1. Packages
  2. AWS Classic
  3. API Docs
  4. s3
  5. BucketObjectLockConfigurationV2

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.28.1 published on Thursday, Mar 28, 2024 by Pulumi

aws.s3.BucketObjectLockConfigurationV2

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.28.1 published on Thursday, Mar 28, 2024 by Pulumi

    Provides an S3 bucket Object Lock configuration resource. For more information about Object Locking, go to Using S3 Object Lock in the Amazon S3 User Guide.

    This resource can be used enable Object Lock for new and existing buckets.

    This resource cannot be used with S3 directory buckets.

    Example Usage

    Object Lock configuration for new or existing buckets

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.s3.BucketV2("example", {bucket: "mybucket"});
    const exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2("example", {
        bucket: example.id,
        versioningConfiguration: {
            status: "Enabled",
        },
    });
    const exampleBucketObjectLockConfigurationV2 = new aws.s3.BucketObjectLockConfigurationV2("example", {
        bucket: example.id,
        rule: {
            defaultRetention: {
                mode: "COMPLIANCE",
                days: 5,
            },
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.s3.BucketV2("example", bucket="mybucket")
    example_bucket_versioning_v2 = aws.s3.BucketVersioningV2("example",
        bucket=example.id,
        versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(
            status="Enabled",
        ))
    example_bucket_object_lock_configuration_v2 = aws.s3.BucketObjectLockConfigurationV2("example",
        bucket=example.id,
        rule=aws.s3.BucketObjectLockConfigurationV2RuleArgs(
            default_retention=aws.s3.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs(
                mode="COMPLIANCE",
                days=5,
            ),
        ))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := s3.NewBucketV2(ctx, "example", &s3.BucketV2Args{
    			Bucket: pulumi.String("mybucket"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = s3.NewBucketVersioningV2(ctx, "example", &s3.BucketVersioningV2Args{
    			Bucket: example.ID(),
    			VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
    				Status: pulumi.String("Enabled"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = s3.NewBucketObjectLockConfigurationV2(ctx, "example", &s3.BucketObjectLockConfigurationV2Args{
    			Bucket: example.ID(),
    			Rule: &s3.BucketObjectLockConfigurationV2RuleArgs{
    				DefaultRetention: &s3.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs{
    					Mode: pulumi.String("COMPLIANCE"),
    					Days: pulumi.Int(5),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.S3.BucketV2("example", new()
        {
            Bucket = "mybucket",
        });
    
        var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2("example", new()
        {
            Bucket = example.Id,
            VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
            {
                Status = "Enabled",
            },
        });
    
        var exampleBucketObjectLockConfigurationV2 = new Aws.S3.BucketObjectLockConfigurationV2("example", new()
        {
            Bucket = example.Id,
            Rule = new Aws.S3.Inputs.BucketObjectLockConfigurationV2RuleArgs
            {
                DefaultRetention = new Aws.S3.Inputs.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs
                {
                    Mode = "COMPLIANCE",
                    Days = 5,
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.s3.BucketV2;
    import com.pulumi.aws.s3.BucketV2Args;
    import com.pulumi.aws.s3.BucketVersioningV2;
    import com.pulumi.aws.s3.BucketVersioningV2Args;
    import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
    import com.pulumi.aws.s3.BucketObjectLockConfigurationV2;
    import com.pulumi.aws.s3.BucketObjectLockConfigurationV2Args;
    import com.pulumi.aws.s3.inputs.BucketObjectLockConfigurationV2RuleArgs;
    import com.pulumi.aws.s3.inputs.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new BucketV2("example", BucketV2Args.builder()        
                .bucket("mybucket")
                .build());
    
            var exampleBucketVersioningV2 = new BucketVersioningV2("exampleBucketVersioningV2", BucketVersioningV2Args.builder()        
                .bucket(example.id())
                .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
                    .status("Enabled")
                    .build())
                .build());
    
            var exampleBucketObjectLockConfigurationV2 = new BucketObjectLockConfigurationV2("exampleBucketObjectLockConfigurationV2", BucketObjectLockConfigurationV2Args.builder()        
                .bucket(example.id())
                .rule(BucketObjectLockConfigurationV2RuleArgs.builder()
                    .defaultRetention(BucketObjectLockConfigurationV2RuleDefaultRetentionArgs.builder()
                        .mode("COMPLIANCE")
                        .days(5)
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:s3:BucketV2
        properties:
          bucket: mybucket
      exampleBucketVersioningV2:
        type: aws:s3:BucketVersioningV2
        name: example
        properties:
          bucket: ${example.id}
          versioningConfiguration:
            status: Enabled
      exampleBucketObjectLockConfigurationV2:
        type: aws:s3:BucketObjectLockConfigurationV2
        name: example
        properties:
          bucket: ${example.id}
          rule:
            defaultRetention:
              mode: COMPLIANCE
              days: 5
    

    Create BucketObjectLockConfigurationV2 Resource

    new BucketObjectLockConfigurationV2(name: string, args: BucketObjectLockConfigurationV2Args, opts?: CustomResourceOptions);
    @overload
    def BucketObjectLockConfigurationV2(resource_name: str,
                                        opts: Optional[ResourceOptions] = None,
                                        bucket: Optional[str] = None,
                                        expected_bucket_owner: Optional[str] = None,
                                        object_lock_enabled: Optional[str] = None,
                                        rule: Optional[BucketObjectLockConfigurationV2RuleArgs] = None,
                                        token: Optional[str] = None)
    @overload
    def BucketObjectLockConfigurationV2(resource_name: str,
                                        args: BucketObjectLockConfigurationV2Args,
                                        opts: Optional[ResourceOptions] = None)
    func NewBucketObjectLockConfigurationV2(ctx *Context, name string, args BucketObjectLockConfigurationV2Args, opts ...ResourceOption) (*BucketObjectLockConfigurationV2, error)
    public BucketObjectLockConfigurationV2(string name, BucketObjectLockConfigurationV2Args args, CustomResourceOptions? opts = null)
    public BucketObjectLockConfigurationV2(String name, BucketObjectLockConfigurationV2Args args)
    public BucketObjectLockConfigurationV2(String name, BucketObjectLockConfigurationV2Args args, CustomResourceOptions options)
    
    type: aws:s3:BucketObjectLockConfigurationV2
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args BucketObjectLockConfigurationV2Args
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args BucketObjectLockConfigurationV2Args
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args BucketObjectLockConfigurationV2Args
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args BucketObjectLockConfigurationV2Args
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args BucketObjectLockConfigurationV2Args
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    BucketObjectLockConfigurationV2 Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The BucketObjectLockConfigurationV2 resource accepts the following input properties:

    Bucket string
    Name of the bucket.
    ExpectedBucketOwner string
    Account ID of the expected bucket owner.
    ObjectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    Rule BucketObjectLockConfigurationV2Rule
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    Token string
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    Bucket string
    Name of the bucket.
    ExpectedBucketOwner string
    Account ID of the expected bucket owner.
    ObjectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    Rule BucketObjectLockConfigurationV2RuleArgs
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    Token string
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket String
    Name of the bucket.
    expectedBucketOwner String
    Account ID of the expected bucket owner.
    objectLockEnabled String
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule BucketObjectLockConfigurationV2Rule
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token String
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket string
    Name of the bucket.
    expectedBucketOwner string
    Account ID of the expected bucket owner.
    objectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule BucketObjectLockConfigurationV2Rule
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token string
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket str
    Name of the bucket.
    expected_bucket_owner str
    Account ID of the expected bucket owner.
    object_lock_enabled str
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule BucketObjectLockConfigurationV2RuleArgs
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token str
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket String
    Name of the bucket.
    expectedBucketOwner String
    Account ID of the expected bucket owner.
    objectLockEnabled String
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule Property Map
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token String
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the BucketObjectLockConfigurationV2 resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing BucketObjectLockConfigurationV2 Resource

    Get an existing BucketObjectLockConfigurationV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: BucketObjectLockConfigurationV2State, opts?: CustomResourceOptions): BucketObjectLockConfigurationV2
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            bucket: Optional[str] = None,
            expected_bucket_owner: Optional[str] = None,
            object_lock_enabled: Optional[str] = None,
            rule: Optional[BucketObjectLockConfigurationV2RuleArgs] = None,
            token: Optional[str] = None) -> BucketObjectLockConfigurationV2
    func GetBucketObjectLockConfigurationV2(ctx *Context, name string, id IDInput, state *BucketObjectLockConfigurationV2State, opts ...ResourceOption) (*BucketObjectLockConfigurationV2, error)
    public static BucketObjectLockConfigurationV2 Get(string name, Input<string> id, BucketObjectLockConfigurationV2State? state, CustomResourceOptions? opts = null)
    public static BucketObjectLockConfigurationV2 get(String name, Output<String> id, BucketObjectLockConfigurationV2State state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Bucket string
    Name of the bucket.
    ExpectedBucketOwner string
    Account ID of the expected bucket owner.
    ObjectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    Rule BucketObjectLockConfigurationV2Rule
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    Token string
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    Bucket string
    Name of the bucket.
    ExpectedBucketOwner string
    Account ID of the expected bucket owner.
    ObjectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    Rule BucketObjectLockConfigurationV2RuleArgs
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    Token string
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket String
    Name of the bucket.
    expectedBucketOwner String
    Account ID of the expected bucket owner.
    objectLockEnabled String
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule BucketObjectLockConfigurationV2Rule
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token String
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket string
    Name of the bucket.
    expectedBucketOwner string
    Account ID of the expected bucket owner.
    objectLockEnabled string
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule BucketObjectLockConfigurationV2Rule
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token string
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket str
    Name of the bucket.
    expected_bucket_owner str
    Account ID of the expected bucket owner.
    object_lock_enabled str
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule BucketObjectLockConfigurationV2RuleArgs
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token str
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.
    bucket String
    Name of the bucket.
    expectedBucketOwner String
    Account ID of the expected bucket owner.
    objectLockEnabled String
    Indicates whether this bucket has an Object Lock configuration enabled. Defaults to Enabled. Valid values: Enabled.
    rule Property Map
    Configuration block for specifying the Object Lock rule for the specified object. See below.
    token String
    Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws.s3.BucketVersioningV2 resource.

    Supporting Types

    BucketObjectLockConfigurationV2Rule, BucketObjectLockConfigurationV2RuleArgs

    DefaultRetention BucketObjectLockConfigurationV2RuleDefaultRetention
    Configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket. See below.
    DefaultRetention BucketObjectLockConfigurationV2RuleDefaultRetention
    Configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket. See below.
    defaultRetention BucketObjectLockConfigurationV2RuleDefaultRetention
    Configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket. See below.
    defaultRetention BucketObjectLockConfigurationV2RuleDefaultRetention
    Configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket. See below.
    default_retention BucketObjectLockConfigurationV2RuleDefaultRetention
    Configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket. See below.
    defaultRetention Property Map
    Configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket. See below.

    BucketObjectLockConfigurationV2RuleDefaultRetention, BucketObjectLockConfigurationV2RuleDefaultRetentionArgs

    Days int
    Number of days that you want to specify for the default retention period.
    Mode string
    Default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values: COMPLIANCE, GOVERNANCE.
    Years int
    Number of years that you want to specify for the default retention period.
    Days int
    Number of days that you want to specify for the default retention period.
    Mode string
    Default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values: COMPLIANCE, GOVERNANCE.
    Years int
    Number of years that you want to specify for the default retention period.
    days Integer
    Number of days that you want to specify for the default retention period.
    mode String
    Default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values: COMPLIANCE, GOVERNANCE.
    years Integer
    Number of years that you want to specify for the default retention period.
    days number
    Number of days that you want to specify for the default retention period.
    mode string
    Default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values: COMPLIANCE, GOVERNANCE.
    years number
    Number of years that you want to specify for the default retention period.
    days int
    Number of days that you want to specify for the default retention period.
    mode str
    Default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values: COMPLIANCE, GOVERNANCE.
    years int
    Number of years that you want to specify for the default retention period.
    days Number
    Number of days that you want to specify for the default retention period.
    mode String
    Default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values: COMPLIANCE, GOVERNANCE.
    years Number
    Number of years that you want to specify for the default retention period.

    Import

    If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

    import { to = aws_s3_bucket_object_lock_configuration.example id = “bucket-name,123456789012” }

    Using pulumi import to import S3 bucket Object Lock configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example:

    If the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the bucket:

    $ pulumi import aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2 example bucket-name
    

    If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

    $ pulumi import aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2 example bucket-name,123456789012
    

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.28.1 published on Thursday, Mar 28, 2024 by Pulumi