1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. s3
  5. Bucket

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.13.0 published on Wednesday, Dec 4, 2024 by Pulumi

aws-native.s3.Bucket

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.13.0 published on Wednesday, Dec 4, 2024 by Pulumi

    The AWS::S3::Bucket resource creates an Amazon S3 bucket in the same AWS Region where you create the AWS CloudFormation stack. To control how AWS CloudFormation handles the bucket when the stack is deleted, you can set a deletion policy for your bucket. You can choose to retain the bucket or to delete the bucket. For more information, see DeletionPolicy Attribute. You can only delete empty buckets. Deletion fails for buckets that have contents.

    Example Usage

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var s3Bucket = new AwsNative.S3.Bucket("s3Bucket");
    
        var recordingConfiguration = new AwsNative.Ivs.RecordingConfiguration("recordingConfiguration", new()
        {
            Name = "MyRecordingConfiguration",
            DestinationConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationDestinationConfigurationArgs
            {
                S3 = new AwsNative.Ivs.Inputs.RecordingConfigurationS3DestinationConfigurationArgs
                {
                    BucketName = s3Bucket.Id,
                },
            },
            ThumbnailConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationThumbnailConfigurationArgs
            {
                RecordingMode = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
                TargetIntervalSeconds = 60,
                Storage = new[]
                {
                    AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
                    AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
                },
                Resolution = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
            },
            RenditionConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationRenditionConfigurationArgs
            {
                RenditionSelection = AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
                Renditions = new[]
                {
                    AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
                    AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
                },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                s3Bucket,
            },
        });
    
        var channel = new AwsNative.Ivs.Channel("channel", new()
        {
            Name = "MyRecordedChannel",
            RecordingConfigurationArn = recordingConfiguration.Id,
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                recordingConfiguration,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ivs"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		s3Bucket, err := s3.NewBucket(ctx, "s3Bucket", nil)
    		if err != nil {
    			return err
    		}
    		recordingConfiguration, err := ivs.NewRecordingConfiguration(ctx, "recordingConfiguration", &ivs.RecordingConfigurationArgs{
    			Name: pulumi.String("MyRecordingConfiguration"),
    			DestinationConfiguration: &ivs.RecordingConfigurationDestinationConfigurationArgs{
    				S3: &ivs.RecordingConfigurationS3DestinationConfigurationArgs{
    					BucketName: s3Bucket.ID(),
    				},
    			},
    			ThumbnailConfiguration: &ivs.RecordingConfigurationThumbnailConfigurationArgs{
    				RecordingMode:         ivs.RecordingConfigurationThumbnailConfigurationRecordingModeInterval,
    				TargetIntervalSeconds: pulumi.Int(60),
    				Storage: ivs.RecordingConfigurationThumbnailConfigurationStorageItemArray{
    					ivs.RecordingConfigurationThumbnailConfigurationStorageItemSequential,
    					ivs.RecordingConfigurationThumbnailConfigurationStorageItemLatest,
    				},
    				Resolution: ivs.RecordingConfigurationThumbnailConfigurationResolutionHd,
    			},
    			RenditionConfiguration: &ivs.RecordingConfigurationRenditionConfigurationArgs{
    				RenditionSelection: ivs.RecordingConfigurationRenditionConfigurationRenditionSelectionCustom,
    				Renditions: ivs.RecordingConfigurationRenditionConfigurationRenditionsItemArray{
    					ivs.RecordingConfigurationRenditionConfigurationRenditionsItemHd,
    					ivs.RecordingConfigurationRenditionConfigurationRenditionsItemSd,
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			s3Bucket,
    		}))
    		if err != nil {
    			return err
    		}
    		_, err = ivs.NewChannel(ctx, "channel", &ivs.ChannelArgs{
    			Name:                      pulumi.String("MyRecordedChannel"),
    			RecordingConfigurationArn: recordingConfiguration.ID(),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			recordingConfiguration,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    s3_bucket = aws_native.s3.Bucket("s3Bucket")
    recording_configuration = aws_native.ivs.RecordingConfiguration("recordingConfiguration",
        name="MyRecordingConfiguration",
        destination_configuration={
            "s3": {
                "bucket_name": s3_bucket.id,
            },
        },
        thumbnail_configuration={
            "recording_mode": aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.INTERVAL,
            "target_interval_seconds": 60,
            "storage": [
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.SEQUENTIAL,
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.LATEST,
            ],
            "resolution": aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.HD,
        },
        rendition_configuration={
            "rendition_selection": aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.CUSTOM,
            "renditions": [
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.HD,
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.SD,
            ],
        },
        opts = pulumi.ResourceOptions(depends_on=[s3_bucket]))
    channel = aws_native.ivs.Channel("channel",
        name="MyRecordedChannel",
        recording_configuration_arn=recording_configuration.id,
        opts = pulumi.ResourceOptions(depends_on=[recording_configuration]))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const s3Bucket = new aws_native.s3.Bucket("s3Bucket", {});
    const recordingConfiguration = new aws_native.ivs.RecordingConfiguration("recordingConfiguration", {
        name: "MyRecordingConfiguration",
        destinationConfiguration: {
            s3: {
                bucketName: s3Bucket.id,
            },
        },
        thumbnailConfiguration: {
            recordingMode: aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
            targetIntervalSeconds: 60,
            storage: [
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
            ],
            resolution: aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
        },
        renditionConfiguration: {
            renditionSelection: aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
            renditions: [
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
            ],
        },
    }, {
        dependsOn: [s3Bucket],
    });
    const channel = new aws_native.ivs.Channel("channel", {
        name: "MyRecordedChannel",
        recordingConfigurationArn: recordingConfiguration.id,
    }, {
        dependsOn: [recordingConfiguration],
    });
    

    Coming soon!

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var s3Bucket = new AwsNative.S3.Bucket("s3Bucket");
    
        var recordingConfiguration = new AwsNative.Ivs.RecordingConfiguration("recordingConfiguration", new()
        {
            Name = "MyRecordingConfiguration",
            DestinationConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationDestinationConfigurationArgs
            {
                S3 = new AwsNative.Ivs.Inputs.RecordingConfigurationS3DestinationConfigurationArgs
                {
                    BucketName = s3Bucket.Id,
                },
            },
            ThumbnailConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationThumbnailConfigurationArgs
            {
                RecordingMode = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
                TargetIntervalSeconds = 60,
                Resolution = AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
                Storage = new[]
                {
                    AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
                    AwsNative.Ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
                },
            },
            RenditionConfiguration = new AwsNative.Ivs.Inputs.RecordingConfigurationRenditionConfigurationArgs
            {
                RenditionSelection = AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
                Renditions = new[]
                {
                    AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
                    AwsNative.Ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
                },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                s3Bucket,
            },
        });
    
        var channel = new AwsNative.Ivs.Channel("channel", new()
        {
            Name = "MyRecordedChannel",
            RecordingConfigurationArn = recordingConfiguration.Id,
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                recordingConfiguration,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ivs"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		s3Bucket, err := s3.NewBucket(ctx, "s3Bucket", nil)
    		if err != nil {
    			return err
    		}
    		recordingConfiguration, err := ivs.NewRecordingConfiguration(ctx, "recordingConfiguration", &ivs.RecordingConfigurationArgs{
    			Name: pulumi.String("MyRecordingConfiguration"),
    			DestinationConfiguration: &ivs.RecordingConfigurationDestinationConfigurationArgs{
    				S3: &ivs.RecordingConfigurationS3DestinationConfigurationArgs{
    					BucketName: s3Bucket.ID(),
    				},
    			},
    			ThumbnailConfiguration: &ivs.RecordingConfigurationThumbnailConfigurationArgs{
    				RecordingMode:         ivs.RecordingConfigurationThumbnailConfigurationRecordingModeInterval,
    				TargetIntervalSeconds: pulumi.Int(60),
    				Resolution:            ivs.RecordingConfigurationThumbnailConfigurationResolutionHd,
    				Storage: ivs.RecordingConfigurationThumbnailConfigurationStorageItemArray{
    					ivs.RecordingConfigurationThumbnailConfigurationStorageItemSequential,
    					ivs.RecordingConfigurationThumbnailConfigurationStorageItemLatest,
    				},
    			},
    			RenditionConfiguration: &ivs.RecordingConfigurationRenditionConfigurationArgs{
    				RenditionSelection: ivs.RecordingConfigurationRenditionConfigurationRenditionSelectionCustom,
    				Renditions: ivs.RecordingConfigurationRenditionConfigurationRenditionsItemArray{
    					ivs.RecordingConfigurationRenditionConfigurationRenditionsItemHd,
    					ivs.RecordingConfigurationRenditionConfigurationRenditionsItemSd,
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			s3Bucket,
    		}))
    		if err != nil {
    			return err
    		}
    		_, err = ivs.NewChannel(ctx, "channel", &ivs.ChannelArgs{
    			Name:                      pulumi.String("MyRecordedChannel"),
    			RecordingConfigurationArn: recordingConfiguration.ID(),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			recordingConfiguration,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    s3_bucket = aws_native.s3.Bucket("s3Bucket")
    recording_configuration = aws_native.ivs.RecordingConfiguration("recordingConfiguration",
        name="MyRecordingConfiguration",
        destination_configuration={
            "s3": {
                "bucket_name": s3_bucket.id,
            },
        },
        thumbnail_configuration={
            "recording_mode": aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.INTERVAL,
            "target_interval_seconds": 60,
            "resolution": aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.HD,
            "storage": [
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.SEQUENTIAL,
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.LATEST,
            ],
        },
        rendition_configuration={
            "rendition_selection": aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.CUSTOM,
            "renditions": [
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.HD,
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.SD,
            ],
        },
        opts = pulumi.ResourceOptions(depends_on=[s3_bucket]))
    channel = aws_native.ivs.Channel("channel",
        name="MyRecordedChannel",
        recording_configuration_arn=recording_configuration.id,
        opts = pulumi.ResourceOptions(depends_on=[recording_configuration]))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const s3Bucket = new aws_native.s3.Bucket("s3Bucket", {});
    const recordingConfiguration = new aws_native.ivs.RecordingConfiguration("recordingConfiguration", {
        name: "MyRecordingConfiguration",
        destinationConfiguration: {
            s3: {
                bucketName: s3Bucket.id,
            },
        },
        thumbnailConfiguration: {
            recordingMode: aws_native.ivs.RecordingConfigurationThumbnailConfigurationRecordingMode.Interval,
            targetIntervalSeconds: 60,
            resolution: aws_native.ivs.RecordingConfigurationThumbnailConfigurationResolution.Hd,
            storage: [
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Sequential,
                aws_native.ivs.RecordingConfigurationThumbnailConfigurationStorageItem.Latest,
            ],
        },
        renditionConfiguration: {
            renditionSelection: aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionSelection.Custom,
            renditions: [
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Hd,
                aws_native.ivs.RecordingConfigurationRenditionConfigurationRenditionsItem.Sd,
            ],
        },
    }, {
        dependsOn: [s3Bucket],
    });
    const channel = new aws_native.ivs.Channel("channel", {
        name: "MyRecordedChannel",
        recordingConfigurationArn: recordingConfiguration.id,
    }, {
        dependsOn: [recordingConfiguration],
    });
    

    Coming soon!

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var config = new Config();
        var latestAmiId = config.Get("latestAmiId") ?? "";
        var latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : AwsNative.GetSsmParameterString.Invoke(new()
        {
            Name = latestAmiId,
        }).Apply(invoke => invoke.Value);
    
        var gitHubOwner = config.Require("gitHubOwner");
        var gitHubRepo = config.Require("gitHubRepo");
        var gitHubBranch = config.Require("gitHubBranch");
        var ssmAssocLogs = new AwsNative.S3.Bucket("ssmAssocLogs");
    
        var ssmInstanceRole = new AwsNative.Iam.Role("ssmInstanceRole", new()
        {
            Policies = new[]
            {
                new AwsNative.Iam.Inputs.RolePolicyArgs
                {
                    PolicyDocument = new Dictionary<string, object?>
                    {
                        ["version"] = "2012-10-17",
                        ["statement"] = new[]
                        {
                            new Dictionary<string, object?>
                            {
                                ["action"] = new[]
                                {
                                    "s3:GetObject",
                                },
                                ["resource"] = new[]
                                {
                                    "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                                    "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                                    "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                                    "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                                    "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                                    "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                                },
                                ["effect"] = "Allow",
                            },
                        },
                    },
                    PolicyName = "ssm-custom-s3-policy",
                },
                new AwsNative.Iam.Inputs.RolePolicyArgs
                {
                    PolicyDocument = new Dictionary<string, object?>
                    {
                        ["version"] = "2012-10-17",
                        ["statement"] = new[]
                        {
                            new Dictionary<string, object?>
                            {
                                ["action"] = new[]
                                {
                                    "s3:GetObject",
                                    "s3:PutObject",
                                    "s3:PutObjectAcl",
                                    "s3:ListBucket",
                                },
                                ["resource"] = new[]
                                {
                                    "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                                    "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                                },
                                ["effect"] = "Allow",
                            },
                        },
                    },
                    PolicyName = "s3-instance-bucket-policy",
                },
            },
            Path = "/",
            ManagedPolicyArns = new[]
            {
                "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
            },
            AssumeRolePolicyDocument = new Dictionary<string, object?>
            {
                ["version"] = "2012-10-17",
                ["statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["effect"] = "Allow",
                        ["principal"] = new Dictionary<string, object?>
                        {
                            ["service"] = new[]
                            {
                                "ec2.amazonaws.com",
                                "ssm.amazonaws.com",
                            },
                        },
                        ["action"] = "sts:AssumeRole",
                    },
                },
            },
        });
    
        var ssmInstanceProfile = new AwsNative.Iam.InstanceProfile("ssmInstanceProfile", new()
        {
            Roles = new[]
            {
                "SSMInstanceRole",
            },
        });
    
        var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
        {
            ImageId = "LatestAmiId",
            InstanceType = "t3.small",
            IamInstanceProfile = "SSMInstanceProfile",
        });
    
        var ansibleAssociation = new AwsNative.Ssm.Association("ansibleAssociation", new()
        {
            Name = "AWS-ApplyAnsiblePlaybooks",
            Targets = new[]
            {
                new AwsNative.Ssm.Inputs.AssociationTargetArgs
                {
                    Key = "InstanceIds",
                    Values = new[]
                    {
                        "EC2Instance",
                    },
                },
            },
            OutputLocation = new AwsNative.Ssm.Inputs.AssociationInstanceAssociationOutputLocationArgs
            {
                S3Location = new AwsNative.Ssm.Inputs.AssociationS3OutputLocationArgs
                {
                    OutputS3BucketName = "SSMAssocLogs",
                    OutputS3KeyPrefix = "logs/",
                },
            },
            Parameters = 
            {
                { "sourceType", new[]
                {
                    "GitHub",
                } },
                { "sourceInfo", new[]
                {
                    @"{""owner"":""${GitHubOwner}"",
    ""repository"":""${GitHubRepo}"",
    ""path"":"""",
    ""getOptions"":""branch:${GitHubBranch}""}
    ",
                } },
                { "installDependencies", new[]
                {
                    "True",
                } },
                { "playbookFile", new[]
                {
                    "playbook.yml",
                } },
                { "extraVariables", new[]
                {
                    "SSM=True",
                } },
                { "check", new[]
                {
                    "False",
                } },
                { "verbose", new[]
                {
                    "-v",
                } },
            },
        });
    
        return new Dictionary<string, object?>
        {
            ["webServerPublic"] = "EC2Instance.PublicDnsName",
        };
    });
    
    package main
    
    import (
    	awsnative "github.com/pulumi/pulumi-aws-native/sdk/go/aws"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cfg := config.New(ctx, "")
    		latestAmiId := ""
    		if param := cfg.Get("latestAmiId"); param != "" {
    			latestAmiId = param
    		}
    		var tmp0 string
    		if latestAmiId == "" {
    			tmp0 = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
    		} else {
    			tmp0 = awsnative.GetSsmParameterString(ctx, &aws.GetSsmParameterStringArgs{
    				Name: latestAmiId,
    			}, nil).Value
    		}
    		_ := tmp0
    		gitHubOwner := cfg.Require("gitHubOwner")
    		gitHubRepo := cfg.Require("gitHubRepo")
    		gitHubBranch := cfg.Require("gitHubBranch")
    		_, err := s3.NewBucket(ctx, "ssmAssocLogs", nil)
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewRole(ctx, "ssmInstanceRole", &iam.RoleArgs{
    			Policies: iam.RolePolicyTypeArray{
    				&iam.RolePolicyTypeArgs{
    					PolicyDocument: pulumi.Any(map[string]interface{}{
    						"version": "2012-10-17",
    						"statement": []map[string]interface{}{
    							map[string]interface{}{
    								"action": []string{
    									"s3:GetObject",
    								},
    								"resource": []string{
    									"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
    									"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
    									"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
    									"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
    									"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
    									"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
    								},
    								"effect": "Allow",
    							},
    						},
    					}),
    					PolicyName: pulumi.String("ssm-custom-s3-policy"),
    				},
    				&iam.RolePolicyTypeArgs{
    					PolicyDocument: pulumi.Any(map[string]interface{}{
    						"version": "2012-10-17",
    						"statement": []map[string]interface{}{
    							map[string]interface{}{
    								"action": []string{
    									"s3:GetObject",
    									"s3:PutObject",
    									"s3:PutObjectAcl",
    									"s3:ListBucket",
    								},
    								"resource": []string{
    									"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
    									"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
    								},
    								"effect": "Allow",
    							},
    						},
    					}),
    					PolicyName: pulumi.String("s3-instance-bucket-policy"),
    				},
    			},
    			Path: pulumi.String("/"),
    			ManagedPolicyArns: pulumi.StringArray{
    				pulumi.String("arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"),
    			},
    			AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
    				"version": "2012-10-17",
    				"statement": []map[string]interface{}{
    					map[string]interface{}{
    						"effect": "Allow",
    						"principal": map[string]interface{}{
    							"service": []string{
    								"ec2.amazonaws.com",
    								"ssm.amazonaws.com",
    							},
    						},
    						"action": "sts:AssumeRole",
    					},
    				},
    			}),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewInstanceProfile(ctx, "ssmInstanceProfile", &iam.InstanceProfileArgs{
    			Roles: pulumi.StringArray{
    				pulumi.String("SSMInstanceRole"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
    			ImageId:            pulumi.String("LatestAmiId"),
    			InstanceType:       pulumi.String("t3.small"),
    			IamInstanceProfile: pulumi.String("SSMInstanceProfile"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = ssm.NewAssociation(ctx, "ansibleAssociation", &ssm.AssociationArgs{
    			Name: pulumi.String("AWS-ApplyAnsiblePlaybooks"),
    			Targets: ssm.AssociationTargetArray{
    				&ssm.AssociationTargetArgs{
    					Key: pulumi.String("InstanceIds"),
    					Values: pulumi.StringArray{
    						pulumi.String("EC2Instance"),
    					},
    				},
    			},
    			OutputLocation: &ssm.AssociationInstanceAssociationOutputLocationArgs{
    				S3Location: &ssm.AssociationS3OutputLocationArgs{
    					OutputS3BucketName: pulumi.String("SSMAssocLogs"),
    					OutputS3KeyPrefix:  pulumi.String("logs/"),
    				},
    			},
    			Parameters: pulumi.StringArrayMap{
    				"sourceType": pulumi.StringArray{
    					pulumi.String("GitHub"),
    				},
    				"sourceInfo": pulumi.StringArray{
    					pulumi.String("{\"owner\":\"${GitHubOwner}\",\n\"repository\":\"${GitHubRepo}\",\n\"path\":\"\",\n\"getOptions\":\"branch:${GitHubBranch}\"}\n"),
    				},
    				"installDependencies": pulumi.StringArray{
    					pulumi.String("True"),
    				},
    				"playbookFile": pulumi.StringArray{
    					pulumi.String("playbook.yml"),
    				},
    				"extraVariables": pulumi.StringArray{
    					pulumi.String("SSM=True"),
    				},
    				"check": pulumi.StringArray{
    					pulumi.String("False"),
    				},
    				"verbose": pulumi.StringArray{
    					pulumi.String("-v"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		ctx.Export("webServerPublic", pulumi.String("EC2Instance.PublicDnsName"))
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    config = pulumi.Config()
    latest_ami_id = config.get("latestAmiId")
    if latest_ami_id is None:
        latest_ami_id = ""
    latest_ami_id_value = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" if latest_ami_id == "" else aws_native.get_ssm_parameter_string(name=latest_ami_id).value
    git_hub_owner = config.require("gitHubOwner")
    git_hub_repo = config.require("gitHubRepo")
    git_hub_branch = config.require("gitHubBranch")
    ssm_assoc_logs = aws_native.s3.Bucket("ssmAssocLogs")
    ssm_instance_role = aws_native.iam.Role("ssmInstanceRole",
        policies=[
            {
                "policy_document": {
                    "version": "2012-10-17",
                    "statement": [{
                        "action": ["s3:GetObject"],
                        "resource": [
                            "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                            "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                            "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                        ],
                        "effect": "Allow",
                    }],
                },
                "policy_name": "ssm-custom-s3-policy",
            },
            {
                "policy_document": {
                    "version": "2012-10-17",
                    "statement": [{
                        "action": [
                            "s3:GetObject",
                            "s3:PutObject",
                            "s3:PutObjectAcl",
                            "s3:ListBucket",
                        ],
                        "resource": [
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                        ],
                        "effect": "Allow",
                    }],
                },
                "policy_name": "s3-instance-bucket-policy",
            },
        ],
        path="/",
        managed_policy_arns=["arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"],
        assume_role_policy_document={
            "version": "2012-10-17",
            "statement": [{
                "effect": "Allow",
                "principal": {
                    "service": [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                "action": "sts:AssumeRole",
            }],
        })
    ssm_instance_profile = aws_native.iam.InstanceProfile("ssmInstanceProfile", roles=["SSMInstanceRole"])
    ec2_instance = aws_native.ec2.Instance("ec2Instance",
        image_id="LatestAmiId",
        instance_type="t3.small",
        iam_instance_profile="SSMInstanceProfile")
    ansible_association = aws_native.ssm.Association("ansibleAssociation",
        name="AWS-ApplyAnsiblePlaybooks",
        targets=[{
            "key": "InstanceIds",
            "values": ["EC2Instance"],
        }],
        output_location={
            "s3_location": {
                "output_s3_bucket_name": "SSMAssocLogs",
                "output_s3_key_prefix": "logs/",
            },
        },
        parameters={
            "sourceType": ["GitHub"],
            "sourceInfo": ["""{"owner":"${GitHubOwner}",
    "repository":"${GitHubRepo}",
    "path":"",
    "getOptions":"branch:${GitHubBranch}"}
    """],
            "installDependencies": ["True"],
            "playbookFile": ["playbook.yml"],
            "extraVariables": ["SSM=True"],
            "check": ["False"],
            "verbose": ["-v"],
        })
    pulumi.export("webServerPublic", "EC2Instance.PublicDnsName")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const config = new pulumi.Config();
    const latestAmiId = config.get("latestAmiId") || "";
    const latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : aws_native.getSsmParameterString({
        name: latestAmiId,
    }).then(invoke => invoke.value);
    const gitHubOwner = config.require("gitHubOwner");
    const gitHubRepo = config.require("gitHubRepo");
    const gitHubBranch = config.require("gitHubBranch");
    const ssmAssocLogs = new aws_native.s3.Bucket("ssmAssocLogs", {});
    const ssmInstanceRole = new aws_native.iam.Role("ssmInstanceRole", {
        policies: [
            {
                policyDocument: {
                    version: "2012-10-17",
                    statement: [{
                        action: ["s3:GetObject"],
                        resource: [
                            "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                            "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                            "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                        ],
                        effect: "Allow",
                    }],
                },
                policyName: "ssm-custom-s3-policy",
            },
            {
                policyDocument: {
                    version: "2012-10-17",
                    statement: [{
                        action: [
                            "s3:GetObject",
                            "s3:PutObject",
                            "s3:PutObjectAcl",
                            "s3:ListBucket",
                        ],
                        resource: [
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                        ],
                        effect: "Allow",
                    }],
                },
                policyName: "s3-instance-bucket-policy",
            },
        ],
        path: "/",
        managedPolicyArns: ["arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"],
        assumeRolePolicyDocument: {
            version: "2012-10-17",
            statement: [{
                effect: "Allow",
                principal: {
                    service: [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                action: "sts:AssumeRole",
            }],
        },
    });
    const ssmInstanceProfile = new aws_native.iam.InstanceProfile("ssmInstanceProfile", {roles: ["SSMInstanceRole"]});
    const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
        imageId: "LatestAmiId",
        instanceType: "t3.small",
        iamInstanceProfile: "SSMInstanceProfile",
    });
    const ansibleAssociation = new aws_native.ssm.Association("ansibleAssociation", {
        name: "AWS-ApplyAnsiblePlaybooks",
        targets: [{
            key: "InstanceIds",
            values: ["EC2Instance"],
        }],
        outputLocation: {
            s3Location: {
                outputS3BucketName: "SSMAssocLogs",
                outputS3KeyPrefix: "logs/",
            },
        },
        parameters: {
            sourceType: ["GitHub"],
            sourceInfo: [`{"owner":"\${GitHubOwner}",
    "repository":"\${GitHubRepo}",
    "path":"",
    "getOptions":"branch:\${GitHubBranch}"}
    `],
            installDependencies: ["True"],
            playbookFile: ["playbook.yml"],
            extraVariables: ["SSM=True"],
            check: ["False"],
            verbose: ["-v"],
        },
    });
    export const webServerPublic = "EC2Instance.PublicDnsName";
    

    Coming soon!

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var config = new Config();
        var latestAmiId = config.Get("latestAmiId") ?? "";
        var latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : AwsNative.GetSsmParameterString.Invoke(new()
        {
            Name = latestAmiId,
        }).Apply(invoke => invoke.Value);
    
        var ssmAssocLogs = new AwsNative.S3.Bucket("ssmAssocLogs");
    
        var ssmInstanceRole = new AwsNative.Iam.Role("ssmInstanceRole", new()
        {
            Policies = new[]
            {
                new AwsNative.Iam.Inputs.RolePolicyArgs
                {
                    PolicyDocument = new Dictionary<string, object?>
                    {
                        ["version"] = "2012-10-17",
                        ["statement"] = new[]
                        {
                            new Dictionary<string, object?>
                            {
                                ["action"] = new[]
                                {
                                    "s3:GetObject",
                                },
                                ["resource"] = new[]
                                {
                                    "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                                    "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                                    "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                                    "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                                    "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                                    "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                                },
                                ["effect"] = "Allow",
                            },
                        },
                    },
                    PolicyName = "ssm-custom-s3-policy",
                },
                new AwsNative.Iam.Inputs.RolePolicyArgs
                {
                    PolicyDocument = new Dictionary<string, object?>
                    {
                        ["version"] = "2012-10-17",
                        ["statement"] = new[]
                        {
                            new Dictionary<string, object?>
                            {
                                ["action"] = new[]
                                {
                                    "s3:GetObject",
                                    "s3:PutObject",
                                    "s3:PutObjectAcl",
                                    "s3:ListBucket",
                                },
                                ["resource"] = new[]
                                {
                                    "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                                    "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                                },
                                ["effect"] = "Allow",
                            },
                        },
                    },
                    PolicyName = "s3-instance-bucket-policy",
                },
            },
            Path = "/",
            ManagedPolicyArns = new[]
            {
                "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
                "arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
            },
            AssumeRolePolicyDocument = new Dictionary<string, object?>
            {
                ["version"] = "2012-10-17",
                ["statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["effect"] = "Allow",
                        ["principal"] = new Dictionary<string, object?>
                        {
                            ["service"] = new[]
                            {
                                "ec2.amazonaws.com",
                                "ssm.amazonaws.com",
                            },
                        },
                        ["action"] = "sts:AssumeRole",
                    },
                },
            },
        });
    
        var ssmInstanceProfile = new AwsNative.Iam.InstanceProfile("ssmInstanceProfile", new()
        {
            Roles = new[]
            {
                "SSMInstanceRole",
            },
        });
    
        var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
        {
            ImageId = "LatestAmiId",
            InstanceType = "t3.medium",
            IamInstanceProfile = "SSMInstanceProfile",
            Tags = new[]
            {
                new AwsNative.Inputs.TagArgs
                {
                    Key = "nginx",
                    Value = "yes",
                },
            },
        });
    
        var nginxAssociation = new AwsNative.Ssm.Association("nginxAssociation", new()
        {
            Name = "AWS-RunShellScript",
            Targets = new[]
            {
                new AwsNative.Ssm.Inputs.AssociationTargetArgs
                {
                    Key = "tag:nginx",
                    Values = new[]
                    {
                        "yes",
                    },
                },
            },
            OutputLocation = new AwsNative.Ssm.Inputs.AssociationInstanceAssociationOutputLocationArgs
            {
                S3Location = new AwsNative.Ssm.Inputs.AssociationS3OutputLocationArgs
                {
                    OutputS3BucketName = "SSMAssocLogs",
                    OutputS3KeyPrefix = "logs/",
                },
            },
            Parameters = 
            {
                { "commands", new[]
                {
                    @"sudo amazon-linux-extras install nginx1 -y
    sudo service nginx start
    ",
                } },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                ec2Instance,
            },
        });
    
        return new Dictionary<string, object?>
        {
            ["webServerPublic"] = "EC2Instance.PublicDnsName",
        };
    });
    
    package main
    
    import (
    	awsnative "github.com/pulumi/pulumi-aws-native/sdk/go/aws"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cfg := config.New(ctx, "")
    		latestAmiId := ""
    		if param := cfg.Get("latestAmiId"); param != "" {
    			latestAmiId = param
    		}
    		var tmp0 string
    		if latestAmiId == "" {
    			tmp0 = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
    		} else {
    			tmp0 = awsnative.GetSsmParameterString(ctx, &aws.GetSsmParameterStringArgs{
    				Name: latestAmiId,
    			}, nil).Value
    		}
    		_ := tmp0
    		_, err := s3.NewBucket(ctx, "ssmAssocLogs", nil)
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewRole(ctx, "ssmInstanceRole", &iam.RoleArgs{
    			Policies: iam.RolePolicyTypeArray{
    				&iam.RolePolicyTypeArgs{
    					PolicyDocument: pulumi.Any(map[string]interface{}{
    						"version": "2012-10-17",
    						"statement": []map[string]interface{}{
    							map[string]interface{}{
    								"action": []string{
    									"s3:GetObject",
    								},
    								"resource": []string{
    									"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
    									"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
    									"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
    									"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
    									"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
    									"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
    								},
    								"effect": "Allow",
    							},
    						},
    					}),
    					PolicyName: pulumi.String("ssm-custom-s3-policy"),
    				},
    				&iam.RolePolicyTypeArgs{
    					PolicyDocument: pulumi.Any(map[string]interface{}{
    						"version": "2012-10-17",
    						"statement": []map[string]interface{}{
    							map[string]interface{}{
    								"action": []string{
    									"s3:GetObject",
    									"s3:PutObject",
    									"s3:PutObjectAcl",
    									"s3:ListBucket",
    								},
    								"resource": []string{
    									"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
    									"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
    								},
    								"effect": "Allow",
    							},
    						},
    					}),
    					PolicyName: pulumi.String("s3-instance-bucket-policy"),
    				},
    			},
    			Path: pulumi.String("/"),
    			ManagedPolicyArns: pulumi.StringArray{
    				pulumi.String("arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"),
    				pulumi.String("arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy"),
    			},
    			AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
    				"version": "2012-10-17",
    				"statement": []map[string]interface{}{
    					map[string]interface{}{
    						"effect": "Allow",
    						"principal": map[string]interface{}{
    							"service": []string{
    								"ec2.amazonaws.com",
    								"ssm.amazonaws.com",
    							},
    						},
    						"action": "sts:AssumeRole",
    					},
    				},
    			}),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewInstanceProfile(ctx, "ssmInstanceProfile", &iam.InstanceProfileArgs{
    			Roles: pulumi.StringArray{
    				pulumi.String("SSMInstanceRole"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		ec2Instance, err := ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
    			ImageId:            pulumi.String("LatestAmiId"),
    			InstanceType:       pulumi.String("t3.medium"),
    			IamInstanceProfile: pulumi.String("SSMInstanceProfile"),
    			Tags: aws.TagArray{
    				&aws.TagArgs{
    					Key:   pulumi.String("nginx"),
    					Value: pulumi.String("yes"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = ssm.NewAssociation(ctx, "nginxAssociation", &ssm.AssociationArgs{
    			Name: pulumi.String("AWS-RunShellScript"),
    			Targets: ssm.AssociationTargetArray{
    				&ssm.AssociationTargetArgs{
    					Key: pulumi.String("tag:nginx"),
    					Values: pulumi.StringArray{
    						pulumi.String("yes"),
    					},
    				},
    			},
    			OutputLocation: &ssm.AssociationInstanceAssociationOutputLocationArgs{
    				S3Location: &ssm.AssociationS3OutputLocationArgs{
    					OutputS3BucketName: pulumi.String("SSMAssocLogs"),
    					OutputS3KeyPrefix:  pulumi.String("logs/"),
    				},
    			},
    			Parameters: pulumi.StringArrayMap{
    				"commands": pulumi.StringArray{
    					pulumi.String("sudo amazon-linux-extras install nginx1 -y\nsudo service nginx start\n"),
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			ec2Instance,
    		}))
    		if err != nil {
    			return err
    		}
    		ctx.Export("webServerPublic", pulumi.String("EC2Instance.PublicDnsName"))
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    config = pulumi.Config()
    latest_ami_id = config.get("latestAmiId")
    if latest_ami_id is None:
        latest_ami_id = ""
    latest_ami_id_value = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" if latest_ami_id == "" else aws_native.get_ssm_parameter_string(name=latest_ami_id).value
    ssm_assoc_logs = aws_native.s3.Bucket("ssmAssocLogs")
    ssm_instance_role = aws_native.iam.Role("ssmInstanceRole",
        policies=[
            {
                "policy_document": {
                    "version": "2012-10-17",
                    "statement": [{
                        "action": ["s3:GetObject"],
                        "resource": [
                            "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                            "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                            "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                        ],
                        "effect": "Allow",
                    }],
                },
                "policy_name": "ssm-custom-s3-policy",
            },
            {
                "policy_document": {
                    "version": "2012-10-17",
                    "statement": [{
                        "action": [
                            "s3:GetObject",
                            "s3:PutObject",
                            "s3:PutObjectAcl",
                            "s3:ListBucket",
                        ],
                        "resource": [
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                        ],
                        "effect": "Allow",
                    }],
                },
                "policy_name": "s3-instance-bucket-policy",
            },
        ],
        path="/",
        managed_policy_arns=[
            "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
            "arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
        ],
        assume_role_policy_document={
            "version": "2012-10-17",
            "statement": [{
                "effect": "Allow",
                "principal": {
                    "service": [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                "action": "sts:AssumeRole",
            }],
        })
    ssm_instance_profile = aws_native.iam.InstanceProfile("ssmInstanceProfile", roles=["SSMInstanceRole"])
    ec2_instance = aws_native.ec2.Instance("ec2Instance",
        image_id="LatestAmiId",
        instance_type="t3.medium",
        iam_instance_profile="SSMInstanceProfile",
        tags=[{
            "key": "nginx",
            "value": "yes",
        }])
    nginx_association = aws_native.ssm.Association("nginxAssociation",
        name="AWS-RunShellScript",
        targets=[{
            "key": "tag:nginx",
            "values": ["yes"],
        }],
        output_location={
            "s3_location": {
                "output_s3_bucket_name": "SSMAssocLogs",
                "output_s3_key_prefix": "logs/",
            },
        },
        parameters={
            "commands": ["""sudo amazon-linux-extras install nginx1 -y
    sudo service nginx start
    """],
        },
        opts = pulumi.ResourceOptions(depends_on=[ec2_instance]))
    pulumi.export("webServerPublic", "EC2Instance.PublicDnsName")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const config = new pulumi.Config();
    const latestAmiId = config.get("latestAmiId") || "";
    const latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : aws_native.getSsmParameterString({
        name: latestAmiId,
    }).then(invoke => invoke.value);
    const ssmAssocLogs = new aws_native.s3.Bucket("ssmAssocLogs", {});
    const ssmInstanceRole = new aws_native.iam.Role("ssmInstanceRole", {
        policies: [
            {
                policyDocument: {
                    version: "2012-10-17",
                    statement: [{
                        action: ["s3:GetObject"],
                        resource: [
                            "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                            "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                            "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                        ],
                        effect: "Allow",
                    }],
                },
                policyName: "ssm-custom-s3-policy",
            },
            {
                policyDocument: {
                    version: "2012-10-17",
                    statement: [{
                        action: [
                            "s3:GetObject",
                            "s3:PutObject",
                            "s3:PutObjectAcl",
                            "s3:ListBucket",
                        ],
                        resource: [
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                        ],
                        effect: "Allow",
                    }],
                },
                policyName: "s3-instance-bucket-policy",
            },
        ],
        path: "/",
        managedPolicyArns: [
            "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
            "arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
        ],
        assumeRolePolicyDocument: {
            version: "2012-10-17",
            statement: [{
                effect: "Allow",
                principal: {
                    service: [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                action: "sts:AssumeRole",
            }],
        },
    });
    const ssmInstanceProfile = new aws_native.iam.InstanceProfile("ssmInstanceProfile", {roles: ["SSMInstanceRole"]});
    const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
        imageId: "LatestAmiId",
        instanceType: "t3.medium",
        iamInstanceProfile: "SSMInstanceProfile",
        tags: [{
            key: "nginx",
            value: "yes",
        }],
    });
    const nginxAssociation = new aws_native.ssm.Association("nginxAssociation", {
        name: "AWS-RunShellScript",
        targets: [{
            key: "tag:nginx",
            values: ["yes"],
        }],
        outputLocation: {
            s3Location: {
                outputS3BucketName: "SSMAssocLogs",
                outputS3KeyPrefix: "logs/",
            },
        },
        parameters: {
            commands: [`sudo amazon-linux-extras install nginx1 -y
    sudo service nginx start
    `],
        },
    }, {
        dependsOn: [ec2Instance],
    });
    export const webServerPublic = "EC2Instance.PublicDnsName";
    

    Coming soon!

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var config = new Config();
        var latestAmiId = config.Get("latestAmiId") ?? "";
        var latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : AwsNative.GetSsmParameterString.Invoke(new()
        {
            Name = latestAmiId,
        }).Apply(invoke => invoke.Value);
    
        var ssmAssocLogs = new AwsNative.S3.Bucket("ssmAssocLogs");
    
        var nginxInstallAutomation = new AwsNative.Ssm.Document("nginxInstallAutomation", new()
        {
            DocumentType = AwsNative.Ssm.DocumentType.Automation,
            Content = new Dictionary<string, object?>
            {
                ["schemaVersion"] = "0.3",
                ["description"] = "Updates AMI with Linux distribution packages and installs Nginx software",
                ["assumeRole"] = "{{AutomationAssumeRole}}",
                ["parameters"] = new Dictionary<string, object?>
                {
                    ["instanceId"] = new Dictionary<string, object?>
                    {
                        ["description"] = "ID of the Instance.",
                        ["type"] = "String",
                    },
                    ["automationAssumeRole"] = new Dictionary<string, object?>
                    {
                        ["default"] = "",
                        ["description"] = "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
                        ["type"] = "String",
                    },
                },
                ["mainSteps"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["name"] = "updateOSSoftware",
                        ["action"] = "aws:runCommand",
                        ["maxAttempts"] = 3,
                        ["timeoutSeconds"] = 3600,
                        ["inputs"] = new Dictionary<string, object?>
                        {
                            ["documentName"] = "AWS-RunShellScript",
                            ["instanceIds"] = new[]
                            {
                                "{{InstanceId}}",
                            },
                            ["cloudWatchOutputConfig"] = new Dictionary<string, object?>
                            {
                                ["cloudWatchOutputEnabled"] = "true",
                            },
                            ["parameters"] = new Dictionary<string, object?>
                            {
                                ["commands"] = new[]
                                {
                                    @"#!/bin/bash
    sudo yum update -y
    needs-restarting -r
    if [ $? -eq 1 ]
    then
            exit 194
    else
            exit 0
    fi
    ",
                                },
                            },
                        },
                    },
                    new Dictionary<string, object?>
                    {
                        ["name"] = "InstallNginx",
                        ["action"] = "aws:runCommand",
                        ["inputs"] = new Dictionary<string, object?>
                        {
                            ["documentName"] = "AWS-RunShellScript",
                            ["instanceIds"] = new[]
                            {
                                "{{InstanceId}}",
                            },
                            ["cloudWatchOutputConfig"] = new Dictionary<string, object?>
                            {
                                ["cloudWatchOutputEnabled"] = "true",
                            },
                            ["parameters"] = new Dictionary<string, object?>
                            {
                                ["commands"] = new[]
                                {
                                    @"sudo amazon-linux-extras install nginx1 -y
    sudo service nginx start
    ",
                                },
                            },
                        },
                    },
                    new Dictionary<string, object?>
                    {
                        ["name"] = "TestInstall",
                        ["action"] = "aws:runCommand",
                        ["maxAttempts"] = 3,
                        ["timeoutSeconds"] = 3600,
                        ["onFailure"] = "Abort",
                        ["inputs"] = new Dictionary<string, object?>
                        {
                            ["documentName"] = "AWS-RunShellScript",
                            ["instanceIds"] = new[]
                            {
                                "{{InstanceId}}",
                            },
                            ["parameters"] = new Dictionary<string, object?>
                            {
                                ["commands"] = new[]
                                {
                                    @"curl localhost
    ",
                                },
                            },
                        },
                    },
                },
            },
        });
    
        var ssmExecutionRole = new AwsNative.Iam.Role("ssmExecutionRole", new()
        {
            Policies = new[]
            {
                new AwsNative.Iam.Inputs.RolePolicyArgs
                {
                    PolicyDocument = new Dictionary<string, object?>
                    {
                        ["version"] = "2012-10-17",
                        ["statement"] = new[]
                        {
                            new Dictionary<string, object?>
                            {
                                ["action"] = new[]
                                {
                                    "ssm:StartAssociationsOnce",
                                    "ssm:CreateAssociation",
                                    "ssm:CreateAssociationBatch",
                                    "ssm:UpdateAssociation",
                                },
                                ["resource"] = "*",
                                ["effect"] = "Allow",
                            },
                        },
                    },
                    PolicyName = "ssm-association",
                },
            },
            Path = "/",
            ManagedPolicyArns = new[]
            {
                "arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole",
            },
            AssumeRolePolicyDocument = new Dictionary<string, object?>
            {
                ["version"] = "2012-10-17",
                ["statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["effect"] = "Allow",
                        ["principal"] = new Dictionary<string, object?>
                        {
                            ["service"] = new[]
                            {
                                "ec2.amazonaws.com",
                                "ssm.amazonaws.com",
                            },
                        },
                        ["action"] = "sts:AssumeRole",
                    },
                },
            },
        });
    
        var ssmInstanceRole = new AwsNative.Iam.Role("ssmInstanceRole", new()
        {
            Policies = new[]
            {
                new AwsNative.Iam.Inputs.RolePolicyArgs
                {
                    PolicyDocument = new Dictionary<string, object?>
                    {
                        ["version"] = "2012-10-17",
                        ["statement"] = new[]
                        {
                            new Dictionary<string, object?>
                            {
                                ["action"] = new[]
                                {
                                    "s3:GetObject",
                                },
                                ["resource"] = new[]
                                {
                                    "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                                    "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                                    "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                                    "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                                    "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                                    "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                                },
                                ["effect"] = "Allow",
                            },
                        },
                    },
                    PolicyName = "ssm-custom-s3-policy",
                },
                new AwsNative.Iam.Inputs.RolePolicyArgs
                {
                    PolicyDocument = new Dictionary<string, object?>
                    {
                        ["version"] = "2012-10-17",
                        ["statement"] = new[]
                        {
                            new Dictionary<string, object?>
                            {
                                ["action"] = new[]
                                {
                                    "s3:GetObject",
                                    "s3:PutObject",
                                    "s3:PutObjectAcl",
                                    "s3:ListBucket",
                                },
                                ["resource"] = new[]
                                {
                                    "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                                    "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                                },
                                ["effect"] = "Allow",
                            },
                        },
                    },
                    PolicyName = "s3-instance-bucket-policy",
                },
            },
            Path = "/",
            ManagedPolicyArns = new[]
            {
                "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
                "arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
            },
            AssumeRolePolicyDocument = new Dictionary<string, object?>
            {
                ["version"] = "2012-10-17",
                ["statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["effect"] = "Allow",
                        ["principal"] = new Dictionary<string, object?>
                        {
                            ["service"] = new[]
                            {
                                "ec2.amazonaws.com",
                                "ssm.amazonaws.com",
                            },
                        },
                        ["action"] = "sts:AssumeRole",
                    },
                },
            },
        });
    
        var ssmInstanceProfile = new AwsNative.Iam.InstanceProfile("ssmInstanceProfile", new()
        {
            Roles = new[]
            {
                "SSMInstanceRole",
            },
        });
    
        var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
        {
            ImageId = "LatestAmiId",
            InstanceType = "t3.medium",
            IamInstanceProfile = "SSMInstanceProfile",
            Tags = new[]
            {
                new AwsNative.Inputs.TagArgs
                {
                    Key = "nginx",
                    Value = "true",
                },
            },
        });
    
        var nginxAssociation = new AwsNative.Ssm.Association("nginxAssociation", new()
        {
            Name = "nginxInstallAutomation",
            OutputLocation = new AwsNative.Ssm.Inputs.AssociationInstanceAssociationOutputLocationArgs
            {
                S3Location = new AwsNative.Ssm.Inputs.AssociationS3OutputLocationArgs
                {
                    OutputS3BucketName = "SSMAssocLogs",
                    OutputS3KeyPrefix = "logs/",
                },
            },
            AutomationTargetParameterName = "InstanceId",
            Parameters = 
            {
                { "automationAssumeRole", new[]
                {
                    "SSMExecutionRole.Arn",
                } },
            },
            Targets = new[]
            {
                new AwsNative.Ssm.Inputs.AssociationTargetArgs
                {
                    Key = "tag:nginx",
                    Values = new[]
                    {
                        "true",
                    },
                },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                ec2Instance,
            },
        });
    
        return new Dictionary<string, object?>
        {
            ["webServerPublic"] = "EC2Instance.PublicDnsName",
        };
    });
    
    package main
    
    import (
    	awsnative "github.com/pulumi/pulumi-aws-native/sdk/go/aws"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/s3"
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cfg := config.New(ctx, "")
    		latestAmiId := ""
    		if param := cfg.Get("latestAmiId"); param != "" {
    			latestAmiId = param
    		}
    		var tmp0 string
    		if latestAmiId == "" {
    			tmp0 = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
    		} else {
    			tmp0 = awsnative.GetSsmParameterString(ctx, &aws.GetSsmParameterStringArgs{
    				Name: latestAmiId,
    			}, nil).Value
    		}
    		_ := tmp0
    		_, err := s3.NewBucket(ctx, "ssmAssocLogs", nil)
    		if err != nil {
    			return err
    		}
    		_, err = ssm.NewDocument(ctx, "nginxInstallAutomation", &ssm.DocumentArgs{
    			DocumentType: ssm.DocumentTypeAutomation,
    			Content: pulumi.Any(map[string]interface{}{
    				"schemaVersion": "0.3",
    				"description":   "Updates AMI with Linux distribution packages and installs Nginx software",
    				"assumeRole":    "{{AutomationAssumeRole}}",
    				"parameters": map[string]interface{}{
    					"instanceId": map[string]interface{}{
    						"description": "ID of the Instance.",
    						"type":        "String",
    					},
    					"automationAssumeRole": map[string]interface{}{
    						"default":     "",
    						"description": "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
    						"type":        "String",
    					},
    				},
    				"mainSteps": []interface{}{
    					map[string]interface{}{
    						"name":           "updateOSSoftware",
    						"action":         "aws:runCommand",
    						"maxAttempts":    3,
    						"timeoutSeconds": 3600,
    						"inputs": map[string]interface{}{
    							"documentName": "AWS-RunShellScript",
    							"instanceIds": []string{
    								"{{InstanceId}}",
    							},
    							"cloudWatchOutputConfig": map[string]interface{}{
    								"cloudWatchOutputEnabled": "true",
    							},
    							"parameters": map[string]interface{}{
    								"commands": []string{
    									`#!/bin/bash
    sudo yum update -y
    needs-restarting -r
    if [ $? -eq 1 ]
    then
            exit 194
    else
            exit 0
    fi
    `,
    								},
    							},
    						},
    					},
    					map[string]interface{}{
    						"name":   "InstallNginx",
    						"action": "aws:runCommand",
    						"inputs": map[string]interface{}{
    							"documentName": "AWS-RunShellScript",
    							"instanceIds": []string{
    								"{{InstanceId}}",
    							},
    							"cloudWatchOutputConfig": map[string]interface{}{
    								"cloudWatchOutputEnabled": "true",
    							},
    							"parameters": map[string]interface{}{
    								"commands": []string{
    									"sudo amazon-linux-extras install nginx1 -y\nsudo service nginx start\n",
    								},
    							},
    						},
    					},
    					map[string]interface{}{
    						"name":           "TestInstall",
    						"action":         "aws:runCommand",
    						"maxAttempts":    3,
    						"timeoutSeconds": 3600,
    						"onFailure":      "Abort",
    						"inputs": map[string]interface{}{
    							"documentName": "AWS-RunShellScript",
    							"instanceIds": []string{
    								"{{InstanceId}}",
    							},
    							"parameters": map[string]interface{}{
    								"commands": []string{
    									"curl localhost\n",
    								},
    							},
    						},
    					},
    				},
    			}),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewRole(ctx, "ssmExecutionRole", &iam.RoleArgs{
    			Policies: iam.RolePolicyTypeArray{
    				&iam.RolePolicyTypeArgs{
    					PolicyDocument: pulumi.Any(map[string]interface{}{
    						"version": "2012-10-17",
    						"statement": []map[string]interface{}{
    							map[string]interface{}{
    								"action": []string{
    									"ssm:StartAssociationsOnce",
    									"ssm:CreateAssociation",
    									"ssm:CreateAssociationBatch",
    									"ssm:UpdateAssociation",
    								},
    								"resource": "*",
    								"effect":   "Allow",
    							},
    						},
    					}),
    					PolicyName: pulumi.String("ssm-association"),
    				},
    			},
    			Path: pulumi.String("/"),
    			ManagedPolicyArns: pulumi.StringArray{
    				pulumi.String("arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole"),
    			},
    			AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
    				"version": "2012-10-17",
    				"statement": []map[string]interface{}{
    					map[string]interface{}{
    						"effect": "Allow",
    						"principal": map[string]interface{}{
    							"service": []string{
    								"ec2.amazonaws.com",
    								"ssm.amazonaws.com",
    							},
    						},
    						"action": "sts:AssumeRole",
    					},
    				},
    			}),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewRole(ctx, "ssmInstanceRole", &iam.RoleArgs{
    			Policies: iam.RolePolicyTypeArray{
    				&iam.RolePolicyTypeArgs{
    					PolicyDocument: pulumi.Any(map[string]interface{}{
    						"version": "2012-10-17",
    						"statement": []map[string]interface{}{
    							map[string]interface{}{
    								"action": []string{
    									"s3:GetObject",
    								},
    								"resource": []string{
    									"arn:aws:s3:::aws-ssm-${AWS::Region}/*",
    									"arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
    									"arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
    									"arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
    									"arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
    									"arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
    								},
    								"effect": "Allow",
    							},
    						},
    					}),
    					PolicyName: pulumi.String("ssm-custom-s3-policy"),
    				},
    				&iam.RolePolicyTypeArgs{
    					PolicyDocument: pulumi.Any(map[string]interface{}{
    						"version": "2012-10-17",
    						"statement": []map[string]interface{}{
    							map[string]interface{}{
    								"action": []string{
    									"s3:GetObject",
    									"s3:PutObject",
    									"s3:PutObjectAcl",
    									"s3:ListBucket",
    								},
    								"resource": []string{
    									"arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
    									"arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
    								},
    								"effect": "Allow",
    							},
    						},
    					}),
    					PolicyName: pulumi.String("s3-instance-bucket-policy"),
    				},
    			},
    			Path: pulumi.String("/"),
    			ManagedPolicyArns: pulumi.StringArray{
    				pulumi.String("arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore"),
    				pulumi.String("arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy"),
    			},
    			AssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{
    				"version": "2012-10-17",
    				"statement": []map[string]interface{}{
    					map[string]interface{}{
    						"effect": "Allow",
    						"principal": map[string]interface{}{
    							"service": []string{
    								"ec2.amazonaws.com",
    								"ssm.amazonaws.com",
    							},
    						},
    						"action": "sts:AssumeRole",
    					},
    				},
    			}),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewInstanceProfile(ctx, "ssmInstanceProfile", &iam.InstanceProfileArgs{
    			Roles: pulumi.StringArray{
    				pulumi.String("SSMInstanceRole"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		ec2Instance, err := ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
    			ImageId:            pulumi.String("LatestAmiId"),
    			InstanceType:       pulumi.String("t3.medium"),
    			IamInstanceProfile: pulumi.String("SSMInstanceProfile"),
    			Tags: aws.TagArray{
    				&aws.TagArgs{
    					Key:   pulumi.String("nginx"),
    					Value: pulumi.String("true"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = ssm.NewAssociation(ctx, "nginxAssociation", &ssm.AssociationArgs{
    			Name: pulumi.String("nginxInstallAutomation"),
    			OutputLocation: &ssm.AssociationInstanceAssociationOutputLocationArgs{
    				S3Location: &ssm.AssociationS3OutputLocationArgs{
    					OutputS3BucketName: pulumi.String("SSMAssocLogs"),
    					OutputS3KeyPrefix:  pulumi.String("logs/"),
    				},
    			},
    			AutomationTargetParameterName: pulumi.String("InstanceId"),
    			Parameters: pulumi.StringArrayMap{
    				"automationAssumeRole": pulumi.StringArray{
    					pulumi.String("SSMExecutionRole.Arn"),
    				},
    			},
    			Targets: ssm.AssociationTargetArray{
    				&ssm.AssociationTargetArgs{
    					Key: pulumi.String("tag:nginx"),
    					Values: pulumi.StringArray{
    						pulumi.String("true"),
    					},
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			ec2Instance,
    		}))
    		if err != nil {
    			return err
    		}
    		ctx.Export("webServerPublic", pulumi.String("EC2Instance.PublicDnsName"))
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    config = pulumi.Config()
    latest_ami_id = config.get("latestAmiId")
    if latest_ami_id is None:
        latest_ami_id = ""
    latest_ami_id_value = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" if latest_ami_id == "" else aws_native.get_ssm_parameter_string(name=latest_ami_id).value
    ssm_assoc_logs = aws_native.s3.Bucket("ssmAssocLogs")
    nginx_install_automation = aws_native.ssm.Document("nginxInstallAutomation",
        document_type=aws_native.ssm.DocumentType.AUTOMATION,
        content={
            "schemaVersion": "0.3",
            "description": "Updates AMI with Linux distribution packages and installs Nginx software",
            "assumeRole": "{{AutomationAssumeRole}}",
            "parameters": {
                "instanceId": {
                    "description": "ID of the Instance.",
                    "type": "String",
                },
                "automationAssumeRole": {
                    "default": "",
                    "description": "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
                    "type": "String",
                },
            },
            "mainSteps": [
                {
                    "name": "updateOSSoftware",
                    "action": "aws:runCommand",
                    "maxAttempts": 3,
                    "timeoutSeconds": 3600,
                    "inputs": {
                        "documentName": "AWS-RunShellScript",
                        "instanceIds": ["{{InstanceId}}"],
                        "cloudWatchOutputConfig": {
                            "cloudWatchOutputEnabled": "true",
                        },
                        "parameters": {
                            "commands": ["""#!/bin/bash
    sudo yum update -y
    needs-restarting -r
    if [ $? -eq 1 ]
    then
            exit 194
    else
            exit 0
    fi
    """],
                        },
                    },
                },
                {
                    "name": "InstallNginx",
                    "action": "aws:runCommand",
                    "inputs": {
                        "documentName": "AWS-RunShellScript",
                        "instanceIds": ["{{InstanceId}}"],
                        "cloudWatchOutputConfig": {
                            "cloudWatchOutputEnabled": "true",
                        },
                        "parameters": {
                            "commands": ["""sudo amazon-linux-extras install nginx1 -y
    sudo service nginx start
    """],
                        },
                    },
                },
                {
                    "name": "TestInstall",
                    "action": "aws:runCommand",
                    "maxAttempts": 3,
                    "timeoutSeconds": 3600,
                    "onFailure": "Abort",
                    "inputs": {
                        "documentName": "AWS-RunShellScript",
                        "instanceIds": ["{{InstanceId}}"],
                        "parameters": {
                            "commands": ["curl localhost\n"],
                        },
                    },
                },
            ],
        })
    ssm_execution_role = aws_native.iam.Role("ssmExecutionRole",
        policies=[{
            "policy_document": {
                "version": "2012-10-17",
                "statement": [{
                    "action": [
                        "ssm:StartAssociationsOnce",
                        "ssm:CreateAssociation",
                        "ssm:CreateAssociationBatch",
                        "ssm:UpdateAssociation",
                    ],
                    "resource": "*",
                    "effect": "Allow",
                }],
            },
            "policy_name": "ssm-association",
        }],
        path="/",
        managed_policy_arns=["arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole"],
        assume_role_policy_document={
            "version": "2012-10-17",
            "statement": [{
                "effect": "Allow",
                "principal": {
                    "service": [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                "action": "sts:AssumeRole",
            }],
        })
    ssm_instance_role = aws_native.iam.Role("ssmInstanceRole",
        policies=[
            {
                "policy_document": {
                    "version": "2012-10-17",
                    "statement": [{
                        "action": ["s3:GetObject"],
                        "resource": [
                            "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                            "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                            "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                        ],
                        "effect": "Allow",
                    }],
                },
                "policy_name": "ssm-custom-s3-policy",
            },
            {
                "policy_document": {
                    "version": "2012-10-17",
                    "statement": [{
                        "action": [
                            "s3:GetObject",
                            "s3:PutObject",
                            "s3:PutObjectAcl",
                            "s3:ListBucket",
                        ],
                        "resource": [
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                        ],
                        "effect": "Allow",
                    }],
                },
                "policy_name": "s3-instance-bucket-policy",
            },
        ],
        path="/",
        managed_policy_arns=[
            "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
            "arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
        ],
        assume_role_policy_document={
            "version": "2012-10-17",
            "statement": [{
                "effect": "Allow",
                "principal": {
                    "service": [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                "action": "sts:AssumeRole",
            }],
        })
    ssm_instance_profile = aws_native.iam.InstanceProfile("ssmInstanceProfile", roles=["SSMInstanceRole"])
    ec2_instance = aws_native.ec2.Instance("ec2Instance",
        image_id="LatestAmiId",
        instance_type="t3.medium",
        iam_instance_profile="SSMInstanceProfile",
        tags=[{
            "key": "nginx",
            "value": "true",
        }])
    nginx_association = aws_native.ssm.Association("nginxAssociation",
        name="nginxInstallAutomation",
        output_location={
            "s3_location": {
                "output_s3_bucket_name": "SSMAssocLogs",
                "output_s3_key_prefix": "logs/",
            },
        },
        automation_target_parameter_name="InstanceId",
        parameters={
            "automationAssumeRole": ["SSMExecutionRole.Arn"],
        },
        targets=[{
            "key": "tag:nginx",
            "values": ["true"],
        }],
        opts = pulumi.ResourceOptions(depends_on=[ec2_instance]))
    pulumi.export("webServerPublic", "EC2Instance.PublicDnsName")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const config = new pulumi.Config();
    const latestAmiId = config.get("latestAmiId") || "";
    const latestAmiIdValue = latestAmiId == "" ? "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" : aws_native.getSsmParameterString({
        name: latestAmiId,
    }).then(invoke => invoke.value);
    const ssmAssocLogs = new aws_native.s3.Bucket("ssmAssocLogs", {});
    const nginxInstallAutomation = new aws_native.ssm.Document("nginxInstallAutomation", {
        documentType: aws_native.ssm.DocumentType.Automation,
        content: {
            schemaVersion: "0.3",
            description: "Updates AMI with Linux distribution packages and installs Nginx software",
            assumeRole: "{{AutomationAssumeRole}}",
            parameters: {
                instanceId: {
                    description: "ID of the Instance.",
                    type: "String",
                },
                automationAssumeRole: {
                    "default": "",
                    description: "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.",
                    type: "String",
                },
            },
            mainSteps: [
                {
                    name: "updateOSSoftware",
                    action: "aws:runCommand",
                    maxAttempts: 3,
                    timeoutSeconds: 3600,
                    inputs: {
                        documentName: "AWS-RunShellScript",
                        instanceIds: ["{{InstanceId}}"],
                        cloudWatchOutputConfig: {
                            cloudWatchOutputEnabled: "true",
                        },
                        parameters: {
                            commands: [`#!/bin/bash
    sudo yum update -y
    needs-restarting -r
    if [ ? -eq 1 ]
    then
            exit 194
    else
            exit 0
    fi
    `],
                        },
                    },
                },
                {
                    name: "InstallNginx",
                    action: "aws:runCommand",
                    inputs: {
                        documentName: "AWS-RunShellScript",
                        instanceIds: ["{{InstanceId}}"],
                        cloudWatchOutputConfig: {
                            cloudWatchOutputEnabled: "true",
                        },
                        parameters: {
                            commands: [`sudo amazon-linux-extras install nginx1 -y
    sudo service nginx start
    `],
                        },
                    },
                },
                {
                    name: "TestInstall",
                    action: "aws:runCommand",
                    maxAttempts: 3,
                    timeoutSeconds: 3600,
                    onFailure: "Abort",
                    inputs: {
                        documentName: "AWS-RunShellScript",
                        instanceIds: ["{{InstanceId}}"],
                        parameters: {
                            commands: ["curl localhost\n"],
                        },
                    },
                },
            ],
        },
    });
    const ssmExecutionRole = new aws_native.iam.Role("ssmExecutionRole", {
        policies: [{
            policyDocument: {
                version: "2012-10-17",
                statement: [{
                    action: [
                        "ssm:StartAssociationsOnce",
                        "ssm:CreateAssociation",
                        "ssm:CreateAssociationBatch",
                        "ssm:UpdateAssociation",
                    ],
                    resource: "*",
                    effect: "Allow",
                }],
            },
            policyName: "ssm-association",
        }],
        path: "/",
        managedPolicyArns: ["arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonSSMAutomationRole"],
        assumeRolePolicyDocument: {
            version: "2012-10-17",
            statement: [{
                effect: "Allow",
                principal: {
                    service: [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                action: "sts:AssumeRole",
            }],
        },
    });
    const ssmInstanceRole = new aws_native.iam.Role("ssmInstanceRole", {
        policies: [
            {
                policyDocument: {
                    version: "2012-10-17",
                    statement: [{
                        action: ["s3:GetObject"],
                        resource: [
                            "arn:aws:s3:::aws-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::aws-windows-downloads-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-${AWS::Region}/*",
                            "arn:aws:s3:::amazon-ssm-packages-${AWS::Region}/*",
                            "arn:aws:s3:::${AWS::Region}-birdwatcher-prod/*",
                            "arn:aws:s3:::patch-baseline-snapshot-${AWS::Region}/*",
                        ],
                        effect: "Allow",
                    }],
                },
                policyName: "ssm-custom-s3-policy",
            },
            {
                policyDocument: {
                    version: "2012-10-17",
                    statement: [{
                        action: [
                            "s3:GetObject",
                            "s3:PutObject",
                            "s3:PutObjectAcl",
                            "s3:ListBucket",
                        ],
                        resource: [
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}/*",
                            "arn:${AWS::Partition}:s3:::${SSMAssocLogs}",
                        ],
                        effect: "Allow",
                    }],
                },
                policyName: "s3-instance-bucket-policy",
            },
        ],
        path: "/",
        managedPolicyArns: [
            "arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore",
            "arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy",
        ],
        assumeRolePolicyDocument: {
            version: "2012-10-17",
            statement: [{
                effect: "Allow",
                principal: {
                    service: [
                        "ec2.amazonaws.com",
                        "ssm.amazonaws.com",
                    ],
                },
                action: "sts:AssumeRole",
            }],
        },
    });
    const ssmInstanceProfile = new aws_native.iam.InstanceProfile("ssmInstanceProfile", {roles: ["SSMInstanceRole"]});
    const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
        imageId: "LatestAmiId",
        instanceType: "t3.medium",
        iamInstanceProfile: "SSMInstanceProfile",
        tags: [{
            key: "nginx",
            value: "true",
        }],
    });
    const nginxAssociation = new aws_native.ssm.Association("nginxAssociation", {
        name: "nginxInstallAutomation",
        outputLocation: {
            s3Location: {
                outputS3BucketName: "SSMAssocLogs",
                outputS3KeyPrefix: "logs/",
            },
        },
        automationTargetParameterName: "InstanceId",
        parameters: {
            automationAssumeRole: ["SSMExecutionRole.Arn"],
        },
        targets: [{
            key: "tag:nginx",
            values: ["true"],
        }],
    }, {
        dependsOn: [ec2Instance],
    });
    export const webServerPublic = "EC2Instance.PublicDnsName";
    

    Coming soon!

    Create Bucket Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Bucket(name: string, args?: BucketArgs, opts?: CustomResourceOptions);
    @overload
    def Bucket(resource_name: str,
               args: Optional[BucketArgs] = None,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Bucket(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               accelerate_configuration: Optional[BucketAccelerateConfigurationArgs] = None,
               access_control: Optional[BucketAccessControl] = None,
               analytics_configurations: Optional[Sequence[BucketAnalyticsConfigurationArgs]] = None,
               bucket_encryption: Optional[BucketEncryptionArgs] = None,
               bucket_name: Optional[str] = None,
               cors_configuration: Optional[BucketCorsConfigurationArgs] = None,
               intelligent_tiering_configurations: Optional[Sequence[BucketIntelligentTieringConfigurationArgs]] = None,
               inventory_configurations: Optional[Sequence[BucketInventoryConfigurationArgs]] = None,
               lifecycle_configuration: Optional[BucketLifecycleConfigurationArgs] = None,
               logging_configuration: Optional[BucketLoggingConfigurationArgs] = None,
               metrics_configurations: Optional[Sequence[BucketMetricsConfigurationArgs]] = None,
               notification_configuration: Optional[BucketNotificationConfigurationArgs] = None,
               object_lock_configuration: Optional[BucketObjectLockConfigurationArgs] = None,
               object_lock_enabled: Optional[bool] = None,
               ownership_controls: Optional[BucketOwnershipControlsArgs] = None,
               public_access_block_configuration: Optional[BucketPublicAccessBlockConfigurationArgs] = None,
               replication_configuration: Optional[BucketReplicationConfigurationArgs] = None,
               tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
               versioning_configuration: Optional[BucketVersioningConfigurationArgs] = None,
               website_configuration: Optional[BucketWebsiteConfigurationArgs] = None)
    func NewBucket(ctx *Context, name string, args *BucketArgs, opts ...ResourceOption) (*Bucket, error)
    public Bucket(string name, BucketArgs? args = null, CustomResourceOptions? opts = null)
    public Bucket(String name, BucketArgs args)
    public Bucket(String name, BucketArgs args, CustomResourceOptions options)
    
    type: aws-native:s3:Bucket
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args BucketArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args BucketArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args BucketArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args BucketArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args BucketArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Bucket Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Bucket resource accepts the following input properties:

    AccelerateConfiguration Pulumi.AwsNative.S3.Inputs.BucketAccelerateConfiguration
    Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
    AccessControl Pulumi.AwsNative.S3.BucketAccessControl
    This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
    AnalyticsConfigurations List<Pulumi.AwsNative.S3.Inputs.BucketAnalyticsConfiguration>
    Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
    BucketEncryption Pulumi.AwsNative.S3.Inputs.BucketEncryption
    Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
    BucketName string
    A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
    CorsConfiguration Pulumi.AwsNative.S3.Inputs.BucketCorsConfiguration
    Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
    IntelligentTieringConfigurations List<Pulumi.AwsNative.S3.Inputs.BucketIntelligentTieringConfiguration>
    Defines how Amazon S3 handles Intelligent-Tiering storage.
    InventoryConfigurations List<Pulumi.AwsNative.S3.Inputs.BucketInventoryConfiguration>
    Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
    LifecycleConfiguration Pulumi.AwsNative.S3.Inputs.BucketLifecycleConfiguration
    Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
    LoggingConfiguration Pulumi.AwsNative.S3.Inputs.BucketLoggingConfiguration
    Settings that define where logs are stored.
    MetricsConfigurations List<Pulumi.AwsNative.S3.Inputs.BucketMetricsConfiguration>
    Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
    NotificationConfiguration Pulumi.AwsNative.S3.Inputs.BucketNotificationConfiguration
    Configuration that defines how Amazon S3 handles bucket notifications.
    ObjectLockConfiguration Pulumi.AwsNative.S3.Inputs.BucketObjectLockConfiguration
    This operation is not supported by directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.

    • The DefaultRetention settings require both a mode and a period.
    • The DefaultRetention period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.
    • You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
    ObjectLockEnabled bool
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    OwnershipControls Pulumi.AwsNative.S3.Inputs.BucketOwnershipControls
    Configuration that defines how Amazon S3 handles Object Ownership rules.
    PublicAccessBlockConfiguration Pulumi.AwsNative.S3.Inputs.BucketPublicAccessBlockConfiguration
    Configuration that defines how Amazon S3 handles public access.
    ReplicationConfiguration Pulumi.AwsNative.S3.Inputs.BucketReplicationConfiguration
    Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
    Tags List<Pulumi.AwsNative.Inputs.Tag>
    An arbitrary set of tags (key-value pairs) for this S3 bucket.
    VersioningConfiguration Pulumi.AwsNative.S3.Inputs.BucketVersioningConfiguration
    Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.
    WebsiteConfiguration Pulumi.AwsNative.S3.Inputs.BucketWebsiteConfiguration
    Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
    AccelerateConfiguration BucketAccelerateConfigurationArgs
    Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
    AccessControl BucketAccessControl
    This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
    AnalyticsConfigurations []BucketAnalyticsConfigurationArgs
    Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
    BucketEncryption BucketEncryptionArgs
    Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
    BucketName string
    A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
    CorsConfiguration BucketCorsConfigurationArgs
    Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
    IntelligentTieringConfigurations []BucketIntelligentTieringConfigurationArgs
    Defines how Amazon S3 handles Intelligent-Tiering storage.
    InventoryConfigurations []BucketInventoryConfigurationArgs
    Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
    LifecycleConfiguration BucketLifecycleConfigurationArgs
    Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
    LoggingConfiguration BucketLoggingConfigurationArgs
    Settings that define where logs are stored.
    MetricsConfigurations []BucketMetricsConfigurationArgs
    Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
    NotificationConfiguration BucketNotificationConfigurationArgs
    Configuration that defines how Amazon S3 handles bucket notifications.
    ObjectLockConfiguration BucketObjectLockConfigurationArgs
    This operation is not supported by directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.

    • The DefaultRetention settings require both a mode and a period.
    • The DefaultRetention period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.
    • You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
    ObjectLockEnabled bool
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    OwnershipControls BucketOwnershipControlsArgs
    Configuration that defines how Amazon S3 handles Object Ownership rules.
    PublicAccessBlockConfiguration BucketPublicAccessBlockConfigurationArgs
    Configuration that defines how Amazon S3 handles public access.
    ReplicationConfiguration BucketReplicationConfigurationArgs
    Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
    Tags TagArgs
    An arbitrary set of tags (key-value pairs) for this S3 bucket.
    VersioningConfiguration BucketVersioningConfigurationArgs
    Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.
    WebsiteConfiguration BucketWebsiteConfigurationArgs
    Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
    accelerateConfiguration BucketAccelerateConfiguration
    Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
    accessControl BucketAccessControl
    This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
    analyticsConfigurations List<BucketAnalyticsConfiguration>
    Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
    bucketEncryption BucketEncryption
    Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
    bucketName String
    A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
    corsConfiguration BucketCorsConfiguration
    Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
    intelligentTieringConfigurations List<BucketIntelligentTieringConfiguration>
    Defines how Amazon S3 handles Intelligent-Tiering storage.
    inventoryConfigurations List<BucketInventoryConfiguration>
    Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
    lifecycleConfiguration BucketLifecycleConfiguration
    Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
    loggingConfiguration BucketLoggingConfiguration
    Settings that define where logs are stored.
    metricsConfigurations List<BucketMetricsConfiguration>
    Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
    notificationConfiguration BucketNotificationConfiguration
    Configuration that defines how Amazon S3 handles bucket notifications.
    objectLockConfiguration BucketObjectLockConfiguration
    This operation is not supported by directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.

    • The DefaultRetention settings require both a mode and a period.
    • The DefaultRetention period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.
    • You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
    objectLockEnabled Boolean
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    ownershipControls BucketOwnershipControls
    Configuration that defines how Amazon S3 handles Object Ownership rules.
    publicAccessBlockConfiguration BucketPublicAccessBlockConfiguration
    Configuration that defines how Amazon S3 handles public access.
    replicationConfiguration BucketReplicationConfiguration
    Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
    tags List<Tag>
    An arbitrary set of tags (key-value pairs) for this S3 bucket.
    versioningConfiguration BucketVersioningConfiguration
    Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.
    websiteConfiguration BucketWebsiteConfiguration
    Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
    accelerateConfiguration BucketAccelerateConfiguration
    Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
    accessControl BucketAccessControl
    This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
    analyticsConfigurations BucketAnalyticsConfiguration[]
    Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
    bucketEncryption BucketEncryption
    Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
    bucketName string
    A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
    corsConfiguration BucketCorsConfiguration
    Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
    intelligentTieringConfigurations BucketIntelligentTieringConfiguration[]
    Defines how Amazon S3 handles Intelligent-Tiering storage.
    inventoryConfigurations BucketInventoryConfiguration[]
    Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
    lifecycleConfiguration BucketLifecycleConfiguration
    Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
    loggingConfiguration BucketLoggingConfiguration
    Settings that define where logs are stored.
    metricsConfigurations BucketMetricsConfiguration[]
    Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
    notificationConfiguration BucketNotificationConfiguration
    Configuration that defines how Amazon S3 handles bucket notifications.
    objectLockConfiguration BucketObjectLockConfiguration
    This operation is not supported by directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.

    • The DefaultRetention settings require both a mode and a period.
    • The DefaultRetention period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.
    • You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
    objectLockEnabled boolean
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    ownershipControls BucketOwnershipControls
    Configuration that defines how Amazon S3 handles Object Ownership rules.
    publicAccessBlockConfiguration BucketPublicAccessBlockConfiguration
    Configuration that defines how Amazon S3 handles public access.
    replicationConfiguration BucketReplicationConfiguration
    Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
    tags Tag[]
    An arbitrary set of tags (key-value pairs) for this S3 bucket.
    versioningConfiguration BucketVersioningConfiguration
    Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.
    websiteConfiguration BucketWebsiteConfiguration
    Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
    accelerate_configuration BucketAccelerateConfigurationArgs
    Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
    access_control BucketAccessControl
    This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
    analytics_configurations Sequence[BucketAnalyticsConfigurationArgs]
    Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
    bucket_encryption BucketEncryptionArgs
    Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
    bucket_name str
    A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
    cors_configuration BucketCorsConfigurationArgs
    Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
    intelligent_tiering_configurations Sequence[BucketIntelligentTieringConfigurationArgs]
    Defines how Amazon S3 handles Intelligent-Tiering storage.
    inventory_configurations Sequence[BucketInventoryConfigurationArgs]
    Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
    lifecycle_configuration BucketLifecycleConfigurationArgs
    Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
    logging_configuration BucketLoggingConfigurationArgs
    Settings that define where logs are stored.
    metrics_configurations Sequence[BucketMetricsConfigurationArgs]
    Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
    notification_configuration BucketNotificationConfigurationArgs
    Configuration that defines how Amazon S3 handles bucket notifications.
    object_lock_configuration BucketObjectLockConfigurationArgs
    This operation is not supported by directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.

    • The DefaultRetention settings require both a mode and a period.
    • The DefaultRetention period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.
    • You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
    object_lock_enabled bool
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    ownership_controls BucketOwnershipControlsArgs
    Configuration that defines how Amazon S3 handles Object Ownership rules.
    public_access_block_configuration BucketPublicAccessBlockConfigurationArgs
    Configuration that defines how Amazon S3 handles public access.
    replication_configuration BucketReplicationConfigurationArgs
    Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
    tags Sequence[TagArgs]
    An arbitrary set of tags (key-value pairs) for this S3 bucket.
    versioning_configuration BucketVersioningConfigurationArgs
    Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.
    website_configuration BucketWebsiteConfigurationArgs
    Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.
    accelerateConfiguration Property Map
    Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see Amazon S3 Transfer Acceleration in the Amazon S3 User Guide.
    accessControl "AuthenticatedRead" | "AwsExecRead" | "BucketOwnerFullControl" | "BucketOwnerRead" | "LogDeliveryWrite" | "Private" | "PublicRead" | "PublicReadWrite"
    This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see Controlling object ownership in the Amazon S3 User Guide. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see Canned ACL in the Amazon S3 User Guide. S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the AWS::S3::OwnershipControls property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see AWS::S3::BucketPolicy. For examples of common policy configurations, including S3 Server Access Logs buckets and more, see Bucket policy examples in the Amazon S3 User Guide.
    analyticsConfigurations List<Property Map>
    Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
    bucketEncryption Property Map
    Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
    bucketName String
    A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow Amazon S3 bucket restrictions and limitations. For more information, see Rules for naming Amazon S3 buckets in the Amazon S3 User Guide. If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
    corsConfiguration Property Map
    Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
    intelligentTieringConfigurations List<Property Map>
    Defines how Amazon S3 handles Intelligent-Tiering storage.
    inventoryConfigurations List<Property Map>
    Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory in the Amazon S3 API Reference.
    lifecycleConfiguration Property Map
    Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see Object Lifecycle Management in the Amazon S3 User Guide.
    loggingConfiguration Property Map
    Settings that define where logs are stored.
    metricsConfigurations List<Property Map>
    Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration.
    notificationConfiguration Property Map
    Configuration that defines how Amazon S3 handles bucket notifications.
    objectLockConfiguration Property Map
    This operation is not supported by directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see Locking Objects.

    • The DefaultRetention settings require both a mode and a period.
    • The DefaultRetention period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.
    • You can enable Object Lock for new or existing buckets. For more information, see Configuring Object Lock.
    objectLockEnabled Boolean
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    ownershipControls Property Map
    Configuration that defines how Amazon S3 handles Object Ownership rules.
    publicAccessBlockConfiguration Property Map
    Configuration that defines how Amazon S3 handles public access.
    replicationConfiguration Property Map
    Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
    tags List<Property Map>
    An arbitrary set of tags (key-value pairs) for this S3 bucket.
    versioningConfiguration Property Map
    Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.
    websiteConfiguration Property Map
    Information used to configure the bucket as a static website. For more information, see Hosting Websites on Amazon S3.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Bucket resource produces the following output properties:

    Arn string

    Returns the Amazon Resource Name (ARN) of the specified bucket.

    Example: arn:aws:s3:::DOC-EXAMPLE-BUCKET

    DomainName string

    Returns the IPv4 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.amazonaws.com

    DualStackDomainName string

    Returns the IPv6 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .

    Id string
    The provider-assigned unique ID for this managed resource.
    RegionalDomainName string

    Returns the regional domain name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com

    WebsiteUrl string

    Returns the Amazon S3 website endpoint for the specified bucket.

    Example (IPv4): http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com

    Example (IPv6): http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    Arn string

    Returns the Amazon Resource Name (ARN) of the specified bucket.

    Example: arn:aws:s3:::DOC-EXAMPLE-BUCKET

    DomainName string

    Returns the IPv4 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.amazonaws.com

    DualStackDomainName string

    Returns the IPv6 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .

    Id string
    The provider-assigned unique ID for this managed resource.
    RegionalDomainName string

    Returns the regional domain name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com

    WebsiteUrl string

    Returns the Amazon S3 website endpoint for the specified bucket.

    Example (IPv4): http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com

    Example (IPv6): http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    arn String

    Returns the Amazon Resource Name (ARN) of the specified bucket.

    Example: arn:aws:s3:::DOC-EXAMPLE-BUCKET

    domainName String

    Returns the IPv4 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.amazonaws.com

    dualStackDomainName String

    Returns the IPv6 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .

    id String
    The provider-assigned unique ID for this managed resource.
    regionalDomainName String

    Returns the regional domain name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com

    websiteUrl String

    Returns the Amazon S3 website endpoint for the specified bucket.

    Example (IPv4): http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com

    Example (IPv6): http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    arn string

    Returns the Amazon Resource Name (ARN) of the specified bucket.

    Example: arn:aws:s3:::DOC-EXAMPLE-BUCKET

    domainName string

    Returns the IPv4 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.amazonaws.com

    dualStackDomainName string

    Returns the IPv6 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .

    id string
    The provider-assigned unique ID for this managed resource.
    regionalDomainName string

    Returns the regional domain name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com

    websiteUrl string

    Returns the Amazon S3 website endpoint for the specified bucket.

    Example (IPv4): http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com

    Example (IPv6): http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    arn str

    Returns the Amazon Resource Name (ARN) of the specified bucket.

    Example: arn:aws:s3:::DOC-EXAMPLE-BUCKET

    domain_name str

    Returns the IPv4 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.amazonaws.com

    dual_stack_domain_name str

    Returns the IPv6 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .

    id str
    The provider-assigned unique ID for this managed resource.
    regional_domain_name str

    Returns the regional domain name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com

    website_url str

    Returns the Amazon S3 website endpoint for the specified bucket.

    Example (IPv4): http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com

    Example (IPv6): http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    arn String

    Returns the Amazon Resource Name (ARN) of the specified bucket.

    Example: arn:aws:s3:::DOC-EXAMPLE-BUCKET

    domainName String

    Returns the IPv4 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.amazonaws.com

    dualStackDomainName String

    Returns the IPv6 DNS name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    For more information about dual-stack endpoints, see Using Amazon S3 Dual-Stack Endpoints .

    id String
    The provider-assigned unique ID for this managed resource.
    regionalDomainName String

    Returns the regional domain name of the specified bucket.

    Example: DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com

    websiteUrl String

    Returns the Amazon S3 website endpoint for the specified bucket.

    Example (IPv4): http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com

    Example (IPv6): http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com

    Supporting Types

    BucketAbortIncompleteMultipartUpload, BucketAbortIncompleteMultipartUploadArgs

    DaysAfterInitiation int
    Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
    DaysAfterInitiation int
    Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
    daysAfterInitiation Integer
    Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
    daysAfterInitiation number
    Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
    days_after_initiation int
    Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
    daysAfterInitiation Number
    Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.

    BucketAccelerateConfiguration, BucketAccelerateConfigurationArgs

    AccelerationStatus Pulumi.AwsNative.S3.BucketAccelerateConfigurationAccelerationStatus
    Specifies the transfer acceleration status of the bucket.
    AccelerationStatus BucketAccelerateConfigurationAccelerationStatus
    Specifies the transfer acceleration status of the bucket.
    accelerationStatus BucketAccelerateConfigurationAccelerationStatus
    Specifies the transfer acceleration status of the bucket.
    accelerationStatus BucketAccelerateConfigurationAccelerationStatus
    Specifies the transfer acceleration status of the bucket.
    acceleration_status BucketAccelerateConfigurationAccelerationStatus
    Specifies the transfer acceleration status of the bucket.
    accelerationStatus "Enabled" | "Suspended"
    Specifies the transfer acceleration status of the bucket.

    BucketAccelerateConfigurationAccelerationStatus, BucketAccelerateConfigurationAccelerationStatusArgs

    Enabled
    Enabled
    Suspended
    Suspended
    BucketAccelerateConfigurationAccelerationStatusEnabled
    Enabled
    BucketAccelerateConfigurationAccelerationStatusSuspended
    Suspended
    Enabled
    Enabled
    Suspended
    Suspended
    Enabled
    Enabled
    Suspended
    Suspended
    ENABLED
    Enabled
    SUSPENDED
    Suspended
    "Enabled"
    Enabled
    "Suspended"
    Suspended

    BucketAccessControl, BucketAccessControlArgs

    AuthenticatedRead
    AuthenticatedRead
    AwsExecRead
    AwsExecRead
    BucketOwnerFullControl
    BucketOwnerFullControl
    BucketOwnerRead
    BucketOwnerRead
    LogDeliveryWrite
    LogDeliveryWrite
    Private
    Private
    PublicRead
    PublicRead
    PublicReadWrite
    PublicReadWrite
    BucketAccessControlAuthenticatedRead
    AuthenticatedRead
    BucketAccessControlAwsExecRead
    AwsExecRead
    BucketAccessControlBucketOwnerFullControl
    BucketOwnerFullControl
    BucketAccessControlBucketOwnerRead
    BucketOwnerRead
    BucketAccessControlLogDeliveryWrite
    LogDeliveryWrite
    BucketAccessControlPrivate
    Private
    BucketAccessControlPublicRead
    PublicRead
    BucketAccessControlPublicReadWrite
    PublicReadWrite
    AuthenticatedRead
    AuthenticatedRead
    AwsExecRead
    AwsExecRead
    BucketOwnerFullControl
    BucketOwnerFullControl
    BucketOwnerRead
    BucketOwnerRead
    LogDeliveryWrite
    LogDeliveryWrite
    Private
    Private
    PublicRead
    PublicRead
    PublicReadWrite
    PublicReadWrite
    AuthenticatedRead
    AuthenticatedRead
    AwsExecRead
    AwsExecRead
    BucketOwnerFullControl
    BucketOwnerFullControl
    BucketOwnerRead
    BucketOwnerRead
    LogDeliveryWrite
    LogDeliveryWrite
    Private
    Private
    PublicRead
    PublicRead
    PublicReadWrite
    PublicReadWrite
    AUTHENTICATED_READ
    AuthenticatedRead
    AWS_EXEC_READ
    AwsExecRead
    BUCKET_OWNER_FULL_CONTROL
    BucketOwnerFullControl
    BUCKET_OWNER_READ
    BucketOwnerRead
    LOG_DELIVERY_WRITE
    LogDeliveryWrite
    PRIVATE
    Private
    PUBLIC_READ
    PublicRead
    PUBLIC_READ_WRITE
    PublicReadWrite
    "AuthenticatedRead"
    AuthenticatedRead
    "AwsExecRead"
    AwsExecRead
    "BucketOwnerFullControl"
    BucketOwnerFullControl
    "BucketOwnerRead"
    BucketOwnerRead
    "LogDeliveryWrite"
    LogDeliveryWrite
    "Private"
    Private
    "PublicRead"
    PublicRead
    "PublicReadWrite"
    PublicReadWrite

    BucketAccessControlTranslation, BucketAccessControlTranslationArgs

    Owner string
    Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
    Owner string
    Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
    owner String
    Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
    owner string
    Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
    owner str
    Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.
    owner String
    Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference.

    BucketAnalyticsConfiguration, BucketAnalyticsConfigurationArgs

    Id string
    The ID that identifies the analytics configuration.
    StorageClassAnalysis Pulumi.AwsNative.S3.Inputs.BucketStorageClassAnalysis
    Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
    Prefix string
    The prefix that an object must have to be included in the analytics results.
    TagFilters List<Pulumi.AwsNative.S3.Inputs.BucketTagFilter>
    The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
    Id string
    The ID that identifies the analytics configuration.
    StorageClassAnalysis BucketStorageClassAnalysis
    Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
    Prefix string
    The prefix that an object must have to be included in the analytics results.
    TagFilters []BucketTagFilter
    The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
    id String
    The ID that identifies the analytics configuration.
    storageClassAnalysis BucketStorageClassAnalysis
    Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
    prefix String
    The prefix that an object must have to be included in the analytics results.
    tagFilters List<BucketTagFilter>
    The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
    id string
    The ID that identifies the analytics configuration.
    storageClassAnalysis BucketStorageClassAnalysis
    Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
    prefix string
    The prefix that an object must have to be included in the analytics results.
    tagFilters BucketTagFilter[]
    The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
    id str
    The ID that identifies the analytics configuration.
    storage_class_analysis BucketStorageClassAnalysis
    Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
    prefix str
    The prefix that an object must have to be included in the analytics results.
    tag_filters Sequence[BucketTagFilter]
    The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
    id String
    The ID that identifies the analytics configuration.
    storageClassAnalysis Property Map
    Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
    prefix String
    The prefix that an object must have to be included in the analytics results.
    tagFilters List<Property Map>
    The tags to use when evaluating an analytics filter. The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.

    BucketCorsConfiguration, BucketCorsConfigurationArgs

    CorsRules List<Pulumi.AwsNative.S3.Inputs.BucketCorsRule>
    A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
    CorsRules []BucketCorsRule
    A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
    corsRules List<BucketCorsRule>
    A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
    corsRules BucketCorsRule[]
    A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
    cors_rules Sequence[BucketCorsRule]
    A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
    corsRules List<Property Map>
    A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.

    BucketCorsRule, BucketCorsRuleArgs

    AllowedMethods List<Pulumi.AwsNative.S3.BucketCorsRuleAllowedMethodsItem>
    An HTTP method that you allow the origin to run. Allowed values: GET | PUT | HEAD | POST | DELETE
    AllowedOrigins List<string>
    One or more origins you want customers to be able to access the bucket from.
    AllowedHeaders List<string>
    Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
    ExposedHeaders List<string>
    One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
    Id string
    A unique identifier for this rule. The value must be no more than 255 characters.
    MaxAge int
    The time in seconds that your browser is to cache the preflight response for the specified resource.
    AllowedMethods []BucketCorsRuleAllowedMethodsItem
    An HTTP method that you allow the origin to run. Allowed values: GET | PUT | HEAD | POST | DELETE
    AllowedOrigins []string
    One or more origins you want customers to be able to access the bucket from.
    AllowedHeaders []string
    Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
    ExposedHeaders []string
    One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
    Id string
    A unique identifier for this rule. The value must be no more than 255 characters.
    MaxAge int
    The time in seconds that your browser is to cache the preflight response for the specified resource.
    allowedMethods List<BucketCorsRuleAllowedMethodsItem>
    An HTTP method that you allow the origin to run. Allowed values: GET | PUT | HEAD | POST | DELETE
    allowedOrigins List<String>
    One or more origins you want customers to be able to access the bucket from.
    allowedHeaders List<String>
    Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
    exposedHeaders List<String>
    One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
    id String
    A unique identifier for this rule. The value must be no more than 255 characters.
    maxAge Integer
    The time in seconds that your browser is to cache the preflight response for the specified resource.
    allowedMethods BucketCorsRuleAllowedMethodsItem[]
    An HTTP method that you allow the origin to run. Allowed values: GET | PUT | HEAD | POST | DELETE
    allowedOrigins string[]
    One or more origins you want customers to be able to access the bucket from.
    allowedHeaders string[]
    Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
    exposedHeaders string[]
    One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
    id string
    A unique identifier for this rule. The value must be no more than 255 characters.
    maxAge number
    The time in seconds that your browser is to cache the preflight response for the specified resource.
    allowed_methods Sequence[BucketCorsRuleAllowedMethodsItem]
    An HTTP method that you allow the origin to run. Allowed values: GET | PUT | HEAD | POST | DELETE
    allowed_origins Sequence[str]
    One or more origins you want customers to be able to access the bucket from.
    allowed_headers Sequence[str]
    Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
    exposed_headers Sequence[str]
    One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
    id str
    A unique identifier for this rule. The value must be no more than 255 characters.
    max_age int
    The time in seconds that your browser is to cache the preflight response for the specified resource.
    allowedMethods List<"GET" | "PUT" | "HEAD" | "POST" | "DELETE">
    An HTTP method that you allow the origin to run. Allowed values: GET | PUT | HEAD | POST | DELETE
    allowedOrigins List<String>
    One or more origins you want customers to be able to access the bucket from.
    allowedHeaders List<String>
    Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
    exposedHeaders List<String>
    One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
    id String
    A unique identifier for this rule. The value must be no more than 255 characters.
    maxAge Number
    The time in seconds that your browser is to cache the preflight response for the specified resource.

    BucketCorsRuleAllowedMethodsItem, BucketCorsRuleAllowedMethodsItemArgs

    Get
    GET
    Put
    PUT
    Head
    HEAD
    Post
    POST
    Delete
    DELETE
    BucketCorsRuleAllowedMethodsItemGet
    GET
    BucketCorsRuleAllowedMethodsItemPut
    PUT
    BucketCorsRuleAllowedMethodsItemHead
    HEAD
    BucketCorsRuleAllowedMethodsItemPost
    POST
    BucketCorsRuleAllowedMethodsItemDelete
    DELETE
    Get
    GET
    Put
    PUT
    Head
    HEAD
    Post
    POST
    Delete
    DELETE
    Get
    GET
    Put
    PUT
    Head
    HEAD
    Post
    POST
    Delete
    DELETE
    GET
    GET
    PUT
    PUT
    HEAD
    HEAD
    POST
    POST
    DELETE
    DELETE
    "GET"
    GET
    "PUT"
    PUT
    "HEAD"
    HEAD
    "POST"
    POST
    "DELETE"
    DELETE

    BucketDataExport, BucketDataExportArgs

    Destination Pulumi.AwsNative.S3.Inputs.BucketDestination
    The place to store the data for an analysis.
    OutputSchemaVersion string
    The version of the output schema to use when exporting data. Must be V_1.
    Destination BucketDestination
    The place to store the data for an analysis.
    OutputSchemaVersion string
    The version of the output schema to use when exporting data. Must be V_1.
    destination BucketDestination
    The place to store the data for an analysis.
    outputSchemaVersion String
    The version of the output schema to use when exporting data. Must be V_1.
    destination BucketDestination
    The place to store the data for an analysis.
    outputSchemaVersion string
    The version of the output schema to use when exporting data. Must be V_1.
    destination BucketDestination
    The place to store the data for an analysis.
    output_schema_version str
    The version of the output schema to use when exporting data. Must be V_1.
    destination Property Map
    The place to store the data for an analysis.
    outputSchemaVersion String
    The version of the output schema to use when exporting data. Must be V_1.

    BucketDefaultRetention, BucketDefaultRetentionArgs

    Days int
    The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    Mode Pulumi.AwsNative.S3.BucketDefaultRetentionMode
    The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    Years int
    The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    Days int
    The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    Mode BucketDefaultRetentionMode
    The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    Years int
    The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    days Integer
    The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    mode BucketDefaultRetentionMode
    The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    years Integer
    The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    days number
    The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    mode BucketDefaultRetentionMode
    The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    years number
    The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    days int
    The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    mode BucketDefaultRetentionMode
    The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    years int
    The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    days Number
    The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    mode "COMPLIANCE" | "GOVERNANCE"
    The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify Mode and specify either Days or Years.
    years Number
    The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify Mode and specify either Days or Years.

    BucketDefaultRetentionMode, BucketDefaultRetentionModeArgs

    Compliance
    COMPLIANCE
    Governance
    GOVERNANCE
    BucketDefaultRetentionModeCompliance
    COMPLIANCE
    BucketDefaultRetentionModeGovernance
    GOVERNANCE
    Compliance
    COMPLIANCE
    Governance
    GOVERNANCE
    Compliance
    COMPLIANCE
    Governance
    GOVERNANCE
    COMPLIANCE
    COMPLIANCE
    GOVERNANCE
    GOVERNANCE
    "COMPLIANCE"
    COMPLIANCE
    "GOVERNANCE"
    GOVERNANCE

    BucketDeleteMarkerReplication, BucketDeleteMarkerReplicationArgs

    Status Pulumi.AwsNative.S3.BucketDeleteMarkerReplicationStatus
    Indicates whether to replicate delete markers. Disabled by default.
    Status BucketDeleteMarkerReplicationStatus
    Indicates whether to replicate delete markers. Disabled by default.
    status BucketDeleteMarkerReplicationStatus
    Indicates whether to replicate delete markers. Disabled by default.
    status BucketDeleteMarkerReplicationStatus
    Indicates whether to replicate delete markers. Disabled by default.
    status BucketDeleteMarkerReplicationStatus
    Indicates whether to replicate delete markers. Disabled by default.
    status "Disabled" | "Enabled"
    Indicates whether to replicate delete markers. Disabled by default.

    BucketDeleteMarkerReplicationStatus, BucketDeleteMarkerReplicationStatusArgs

    Disabled
    Disabled
    Enabled
    Enabled
    BucketDeleteMarkerReplicationStatusDisabled
    Disabled
    BucketDeleteMarkerReplicationStatusEnabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    DISABLED
    Disabled
    ENABLED
    Enabled
    "Disabled"
    Disabled
    "Enabled"
    Enabled

    BucketDestination, BucketDestinationArgs

    BucketArn string
    The Amazon Resource Name (ARN) of the bucket to which data is exported.
    Format Pulumi.AwsNative.S3.BucketDestinationFormat
    Specifies the file format used when exporting data to Amazon S3. Allowed values: CSV | ORC | Parquet
    BucketAccountId string
    The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
    Prefix string
    The prefix to use when exporting data. The prefix is prepended to all results.
    BucketArn string
    The Amazon Resource Name (ARN) of the bucket to which data is exported.
    Format BucketDestinationFormat
    Specifies the file format used when exporting data to Amazon S3. Allowed values: CSV | ORC | Parquet
    BucketAccountId string
    The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
    Prefix string
    The prefix to use when exporting data. The prefix is prepended to all results.
    bucketArn String
    The Amazon Resource Name (ARN) of the bucket to which data is exported.
    format BucketDestinationFormat
    Specifies the file format used when exporting data to Amazon S3. Allowed values: CSV | ORC | Parquet
    bucketAccountId String
    The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
    prefix String
    The prefix to use when exporting data. The prefix is prepended to all results.
    bucketArn string
    The Amazon Resource Name (ARN) of the bucket to which data is exported.
    format BucketDestinationFormat
    Specifies the file format used when exporting data to Amazon S3. Allowed values: CSV | ORC | Parquet
    bucketAccountId string
    The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
    prefix string
    The prefix to use when exporting data. The prefix is prepended to all results.
    bucket_arn str
    The Amazon Resource Name (ARN) of the bucket to which data is exported.
    format BucketDestinationFormat
    Specifies the file format used when exporting data to Amazon S3. Allowed values: CSV | ORC | Parquet
    bucket_account_id str
    The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
    prefix str
    The prefix to use when exporting data. The prefix is prepended to all results.
    bucketArn String
    The Amazon Resource Name (ARN) of the bucket to which data is exported.
    format "CSV" | "ORC" | "Parquet"
    Specifies the file format used when exporting data to Amazon S3. Allowed values: CSV | ORC | Parquet
    bucketAccountId String
    The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
    prefix String
    The prefix to use when exporting data. The prefix is prepended to all results.

    BucketDestinationFormat, BucketDestinationFormatArgs

    Csv
    CSV
    Orc
    ORC
    Parquet
    Parquet
    BucketDestinationFormatCsv
    CSV
    BucketDestinationFormatOrc
    ORC
    BucketDestinationFormatParquet
    Parquet
    Csv
    CSV
    Orc
    ORC
    Parquet
    Parquet
    Csv
    CSV
    Orc
    ORC
    Parquet
    Parquet
    CSV
    CSV
    ORC
    ORC
    PARQUET
    Parquet
    "CSV"
    CSV
    "ORC"
    ORC
    "Parquet"
    Parquet

    BucketEncryption, BucketEncryptionArgs

    ServerSideEncryptionConfiguration []BucketServerSideEncryptionRule
    Specifies the default server-side-encryption configuration.
    serverSideEncryptionConfiguration List<BucketServerSideEncryptionRule>
    Specifies the default server-side-encryption configuration.
    serverSideEncryptionConfiguration BucketServerSideEncryptionRule[]
    Specifies the default server-side-encryption configuration.
    server_side_encryption_configuration Sequence[BucketServerSideEncryptionRule]
    Specifies the default server-side-encryption configuration.
    serverSideEncryptionConfiguration List<Property Map>
    Specifies the default server-side-encryption configuration.

    BucketEncryptionConfiguration, BucketEncryptionConfigurationArgs

    ReplicaKmsKeyId string
    Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
    ReplicaKmsKeyId string
    Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
    replicaKmsKeyId String
    Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
    replicaKmsKeyId string
    Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
    replica_kms_key_id str
    Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.
    replicaKmsKeyId String
    Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Key Management Service Developer Guide.

    BucketEventBridgeConfiguration, BucketEventBridgeConfigurationArgs

    EventBridgeEnabled bool
    Enables delivery of events to Amazon EventBridge.
    EventBridgeEnabled bool
    Enables delivery of events to Amazon EventBridge.
    eventBridgeEnabled Boolean
    Enables delivery of events to Amazon EventBridge.
    eventBridgeEnabled boolean
    Enables delivery of events to Amazon EventBridge.
    event_bridge_enabled bool
    Enables delivery of events to Amazon EventBridge.
    eventBridgeEnabled Boolean
    Enables delivery of events to Amazon EventBridge.

    BucketFilterRule, BucketFilterRuleArgs

    Name string
    The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
    Value string
    The value that the filter searches for in object key names.
    Name string
    The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
    Value string
    The value that the filter searches for in object key names.
    name String
    The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
    value String
    The value that the filter searches for in object key names.
    name string
    The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
    value string
    The value that the filter searches for in object key names.
    name str
    The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
    value str
    The value that the filter searches for in object key names.
    name String
    The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see Configuring Event Notifications in the Amazon S3 User Guide.
    value String
    The value that the filter searches for in object key names.

    BucketIntelligentTieringConfiguration, BucketIntelligentTieringConfigurationArgs

    Id string
    The ID used to identify the S3 Intelligent-Tiering configuration.
    Status Pulumi.AwsNative.S3.BucketIntelligentTieringConfigurationStatus
    Specifies the status of the configuration.
    Tierings List<Pulumi.AwsNative.S3.Inputs.BucketTiering>
    Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
    Prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies.
    TagFilters List<Pulumi.AwsNative.S3.Inputs.BucketTagFilter>
    A container for a key-value pair.
    Id string
    The ID used to identify the S3 Intelligent-Tiering configuration.
    Status BucketIntelligentTieringConfigurationStatus
    Specifies the status of the configuration.
    Tierings []BucketTiering
    Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
    Prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies.
    TagFilters []BucketTagFilter
    A container for a key-value pair.
    id String
    The ID used to identify the S3 Intelligent-Tiering configuration.
    status BucketIntelligentTieringConfigurationStatus
    Specifies the status of the configuration.
    tierings List<BucketTiering>
    Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
    prefix String
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tagFilters List<BucketTagFilter>
    A container for a key-value pair.
    id string
    The ID used to identify the S3 Intelligent-Tiering configuration.
    status BucketIntelligentTieringConfigurationStatus
    Specifies the status of the configuration.
    tierings BucketTiering[]
    Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
    prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tagFilters BucketTagFilter[]
    A container for a key-value pair.
    id str
    The ID used to identify the S3 Intelligent-Tiering configuration.
    status BucketIntelligentTieringConfigurationStatus
    Specifies the status of the configuration.
    tierings Sequence[BucketTiering]
    Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
    prefix str
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tag_filters Sequence[BucketTagFilter]
    A container for a key-value pair.
    id String
    The ID used to identify the S3 Intelligent-Tiering configuration.
    status "Disabled" | "Enabled"
    Specifies the status of the configuration.
    tierings List<Property Map>
    Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS. You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
    prefix String
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tagFilters List<Property Map>
    A container for a key-value pair.

    BucketIntelligentTieringConfigurationStatus, BucketIntelligentTieringConfigurationStatusArgs

    Disabled
    Disabled
    Enabled
    Enabled
    BucketIntelligentTieringConfigurationStatusDisabled
    Disabled
    BucketIntelligentTieringConfigurationStatusEnabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    DISABLED
    Disabled
    ENABLED
    Enabled
    "Disabled"
    Disabled
    "Enabled"
    Enabled

    BucketInventoryConfiguration, BucketInventoryConfigurationArgs

    Destination Pulumi.AwsNative.S3.Inputs.BucketDestination
    Contains information about where to publish the inventory results.
    Enabled bool
    Specifies whether the inventory is enabled or disabled. If set to True, an inventory list is generated. If set to False, no inventory list is generated.
    Id string
    The ID used to identify the inventory configuration.
    IncludedObjectVersions Pulumi.AwsNative.S3.BucketInventoryConfigurationIncludedObjectVersions
    Object versions to include in the inventory list. If set to All, the list includes all the object versions, which adds the version-related fields VersionId, IsLatest, and DeleteMarker to the list. If set to Current, the list does not contain these version-related fields.
    ScheduleFrequency Pulumi.AwsNative.S3.BucketInventoryConfigurationScheduleFrequency
    Specifies the schedule for generating inventory results.
    OptionalFields List<Pulumi.AwsNative.S3.BucketInventoryConfigurationOptionalFieldsItem>
    Contains the optional fields that are included in the inventory results.
    Prefix string
    Specifies the inventory filter prefix.
    Destination BucketDestination
    Contains information about where to publish the inventory results.
    Enabled bool
    Specifies whether the inventory is enabled or disabled. If set to True, an inventory list is generated. If set to False, no inventory list is generated.
    Id string
    The ID used to identify the inventory configuration.
    IncludedObjectVersions BucketInventoryConfigurationIncludedObjectVersions
    Object versions to include in the inventory list. If set to All, the list includes all the object versions, which adds the version-related fields VersionId, IsLatest, and DeleteMarker to the list. If set to Current, the list does not contain these version-related fields.
    ScheduleFrequency BucketInventoryConfigurationScheduleFrequency
    Specifies the schedule for generating inventory results.
    OptionalFields []BucketInventoryConfigurationOptionalFieldsItem
    Contains the optional fields that are included in the inventory results.
    Prefix string
    Specifies the inventory filter prefix.
    destination BucketDestination
    Contains information about where to publish the inventory results.
    enabled Boolean
    Specifies whether the inventory is enabled or disabled. If set to True, an inventory list is generated. If set to False, no inventory list is generated.
    id String
    The ID used to identify the inventory configuration.
    includedObjectVersions BucketInventoryConfigurationIncludedObjectVersions
    Object versions to include in the inventory list. If set to All, the list includes all the object versions, which adds the version-related fields VersionId, IsLatest, and DeleteMarker to the list. If set to Current, the list does not contain these version-related fields.
    scheduleFrequency BucketInventoryConfigurationScheduleFrequency
    Specifies the schedule for generating inventory results.
    optionalFields List<BucketInventoryConfigurationOptionalFieldsItem>
    Contains the optional fields that are included in the inventory results.
    prefix String
    Specifies the inventory filter prefix.
    destination BucketDestination
    Contains information about where to publish the inventory results.
    enabled boolean
    Specifies whether the inventory is enabled or disabled. If set to True, an inventory list is generated. If set to False, no inventory list is generated.
    id string
    The ID used to identify the inventory configuration.
    includedObjectVersions BucketInventoryConfigurationIncludedObjectVersions
    Object versions to include in the inventory list. If set to All, the list includes all the object versions, which adds the version-related fields VersionId, IsLatest, and DeleteMarker to the list. If set to Current, the list does not contain these version-related fields.
    scheduleFrequency BucketInventoryConfigurationScheduleFrequency
    Specifies the schedule for generating inventory results.
    optionalFields BucketInventoryConfigurationOptionalFieldsItem[]
    Contains the optional fields that are included in the inventory results.
    prefix string
    Specifies the inventory filter prefix.
    destination BucketDestination
    Contains information about where to publish the inventory results.
    enabled bool
    Specifies whether the inventory is enabled or disabled. If set to True, an inventory list is generated. If set to False, no inventory list is generated.
    id str
    The ID used to identify the inventory configuration.
    included_object_versions BucketInventoryConfigurationIncludedObjectVersions
    Object versions to include in the inventory list. If set to All, the list includes all the object versions, which adds the version-related fields VersionId, IsLatest, and DeleteMarker to the list. If set to Current, the list does not contain these version-related fields.
    schedule_frequency BucketInventoryConfigurationScheduleFrequency
    Specifies the schedule for generating inventory results.
    optional_fields Sequence[BucketInventoryConfigurationOptionalFieldsItem]
    Contains the optional fields that are included in the inventory results.
    prefix str
    Specifies the inventory filter prefix.
    destination Property Map
    Contains information about where to publish the inventory results.
    enabled Boolean
    Specifies whether the inventory is enabled or disabled. If set to True, an inventory list is generated. If set to False, no inventory list is generated.
    id String
    The ID used to identify the inventory configuration.
    includedObjectVersions "All" | "Current"
    Object versions to include in the inventory list. If set to All, the list includes all the object versions, which adds the version-related fields VersionId, IsLatest, and DeleteMarker to the list. If set to Current, the list does not contain these version-related fields.
    scheduleFrequency "Daily" | "Weekly"
    Specifies the schedule for generating inventory results.
    optionalFields List<"Size" | "LastModifiedDate" | "StorageClass" | "ETag" | "IsMultipartUploaded" | "ReplicationStatus" | "EncryptionStatus" | "ObjectLockRetainUntilDate" | "ObjectLockMode" | "ObjectLockLegalHoldStatus" | "IntelligentTieringAccessTier" | "BucketKeyStatus" | "ChecksumAlgorithm" | "ObjectAccessControlList" | "ObjectOwner">
    Contains the optional fields that are included in the inventory results.
    prefix String
    Specifies the inventory filter prefix.

    BucketInventoryConfigurationIncludedObjectVersions, BucketInventoryConfigurationIncludedObjectVersionsArgs

    All
    All
    Current
    Current
    BucketInventoryConfigurationIncludedObjectVersionsAll
    All
    BucketInventoryConfigurationIncludedObjectVersionsCurrent
    Current
    All
    All
    Current
    Current
    All
    All
    Current
    Current
    ALL
    All
    CURRENT
    Current
    "All"
    All
    "Current"
    Current

    BucketInventoryConfigurationOptionalFieldsItem, BucketInventoryConfigurationOptionalFieldsItemArgs

    Size
    Size
    LastModifiedDate
    LastModifiedDate
    StorageClass
    StorageClass
    ETag
    ETag
    IsMultipartUploaded
    IsMultipartUploaded
    ReplicationStatus
    ReplicationStatus
    EncryptionStatus
    EncryptionStatus
    ObjectLockRetainUntilDate
    ObjectLockRetainUntilDate
    ObjectLockMode
    ObjectLockMode
    ObjectLockLegalHoldStatus
    ObjectLockLegalHoldStatus
    IntelligentTieringAccessTier
    IntelligentTieringAccessTier
    BucketKeyStatus
    BucketKeyStatus
    ChecksumAlgorithm
    ChecksumAlgorithm
    ObjectAccessControlList
    ObjectAccessControlList
    ObjectOwner
    ObjectOwner
    BucketInventoryConfigurationOptionalFieldsItemSize
    Size
    BucketInventoryConfigurationOptionalFieldsItemLastModifiedDate
    LastModifiedDate
    BucketInventoryConfigurationOptionalFieldsItemStorageClass
    StorageClass
    BucketInventoryConfigurationOptionalFieldsItemETag
    ETag
    BucketInventoryConfigurationOptionalFieldsItemIsMultipartUploaded
    IsMultipartUploaded
    BucketInventoryConfigurationOptionalFieldsItemReplicationStatus
    ReplicationStatus
    BucketInventoryConfigurationOptionalFieldsItemEncryptionStatus
    EncryptionStatus
    BucketInventoryConfigurationOptionalFieldsItemObjectLockRetainUntilDate
    ObjectLockRetainUntilDate
    BucketInventoryConfigurationOptionalFieldsItemObjectLockMode
    ObjectLockMode
    BucketInventoryConfigurationOptionalFieldsItemObjectLockLegalHoldStatus
    ObjectLockLegalHoldStatus
    BucketInventoryConfigurationOptionalFieldsItemIntelligentTieringAccessTier
    IntelligentTieringAccessTier
    BucketInventoryConfigurationOptionalFieldsItemBucketKeyStatus
    BucketKeyStatus
    BucketInventoryConfigurationOptionalFieldsItemChecksumAlgorithm
    ChecksumAlgorithm
    BucketInventoryConfigurationOptionalFieldsItemObjectAccessControlList
    ObjectAccessControlList
    BucketInventoryConfigurationOptionalFieldsItemObjectOwner
    ObjectOwner
    Size
    Size
    LastModifiedDate
    LastModifiedDate
    StorageClass
    StorageClass
    ETag
    ETag
    IsMultipartUploaded
    IsMultipartUploaded
    ReplicationStatus
    ReplicationStatus
    EncryptionStatus
    EncryptionStatus
    ObjectLockRetainUntilDate
    ObjectLockRetainUntilDate
    ObjectLockMode
    ObjectLockMode
    ObjectLockLegalHoldStatus
    ObjectLockLegalHoldStatus
    IntelligentTieringAccessTier
    IntelligentTieringAccessTier
    BucketKeyStatus
    BucketKeyStatus
    ChecksumAlgorithm
    ChecksumAlgorithm
    ObjectAccessControlList
    ObjectAccessControlList
    ObjectOwner
    ObjectOwner
    Size
    Size
    LastModifiedDate
    LastModifiedDate
    StorageClass
    StorageClass
    ETag
    ETag
    IsMultipartUploaded
    IsMultipartUploaded
    ReplicationStatus
    ReplicationStatus
    EncryptionStatus
    EncryptionStatus
    ObjectLockRetainUntilDate
    ObjectLockRetainUntilDate
    ObjectLockMode
    ObjectLockMode
    ObjectLockLegalHoldStatus
    ObjectLockLegalHoldStatus
    IntelligentTieringAccessTier
    IntelligentTieringAccessTier
    BucketKeyStatus
    BucketKeyStatus
    ChecksumAlgorithm
    ChecksumAlgorithm
    ObjectAccessControlList
    ObjectAccessControlList
    ObjectOwner
    ObjectOwner
    SIZE
    Size
    LAST_MODIFIED_DATE
    LastModifiedDate
    STORAGE_CLASS
    StorageClass
    E_TAG
    ETag
    IS_MULTIPART_UPLOADED
    IsMultipartUploaded
    REPLICATION_STATUS
    ReplicationStatus
    ENCRYPTION_STATUS
    EncryptionStatus
    OBJECT_LOCK_RETAIN_UNTIL_DATE
    ObjectLockRetainUntilDate
    OBJECT_LOCK_MODE
    ObjectLockMode
    OBJECT_LOCK_LEGAL_HOLD_STATUS
    ObjectLockLegalHoldStatus
    INTELLIGENT_TIERING_ACCESS_TIER
    IntelligentTieringAccessTier
    BUCKET_KEY_STATUS
    BucketKeyStatus
    CHECKSUM_ALGORITHM
    ChecksumAlgorithm
    OBJECT_ACCESS_CONTROL_LIST
    ObjectAccessControlList
    OBJECT_OWNER
    ObjectOwner
    "Size"
    Size
    "LastModifiedDate"
    LastModifiedDate
    "StorageClass"
    StorageClass
    "ETag"
    ETag
    "IsMultipartUploaded"
    IsMultipartUploaded
    "ReplicationStatus"
    ReplicationStatus
    "EncryptionStatus"
    EncryptionStatus
    "ObjectLockRetainUntilDate"
    ObjectLockRetainUntilDate
    "ObjectLockMode"
    ObjectLockMode
    "ObjectLockLegalHoldStatus"
    ObjectLockLegalHoldStatus
    "IntelligentTieringAccessTier"
    IntelligentTieringAccessTier
    "BucketKeyStatus"
    BucketKeyStatus
    "ChecksumAlgorithm"
    ChecksumAlgorithm
    "ObjectAccessControlList"
    ObjectAccessControlList
    "ObjectOwner"
    ObjectOwner

    BucketInventoryConfigurationScheduleFrequency, BucketInventoryConfigurationScheduleFrequencyArgs

    Daily
    Daily
    Weekly
    Weekly
    BucketInventoryConfigurationScheduleFrequencyDaily
    Daily
    BucketInventoryConfigurationScheduleFrequencyWeekly
    Weekly
    Daily
    Daily
    Weekly
    Weekly
    Daily
    Daily
    Weekly
    Weekly
    DAILY
    Daily
    WEEKLY
    Weekly
    "Daily"
    Daily
    "Weekly"
    Weekly

    BucketLambdaConfiguration, BucketLambdaConfigurationArgs

    Event string
    The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
    Function string
    The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
    Filter Pulumi.AwsNative.S3.Inputs.BucketNotificationFilter
    The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a .jpg extension invoke the function when they are added to the Amazon S3 bucket.
    Event string
    The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
    Function string
    The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
    Filter BucketNotificationFilter
    The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a .jpg extension invoke the function when they are added to the Amazon S3 bucket.
    event String
    The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
    function String
    The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
    filter BucketNotificationFilter
    The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a .jpg extension invoke the function when they are added to the Amazon S3 bucket.
    event string
    The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
    function string
    The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
    filter BucketNotificationFilter
    The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a .jpg extension invoke the function when they are added to the Amazon S3 bucket.
    event str
    The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
    function str
    The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
    filter BucketNotificationFilter
    The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a .jpg extension invoke the function when they are added to the Amazon S3 bucket.
    event String
    The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see Supported Event Types in the Amazon S3 User Guide.
    function String
    The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
    filter Property Map
    The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a .jpg extension invoke the function when they are added to the Amazon S3 bucket.

    BucketLifecycleConfiguration, BucketLifecycleConfigurationArgs

    BucketLifecycleConfigurationTransitionDefaultMinimumObjectSize, BucketLifecycleConfigurationTransitionDefaultMinimumObjectSizeArgs

    VariesByStorageClass
    varies_by_storage_class
    AllStorageClasses128k
    all_storage_classes_128K
    BucketLifecycleConfigurationTransitionDefaultMinimumObjectSizeVariesByStorageClass
    varies_by_storage_class
    BucketLifecycleConfigurationTransitionDefaultMinimumObjectSizeAllStorageClasses128k
    all_storage_classes_128K
    VariesByStorageClass
    varies_by_storage_class
    AllStorageClasses128k
    all_storage_classes_128K
    VariesByStorageClass
    varies_by_storage_class
    AllStorageClasses128k
    all_storage_classes_128K
    VARIES_BY_STORAGE_CLASS
    varies_by_storage_class
    ALL_STORAGE_CLASSES128K
    all_storage_classes_128K
    "varies_by_storage_class"
    varies_by_storage_class
    "all_storage_classes_128K"
    all_storage_classes_128K

    BucketLoggingConfiguration, BucketLoggingConfigurationArgs

    DestinationBucketName string
    The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
    LogFilePrefix string
    A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
    TargetObjectKeyFormat Pulumi.AwsNative.S3.Inputs.BucketTargetObjectKeyFormat
    Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
    DestinationBucketName string
    The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
    LogFilePrefix string
    A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
    TargetObjectKeyFormat BucketTargetObjectKeyFormat
    Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
    destinationBucketName String
    The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
    logFilePrefix String
    A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
    targetObjectKeyFormat BucketTargetObjectKeyFormat
    Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
    destinationBucketName string
    The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
    logFilePrefix string
    A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
    targetObjectKeyFormat BucketTargetObjectKeyFormat
    Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
    destination_bucket_name str
    The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
    log_file_prefix str
    A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
    target_object_key_format BucketTargetObjectKeyFormat
    Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.
    destinationBucketName String
    The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
    logFilePrefix String
    A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
    targetObjectKeyFormat Property Map
    Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.

    BucketMetrics, BucketMetricsArgs

    Status Pulumi.AwsNative.S3.BucketMetricsStatus
    Specifies whether the replication metrics are enabled.
    EventThreshold Pulumi.AwsNative.S3.Inputs.BucketReplicationTimeValue
    A container specifying the time threshold for emitting the s3:Replication:OperationMissedThreshold event.
    Status BucketMetricsStatus
    Specifies whether the replication metrics are enabled.
    EventThreshold BucketReplicationTimeValue
    A container specifying the time threshold for emitting the s3:Replication:OperationMissedThreshold event.
    status BucketMetricsStatus
    Specifies whether the replication metrics are enabled.
    eventThreshold BucketReplicationTimeValue
    A container specifying the time threshold for emitting the s3:Replication:OperationMissedThreshold event.
    status BucketMetricsStatus
    Specifies whether the replication metrics are enabled.
    eventThreshold BucketReplicationTimeValue
    A container specifying the time threshold for emitting the s3:Replication:OperationMissedThreshold event.
    status BucketMetricsStatus
    Specifies whether the replication metrics are enabled.
    event_threshold BucketReplicationTimeValue
    A container specifying the time threshold for emitting the s3:Replication:OperationMissedThreshold event.
    status "Disabled" | "Enabled"
    Specifies whether the replication metrics are enabled.
    eventThreshold Property Map
    A container specifying the time threshold for emitting the s3:Replication:OperationMissedThreshold event.

    BucketMetricsConfiguration, BucketMetricsConfigurationArgs

    Id string
    The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
    AccessPointArn string
    The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
    Prefix string
    The prefix that an object must have to be included in the metrics results.
    TagFilters List<Pulumi.AwsNative.S3.Inputs.BucketTagFilter>
    Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
    Id string
    The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
    AccessPointArn string
    The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
    Prefix string
    The prefix that an object must have to be included in the metrics results.
    TagFilters []BucketTagFilter
    Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
    id String
    The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
    accessPointArn String
    The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
    prefix String
    The prefix that an object must have to be included in the metrics results.
    tagFilters List<BucketTagFilter>
    Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
    id string
    The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
    accessPointArn string
    The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
    prefix string
    The prefix that an object must have to be included in the metrics results.
    tagFilters BucketTagFilter[]
    Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
    id str
    The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
    access_point_arn str
    The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
    prefix str
    The prefix that an object must have to be included in the metrics results.
    tag_filters Sequence[BucketTagFilter]
    Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
    id String
    The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
    accessPointArn String
    The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
    prefix String
    The prefix that an object must have to be included in the metrics results.
    tagFilters List<Property Map>
    Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.

    BucketMetricsStatus, BucketMetricsStatusArgs

    Disabled
    Disabled
    Enabled
    Enabled
    BucketMetricsStatusDisabled
    Disabled
    BucketMetricsStatusEnabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    DISABLED
    Disabled
    ENABLED
    Enabled
    "Disabled"
    Disabled
    "Enabled"
    Enabled

    BucketNoncurrentVersionExpiration, BucketNoncurrentVersionExpirationArgs

    NoncurrentDays int
    Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
    NewerNoncurrentVersions int
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    NoncurrentDays int
    Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
    NewerNoncurrentVersions int
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    noncurrentDays Integer
    Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
    newerNoncurrentVersions Integer
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    noncurrentDays number
    Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
    newerNoncurrentVersions number
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    noncurrent_days int
    Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
    newer_noncurrent_versions int
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    noncurrentDays Number
    Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
    newerNoncurrentVersions Number
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.

    BucketNoncurrentVersionTransition, BucketNoncurrentVersionTransitionArgs

    StorageClass Pulumi.AwsNative.S3.BucketNoncurrentVersionTransitionStorageClass
    The class of storage used to store the object.
    TransitionInDays int
    Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
    NewerNoncurrentVersions int
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    StorageClass BucketNoncurrentVersionTransitionStorageClass
    The class of storage used to store the object.
    TransitionInDays int
    Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
    NewerNoncurrentVersions int
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    storageClass BucketNoncurrentVersionTransitionStorageClass
    The class of storage used to store the object.
    transitionInDays Integer
    Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
    newerNoncurrentVersions Integer
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    storageClass BucketNoncurrentVersionTransitionStorageClass
    The class of storage used to store the object.
    transitionInDays number
    Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
    newerNoncurrentVersions number
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    storage_class BucketNoncurrentVersionTransitionStorageClass
    The class of storage used to store the object.
    transition_in_days int
    Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
    newer_noncurrent_versions int
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
    storageClass "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA"
    The class of storage used to store the object.
    transitionInDays Number
    Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
    newerNoncurrentVersions Number
    Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.

    BucketNoncurrentVersionTransitionStorageClass, BucketNoncurrentVersionTransitionStorageClassArgs

    DeepArchive
    DEEP_ARCHIVE
    Glacier
    GLACIER
    GlacierIr
    GLACIER_IR
    IntelligentTiering
    INTELLIGENT_TIERING
    OnezoneIa
    ONEZONE_IA
    StandardIa
    STANDARD_IA
    BucketNoncurrentVersionTransitionStorageClassDeepArchive
    DEEP_ARCHIVE
    BucketNoncurrentVersionTransitionStorageClassGlacier
    GLACIER
    BucketNoncurrentVersionTransitionStorageClassGlacierIr
    GLACIER_IR
    BucketNoncurrentVersionTransitionStorageClassIntelligentTiering
    INTELLIGENT_TIERING
    BucketNoncurrentVersionTransitionStorageClassOnezoneIa
    ONEZONE_IA
    BucketNoncurrentVersionTransitionStorageClassStandardIa
    STANDARD_IA
    DeepArchive
    DEEP_ARCHIVE
    Glacier
    GLACIER
    GlacierIr
    GLACIER_IR
    IntelligentTiering
    INTELLIGENT_TIERING
    OnezoneIa
    ONEZONE_IA
    StandardIa
    STANDARD_IA
    DeepArchive
    DEEP_ARCHIVE
    Glacier
    GLACIER
    GlacierIr
    GLACIER_IR
    IntelligentTiering
    INTELLIGENT_TIERING
    OnezoneIa
    ONEZONE_IA
    StandardIa
    STANDARD_IA
    DEEP_ARCHIVE
    DEEP_ARCHIVE
    GLACIER
    GLACIER
    GLACIER_IR
    GLACIER_IR
    INTELLIGENT_TIERING
    INTELLIGENT_TIERING
    ONEZONE_IA
    ONEZONE_IA
    STANDARD_IA
    STANDARD_IA
    "DEEP_ARCHIVE"
    DEEP_ARCHIVE
    "GLACIER"
    GLACIER
    "GLACIER_IR"
    GLACIER_IR
    "INTELLIGENT_TIERING"
    INTELLIGENT_TIERING
    "ONEZONE_IA"
    ONEZONE_IA
    "STANDARD_IA"
    STANDARD_IA

    BucketNotificationConfiguration, BucketNotificationConfigurationArgs

    EventBridgeConfiguration Pulumi.AwsNative.S3.Inputs.BucketEventBridgeConfiguration
    Enables delivery of events to Amazon EventBridge.
    LambdaConfigurations List<Pulumi.AwsNative.S3.Inputs.BucketLambdaConfiguration>
    Describes the LAMlong functions to invoke and the events for which to invoke them.
    QueueConfigurations List<Pulumi.AwsNative.S3.Inputs.BucketQueueConfiguration>
    The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
    TopicConfigurations List<Pulumi.AwsNative.S3.Inputs.BucketTopicConfiguration>
    The topic to which notifications are sent and the events for which notifications are generated.
    EventBridgeConfiguration BucketEventBridgeConfiguration
    Enables delivery of events to Amazon EventBridge.
    LambdaConfigurations []BucketLambdaConfiguration
    Describes the LAMlong functions to invoke and the events for which to invoke them.
    QueueConfigurations []BucketQueueConfiguration
    The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
    TopicConfigurations []BucketTopicConfiguration
    The topic to which notifications are sent and the events for which notifications are generated.
    eventBridgeConfiguration BucketEventBridgeConfiguration
    Enables delivery of events to Amazon EventBridge.
    lambdaConfigurations List<BucketLambdaConfiguration>
    Describes the LAMlong functions to invoke and the events for which to invoke them.
    queueConfigurations List<BucketQueueConfiguration>
    The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
    topicConfigurations List<BucketTopicConfiguration>
    The topic to which notifications are sent and the events for which notifications are generated.
    eventBridgeConfiguration BucketEventBridgeConfiguration
    Enables delivery of events to Amazon EventBridge.
    lambdaConfigurations BucketLambdaConfiguration[]
    Describes the LAMlong functions to invoke and the events for which to invoke them.
    queueConfigurations BucketQueueConfiguration[]
    The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
    topicConfigurations BucketTopicConfiguration[]
    The topic to which notifications are sent and the events for which notifications are generated.
    event_bridge_configuration BucketEventBridgeConfiguration
    Enables delivery of events to Amazon EventBridge.
    lambda_configurations Sequence[BucketLambdaConfiguration]
    Describes the LAMlong functions to invoke and the events for which to invoke them.
    queue_configurations Sequence[BucketQueueConfiguration]
    The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
    topic_configurations Sequence[BucketTopicConfiguration]
    The topic to which notifications are sent and the events for which notifications are generated.
    eventBridgeConfiguration Property Map
    Enables delivery of events to Amazon EventBridge.
    lambdaConfigurations List<Property Map>
    Describes the LAMlong functions to invoke and the events for which to invoke them.
    queueConfigurations List<Property Map>
    The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
    topicConfigurations List<Property Map>
    The topic to which notifications are sent and the events for which notifications are generated.

    BucketNotificationFilter, BucketNotificationFilterArgs

    S3Key Pulumi.AwsNative.S3.Inputs.BucketS3KeyFilter
    A container for object key name prefix and suffix filtering rules.
    S3Key BucketS3KeyFilter
    A container for object key name prefix and suffix filtering rules.
    s3Key BucketS3KeyFilter
    A container for object key name prefix and suffix filtering rules.
    s3Key BucketS3KeyFilter
    A container for object key name prefix and suffix filtering rules.
    s3_key BucketS3KeyFilter
    A container for object key name prefix and suffix filtering rules.
    s3Key Property Map
    A container for object key name prefix and suffix filtering rules.

    BucketObjectLockConfiguration, BucketObjectLockConfigurationArgs

    ObjectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    Rule Pulumi.AwsNative.S3.Inputs.BucketObjectLockRule
    Specifies the Object Lock rule for the specified object. Enable this rule when you apply ObjectLockConfiguration to a bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information, see ObjectLockRule and DefaultRetention.
    ObjectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    Rule BucketObjectLockRule
    Specifies the Object Lock rule for the specified object. Enable this rule when you apply ObjectLockConfiguration to a bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information, see ObjectLockRule and DefaultRetention.
    objectLockEnabled String
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    rule BucketObjectLockRule
    Specifies the Object Lock rule for the specified object. Enable this rule when you apply ObjectLockConfiguration to a bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information, see ObjectLockRule and DefaultRetention.
    objectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    rule BucketObjectLockRule
    Specifies the Object Lock rule for the specified object. Enable this rule when you apply ObjectLockConfiguration to a bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information, see ObjectLockRule and DefaultRetention.
    object_lock_enabled str
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    rule BucketObjectLockRule
    Specifies the Object Lock rule for the specified object. Enable this rule when you apply ObjectLockConfiguration to a bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information, see ObjectLockRule and DefaultRetention.
    objectLockEnabled String
    Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
    rule Property Map
    Specifies the Object Lock rule for the specified object. Enable this rule when you apply ObjectLockConfiguration to a bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information, see ObjectLockRule and DefaultRetention.

    BucketObjectLockRule, BucketObjectLockRuleArgs

    DefaultRetention Pulumi.AwsNative.S3.Inputs.BucketDefaultRetention
    The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information about allowable values for mode and period, see DefaultRetention.
    DefaultRetention BucketDefaultRetention
    The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information about allowable values for mode and period, see DefaultRetention.
    defaultRetention BucketDefaultRetention
    The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information about allowable values for mode and period, see DefaultRetention.
    defaultRetention BucketDefaultRetention
    The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information about allowable values for mode and period, see DefaultRetention.
    default_retention BucketDefaultRetention
    The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information about allowable values for mode and period, see DefaultRetention.
    defaultRetention Property Map
    The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both Mode and a period of either Days or Years. You cannot specify Days and Years at the same time. For more information about allowable values for mode and period, see DefaultRetention.

    BucketOwnershipControls, BucketOwnershipControlsArgs

    Rules List<Pulumi.AwsNative.S3.Inputs.BucketOwnershipControlsRule>
    Specifies the container element for Object Ownership rules.
    Rules []BucketOwnershipControlsRule
    Specifies the container element for Object Ownership rules.
    rules List<BucketOwnershipControlsRule>
    Specifies the container element for Object Ownership rules.
    rules BucketOwnershipControlsRule[]
    Specifies the container element for Object Ownership rules.
    rules Sequence[BucketOwnershipControlsRule]
    Specifies the container element for Object Ownership rules.
    rules List<Property Map>
    Specifies the container element for Object Ownership rules.

    BucketOwnershipControlsRule, BucketOwnershipControlsRuleArgs

    BucketOwnershipControlsRuleObjectOwnership, BucketOwnershipControlsRuleObjectOwnershipArgs

    ObjectWriter
    ObjectWriter
    BucketOwnerPreferred
    BucketOwnerPreferred
    BucketOwnerEnforced
    BucketOwnerEnforced
    BucketOwnershipControlsRuleObjectOwnershipObjectWriter
    ObjectWriter
    BucketOwnershipControlsRuleObjectOwnershipBucketOwnerPreferred
    BucketOwnerPreferred
    BucketOwnershipControlsRuleObjectOwnershipBucketOwnerEnforced
    BucketOwnerEnforced
    ObjectWriter
    ObjectWriter
    BucketOwnerPreferred
    BucketOwnerPreferred
    BucketOwnerEnforced
    BucketOwnerEnforced
    ObjectWriter
    ObjectWriter
    BucketOwnerPreferred
    BucketOwnerPreferred
    BucketOwnerEnforced
    BucketOwnerEnforced
    OBJECT_WRITER
    ObjectWriter
    BUCKET_OWNER_PREFERRED
    BucketOwnerPreferred
    BUCKET_OWNER_ENFORCED
    BucketOwnerEnforced
    "ObjectWriter"
    ObjectWriter
    "BucketOwnerPreferred"
    BucketOwnerPreferred
    "BucketOwnerEnforced"
    BucketOwnerEnforced

    BucketPublicAccessBlockConfiguration, BucketPublicAccessBlockConfigurationArgs

    BlockPublicAcls bool

    Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:

    • PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
    • PUT Object calls fail if the request includes a public ACL.
    • PUT Bucket calls fail if the request includes a public ACL.

    Enabling this setting doesn't affect existing policies or ACLs.

    BlockPublicPolicy bool
    Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.
    IgnorePublicAcls bool
    Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
    RestrictPublicBuckets bool
    Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
    BlockPublicAcls bool

    Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:

    • PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
    • PUT Object calls fail if the request includes a public ACL.
    • PUT Bucket calls fail if the request includes a public ACL.

    Enabling this setting doesn't affect existing policies or ACLs.

    BlockPublicPolicy bool
    Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.
    IgnorePublicAcls bool
    Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
    RestrictPublicBuckets bool
    Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
    blockPublicAcls Boolean

    Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:

    • PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
    • PUT Object calls fail if the request includes a public ACL.
    • PUT Bucket calls fail if the request includes a public ACL.

    Enabling this setting doesn't affect existing policies or ACLs.

    blockPublicPolicy Boolean
    Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.
    ignorePublicAcls Boolean
    Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
    restrictPublicBuckets Boolean
    Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
    blockPublicAcls boolean

    Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:

    • PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
    • PUT Object calls fail if the request includes a public ACL.
    • PUT Bucket calls fail if the request includes a public ACL.

    Enabling this setting doesn't affect existing policies or ACLs.

    blockPublicPolicy boolean
    Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.
    ignorePublicAcls boolean
    Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
    restrictPublicBuckets boolean
    Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
    block_public_acls bool

    Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:

    • PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
    • PUT Object calls fail if the request includes a public ACL.
    • PUT Bucket calls fail if the request includes a public ACL.

    Enabling this setting doesn't affect existing policies or ACLs.

    block_public_policy bool
    Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.
    ignore_public_acls bool
    Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
    restrict_public_buckets bool
    Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
    blockPublicAcls Boolean

    Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:

    • PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
    • PUT Object calls fail if the request includes a public ACL.
    • PUT Bucket calls fail if the request includes a public ACL.

    Enabling this setting doesn't affect existing policies or ACLs.

    blockPublicPolicy Boolean
    Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.
    ignorePublicAcls Boolean
    Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
    restrictPublicBuckets Boolean
    Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

    BucketQueueConfiguration, BucketQueueConfigurationArgs

    Event string
    The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
    Queue string
    The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
    Filter Pulumi.AwsNative.S3.Inputs.BucketNotificationFilter
    The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a .jpg extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
    Event string
    The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
    Queue string
    The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
    Filter BucketNotificationFilter
    The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a .jpg extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
    event String
    The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
    queue String
    The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
    filter BucketNotificationFilter
    The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a .jpg extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
    event string
    The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
    queue string
    The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
    filter BucketNotificationFilter
    The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a .jpg extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
    event str
    The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
    queue str
    The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
    filter BucketNotificationFilter
    The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a .jpg extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.
    event String
    The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see Supported Event Types in the Amazon S3 User Guide.
    queue String
    The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
    filter Property Map
    The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a .jpg extension are added to the bucket. For more information, see Configuring event notifications using object key name filtering in the Amazon S3 User Guide.

    BucketRedirectAllRequestsTo, BucketRedirectAllRequestsToArgs

    HostName string
    Name of the host where requests are redirected.
    Protocol Pulumi.AwsNative.S3.BucketRedirectAllRequestsToProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    HostName string
    Name of the host where requests are redirected.
    Protocol BucketRedirectAllRequestsToProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    hostName String
    Name of the host where requests are redirected.
    protocol BucketRedirectAllRequestsToProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    hostName string
    Name of the host where requests are redirected.
    protocol BucketRedirectAllRequestsToProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    host_name str
    Name of the host where requests are redirected.
    protocol BucketRedirectAllRequestsToProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    hostName String
    Name of the host where requests are redirected.
    protocol "http" | "https"
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.

    BucketRedirectAllRequestsToProtocol, BucketRedirectAllRequestsToProtocolArgs

    Http
    http
    Https
    https
    BucketRedirectAllRequestsToProtocolHttp
    http
    BucketRedirectAllRequestsToProtocolHttps
    https
    Http
    http
    Https
    https
    Http
    http
    Https
    https
    HTTP
    http
    HTTPS
    https
    "http"
    http
    "https"
    https

    BucketRedirectRule, BucketRedirectRuleArgs

    HostName string
    The host name to use in the redirect request.
    HttpRedirectCode string
    The HTTP redirect code to use on the response. Not required if one of the siblings is present.
    Protocol Pulumi.AwsNative.S3.BucketRedirectRuleProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    ReplaceKeyPrefixWith string
    The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix docs/ (objects in the docs/ folder) to documents/, you can set a condition block with KeyPrefixEquals set to docs/ and in the Redirect set ReplaceKeyPrefixWith to /documents. Not required if one of the siblings is present. Can be present only if ReplaceKeyWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    ReplaceKeyWith string
    The specific object key to use in the redirect request. For example, redirect request to error.html. Not required if one of the siblings is present. Can be present only if ReplaceKeyPrefixWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    HostName string
    The host name to use in the redirect request.
    HttpRedirectCode string
    The HTTP redirect code to use on the response. Not required if one of the siblings is present.
    Protocol BucketRedirectRuleProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    ReplaceKeyPrefixWith string
    The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix docs/ (objects in the docs/ folder) to documents/, you can set a condition block with KeyPrefixEquals set to docs/ and in the Redirect set ReplaceKeyPrefixWith to /documents. Not required if one of the siblings is present. Can be present only if ReplaceKeyWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    ReplaceKeyWith string
    The specific object key to use in the redirect request. For example, redirect request to error.html. Not required if one of the siblings is present. Can be present only if ReplaceKeyPrefixWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    hostName String
    The host name to use in the redirect request.
    httpRedirectCode String
    The HTTP redirect code to use on the response. Not required if one of the siblings is present.
    protocol BucketRedirectRuleProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    replaceKeyPrefixWith String
    The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix docs/ (objects in the docs/ folder) to documents/, you can set a condition block with KeyPrefixEquals set to docs/ and in the Redirect set ReplaceKeyPrefixWith to /documents. Not required if one of the siblings is present. Can be present only if ReplaceKeyWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    replaceKeyWith String
    The specific object key to use in the redirect request. For example, redirect request to error.html. Not required if one of the siblings is present. Can be present only if ReplaceKeyPrefixWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    hostName string
    The host name to use in the redirect request.
    httpRedirectCode string
    The HTTP redirect code to use on the response. Not required if one of the siblings is present.
    protocol BucketRedirectRuleProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    replaceKeyPrefixWith string
    The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix docs/ (objects in the docs/ folder) to documents/, you can set a condition block with KeyPrefixEquals set to docs/ and in the Redirect set ReplaceKeyPrefixWith to /documents. Not required if one of the siblings is present. Can be present only if ReplaceKeyWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    replaceKeyWith string
    The specific object key to use in the redirect request. For example, redirect request to error.html. Not required if one of the siblings is present. Can be present only if ReplaceKeyPrefixWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    host_name str
    The host name to use in the redirect request.
    http_redirect_code str
    The HTTP redirect code to use on the response. Not required if one of the siblings is present.
    protocol BucketRedirectRuleProtocol
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    replace_key_prefix_with str
    The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix docs/ (objects in the docs/ folder) to documents/, you can set a condition block with KeyPrefixEquals set to docs/ and in the Redirect set ReplaceKeyPrefixWith to /documents. Not required if one of the siblings is present. Can be present only if ReplaceKeyWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    replace_key_with str
    The specific object key to use in the redirect request. For example, redirect request to error.html. Not required if one of the siblings is present. Can be present only if ReplaceKeyPrefixWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    hostName String
    The host name to use in the redirect request.
    httpRedirectCode String
    The HTTP redirect code to use on the response. Not required if one of the siblings is present.
    protocol "http" | "https"
    Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
    replaceKeyPrefixWith String
    The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix docs/ (objects in the docs/ folder) to documents/, you can set a condition block with KeyPrefixEquals set to docs/ and in the Redirect set ReplaceKeyPrefixWith to /documents. Not required if one of the siblings is present. Can be present only if ReplaceKeyWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    replaceKeyWith String
    The specific object key to use in the redirect request. For example, redirect request to error.html. Not required if one of the siblings is present. Can be present only if ReplaceKeyPrefixWith is not provided. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.

    BucketRedirectRuleProtocol, BucketRedirectRuleProtocolArgs

    Http
    http
    Https
    https
    BucketRedirectRuleProtocolHttp
    http
    BucketRedirectRuleProtocolHttps
    https
    Http
    http
    Https
    https
    Http
    http
    Https
    https
    HTTP
    http
    HTTPS
    https
    "http"
    http
    "https"
    https

    BucketReplicaModifications, BucketReplicaModificationsArgs

    Status Pulumi.AwsNative.S3.BucketReplicaModificationsStatus
    Specifies whether Amazon S3 replicates modifications on replicas. Allowed values: Enabled | Disabled
    Status BucketReplicaModificationsStatus
    Specifies whether Amazon S3 replicates modifications on replicas. Allowed values: Enabled | Disabled
    status BucketReplicaModificationsStatus
    Specifies whether Amazon S3 replicates modifications on replicas. Allowed values: Enabled | Disabled
    status BucketReplicaModificationsStatus
    Specifies whether Amazon S3 replicates modifications on replicas. Allowed values: Enabled | Disabled
    status BucketReplicaModificationsStatus
    Specifies whether Amazon S3 replicates modifications on replicas. Allowed values: Enabled | Disabled
    status "Enabled" | "Disabled"
    Specifies whether Amazon S3 replicates modifications on replicas. Allowed values: Enabled | Disabled

    BucketReplicaModificationsStatus, BucketReplicaModificationsStatusArgs

    Enabled
    Enabled
    Disabled
    Disabled
    BucketReplicaModificationsStatusEnabled
    Enabled
    BucketReplicaModificationsStatusDisabled
    Disabled
    Enabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    Disabled
    Disabled
    ENABLED
    Enabled
    DISABLED
    Disabled
    "Enabled"
    Enabled
    "Disabled"
    Disabled

    BucketReplicationConfiguration, BucketReplicationConfigurationArgs

    Role string
    The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
    Rules List<Pulumi.AwsNative.S3.Inputs.BucketReplicationRule>
    A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
    Role string
    The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
    Rules []BucketReplicationRule
    A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
    role String
    The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
    rules List<BucketReplicationRule>
    A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
    role string
    The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
    rules BucketReplicationRule[]
    A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
    role str
    The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
    rules Sequence[BucketReplicationRule]
    A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
    role String
    The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see How to Set Up Replication in the Amazon S3 User Guide.
    rules List<Property Map>
    A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.

    BucketReplicationDestination, BucketReplicationDestinationArgs

    Bucket string
    The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
    AccessControlTranslation Pulumi.AwsNative.S3.Inputs.BucketAccessControlTranslation
    Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
    Account string
    Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the AccessControlTranslation property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify the AccessControlTranslation property, the Account property is required.
    EncryptionConfiguration Pulumi.AwsNative.S3.Inputs.BucketEncryptionConfiguration
    Specifies encryption-related information.
    Metrics Pulumi.AwsNative.S3.Inputs.BucketMetrics
    A container specifying replication metrics-related settings enabling replication metrics and events.
    ReplicationTime Pulumi.AwsNative.S3.Inputs.BucketReplicationTime
    A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.
    StorageClass Pulumi.AwsNative.S3.BucketReplicationDestinationStorageClass
    The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. For valid values, see the StorageClass element of the PUT Bucket replication action in the Amazon S3 API Reference.
    Bucket string
    The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
    AccessControlTranslation BucketAccessControlTranslation
    Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
    Account string
    Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the AccessControlTranslation property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify the AccessControlTranslation property, the Account property is required.
    EncryptionConfiguration BucketEncryptionConfiguration
    Specifies encryption-related information.
    Metrics BucketMetrics
    A container specifying replication metrics-related settings enabling replication metrics and events.
    ReplicationTime BucketReplicationTime
    A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.
    StorageClass BucketReplicationDestinationStorageClass
    The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. For valid values, see the StorageClass element of the PUT Bucket replication action in the Amazon S3 API Reference.
    bucket String
    The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
    accessControlTranslation BucketAccessControlTranslation
    Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
    account String
    Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the AccessControlTranslation property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify the AccessControlTranslation property, the Account property is required.
    encryptionConfiguration BucketEncryptionConfiguration
    Specifies encryption-related information.
    metrics BucketMetrics
    A container specifying replication metrics-related settings enabling replication metrics and events.
    replicationTime BucketReplicationTime
    A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.
    storageClass BucketReplicationDestinationStorageClass
    The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. For valid values, see the StorageClass element of the PUT Bucket replication action in the Amazon S3 API Reference.
    bucket string
    The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
    accessControlTranslation BucketAccessControlTranslation
    Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
    account string
    Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the AccessControlTranslation property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify the AccessControlTranslation property, the Account property is required.
    encryptionConfiguration BucketEncryptionConfiguration
    Specifies encryption-related information.
    metrics BucketMetrics
    A container specifying replication metrics-related settings enabling replication metrics and events.
    replicationTime BucketReplicationTime
    A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.
    storageClass BucketReplicationDestinationStorageClass
    The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. For valid values, see the StorageClass element of the PUT Bucket replication action in the Amazon S3 API Reference.
    bucket str
    The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
    access_control_translation BucketAccessControlTranslation
    Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
    account str
    Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the AccessControlTranslation property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify the AccessControlTranslation property, the Account property is required.
    encryption_configuration BucketEncryptionConfiguration
    Specifies encryption-related information.
    metrics BucketMetrics
    A container specifying replication metrics-related settings enabling replication metrics and events.
    replication_time BucketReplicationTime
    A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.
    storage_class BucketReplicationDestinationStorageClass
    The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. For valid values, see the StorageClass element of the PUT Bucket replication action in the Amazon S3 API Reference.
    bucket String
    The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
    accessControlTranslation Property Map
    Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
    account String
    Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the AccessControlTranslation property, this is the account ID of the destination bucket owner. For more information, see Cross-Region Replication Additional Configuration: Change Replica Owner in the Amazon S3 User Guide. If you specify the AccessControlTranslation property, the Account property is required.
    encryptionConfiguration Property Map
    Specifies encryption-related information.
    metrics Property Map
    A container specifying replication metrics-related settings enabling replication metrics and events.
    replicationTime Property Map
    A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.
    storageClass "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA"
    The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. For valid values, see the StorageClass element of the PUT Bucket replication action in the Amazon S3 API Reference.

    BucketReplicationDestinationStorageClass, BucketReplicationDestinationStorageClassArgs

    DeepArchive
    DEEP_ARCHIVE
    Glacier
    GLACIER
    GlacierIr
    GLACIER_IR
    IntelligentTiering
    INTELLIGENT_TIERING
    OnezoneIa
    ONEZONE_IA
    ReducedRedundancy
    REDUCED_REDUNDANCY
    Standard
    STANDARD
    StandardIa
    STANDARD_IA
    BucketReplicationDestinationStorageClassDeepArchive
    DEEP_ARCHIVE
    BucketReplicationDestinationStorageClassGlacier
    GLACIER
    BucketReplicationDestinationStorageClassGlacierIr
    GLACIER_IR
    BucketReplicationDestinationStorageClassIntelligentTiering
    INTELLIGENT_TIERING
    BucketReplicationDestinationStorageClassOnezoneIa
    ONEZONE_IA
    BucketReplicationDestinationStorageClassReducedRedundancy
    REDUCED_REDUNDANCY
    BucketReplicationDestinationStorageClassStandard
    STANDARD
    BucketReplicationDestinationStorageClassStandardIa
    STANDARD_IA
    DeepArchive
    DEEP_ARCHIVE
    Glacier
    GLACIER
    GlacierIr
    GLACIER_IR
    IntelligentTiering
    INTELLIGENT_TIERING
    OnezoneIa
    ONEZONE_IA
    ReducedRedundancy
    REDUCED_REDUNDANCY
    Standard
    STANDARD
    StandardIa
    STANDARD_IA
    DeepArchive
    DEEP_ARCHIVE
    Glacier
    GLACIER
    GlacierIr
    GLACIER_IR
    IntelligentTiering
    INTELLIGENT_TIERING
    OnezoneIa
    ONEZONE_IA
    ReducedRedundancy
    REDUCED_REDUNDANCY
    Standard
    STANDARD
    StandardIa
    STANDARD_IA
    DEEP_ARCHIVE
    DEEP_ARCHIVE
    GLACIER
    GLACIER
    GLACIER_IR
    GLACIER_IR
    INTELLIGENT_TIERING
    INTELLIGENT_TIERING
    ONEZONE_IA
    ONEZONE_IA
    REDUCED_REDUNDANCY
    REDUCED_REDUNDANCY
    STANDARD
    STANDARD
    STANDARD_IA
    STANDARD_IA
    "DEEP_ARCHIVE"
    DEEP_ARCHIVE
    "GLACIER"
    GLACIER
    "GLACIER_IR"
    GLACIER_IR
    "INTELLIGENT_TIERING"
    INTELLIGENT_TIERING
    "ONEZONE_IA"
    ONEZONE_IA
    "REDUCED_REDUNDANCY"
    REDUCED_REDUNDANCY
    "STANDARD"
    STANDARD
    "STANDARD_IA"
    STANDARD_IA

    BucketReplicationRule, BucketReplicationRuleArgs

    Destination Pulumi.AwsNative.S3.Inputs.BucketReplicationDestination
    A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
    Status Pulumi.AwsNative.S3.BucketReplicationRuleStatus
    Specifies whether the rule is enabled.
    DeleteMarkerReplication Pulumi.AwsNative.S3.Inputs.BucketDeleteMarkerReplication
    Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.
    Filter Pulumi.AwsNative.S3.Inputs.BucketReplicationRuleFilter
    A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, TagFilter, or an And child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element.
    Id string
    A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
    Prefix string
    An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    Priority int
    The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
    SourceSelectionCriteria Pulumi.AwsNative.S3.Inputs.BucketSourceSelectionCriteria
    A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
    Destination BucketReplicationDestination
    A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
    Status BucketReplicationRuleStatus
    Specifies whether the rule is enabled.
    DeleteMarkerReplication BucketDeleteMarkerReplication
    Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.
    Filter BucketReplicationRuleFilter
    A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, TagFilter, or an And child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element.
    Id string
    A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
    Prefix string
    An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    Priority int
    The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
    SourceSelectionCriteria BucketSourceSelectionCriteria
    A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
    destination BucketReplicationDestination
    A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
    status BucketReplicationRuleStatus
    Specifies whether the rule is enabled.
    deleteMarkerReplication BucketDeleteMarkerReplication
    Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.
    filter BucketReplicationRuleFilter
    A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, TagFilter, or an And child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element.
    id String
    A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
    prefix String
    An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    priority Integer
    The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
    sourceSelectionCriteria BucketSourceSelectionCriteria
    A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
    destination BucketReplicationDestination
    A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
    status BucketReplicationRuleStatus
    Specifies whether the rule is enabled.
    deleteMarkerReplication BucketDeleteMarkerReplication
    Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.
    filter BucketReplicationRuleFilter
    A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, TagFilter, or an And child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element.
    id string
    A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
    prefix string
    An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    priority number
    The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
    sourceSelectionCriteria BucketSourceSelectionCriteria
    A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
    destination BucketReplicationDestination
    A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
    status BucketReplicationRuleStatus
    Specifies whether the rule is enabled.
    delete_marker_replication BucketDeleteMarkerReplication
    Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.
    filter BucketReplicationRuleFilter
    A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, TagFilter, or an And child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element.
    id str
    A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
    prefix str
    An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    priority int
    The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
    source_selection_criteria BucketSourceSelectionCriteria
    A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
    destination Property Map
    A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
    status "Disabled" | "Enabled"
    Specifies whether the rule is enabled.
    deleteMarkerReplication Property Map
    Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration. For more information about delete marker replication, see Basic Rule Configuration. If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.
    filter Property Map
    A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, TagFilter, or an And child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element.
    id String
    A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
    prefix String
    An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the Prefix directly as a child element of the Rule element. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    priority Number
    The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. For more information, see Replication in the Amazon S3 User Guide.
    sourceSelectionCriteria Property Map
    A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.

    BucketReplicationRuleAndOperator, BucketReplicationRuleAndOperatorArgs

    Prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies.
    TagFilters List<Pulumi.AwsNative.S3.Inputs.BucketTagFilter>
    An array of tags containing key and value pairs.
    Prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies.
    TagFilters []BucketTagFilter
    An array of tags containing key and value pairs.
    prefix String
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tagFilters List<BucketTagFilter>
    An array of tags containing key and value pairs.
    prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tagFilters BucketTagFilter[]
    An array of tags containing key and value pairs.
    prefix str
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tag_filters Sequence[BucketTagFilter]
    An array of tags containing key and value pairs.
    prefix String
    An object key name prefix that identifies the subset of objects to which the rule applies.
    tagFilters List<Property Map>
    An array of tags containing key and value pairs.

    BucketReplicationRuleFilter, BucketReplicationRuleFilterArgs

    And Pulumi.AwsNative.S3.Inputs.BucketReplicationRuleAndOperator
    A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:

    • If you specify both a Prefix and a TagFilter, wrap these filters in an And tag.
    • If you specify a filter based on multiple tags, wrap the TagFilter elements in an And tag.
    Prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    TagFilter Pulumi.AwsNative.S3.Inputs.BucketTagFilter
    A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
    And BucketReplicationRuleAndOperator
    A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:

    • If you specify both a Prefix and a TagFilter, wrap these filters in an And tag.
    • If you specify a filter based on multiple tags, wrap the TagFilter elements in an And tag.
    Prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    TagFilter BucketTagFilter
    A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
    and BucketReplicationRuleAndOperator
    A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:

    • If you specify both a Prefix and a TagFilter, wrap these filters in an And tag.
    • If you specify a filter based on multiple tags, wrap the TagFilter elements in an And tag.
    prefix String
    An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    tagFilter BucketTagFilter
    A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
    and BucketReplicationRuleAndOperator
    A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:

    • If you specify both a Prefix and a TagFilter, wrap these filters in an And tag.
    • If you specify a filter based on multiple tags, wrap the TagFilter elements in an And tag.
    prefix string
    An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    tagFilter BucketTagFilter
    A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
    and_ BucketReplicationRuleAndOperator
    A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:

    • If you specify both a Prefix and a TagFilter, wrap these filters in an And tag.
    • If you specify a filter based on multiple tags, wrap the TagFilter elements in an And tag.
    prefix str
    An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    tag_filter BucketTagFilter
    A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.
    and Property Map
    A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:

    • If you specify both a Prefix and a TagFilter, wrap these filters in an And tag.
    • If you specify a filter based on multiple tags, wrap the TagFilter elements in an And tag.
    prefix String
    An object key name prefix that identifies the subset of objects to which the rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    tagFilter Property Map
    A container for specifying a tag key and value. The rule applies only to objects that have the tag in their tag set.

    BucketReplicationRuleStatus, BucketReplicationRuleStatusArgs

    Disabled
    Disabled
    Enabled
    Enabled
    BucketReplicationRuleStatusDisabled
    Disabled
    BucketReplicationRuleStatusEnabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    DISABLED
    Disabled
    ENABLED
    Enabled
    "Disabled"
    Disabled
    "Enabled"
    Enabled

    BucketReplicationTime, BucketReplicationTimeArgs

    Status Pulumi.AwsNative.S3.BucketReplicationTimeStatus
    Specifies whether the replication time is enabled.
    Time Pulumi.AwsNative.S3.Inputs.BucketReplicationTimeValue
    A container specifying the time by which replication should be complete for all objects and operations on objects.
    Status BucketReplicationTimeStatus
    Specifies whether the replication time is enabled.
    Time BucketReplicationTimeValue
    A container specifying the time by which replication should be complete for all objects and operations on objects.
    status BucketReplicationTimeStatus
    Specifies whether the replication time is enabled.
    time BucketReplicationTimeValue
    A container specifying the time by which replication should be complete for all objects and operations on objects.
    status BucketReplicationTimeStatus
    Specifies whether the replication time is enabled.
    time BucketReplicationTimeValue
    A container specifying the time by which replication should be complete for all objects and operations on objects.
    status BucketReplicationTimeStatus
    Specifies whether the replication time is enabled.
    time BucketReplicationTimeValue
    A container specifying the time by which replication should be complete for all objects and operations on objects.
    status "Disabled" | "Enabled"
    Specifies whether the replication time is enabled.
    time Property Map
    A container specifying the time by which replication should be complete for all objects and operations on objects.

    BucketReplicationTimeStatus, BucketReplicationTimeStatusArgs

    Disabled
    Disabled
    Enabled
    Enabled
    BucketReplicationTimeStatusDisabled
    Disabled
    BucketReplicationTimeStatusEnabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    Disabled
    Disabled
    Enabled
    Enabled
    DISABLED
    Disabled
    ENABLED
    Enabled
    "Disabled"
    Disabled
    "Enabled"
    Enabled

    BucketReplicationTimeValue, BucketReplicationTimeValueArgs

    Minutes int
    Contains an integer specifying time in minutes. Valid value: 15
    Minutes int
    Contains an integer specifying time in minutes. Valid value: 15
    minutes Integer
    Contains an integer specifying time in minutes. Valid value: 15
    minutes number
    Contains an integer specifying time in minutes. Valid value: 15
    minutes int
    Contains an integer specifying time in minutes. Valid value: 15
    minutes Number
    Contains an integer specifying time in minutes. Valid value: 15

    BucketRoutingRule, BucketRoutingRuleArgs

    RedirectRule Pulumi.AwsNative.S3.Inputs.BucketRedirectRule
    Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
    RoutingRuleCondition Pulumi.AwsNative.S3.Inputs.BucketRoutingRuleCondition
    A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
    RedirectRule BucketRedirectRule
    Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
    RoutingRuleCondition BucketRoutingRuleCondition
    A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
    redirectRule BucketRedirectRule
    Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
    routingRuleCondition BucketRoutingRuleCondition
    A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
    redirectRule BucketRedirectRule
    Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
    routingRuleCondition BucketRoutingRuleCondition
    A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
    redirect_rule BucketRedirectRule
    Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
    routing_rule_condition BucketRoutingRuleCondition
    A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
    redirectRule Property Map
    Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
    routingRuleCondition Property Map
    A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.

    BucketRoutingRuleCondition, BucketRoutingRuleConditionArgs

    HttpErrorCodeReturnedEquals string
    The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. Required when parent element Condition is specified and sibling KeyPrefixEquals is not specified. If both are specified, then both must be true for the redirect to be applied.
    KeyPrefixEquals string
    The object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html. To redirect request for all pages with the prefix docs/, the key prefix will be /docs, which identifies all objects in the docs/ folder. Required when the parent element Condition is specified and sibling HttpErrorCodeReturnedEquals is not specified. If both conditions are specified, both must be true for the redirect to be applied.
    HttpErrorCodeReturnedEquals string
    The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. Required when parent element Condition is specified and sibling KeyPrefixEquals is not specified. If both are specified, then both must be true for the redirect to be applied.
    KeyPrefixEquals string
    The object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html. To redirect request for all pages with the prefix docs/, the key prefix will be /docs, which identifies all objects in the docs/ folder. Required when the parent element Condition is specified and sibling HttpErrorCodeReturnedEquals is not specified. If both conditions are specified, both must be true for the redirect to be applied.
    httpErrorCodeReturnedEquals String
    The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. Required when parent element Condition is specified and sibling KeyPrefixEquals is not specified. If both are specified, then both must be true for the redirect to be applied.
    keyPrefixEquals String
    The object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html. To redirect request for all pages with the prefix docs/, the key prefix will be /docs, which identifies all objects in the docs/ folder. Required when the parent element Condition is specified and sibling HttpErrorCodeReturnedEquals is not specified. If both conditions are specified, both must be true for the redirect to be applied.
    httpErrorCodeReturnedEquals string
    The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. Required when parent element Condition is specified and sibling KeyPrefixEquals is not specified. If both are specified, then both must be true for the redirect to be applied.
    keyPrefixEquals string
    The object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html. To redirect request for all pages with the prefix docs/, the key prefix will be /docs, which identifies all objects in the docs/ folder. Required when the parent element Condition is specified and sibling HttpErrorCodeReturnedEquals is not specified. If both conditions are specified, both must be true for the redirect to be applied.
    http_error_code_returned_equals str
    The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. Required when parent element Condition is specified and sibling KeyPrefixEquals is not specified. If both are specified, then both must be true for the redirect to be applied.
    key_prefix_equals str
    The object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html. To redirect request for all pages with the prefix docs/, the key prefix will be /docs, which identifies all objects in the docs/ folder. Required when the parent element Condition is specified and sibling HttpErrorCodeReturnedEquals is not specified. If both conditions are specified, both must be true for the redirect to be applied.
    httpErrorCodeReturnedEquals String
    The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. Required when parent element Condition is specified and sibling KeyPrefixEquals is not specified. If both are specified, then both must be true for the redirect to be applied.
    keyPrefixEquals String
    The object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html. To redirect request for all pages with the prefix docs/, the key prefix will be /docs, which identifies all objects in the docs/ folder. Required when the parent element Condition is specified and sibling HttpErrorCodeReturnedEquals is not specified. If both conditions are specified, both must be true for the redirect to be applied.

    BucketRule, BucketRuleArgs

    Status Pulumi.AwsNative.S3.BucketRuleStatus
    If Enabled, the rule is currently being applied. If Disabled, the rule is not currently being applied.
    AbortIncompleteMultipartUpload Pulumi.AwsNative.S3.Inputs.BucketAbortIncompleteMultipartUpload
    Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
    ExpirationDate string
    Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
    ExpirationInDays int
    Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
    ExpiredObjectDeleteMarker bool
    Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ExpirationInDays, ExpirationDate, or TagFilters.
    Id string
    Unique identifier for the rule. The value can't be longer than 255 characters.
    NoncurrentVersionExpiration Pulumi.AwsNative.S3.Inputs.BucketNoncurrentVersionExpiration
    Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
    NoncurrentVersionExpirationInDays int
    (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
    NoncurrentVersionTransition Pulumi.AwsNative.S3.Inputs.BucketNoncurrentVersionTransition
    (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the NoncurrentVersionTransitions property.
    NoncurrentVersionTransitions List<Pulumi.AwsNative.S3.Inputs.BucketNoncurrentVersionTransition>
    For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the NoncurrentVersionTransition property.
    ObjectSizeGreaterThan string
    Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
    ObjectSizeLessThan string
    Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
    Prefix string
    Object key prefix that identifies one or more objects to which this rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    TagFilters List<Pulumi.AwsNative.S3.Inputs.BucketTagFilter>
    Tags to use to identify a subset of objects to which the lifecycle rule applies.
    Transition Pulumi.AwsNative.S3.Inputs.BucketTransition
    (Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the Transitions property.
    Transitions List<Pulumi.AwsNative.S3.Inputs.BucketTransition>
    One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the Transition property.
    Status BucketRuleStatus
    If Enabled, the rule is currently being applied. If Disabled, the rule is not currently being applied.
    AbortIncompleteMultipartUpload BucketAbortIncompleteMultipartUpload
    Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
    ExpirationDate string
    Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
    ExpirationInDays int
    Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
    ExpiredObjectDeleteMarker bool
    Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ExpirationInDays, ExpirationDate, or TagFilters.
    Id string
    Unique identifier for the rule. The value can't be longer than 255 characters.
    NoncurrentVersionExpiration BucketNoncurrentVersionExpiration
    Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
    NoncurrentVersionExpirationInDays int
    (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
    NoncurrentVersionTransition BucketNoncurrentVersionTransition
    (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the NoncurrentVersionTransitions property.
    NoncurrentVersionTransitions []BucketNoncurrentVersionTransition
    For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the NoncurrentVersionTransition property.
    ObjectSizeGreaterThan string
    Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
    ObjectSizeLessThan string
    Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
    Prefix string
    Object key prefix that identifies one or more objects to which this rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
    TagFilters []BucketTagFilter
    Tags to use to identify a subset of objects to which the lifecycle rule applies.
    Transition BucketTransition
    (Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the Transitions property.
    Transitions []BucketTransition
    One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the Transition property.
    status BucketRuleStatus
    If Enabled, the rule is currently being applied. If Disabled, the rule is not currently being applied.
    abortIncompleteMultipartUpload BucketAbortIncompleteMultipartUpload
    Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
    expirationDate String
    Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
    expirationInDays Integer
    Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
    expiredObjectDeleteMarker Boolean
    Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ExpirationInDays, ExpirationDate, or TagFilters.
    id String
    Unique identifier for the rule. The value can't be longer than 255 characters.
    noncurrentVersionExpiration BucketNoncurrentVersionExpiration
    Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
    noncurrentVersionExpirationInDays Integer
    (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
    noncurrentVersionTransition BucketNoncurrentVersionTransition
    (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the NoncurrentVersionTransitions property.
    noncurrentVersionTransitions List<BucketNoncurrentVersionTransition>
    For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the NoncurrentVersionTransition property.
    objectSizeGreaterThan String
    Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
    objectSizeLessThan String
    Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide.
    prefix String
    Object key prefix that identifies one or more objects to which this rule applies. Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.