disabled
- status
Bucket
Replica Modifications Status - Specifies whether Amazon S3 replicates modifications on replicas.
Allowed values:
Enabled
|Disabled
- status
Bucket
Replica Modifications Status - Specifies whether Amazon S3 replicates modifications on replicas.
Allowed values:
Enabled
|Disabled
- status
Bucket
Replica Modifications Status - Specifies whether Amazon S3 replicates modifications on replicas.
Allowed values:
Enabled
|Disabled
- status "Enabled" | "Disabled"
- Specifies whether Amazon S3 replicates modifications on replicas.
Allowed values:
Enabled
|Disabled
BucketReplicaModificationsStatus, BucketReplicaModificationsStatusArgs
- Enabled
- Enabled
- Disabled
- Disabled
- Bucket
Replica Modifications Status Enabled - Enabled
- Bucket
Replica Modifications Status Disabled - Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- ENABLED
- Enabled
- DISABLED
- Disabled
- "Enabled"
- Enabled
- "Disabled"
- Disabled
BucketReplicationConfiguration, BucketReplicationConfigurationArgs
- Role string
- The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
- Rules
List<Pulumi.
Aws Native. S3. Inputs. Bucket Replication Rule> - A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
- Role string
- The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
- Rules
[]Bucket
Replication Rule - A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
- role String
- The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
- rules
List<Bucket
Replication Rule> - A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
- role string
- The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
- rules
Bucket
Replication Rule[] - A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
- role str
- The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
- rules
Sequence[Bucket
Replication Rule] - A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
- role String
- The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
- rules List<Property Map>
- A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
BucketReplicationDestination, BucketReplicationDestinationArgs
- Bucket string
- The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
- Access
Control Pulumi.Translation Aws Native. S3. Inputs. Bucket Access Control Translation - Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
- Account string
- Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the
AccessControlTranslation
property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify theAccessControlTranslation
property, theAccount
property is required. - Encryption
Configuration Pulumi.Aws Native. S3. Inputs. Bucket Encryption Configuration - Specifies encryption-related information.
- Metrics
Pulumi.
Aws Native. S3. Inputs. Bucket Metrics - A container specifying replication metrics-related settings enabling replication metrics and events.
- Replication
Time Pulumi.Aws Native. S3. Inputs. Bucket Replication Time - A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a
Metrics
block. - Storage
Class Pulumi.Aws Native. S3. Bucket Replication Destination Storage Class - The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
For valid values, see the
StorageClass
element of the PUT Bucket replication action in the Amazon S3 API Reference.
- Bucket string
- The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
- Access
Control BucketTranslation Access Control Translation - Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
- Account string
- Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the
AccessControlTranslation
property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify theAccessControlTranslation
property, theAccount
property is required. - Encryption
Configuration BucketEncryption Configuration - Specifies encryption-related information.
- Metrics
Bucket
Metrics - A container specifying replication metrics-related settings enabling replication metrics and events.
- Replication
Time BucketReplication Time - A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a
Metrics
block. - Storage
Class BucketReplication Destination Storage Class - The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
For valid values, see the
StorageClass
element of the PUT Bucket replication action in the Amazon S3 API Reference.
- bucket String
- The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
- access
Control BucketTranslation Access Control Translation - Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
- account String
- Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the
AccessControlTranslation
property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify theAccessControlTranslation
property, theAccount
property is required. - encryption
Configuration BucketEncryption Configuration - Specifies encryption-related information.
- metrics
Bucket
Metrics - A container specifying replication metrics-related settings enabling replication metrics and events.
- replication
Time BucketReplication Time - A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a
Metrics
block. - storage
Class BucketReplication Destination Storage Class - The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
For valid values, see the
StorageClass
element of the PUT Bucket replication action in the Amazon S3 API Reference.
- bucket string
- The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
- access
Control BucketTranslation Access Control Translation - Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
- account string
- Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the
AccessControlTranslation
property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify theAccessControlTranslation
property, theAccount
property is required. - encryption
Configuration BucketEncryption Configuration - Specifies encryption-related information.
- metrics
Bucket
Metrics - A container specifying replication metrics-related settings enabling replication metrics and events.
- replication
Time BucketReplication Time - A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a
Metrics
block. - storage
Class BucketReplication Destination Storage Class - The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
For valid values, see the
StorageClass
element of the PUT Bucket replication action in the Amazon S3 API Reference.
- bucket str
- The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
- access_
control_ Buckettranslation Access Control Translation - Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
- account str
- Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the
AccessControlTranslation
property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify theAccessControlTranslation
property, theAccount
property is required. - encryption_
configuration BucketEncryption Configuration - Specifies encryption-related information.
- metrics
Bucket
Metrics - A container specifying replication metrics-related settings enabling replication metrics and events.
- replication_
time BucketReplication Time - A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a
Metrics
block. - storage_
class BucketReplication Destination Storage Class - The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
For valid values, see the
StorageClass
element of the PUT Bucket replication action in the Amazon S3 API Reference.
- bucket String
- The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
- access
Control Property MapTranslation - Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
- account String
- Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the
AccessControlTranslation
property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify theAccessControlTranslation
property, theAccount
property is required. - encryption
Configuration Property Map - Specifies encryption-related information.
- metrics Property Map
- A container specifying replication metrics-related settings enabling replication metrics and events.
- replication
Time Property Map - A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a
Metrics
block. - storage
Class "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA" - The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
For valid values, see the
StorageClass
element of the PUT Bucket replication action in the Amazon S3 API Reference.
BucketReplicationDestinationStorageClass, BucketReplicationDestinationStorageClassArgs
- Deep
Archive - DEEP_ARCHIVE
- Glacier
- GLACIER
- Glacier
Ir - GLACIER_IR
- Intelligent
Tiering - INTELLIGENT_TIERING
- Onezone
Ia - ONEZONE_IA
- Reduced
Redundancy - REDUCED_REDUNDANCY
- Standard
- STANDARD
- Standard
Ia - STANDARD_IA
- Bucket
Replication Destination Storage Class Deep Archive - DEEP_ARCHIVE
- Bucket
Replication Destination Storage Class Glacier - GLACIER
- Bucket
Replication Destination Storage Class Glacier Ir - GLACIER_IR
- Bucket
Replication Destination Storage Class Intelligent Tiering - INTELLIGENT_TIERING
- Bucket
Replication Destination Storage Class Onezone Ia - ONEZONE_IA
- Bucket
Replication Destination Storage Class Reduced Redundancy - REDUCED_REDUNDANCY
- Bucket
Replication Destination Storage Class Standard - STANDARD
- Bucket
Replication Destination Storage Class Standard Ia - STANDARD_IA
- Deep
Archive - DEEP_ARCHIVE
- Glacier
- GLACIER
- Glacier
Ir - GLACIER_IR
- Intelligent
Tiering - INTELLIGENT_TIERING
- Onezone
Ia - ONEZONE_IA
- Reduced
Redundancy - REDUCED_REDUNDANCY
- Standard
- STANDARD
- Standard
Ia - STANDARD_IA
- Deep
Archive - DEEP_ARCHIVE
- Glacier
- GLACIER
- Glacier
Ir - GLACIER_IR
- Intelligent
Tiering - INTELLIGENT_TIERING
- Onezone
Ia - ONEZONE_IA
- Reduced
Redundancy - REDUCED_REDUNDANCY
- Standard
- STANDARD
- Standard
Ia - STANDARD_IA
- DEEP_ARCHIVE
- DEEP_ARCHIVE
- GLACIER
- GLACIER
- GLACIER_IR
- GLACIER_IR
- INTELLIGENT_TIERING
- INTELLIGENT_TIERING
- ONEZONE_IA
- ONEZONE_IA
- REDUCED_REDUNDANCY
- REDUCED_REDUNDANCY
- STANDARD
- STANDARD
- STANDARD_IA
- STANDARD_IA
- "DEEP_ARCHIVE"
- DEEP_ARCHIVE
- "GLACIER"
- GLACIER
- "GLACIER_IR"
- GLACIER_IR
- "INTELLIGENT_TIERING"
- INTELLIGENT_TIERING
- "ONEZONE_IA"
- ONEZONE_IA
- "REDUCED_REDUNDANCY"
- REDUCED_REDUNDANCY
- "STANDARD"
- STANDARD
- "STANDARD_IA"
- STANDARD_IA
BucketReplicationRule, BucketReplicationRuleArgs
- Destination
Pulumi.
Aws Native. S3. Inputs. Bucket Replication Destination - A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
- Status
Pulumi.
Aws Native. S3. Bucket Replication Rule Status - Specifies whether the rule is enabled.
- Delete
Marker Pulumi.Replication Aws Native. S3. Inputs. Bucket Delete Marker Replication - Specifies whether Amazon S3 replicates delete markers. If you specify a
Filter
in your replication configuration, you must also include aDeleteMarkerReplication
element. If yourFilter
includes aTag
element, theDeleteMarkerReplication
Status
must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility. - Filter
Pulumi.
Aws Native. S3. Inputs. Bucket Replication Rule Filter - A filter that identifies the subset of objects to which the replication rule applies. A
Filter
must specify exactly onePrefix
,TagFilter
, or anAnd
child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add thePrefix
directly as a child element of theRule
element. - Id string
- A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
- Prefix string
- An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the
Prefix
directly as a child element of theRule
element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - Priority int
- The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
- Source
Selection Pulumi.Criteria Aws Native. S3. Inputs. Bucket Source Selection Criteria - A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
- Destination
Bucket
Replication Destination - A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
- Status
Bucket
Replication Rule Status - Specifies whether the rule is enabled.
- Delete
Marker BucketReplication Delete Marker Replication - Specifies whether Amazon S3 replicates delete markers. If you specify a
Filter
in your replication configuration, you must also include aDeleteMarkerReplication
element. If yourFilter
includes aTag
element, theDeleteMarkerReplication
Status
must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility. - Filter
Bucket
Replication Rule Filter - A filter that identifies the subset of objects to which the replication rule applies. A
Filter
must specify exactly onePrefix
,TagFilter
, or anAnd
child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add thePrefix
directly as a child element of theRule
element. - Id string
- A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
- Prefix string
- An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the
Prefix
directly as a child element of theRule
element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - Priority int
- The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
- Source
Selection BucketCriteria Source Selection Criteria - A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
- destination
Bucket
Replication Destination - A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
- status
Bucket
Replication Rule Status - Specifies whether the rule is enabled.
- delete
Marker BucketReplication Delete Marker Replication - Specifies whether Amazon S3 replicates delete markers. If you specify a
Filter
in your replication configuration, you must also include aDeleteMarkerReplication
element. If yourFilter
includes aTag
element, theDeleteMarkerReplication
Status
must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility. - filter
Bucket
Replication Rule Filter - A filter that identifies the subset of objects to which the replication rule applies. A
Filter
must specify exactly onePrefix
,TagFilter
, or anAnd
child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add thePrefix
directly as a child element of theRule
element. - id String
- A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
- prefix String
- An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the
Prefix
directly as a child element of theRule
element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - priority Integer
- The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
- source
Selection BucketCriteria Source Selection Criteria - A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
- destination
Bucket
Replication Destination - A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
- status
Bucket
Replication Rule Status - Specifies whether the rule is enabled.
- delete
Marker BucketReplication Delete Marker Replication - Specifies whether Amazon S3 replicates delete markers. If you specify a
Filter
in your replication configuration, you must also include aDeleteMarkerReplication
element. If yourFilter
includes aTag
element, theDeleteMarkerReplication
Status
must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility. - filter
Bucket
Replication Rule Filter - A filter that identifies the subset of objects to which the replication rule applies. A
Filter
must specify exactly onePrefix
,TagFilter
, or anAnd
child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add thePrefix
directly as a child element of theRule
element. - id string
- A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
- prefix string
- An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the
Prefix
directly as a child element of theRule
element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - priority number
- The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
- source
Selection BucketCriteria Source Selection Criteria - A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
- destination
Bucket
Replication Destination - A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
- status
Bucket
Replication Rule Status - Specifies whether the rule is enabled.
- delete_
marker_ Bucketreplication Delete Marker Replication - Specifies whether Amazon S3 replicates delete markers. If you specify a
Filter
in your replication configuration, you must also include aDeleteMarkerReplication
element. If yourFilter
includes aTag
element, theDeleteMarkerReplication
Status
must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility. - filter
Bucket
Replication Rule Filter - A filter that identifies the subset of objects to which the replication rule applies. A
Filter
must specify exactly onePrefix
,TagFilter
, or anAnd
child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add thePrefix
directly as a child element of theRule
element. - id str
- A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
- prefix str
- An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the
Prefix
directly as a child element of theRule
element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - priority int
- The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
- source_
selection_ Bucketcriteria Source Selection Criteria - A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
- destination Property Map
- A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
- status "Disabled" | "Enabled"
- Specifies whether the rule is enabled.
- delete
Marker Property MapReplication - Specifies whether Amazon S3 replicates delete markers. If you specify a
Filter
in your replication configuration, you must also include aDeleteMarkerReplication
element. If yourFilter
includes aTag
element, theDeleteMarkerReplication
Status
must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility. - filter Property Map
- A filter that identifies the subset of objects to which the replication rule applies. A
Filter
must specify exactly onePrefix
,TagFilter
, or anAnd
child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add thePrefix
directly as a child element of theRule
element. - id String
- A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
- prefix String
- An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the
Prefix
directly as a child element of theRule
element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints. - priority Number
- The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
- source
Selection Property MapCriteria - A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
BucketReplicationRuleAndOperator, BucketReplicationRuleAndOperatorArgs
- Prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies.
- Tag
Filters List<Pulumi.Aws Native. S3. Inputs. Bucket Tag Filter> - An array of tags containing key and value pairs.
- Prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies.
- Tag
Filters []BucketTag Filter - An array of tags containing key and value pairs.
- prefix String
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag
Filters List<BucketTag Filter> - An array of tags containing key and value pairs.
- prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag
Filters BucketTag Filter[] - An array of tags containing key and value pairs.
- prefix str
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag_
filters Sequence[BucketTag Filter] - An array of tags containing key and value pairs.
- prefix String
- An object key name prefix that identifies the subset of objects to which the rule applies.
- tag
Filters List<Property Map> - An array of tags containing key and value pairs.
BucketReplicationRuleFilter, BucketReplicationRuleFilterArgs
- And
Pulumi.
Aws Native. S3. Inputs. Bucket Replication Rule And Operator - A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
- If you specify both a
Prefix
and aTagFilter
, wrap these filters in anAnd
tag. - If you specify a filter based on multiple tags, wrap the
TagFilter
elements in anAnd
tag.
- If you specify both a
- Prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- Tag
Filter Pulumi.Aws Native. S3. Inputs. Bucket Tag Filter - A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
- And
Bucket
Replication Rule And Operator - A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
- If you specify both a
Prefix
and aTagFilter
, wrap these filters in anAnd
tag. - If you specify a filter based on multiple tags, wrap the
TagFilter
elements in anAnd
tag.
- If you specify both a
- Prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- Tag
Filter BucketTag Filter - A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
- and
Bucket
Replication Rule And Operator - A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
- If you specify both a
Prefix
and aTagFilter
, wrap these filters in anAnd
tag. - If you specify a filter based on multiple tags, wrap the
TagFilter
elements in anAnd
tag.
- If you specify both a
- prefix String
- An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- tag
Filter BucketTag Filter - A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
- and
Bucket
Replication Rule And Operator - A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
- If you specify both a
Prefix
and aTagFilter
, wrap these filters in anAnd
tag. - If you specify a filter based on multiple tags, wrap the
TagFilter
elements in anAnd
tag.
- If you specify both a
- prefix string
- An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- tag
Filter BucketTag Filter - A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
- and_
Bucket
Replication Rule And Operator - A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
- If you specify both a
Prefix
and aTagFilter
, wrap these filters in anAnd
tag. - If you specify a filter based on multiple tags, wrap the
TagFilter
elements in anAnd
tag.
- If you specify both a
- prefix str
- An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- tag_
filter BucketTag Filter - A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
- and Property Map
- A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
- If you specify both a
Prefix
and aTagFilter
, wrap these filters in anAnd
tag. - If you specify a filter based on multiple tags, wrap the
TagFilter
elements in anAnd
tag.
- If you specify both a
- prefix String
- An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- tag
Filter Property Map - A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
BucketReplicationRuleStatus, BucketReplicationRuleStatusArgs
- Disabled
- Disabled
- Enabled
- Enabled
- Bucket
Replication Rule Status Disabled - Disabled
- Bucket
Replication Rule Status Enabled - Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- DISABLED
- Disabled
- ENABLED
- Enabled
- "Disabled"
- Disabled
- "Enabled"
- Enabled
BucketReplicationTime, BucketReplicationTimeArgs
- Status
Pulumi.
Aws Native. S3. Bucket Replication Time Status - Specifies whether the replication time is enabled.
- Time
Pulumi.
Aws Native. S3. Inputs. Bucket Replication Time Value - A container specifying the time by which replication should be complete for all objects and operations on objects.
- Status
Bucket
Replication Time Status - Specifies whether the replication time is enabled.
- Time
Bucket
Replication Time Value - A container specifying the time by which replication should be complete for all objects and operations on objects.
- status
Bucket
Replication Time Status - Specifies whether the replication time is enabled.
- time
Bucket
Replication Time Value - A container specifying the time by which replication should be complete for all objects and operations on objects.
- status
Bucket
Replication Time Status - Specifies whether the replication time is enabled.
- time
Bucket
Replication Time Value - A container specifying the time by which replication should be complete for all objects and operations on objects.
- status
Bucket
Replication Time Status - Specifies whether the replication time is enabled.
- time
Bucket
Replication Time Value - A container specifying the time by which replication should be complete for all objects and operations on objects.
- status "Disabled" | "Enabled"
- Specifies whether the replication time is enabled.
- time Property Map
- A container specifying the time by which replication should be complete for all objects and operations on objects.
BucketReplicationTimeStatus, BucketReplicationTimeStatusArgs
- Disabled
- Disabled
- Enabled
- Enabled
- Bucket
Replication Time Status Disabled - Disabled
- Bucket
Replication Time Status Enabled - Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- DISABLED
- Disabled
- ENABLED
- Enabled
- "Disabled"
- Disabled
- "Enabled"
- Enabled
BucketReplicationTimeValue, BucketReplicationTimeValueArgs
- Minutes int
- Contains an integer specifying time in minutes. Valid value: 15
- Minutes int
- Contains an integer specifying time in minutes. Valid value: 15
- minutes Integer
- Contains an integer specifying time in minutes. Valid value: 15
- minutes number
- Contains an integer specifying time in minutes. Valid value: 15
- minutes int
- Contains an integer specifying time in minutes. Valid value: 15
- minutes Number
- Contains an integer specifying time in minutes. Valid value: 15
BucketRoutingRule, BucketRoutingRuleArgs
- Redirect
Rule Pulumi.Aws Native. S3. Inputs. Bucket Redirect Rule - Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
- Routing
Rule Pulumi.Condition Aws Native. S3. Inputs. Bucket Routing Rule Condition - A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the
/docs
folder, redirect to the/documents
folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
- Redirect
Rule BucketRedirect Rule - Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
- Routing
Rule BucketCondition Routing Rule Condition - A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the
/docs
folder, redirect to the/documents
folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
- redirect
Rule BucketRedirect Rule - Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
- routing
Rule BucketCondition Routing Rule Condition - A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the
/docs
folder, redirect to the/documents
folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
- redirect
Rule BucketRedirect Rule - Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
- routing
Rule BucketCondition Routing Rule Condition - A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the
/docs
folder, redirect to the/documents
folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
- redirect_
rule BucketRedirect Rule - Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
- routing_
rule_ Bucketcondition Routing Rule Condition - A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the
/docs
folder, redirect to the/documents
folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
- redirect
Rule Property Map - Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
- routing
Rule Property MapCondition - A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the
/docs
folder, redirect to the/documents
folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
BucketRoutingRuleCondition, BucketRoutingRuleConditionArgs
- Http
Error stringCode Returned Equals - The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
Required when parent element
Condition
is specified and siblingKeyPrefixEquals
is not specified. If both are specified, then both must be true for the redirect to be applied. - Key
Prefix stringEquals - The object key name prefix when the redirect is applied. For example, to redirect requests for
ExamplePage.html
, the key prefix will beExamplePage.html
. To redirect request for all pages with the prefixdocs/
, the key prefix will be/docs
, which identifies all objects in the docs/ folder. Required when the parent elementCondition
is specified and siblingHttpErrorCodeReturnedEquals
is not specified. If both conditions are specified, both must be true for the redirect to be applied.
- Http
Error stringCode Returned Equals - The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
Required when parent element
Condition
is specified and siblingKeyPrefixEquals
is not specified. If both are specified, then both must be true for the redirect to be applied. - Key
Prefix stringEquals - The object key name prefix when the redirect is applied. For example, to redirect requests for
ExamplePage.html
, the key prefix will beExamplePage.html
. To redirect request for all pages with the prefixdocs/
, the key prefix will be/docs
, which identifies all objects in the docs/ folder. Required when the parent elementCondition
is specified and siblingHttpErrorCodeReturnedEquals
is not specified. If both conditions are specified, both must be true for the redirect to be applied.
- http
Error StringCode Returned Equals - The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
Required when parent element
Condition
is specified and siblingKeyPrefixEquals
is not specified. If both are specified, then both must be true for the redirect to be applied. - key
Prefix StringEquals - The object key name prefix when the redirect is applied. For example, to redirect requests for
ExamplePage.html
, the key prefix will beExamplePage.html
. To redirect request for all pages with the prefixdocs/
, the key prefix will be/docs
, which identifies all objects in the docs/ folder. Required when the parent elementCondition
is specified and siblingHttpErrorCodeReturnedEquals
is not specified. If both conditions are specified, both must be true for the redirect to be applied.
- http
Error stringCode Returned Equals - The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
Required when parent element
Condition
is specified and siblingKeyPrefixEquals
is not specified. If both are specified, then both must be true for the redirect to be applied. - key
Prefix stringEquals - The object key name prefix when the redirect is applied. For example, to redirect requests for
ExamplePage.html
, the key prefix will beExamplePage.html
. To redirect request for all pages with the prefixdocs/
, the key prefix will be/docs
, which identifies all objects in the docs/ folder. Required when the parent elementCondition
is specified and siblingHttpErrorCodeReturnedEquals
is not specified. If both conditions are specified, both must be true for the redirect to be applied.
- http_
error_ strcode_ returned_ equals - The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
Required when parent element
Condition
is specified and siblingKeyPrefixEquals
is not specified. If both are specified, then both must be true for the redirect to be applied. - key_
prefix_ strequals - The object key name prefix when the redirect is applied. For example, to redirect requests for
ExamplePage.html
, the key prefix will beExamplePage.html
. To redirect request for all pages with the prefixdocs/
, the key prefix will be/docs
, which identifies all objects in the docs/ folder. Required when the parent elementCondition
is specified and siblingHttpErrorCodeReturnedEquals
is not specified. If both conditions are specified, both must be true for the redirect to be applied.
- http
Error StringCode Returned Equals - The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
Required when parent element
Condition
is specified and siblingKeyPrefixEquals
is not specified. If both are specified, then both must be true for the redirect to be applied. - key
Prefix StringEquals - The object key name prefix when the redirect is applied. For example, to redirect requests for
ExamplePage.html
, the key prefix will beExamplePage.html
. To redirect request for all pages with the prefixdocs/
, the key prefix will be/docs
, which identifies all objects in the docs/ folder. Required when the parent elementCondition
is specified and siblingHttpErrorCodeReturnedEquals
is not specified. If both conditions are specified, both must be true for the redirect to be applied.
BucketRule, BucketRuleArgs
- Status
Pulumi.
Aws Native. S3. Bucket Rule Status - If
Enabled
, the rule is currently being applied. IfDisabled
, the rule is not currently being applied. - Abort
Incomplete Pulumi.Multipart Upload Aws Native. S3. Inputs. Bucket Abort Incomplete Multipart Upload - Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
- Expiration
Date string - Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
- Expiration
In intDays - Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
- Expired
Object boolDelete Marker - Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with
ExpirationInDays
,ExpirationDate
, orTagFilters
. - Id string
- Unique identifier for the rule. The value can't be longer than 255 characters.
- Noncurrent
Version Pulumi.Expiration Aws Native. S3. Inputs. Bucket Noncurrent Version Expiration - Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
- Noncurrent
Version intExpiration In Days - (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
- Noncurrent
Version Pulumi.Transition Aws Native. S3. Inputs. Bucket Noncurrent Version Transition - (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the
NoncurrentVersionTransitions
property. - Noncurrent
Version List<Pulumi.Transitions Aws Native. S3. Inputs. Bucket Noncurrent Version Transition> - For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the
NoncurrentVersionTransition
property. - Object
Size stringGreater Than - Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
- Object
Size stringLess Than - Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
- Prefix string
- Object key prefix that identifies one or more objects to which this rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- Tag
Filters List<Pulumi.Aws Native. S3. Inputs. Bucket Tag Filter> - Tags to use to identify a subset of objects to which the lifecycle rule applies.
- Transition
Pulumi.
Aws Native. S3. Inputs. Bucket Transition - (Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the
Transitions
property. - Transitions
List<Pulumi.
Aws Native. S3. Inputs. Bucket Transition> - One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the
Transition
property.
- Status
Bucket
Rule Status - If
Enabled
, the rule is currently being applied. IfDisabled
, the rule is not currently being applied. - Abort
Incomplete BucketMultipart Upload Abort Incomplete Multipart Upload - Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
- Expiration
Date string - Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
- Expiration
In intDays - Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
- Expired
Object boolDelete Marker - Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with
ExpirationInDays
,ExpirationDate
, orTagFilters
. - Id string
- Unique identifier for the rule. The value can't be longer than 255 characters.
- Noncurrent
Version BucketExpiration Noncurrent Version Expiration - Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
- Noncurrent
Version intExpiration In Days - (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
- Noncurrent
Version BucketTransition Noncurrent Version Transition - (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the
NoncurrentVersionTransitions
property. - Noncurrent
Version []BucketTransitions Noncurrent Version Transition - For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the
NoncurrentVersionTransition
property. - Object
Size stringGreater Than - Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
- Object
Size stringLess Than - Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
- Prefix string
- Object key prefix that identifies one or more objects to which this rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
- Tag
Filters []BucketTag Filter - Tags to use to identify a subset of objects to which the lifecycle rule applies.
- Transition
Bucket
Transition - (Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the
Transitions
property. - Transitions
[]Bucket
Transition - One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the
Transition
property.
- status
Bucket
Rule Status - If
Enabled
, the rule is currently being applied. IfDisabled
, the rule is not currently being applied. - abort
Incomplete BucketMultipart Upload Abort Incomplete Multipart Upload - Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
- expiration
Date String - Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
- expiration
In IntegerDays - Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
- expired
Object BooleanDelete Marker - Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with
ExpirationInDays
,ExpirationDate
, orTagFilters
. - id String
- Unique identifier for the rule. The value can't be longer than 255 characters.
- noncurrent
Version BucketExpiration Noncurrent Version Expiration - Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
- noncurrent
Version IntegerExpiration In Days - (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
- noncurrent
Version BucketTransition Noncurrent Version Transition - (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the
NoncurrentVersionTransitions
property. - noncurrent
Version List<BucketTransitions Noncurrent Version Transition> - For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the
NoncurrentVersionTransition
property. - object
Size StringGreater Than - Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
- object
Size StringLess Than - Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
- prefix String
- Object key prefix that identifies one or more objects to which this rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.