AWS Classic
BucketObjectLockConfigurationV2
Provides an S3 bucket Object Lock configuration resource. For more information about Object Locking, go to Using S3 Object Lock in the Amazon S3 User Guide.
NOTE: This resource does not enable Object Lock for new buckets. It configures a default retention period for objects placed in the specified bucket. Thus, to enable Object Lock for a new bucket, see the Using object lock configuration section in the
aws.s3.BucketV2resource or the Object Lock configuration for a new bucket example below. If you want to enable Object Lock for an existing bucket, contact AWS Support and see the Object Lock configuration for an existing bucket example below.
Example Usage
Object Lock configuration for a new bucket
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var exampleBucketV2 = new Aws.S3.BucketV2("exampleBucketV2", new Aws.S3.BucketV2Args
{
ObjectLockEnabled = true,
});
var exampleBucketObjectLockConfigurationV2 = new Aws.S3.BucketObjectLockConfigurationV2("exampleBucketObjectLockConfigurationV2", new Aws.S3.BucketObjectLockConfigurationV2Args
{
Bucket = exampleBucketV2.Bucket,
Rule = new Aws.S3.Inputs.BucketObjectLockConfigurationV2RuleArgs
{
DefaultRetention = new Aws.S3.Inputs.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs
{
Mode = "COMPLIANCE",
Days = 5,
},
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleBucketV2, err := s3.NewBucketV2(ctx, "exampleBucketV2", &s3.BucketV2Args{
ObjectLockEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = s3.NewBucketObjectLockConfigurationV2(ctx, "exampleBucketObjectLockConfigurationV2", &s3.BucketObjectLockConfigurationV2Args{
Bucket: exampleBucketV2.Bucket,
Rule: &s3.BucketObjectLockConfigurationV2RuleArgs{
DefaultRetention: &s3.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs{
Mode: pulumi.String("COMPLIANCE"),
Days: pulumi.Int(5),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleBucketV2 = new BucketV2("exampleBucketV2", BucketV2Args.builder()
.objectLockEnabled(true)
.build());
var exampleBucketObjectLockConfigurationV2 = new BucketObjectLockConfigurationV2("exampleBucketObjectLockConfigurationV2", BucketObjectLockConfigurationV2Args.builder()
.bucket(exampleBucketV2.bucket())
.rule(BucketObjectLockConfigurationV2RuleArgs.builder()
.defaultRetention(BucketObjectLockConfigurationV2RuleDefaultRetentionArgs.builder()
.mode("COMPLIANCE")
.days(5)
.build())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
example_bucket_v2 = aws.s3.BucketV2("exampleBucketV2", object_lock_enabled=True)
example_bucket_object_lock_configuration_v2 = aws.s3.BucketObjectLockConfigurationV2("exampleBucketObjectLockConfigurationV2",
bucket=example_bucket_v2.bucket,
rule=aws.s3.BucketObjectLockConfigurationV2RuleArgs(
default_retention=aws.s3.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs(
mode="COMPLIANCE",
days=5,
),
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleBucketV2 = new aws.s3.BucketV2("exampleBucketV2", {objectLockEnabled: true});
const exampleBucketObjectLockConfigurationV2 = new aws.s3.BucketObjectLockConfigurationV2("exampleBucketObjectLockConfigurationV2", {
bucket: exampleBucketV2.bucket,
rule: {
defaultRetention: {
mode: "COMPLIANCE",
days: 5,
},
},
});
resources:
exampleBucketV2:
type: aws:s3:BucketV2
properties:
objectLockEnabled: true
exampleBucketObjectLockConfigurationV2:
type: aws:s3:BucketObjectLockConfigurationV2
properties:
bucket: ${exampleBucketV2.bucket}
rule:
defaultRetention:
mode: COMPLIANCE
days: 5
Object Lock configuration for an existing bucket
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var exampleBucketV2 = new Aws.S3.BucketV2("exampleBucketV2", new Aws.S3.BucketV2Args
{
});
var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2("exampleBucketVersioningV2", new Aws.S3.BucketVersioningV2Args
{
Bucket = exampleBucketV2.Bucket,
VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
{
Status = "Enabled",
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleBucketV2, err := s3.NewBucketV2(ctx, "exampleBucketV2", nil)
if err != nil {
return err
}
_, err = s3.NewBucketVersioningV2(ctx, "exampleBucketVersioningV2", &s3.BucketVersioningV2Args{
Bucket: exampleBucketV2.Bucket,
VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
Status: pulumi.String("Enabled"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleBucketV2 = new BucketV2("exampleBucketV2");
var exampleBucketVersioningV2 = new BucketVersioningV2("exampleBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(exampleBucketV2.bucket())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
example_bucket_v2 = aws.s3.BucketV2("exampleBucketV2")
example_bucket_versioning_v2 = aws.s3.BucketVersioningV2("exampleBucketVersioningV2",
bucket=example_bucket_v2.bucket,
versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(
status="Enabled",
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleBucketV2 = new aws.s3.BucketV2("exampleBucketV2", {});
const exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2("exampleBucketVersioningV2", {
bucket: exampleBucketV2.bucket,
versioningConfiguration: {
status: "Enabled",
},
});
resources:
exampleBucketV2:
type: aws:s3:BucketV2
exampleBucketVersioningV2:
type: aws:s3:BucketVersioningV2
properties:
bucket: ${exampleBucketV2.bucket}
versioningConfiguration:
status: Enabled
Create a BucketObjectLockConfigurationV2 Resource
new BucketObjectLockConfigurationV2(name: string, args: BucketObjectLockConfigurationV2Args, opts?: CustomResourceOptions);@overload
def BucketObjectLockConfigurationV2(resource_name: str,
opts: Optional[ResourceOptions] = None,
bucket: Optional[str] = None,
expected_bucket_owner: Optional[str] = None,
object_lock_enabled: Optional[str] = None,
rule: Optional[BucketObjectLockConfigurationV2RuleArgs] = None,
token: Optional[str] = None)
@overload
def BucketObjectLockConfigurationV2(resource_name: str,
args: BucketObjectLockConfigurationV2Args,
opts: Optional[ResourceOptions] = None)func NewBucketObjectLockConfigurationV2(ctx *Context, name string, args BucketObjectLockConfigurationV2Args, opts ...ResourceOption) (*BucketObjectLockConfigurationV2, error)public BucketObjectLockConfigurationV2(string name, BucketObjectLockConfigurationV2Args args, CustomResourceOptions? opts = null)
public BucketObjectLockConfigurationV2(String name, BucketObjectLockConfigurationV2Args args)
public BucketObjectLockConfigurationV2(String name, BucketObjectLockConfigurationV2Args args, CustomResourceOptions options)
type: aws:s3:BucketObjectLockConfigurationV2
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BucketObjectLockConfigurationV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args BucketObjectLockConfigurationV2Args
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args BucketObjectLockConfigurationV2Args
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BucketObjectLockConfigurationV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args BucketObjectLockConfigurationV2Args
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
BucketObjectLockConfigurationV2 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The BucketObjectLockConfigurationV2 resource accepts the following input properties:
- Bucket string
The name of the bucket.
- Rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- Expected
Bucket stringOwner The account ID of the expected bucket owner.
- Object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- Token string
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- Bucket string
The name of the bucket.
- Rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- Expected
Bucket stringOwner The account ID of the expected bucket owner.
- Object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- Token string
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket String
The name of the bucket.
- rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- expected
Bucket StringOwner The account ID of the expected bucket owner.
- object
Lock StringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- token String
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket string
The name of the bucket.
- rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- expected
Bucket stringOwner The account ID of the expected bucket owner.
- object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- token string
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket str
The name of the bucket.
- rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- expected_
bucket_ strowner The account ID of the expected bucket owner.
- object_
lock_ strenabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- token str
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket String
The name of the bucket.
- rule Property Map
Configuration block for specifying the Object Lock rule for the specified object detailed below.
- expected
Bucket StringOwner The account ID of the expected bucket owner.
- object
Lock StringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- token String
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the BucketObjectLockConfigurationV2 resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up an Existing BucketObjectLockConfigurationV2 Resource
Get an existing BucketObjectLockConfigurationV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: BucketObjectLockConfigurationV2State, opts?: CustomResourceOptions): BucketObjectLockConfigurationV2@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
bucket: Optional[str] = None,
expected_bucket_owner: Optional[str] = None,
object_lock_enabled: Optional[str] = None,
rule: Optional[BucketObjectLockConfigurationV2RuleArgs] = None,
token: Optional[str] = None) -> BucketObjectLockConfigurationV2func GetBucketObjectLockConfigurationV2(ctx *Context, name string, id IDInput, state *BucketObjectLockConfigurationV2State, opts ...ResourceOption) (*BucketObjectLockConfigurationV2, error)public static BucketObjectLockConfigurationV2 Get(string name, Input<string> id, BucketObjectLockConfigurationV2State? state, CustomResourceOptions? opts = null)public static BucketObjectLockConfigurationV2 get(String name, Output<String> id, BucketObjectLockConfigurationV2State state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Bucket string
The name of the bucket.
- Expected
Bucket stringOwner The account ID of the expected bucket owner.
- Object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- Rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- Token string
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- Bucket string
The name of the bucket.
- Expected
Bucket stringOwner The account ID of the expected bucket owner.
- Object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- Rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- Token string
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket String
The name of the bucket.
- expected
Bucket StringOwner The account ID of the expected bucket owner.
- object
Lock StringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- token String
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket string
The name of the bucket.
- expected
Bucket stringOwner The account ID of the expected bucket owner.
- object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- token string
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket str
The name of the bucket.
- expected_
bucket_ strowner The account ID of the expected bucket owner.
- object_
lock_ strenabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- rule
Bucket
Object Lock Configuration V2Rule Args Configuration block for specifying the Object Lock rule for the specified object detailed below.
- token str
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
- bucket String
The name of the bucket.
- expected
Bucket StringOwner The account ID of the expected bucket owner.
- object
Lock StringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Defaults to
Enabled. Valid values:Enabled.- rule Property Map
Configuration block for specifying the Object Lock rule for the specified object detailed below.
- token String
A token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the
aws.s3.BucketVersioningV2resource.
Supporting Types
BucketObjectLockConfigurationV2Rule
- Default
Retention BucketObject Lock Configuration V2Rule Default Retention A configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket detailed below.
- Default
Retention BucketObject Lock Configuration V2Rule Default Retention A configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket detailed below.
- default
Retention BucketObject Lock Configuration V2Rule Default Retention A configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket detailed below.
- default
Retention BucketObject Lock Configuration V2Rule Default Retention A configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket detailed below.
- default_
retention BucketObject Lock Configuration V2Rule Default Retention A configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket detailed below.
- default
Retention Property Map A configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket detailed below.
BucketObjectLockConfigurationV2RuleDefaultRetention
- Days int
The number of days that you want to specify for the default retention period.
- Mode string
The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values:
COMPLIANCE,GOVERNANCE.- Years int
The number of years that you want to specify for the default retention period.
- Days int
The number of days that you want to specify for the default retention period.
- Mode string
The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values:
COMPLIANCE,GOVERNANCE.- Years int
The number of years that you want to specify for the default retention period.
- days Integer
The number of days that you want to specify for the default retention period.
- mode String
The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values:
COMPLIANCE,GOVERNANCE.- years Integer
The number of years that you want to specify for the default retention period.
- days number
The number of days that you want to specify for the default retention period.
- mode string
The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values:
COMPLIANCE,GOVERNANCE.- years number
The number of years that you want to specify for the default retention period.
- days int
The number of days that you want to specify for the default retention period.
- mode str
The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values:
COMPLIANCE,GOVERNANCE.- years int
The number of years that you want to specify for the default retention period.
- days Number
The number of days that you want to specify for the default retention period.
- mode String
The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values:
COMPLIANCE,GOVERNANCE.- years Number
The number of years that you want to specify for the default retention period.
Import
S3 bucket Object Lock configuration can be imported in one of two ways. If the owner (account ID) of the source bucket is the same account used to configure the Terraform AWS Provider, the S3 bucket Object Lock configuration resource should be imported using the bucket e.g.,
$ pulumi import aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2 example bucket-name
If the owner (account ID) of the source bucket differs from the account used to configure the Terraform AWS Provider, the S3 bucket Object Lock configuration resource should be imported using the bucket and expected_bucket_owner separated by a comma (,) e.g.,
$ pulumi import aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2 example bucket-name,123456789012
Package Details
- Repository
- https://github.com/pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.