aws logo
AWS Classic v5.33.0, Mar 24 23

aws.s3.BucketReplicationConfig

Provides an independent configuration resource for S3 bucket replication configuration.

NOTE: S3 Buckets only support a single replication configuration. Declaring multiple aws.s3.BucketReplicationConfig resources to the same S3 Bucket will cause a perpetual difference in configuration.

Example Usage

Using replication configuration

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var central = new Aws.Provider("central", new()
    {
        Region = "eu-central-1",
    });

    var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Principals = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                    {
                        Type = "Service",
                        Identifiers = new[]
                        {
                            "s3.amazonaws.com",
                        },
                    },
                },
                Actions = new[]
                {
                    "sts:AssumeRole",
                },
            },
        },
    });

    var replicationRole = new Aws.Iam.Role("replicationRole", new()
    {
        AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var destinationBucketV2 = new Aws.S3.BucketV2("destinationBucketV2");

    var sourceBucketV2 = new Aws.S3.BucketV2("sourceBucketV2", new()
    {
    }, new CustomResourceOptions
    {
        Provider = aws.Central,
    });

    var replicationPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "s3:GetReplicationConfiguration",
                    "s3:ListBucket",
                },
                Resources = new[]
                {
                    sourceBucketV2.Arn,
                },
            },
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "s3:GetObjectVersionForReplication",
                    "s3:GetObjectVersionAcl",
                    "s3:GetObjectVersionTagging",
                },
                Resources = new[]
                {
                    $"{sourceBucketV2.Arn}/*",
                },
            },
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "s3:ReplicateObject",
                    "s3:ReplicateDelete",
                    "s3:ReplicateTags",
                },
                Resources = new[]
                {
                    $"{destinationBucketV2.Arn}/*",
                },
            },
        },
    });

    var replicationPolicy = new Aws.Iam.Policy("replicationPolicy", new()
    {
        PolicyDocument = replicationPolicyDocument.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("replicationRolePolicyAttachment", new()
    {
        Role = replicationRole.Name,
        PolicyArn = replicationPolicy.Arn,
    });

    var destinationBucketVersioningV2 = new Aws.S3.BucketVersioningV2("destinationBucketVersioningV2", new()
    {
        Bucket = destinationBucketV2.Id,
        VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
        {
            Status = "Enabled",
        },
    });

    var sourceBucketAcl = new Aws.S3.BucketAclV2("sourceBucketAcl", new()
    {
        Bucket = sourceBucketV2.Id,
        Acl = "private",
    }, new CustomResourceOptions
    {
        Provider = aws.Central,
    });

    var sourceBucketVersioningV2 = new Aws.S3.BucketVersioningV2("sourceBucketVersioningV2", new()
    {
        Bucket = sourceBucketV2.Id,
        VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
        {
            Status = "Enabled",
        },
    }, new CustomResourceOptions
    {
        Provider = aws.Central,
    });

    var replicationBucketReplicationConfig = new Aws.S3.BucketReplicationConfig("replicationBucketReplicationConfig", new()
    {
        Role = replicationRole.Arn,
        Bucket = sourceBucketV2.Id,
        Rules = new[]
        {
            new Aws.S3.Inputs.BucketReplicationConfigRuleArgs
            {
                Id = "foobar",
                Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs
                {
                    Prefix = "foo",
                },
                Status = "Enabled",
                Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs
                {
                    Bucket = destinationBucketV2.Arn,
                    StorageClass = "STANDARD",
                },
            },
        },
    }, new CustomResourceOptions
    {
        Provider = aws.Central,
        DependsOn = new[]
        {
            sourceBucketVersioningV2,
        },
    });

});
package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := aws.NewProvider(ctx, "central", &aws.ProviderArgs{
			Region: pulumi.String("eu-central-1"),
		})
		if err != nil {
			return err
		}
		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"s3.amazonaws.com",
							},
						},
					},
					Actions: []string{
						"sts:AssumeRole",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		replicationRole, err := iam.NewRole(ctx, "replicationRole", &iam.RoleArgs{
			AssumeRolePolicy: *pulumi.String(assumeRole.Json),
		})
		if err != nil {
			return err
		}
		destinationBucketV2, err := s3.NewBucketV2(ctx, "destinationBucketV2", nil)
		if err != nil {
			return err
		}
		sourceBucketV2, err := s3.NewBucketV2(ctx, "sourceBucketV2", nil, pulumi.Provider(aws.Central))
		if err != nil {
			return err
		}
		replicationPolicyDocument := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
			Statements: iam.GetPolicyDocumentStatementArray{
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("s3:GetReplicationConfiguration"),
						pulumi.String("s3:ListBucket"),
					},
					Resources: pulumi.StringArray{
						sourceBucketV2.Arn,
					},
				},
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("s3:GetObjectVersionForReplication"),
						pulumi.String("s3:GetObjectVersionAcl"),
						pulumi.String("s3:GetObjectVersionTagging"),
					},
					Resources: pulumi.StringArray{
						sourceBucketV2.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v/*", arn), nil
						}).(pulumi.StringOutput),
					},
				},
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("s3:ReplicateObject"),
						pulumi.String("s3:ReplicateDelete"),
						pulumi.String("s3:ReplicateTags"),
					},
					Resources: pulumi.StringArray{
						destinationBucketV2.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v/*", arn), nil
						}).(pulumi.StringOutput),
					},
				},
			},
		}, nil)
		replicationPolicy, err := iam.NewPolicy(ctx, "replicationPolicy", &iam.PolicyArgs{
			Policy: replicationPolicyDocument.ApplyT(func(replicationPolicyDocument iam.GetPolicyDocumentResult) (*string, error) {
				return &replicationPolicyDocument.Json, nil
			}).(pulumi.StringPtrOutput),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRolePolicyAttachment(ctx, "replicationRolePolicyAttachment", &iam.RolePolicyAttachmentArgs{
			Role:      replicationRole.Name,
			PolicyArn: replicationPolicy.Arn,
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketVersioningV2(ctx, "destinationBucketVersioningV2", &s3.BucketVersioningV2Args{
			Bucket: destinationBucketV2.ID(),
			VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
				Status: pulumi.String("Enabled"),
			},
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketAclV2(ctx, "sourceBucketAcl", &s3.BucketAclV2Args{
			Bucket: sourceBucketV2.ID(),
			Acl:    pulumi.String("private"),
		}, pulumi.Provider(aws.Central))
		if err != nil {
			return err
		}
		sourceBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "sourceBucketVersioningV2", &s3.BucketVersioningV2Args{
			Bucket: sourceBucketV2.ID(),
			VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
				Status: pulumi.String("Enabled"),
			},
		}, pulumi.Provider(aws.Central))
		if err != nil {
			return err
		}
		_, err = s3.NewBucketReplicationConfig(ctx, "replicationBucketReplicationConfig", &s3.BucketReplicationConfigArgs{
			Role:   replicationRole.Arn,
			Bucket: sourceBucketV2.ID(),
			Rules: s3.BucketReplicationConfigRuleArray{
				&s3.BucketReplicationConfigRuleArgs{
					Id: pulumi.String("foobar"),
					Filter: &s3.BucketReplicationConfigRuleFilterArgs{
						Prefix: pulumi.String("foo"),
					},
					Status: pulumi.String("Enabled"),
					Destination: &s3.BucketReplicationConfigRuleDestinationArgs{
						Bucket:       destinationBucketV2.Arn,
						StorageClass: pulumi.String("STANDARD"),
					},
				},
			},
		}, pulumi.Provider(aws.Central), pulumi.DependsOn([]pulumi.Resource{
			sourceBucketVersioningV2,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.Provider;
import com.pulumi.aws.ProviderArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var central = new Provider("central", ProviderArgs.builder()        
            .region("eu-central-1")
            .build());

        final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("s3.amazonaws.com")
                    .build())
                .actions("sts:AssumeRole")
                .build())
            .build());

        var replicationRole = new Role("replicationRole", RoleArgs.builder()        
            .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        var destinationBucketV2 = new BucketV2("destinationBucketV2");

        var sourceBucketV2 = new BucketV2("sourceBucketV2", BucketV2Args.Empty, CustomResourceOptions.builder()
            .provider(aws.central())
            .build());

        final var replicationPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(            
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                    
                        "s3:GetReplicationConfiguration",
                        "s3:ListBucket")
                    .resources(sourceBucketV2.arn())
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                    
                        "s3:GetObjectVersionForReplication",
                        "s3:GetObjectVersionAcl",
                        "s3:GetObjectVersionTagging")
                    .resources(sourceBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                    
                        "s3:ReplicateObject",
                        "s3:ReplicateDelete",
                        "s3:ReplicateTags")
                    .resources(destinationBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
                    .build())
            .build());

        var replicationPolicy = new Policy("replicationPolicy", PolicyArgs.builder()        
            .policy(replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(replicationPolicyDocument -> replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
            .build());

        var replicationRolePolicyAttachment = new RolePolicyAttachment("replicationRolePolicyAttachment", RolePolicyAttachmentArgs.builder()        
            .role(replicationRole.name())
            .policyArn(replicationPolicy.arn())
            .build());

        var destinationBucketVersioningV2 = new BucketVersioningV2("destinationBucketVersioningV2", BucketVersioningV2Args.builder()        
            .bucket(destinationBucketV2.id())
            .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
                .status("Enabled")
                .build())
            .build());

        var sourceBucketAcl = new BucketAclV2("sourceBucketAcl", BucketAclV2Args.builder()        
            .bucket(sourceBucketV2.id())
            .acl("private")
            .build(), CustomResourceOptions.builder()
                .provider(aws.central())
                .build());

        var sourceBucketVersioningV2 = new BucketVersioningV2("sourceBucketVersioningV2", BucketVersioningV2Args.builder()        
            .bucket(sourceBucketV2.id())
            .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
                .status("Enabled")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(aws.central())
                .build());

        var replicationBucketReplicationConfig = new BucketReplicationConfig("replicationBucketReplicationConfig", BucketReplicationConfigArgs.builder()        
            .role(replicationRole.arn())
            .bucket(sourceBucketV2.id())
            .rules(BucketReplicationConfigRuleArgs.builder()
                .id("foobar")
                .filter(BucketReplicationConfigRuleFilterArgs.builder()
                    .prefix("foo")
                    .build())
                .status("Enabled")
                .destination(BucketReplicationConfigRuleDestinationArgs.builder()
                    .bucket(destinationBucketV2.arn())
                    .storageClass("STANDARD")
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(aws.central())
                .dependsOn(sourceBucketVersioningV2)
                .build());

    }
}
import pulumi
import pulumi_aws as aws

central = aws.Provider("central", region="eu-central-1")
assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    effect="Allow",
    principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
        type="Service",
        identifiers=["s3.amazonaws.com"],
    )],
    actions=["sts:AssumeRole"],
)])
replication_role = aws.iam.Role("replicationRole", assume_role_policy=assume_role.json)
destination_bucket_v2 = aws.s3.BucketV2("destinationBucketV2")
source_bucket_v2 = aws.s3.BucketV2("sourceBucketV2", opts=pulumi.ResourceOptions(provider=aws["central"]))
replication_policy_document = aws.iam.get_policy_document_output(statements=[
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=[
            "s3:GetReplicationConfiguration",
            "s3:ListBucket",
        ],
        resources=[source_bucket_v2.arn],
    ),
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=[
            "s3:GetObjectVersionForReplication",
            "s3:GetObjectVersionAcl",
            "s3:GetObjectVersionTagging",
        ],
        resources=[source_bucket_v2.arn.apply(lambda arn: f"{arn}/*")],
    ),
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=[
            "s3:ReplicateObject",
            "s3:ReplicateDelete",
            "s3:ReplicateTags",
        ],
        resources=[destination_bucket_v2.arn.apply(lambda arn: f"{arn}/*")],
    ),
])
replication_policy = aws.iam.Policy("replicationPolicy", policy=replication_policy_document.json)
replication_role_policy_attachment = aws.iam.RolePolicyAttachment("replicationRolePolicyAttachment",
    role=replication_role.name,
    policy_arn=replication_policy.arn)
destination_bucket_versioning_v2 = aws.s3.BucketVersioningV2("destinationBucketVersioningV2",
    bucket=destination_bucket_v2.id,
    versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(
        status="Enabled",
    ))
source_bucket_acl = aws.s3.BucketAclV2("sourceBucketAcl",
    bucket=source_bucket_v2.id,
    acl="private",
    opts=pulumi.ResourceOptions(provider=aws["central"]))
source_bucket_versioning_v2 = aws.s3.BucketVersioningV2("sourceBucketVersioningV2",
    bucket=source_bucket_v2.id,
    versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(
        status="Enabled",
    ),
    opts=pulumi.ResourceOptions(provider=aws["central"]))
replication_bucket_replication_config = aws.s3.BucketReplicationConfig("replicationBucketReplicationConfig",
    role=replication_role.arn,
    bucket=source_bucket_v2.id,
    rules=[aws.s3.BucketReplicationConfigRuleArgs(
        id="foobar",
        filter=aws.s3.BucketReplicationConfigRuleFilterArgs(
            prefix="foo",
        ),
        status="Enabled",
        destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(
            bucket=destination_bucket_v2.arn,
            storage_class="STANDARD",
        ),
    )],
    opts=pulumi.ResourceOptions(provider=aws["central"],
        depends_on=[source_bucket_versioning_v2]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const central = new aws.Provider("central", {region: "eu-central-1"});
const assumeRole = aws.iam.getPolicyDocument({
    statements: [{
        effect: "Allow",
        principals: [{
            type: "Service",
            identifiers: ["s3.amazonaws.com"],
        }],
        actions: ["sts:AssumeRole"],
    }],
});
const replicationRole = new aws.iam.Role("replicationRole", {assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json)});
const destinationBucketV2 = new aws.s3.BucketV2("destinationBucketV2", {});
const sourceBucketV2 = new aws.s3.BucketV2("sourceBucketV2", {}, {
    provider: aws.central,
});
const replicationPolicyDocument = aws.iam.getPolicyDocumentOutput({
    statements: [
        {
            effect: "Allow",
            actions: [
                "s3:GetReplicationConfiguration",
                "s3:ListBucket",
            ],
            resources: [sourceBucketV2.arn],
        },
        {
            effect: "Allow",
            actions: [
                "s3:GetObjectVersionForReplication",
                "s3:GetObjectVersionAcl",
                "s3:GetObjectVersionTagging",
            ],
            resources: [pulumi.interpolate`${sourceBucketV2.arn}/*`],
        },
        {
            effect: "Allow",
            actions: [
                "s3:ReplicateObject",
                "s3:ReplicateDelete",
                "s3:ReplicateTags",
            ],
            resources: [pulumi.interpolate`${destinationBucketV2.arn}/*`],
        },
    ],
});
const replicationPolicy = new aws.iam.Policy("replicationPolicy", {policy: replicationPolicyDocument.apply(replicationPolicyDocument => replicationPolicyDocument.json)});
const replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment("replicationRolePolicyAttachment", {
    role: replicationRole.name,
    policyArn: replicationPolicy.arn,
});
const destinationBucketVersioningV2 = new aws.s3.BucketVersioningV2("destinationBucketVersioningV2", {
    bucket: destinationBucketV2.id,
    versioningConfiguration: {
        status: "Enabled",
    },
});
const sourceBucketAcl = new aws.s3.BucketAclV2("sourceBucketAcl", {
    bucket: sourceBucketV2.id,
    acl: "private",
}, {
    provider: aws.central,
});
const sourceBucketVersioningV2 = new aws.s3.BucketVersioningV2("sourceBucketVersioningV2", {
    bucket: sourceBucketV2.id,
    versioningConfiguration: {
        status: "Enabled",
    },
}, {
    provider: aws.central,
});
const replicationBucketReplicationConfig = new aws.s3.BucketReplicationConfig("replicationBucketReplicationConfig", {
    role: replicationRole.arn,
    bucket: sourceBucketV2.id,
    rules: [{
        id: "foobar",
        filter: {
            prefix: "foo",
        },
        status: "Enabled",
        destination: {
            bucket: destinationBucketV2.arn,
            storageClass: "STANDARD",
        },
    }],
}, {
    provider: aws.central,
    dependsOn: [sourceBucketVersioningV2],
});
resources:
  central:
    type: pulumi:providers:aws
    properties:
      region: eu-central-1
  replicationRole:
    type: aws:iam:Role
    properties:
      assumeRolePolicy: ${assumeRole.json}
  replicationPolicy:
    type: aws:iam:Policy
    properties:
      policy: ${replicationPolicyDocument.json}
  replicationRolePolicyAttachment:
    type: aws:iam:RolePolicyAttachment
    properties:
      role: ${replicationRole.name}
      policyArn: ${replicationPolicy.arn}
  destinationBucketV2:
    type: aws:s3:BucketV2
  destinationBucketVersioningV2:
    type: aws:s3:BucketVersioningV2
    properties:
      bucket: ${destinationBucketV2.id}
      versioningConfiguration:
        status: Enabled
  sourceBucketV2:
    type: aws:s3:BucketV2
    options:
      provider: ${aws.central}
  sourceBucketAcl:
    type: aws:s3:BucketAclV2
    properties:
      bucket: ${sourceBucketV2.id}
      acl: private
    options:
      provider: ${aws.central}
  sourceBucketVersioningV2:
    type: aws:s3:BucketVersioningV2
    properties:
      bucket: ${sourceBucketV2.id}
      versioningConfiguration:
        status: Enabled
    options:
      provider: ${aws.central}
  replicationBucketReplicationConfig:
    type: aws:s3:BucketReplicationConfig
    properties:
      role: ${replicationRole.arn}
      bucket: ${sourceBucketV2.id}
      rules:
        - id: foobar
          filter:
            prefix: foo
          status: Enabled
          destination:
            bucket: ${destinationBucketV2.arn}
            storageClass: STANDARD
    options:
      provider: ${aws.central}
      dependson:
        - ${sourceBucketVersioningV2}
variables:
  assumeRole:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            principals:
              - type: Service
                identifiers:
                  - s3.amazonaws.com
            actions:
              - sts:AssumeRole
  replicationPolicyDocument:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            actions:
              - s3:GetReplicationConfiguration
              - s3:ListBucket
            resources:
              - ${sourceBucketV2.arn}
          - effect: Allow
            actions:
              - s3:GetObjectVersionForReplication
              - s3:GetObjectVersionAcl
              - s3:GetObjectVersionTagging
            resources:
              - ${sourceBucketV2.arn}/*
          - effect: Allow
            actions:
              - s3:ReplicateObject
              - s3:ReplicateDelete
              - s3:ReplicateTags
            resources:
              - ${destinationBucketV2.arn}/*

Bi-Directional Replication

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    // ... other configuration ...
    var eastBucketV2 = new Aws.S3.BucketV2("eastBucketV2");

    var eastBucketVersioningV2 = new Aws.S3.BucketVersioningV2("eastBucketVersioningV2", new()
    {
        Bucket = eastBucketV2.Id,
        VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
        {
            Status = "Enabled",
        },
    });

    var westBucketV2 = new Aws.S3.BucketV2("westBucketV2", new()
    {
    }, new CustomResourceOptions
    {
        Provider = aws.West,
    });

    var westBucketVersioningV2 = new Aws.S3.BucketVersioningV2("westBucketVersioningV2", new()
    {
        Bucket = westBucketV2.Id,
        VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
        {
            Status = "Enabled",
        },
    }, new CustomResourceOptions
    {
        Provider = aws.West,
    });

    var eastToWest = new Aws.S3.BucketReplicationConfig("eastToWest", new()
    {
        Role = aws_iam_role.East_replication.Arn,
        Bucket = eastBucketV2.Id,
        Rules = new[]
        {
            new Aws.S3.Inputs.BucketReplicationConfigRuleArgs
            {
                Id = "foobar",
                Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs
                {
                    Prefix = "foo",
                },
                Status = "Enabled",
                Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs
                {
                    Bucket = westBucketV2.Arn,
                    StorageClass = "STANDARD",
                },
            },
        },
    }, new CustomResourceOptions
    {
        DependsOn = new[]
        {
            eastBucketVersioningV2,
        },
    });

    var westToEast = new Aws.S3.BucketReplicationConfig("westToEast", new()
    {
        Role = aws_iam_role.West_replication.Arn,
        Bucket = westBucketV2.Id,
        Rules = new[]
        {
            new Aws.S3.Inputs.BucketReplicationConfigRuleArgs
            {
                Id = "foobar",
                Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs
                {
                    Prefix = "foo",
                },
                Status = "Enabled",
                Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs
                {
                    Bucket = eastBucketV2.Arn,
                    StorageClass = "STANDARD",
                },
            },
        },
    }, new CustomResourceOptions
    {
        Provider = aws.West,
        DependsOn = new[]
        {
            westBucketVersioningV2,
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		eastBucketV2, err := s3.NewBucketV2(ctx, "eastBucketV2", nil)
		if err != nil {
			return err
		}
		eastBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "eastBucketVersioningV2", &s3.BucketVersioningV2Args{
			Bucket: eastBucketV2.ID(),
			VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
				Status: pulumi.String("Enabled"),
			},
		})
		if err != nil {
			return err
		}
		westBucketV2, err := s3.NewBucketV2(ctx, "westBucketV2", nil, pulumi.Provider(aws.West))
		if err != nil {
			return err
		}
		westBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "westBucketVersioningV2", &s3.BucketVersioningV2Args{
			Bucket: westBucketV2.ID(),
			VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
				Status: pulumi.String("Enabled"),
			},
		}, pulumi.Provider(aws.West))
		if err != nil {
			return err
		}
		_, err = s3.NewBucketReplicationConfig(ctx, "eastToWest", &s3.BucketReplicationConfigArgs{
			Role:   pulumi.Any(aws_iam_role.East_replication.Arn),
			Bucket: eastBucketV2.ID(),
			Rules: s3.BucketReplicationConfigRuleArray{
				&s3.BucketReplicationConfigRuleArgs{
					Id: pulumi.String("foobar"),
					Filter: &s3.BucketReplicationConfigRuleFilterArgs{
						Prefix: pulumi.String("foo"),
					},
					Status: pulumi.String("Enabled"),
					Destination: &s3.BucketReplicationConfigRuleDestinationArgs{
						Bucket:       westBucketV2.Arn,
						StorageClass: pulumi.String("STANDARD"),
					},
				},
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			eastBucketVersioningV2,
		}))
		if err != nil {
			return err
		}
		_, err = s3.NewBucketReplicationConfig(ctx, "westToEast", &s3.BucketReplicationConfigArgs{
			Role:   pulumi.Any(aws_iam_role.West_replication.Arn),
			Bucket: westBucketV2.ID(),
			Rules: s3.BucketReplicationConfigRuleArray{
				&s3.BucketReplicationConfigRuleArgs{
					Id: pulumi.String("foobar"),
					Filter: &s3.BucketReplicationConfigRuleFilterArgs{
						Prefix: pulumi.String("foo"),
					},
					Status: pulumi.String("Enabled"),
					Destination: &s3.BucketReplicationConfigRuleDestinationArgs{
						Bucket:       eastBucketV2.Arn,
						StorageClass: pulumi.String("STANDARD"),
					},
				},
			},
		}, pulumi.Provider(aws.West), pulumi.DependsOn([]pulumi.Resource{
			westBucketVersioningV2,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var eastBucketV2 = new BucketV2("eastBucketV2");

        var eastBucketVersioningV2 = new BucketVersioningV2("eastBucketVersioningV2", BucketVersioningV2Args.builder()        
            .bucket(eastBucketV2.id())
            .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
                .status("Enabled")
                .build())
            .build());

        var westBucketV2 = new BucketV2("westBucketV2", BucketV2Args.Empty, CustomResourceOptions.builder()
            .provider(aws.west())
            .build());

        var westBucketVersioningV2 = new BucketVersioningV2("westBucketVersioningV2", BucketVersioningV2Args.builder()        
            .bucket(westBucketV2.id())
            .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
                .status("Enabled")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(aws.west())
                .build());

        var eastToWest = new BucketReplicationConfig("eastToWest", BucketReplicationConfigArgs.builder()        
            .role(aws_iam_role.east_replication().arn())
            .bucket(eastBucketV2.id())
            .rules(BucketReplicationConfigRuleArgs.builder()
                .id("foobar")
                .filter(BucketReplicationConfigRuleFilterArgs.builder()
                    .prefix("foo")
                    .build())
                .status("Enabled")
                .destination(BucketReplicationConfigRuleDestinationArgs.builder()
                    .bucket(westBucketV2.arn())
                    .storageClass("STANDARD")
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .dependsOn(eastBucketVersioningV2)
                .build());

        var westToEast = new BucketReplicationConfig("westToEast", BucketReplicationConfigArgs.builder()        
            .role(aws_iam_role.west_replication().arn())
            .bucket(westBucketV2.id())
            .rules(BucketReplicationConfigRuleArgs.builder()
                .id("foobar")
                .filter(BucketReplicationConfigRuleFilterArgs.builder()
                    .prefix("foo")
                    .build())
                .status("Enabled")
                .destination(BucketReplicationConfigRuleDestinationArgs.builder()
                    .bucket(eastBucketV2.arn())
                    .storageClass("STANDARD")
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(aws.west())
                .dependsOn(westBucketVersioningV2)
                .build());

    }
}
import pulumi
import pulumi_aws as aws

# ... other configuration ...
east_bucket_v2 = aws.s3.BucketV2("eastBucketV2")
east_bucket_versioning_v2 = aws.s3.BucketVersioningV2("eastBucketVersioningV2",
    bucket=east_bucket_v2.id,
    versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(
        status="Enabled",
    ))
west_bucket_v2 = aws.s3.BucketV2("westBucketV2", opts=pulumi.ResourceOptions(provider=aws["west"]))
west_bucket_versioning_v2 = aws.s3.BucketVersioningV2("westBucketVersioningV2",
    bucket=west_bucket_v2.id,
    versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(
        status="Enabled",
    ),
    opts=pulumi.ResourceOptions(provider=aws["west"]))
east_to_west = aws.s3.BucketReplicationConfig("eastToWest",
    role=aws_iam_role["east_replication"]["arn"],
    bucket=east_bucket_v2.id,
    rules=[aws.s3.BucketReplicationConfigRuleArgs(
        id="foobar",
        filter=aws.s3.BucketReplicationConfigRuleFilterArgs(
            prefix="foo",
        ),
        status="Enabled",
        destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(
            bucket=west_bucket_v2.arn,
            storage_class="STANDARD",
        ),
    )],
    opts=pulumi.ResourceOptions(depends_on=[east_bucket_versioning_v2]))
west_to_east = aws.s3.BucketReplicationConfig("westToEast",
    role=aws_iam_role["west_replication"]["arn"],
    bucket=west_bucket_v2.id,
    rules=[aws.s3.BucketReplicationConfigRuleArgs(
        id="foobar",
        filter=aws.s3.BucketReplicationConfigRuleFilterArgs(
            prefix="foo",
        ),
        status="Enabled",
        destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(
            bucket=east_bucket_v2.arn,
            storage_class="STANDARD",
        ),
    )],
    opts=pulumi.ResourceOptions(provider=aws["west"],
        depends_on=[west_bucket_versioning_v2]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// ... other configuration ...
const eastBucketV2 = new aws.s3.BucketV2("eastBucketV2", {});
const eastBucketVersioningV2 = new aws.s3.BucketVersioningV2("eastBucketVersioningV2", {
    bucket: eastBucketV2.id,
    versioningConfiguration: {
        status: "Enabled",
    },
});
const westBucketV2 = new aws.s3.BucketV2("westBucketV2", {}, {
    provider: aws.west,
});
const westBucketVersioningV2 = new aws.s3.BucketVersioningV2("westBucketVersioningV2", {
    bucket: westBucketV2.id,
    versioningConfiguration: {
        status: "Enabled",
    },
}, {
    provider: aws.west,
});
const eastToWest = new aws.s3.BucketReplicationConfig("eastToWest", {
    role: aws_iam_role.east_replication.arn,
    bucket: eastBucketV2.id,
    rules: [{
        id: "foobar",
        filter: {
            prefix: "foo",
        },
        status: "Enabled",
        destination: {
            bucket: westBucketV2.arn,
            storageClass: "STANDARD",
        },
    }],
}, {
    dependsOn: [eastBucketVersioningV2],
});
const westToEast = new aws.s3.BucketReplicationConfig("westToEast", {
    role: aws_iam_role.west_replication.arn,
    bucket: westBucketV2.id,
    rules: [{
        id: "foobar",
        filter: {
            prefix: "foo",
        },
        status: "Enabled",
        destination: {
            bucket: eastBucketV2.arn,
            storageClass: "STANDARD",
        },
    }],
}, {
    provider: aws.west,
    dependsOn: [westBucketVersioningV2],
});
resources:
  # ... other configuration ...
  eastBucketV2:
    type: aws:s3:BucketV2
  eastBucketVersioningV2:
    type: aws:s3:BucketVersioningV2
    properties:
      bucket: ${eastBucketV2.id}
      versioningConfiguration:
        status: Enabled
  westBucketV2:
    type: aws:s3:BucketV2
    options:
      provider: ${aws.west}
  westBucketVersioningV2:
    type: aws:s3:BucketVersioningV2
    properties:
      bucket: ${westBucketV2.id}
      versioningConfiguration:
        status: Enabled
    options:
      provider: ${aws.west}
  eastToWest:
    type: aws:s3:BucketReplicationConfig
    properties:
      role: ${aws_iam_role.east_replication.arn}
      bucket: ${eastBucketV2.id}
      rules:
        - id: foobar
          filter:
            prefix: foo
          status: Enabled
          destination:
            bucket: ${westBucketV2.arn}
            storageClass: STANDARD
    options:
      dependson:
        - ${eastBucketVersioningV2}
  westToEast:
    type: aws:s3:BucketReplicationConfig
    properties:
      role: ${aws_iam_role.west_replication.arn}
      bucket: ${westBucketV2.id}
      rules:
        - id: foobar
          filter:
            prefix: foo
          status: Enabled
          destination:
            bucket: ${eastBucketV2.arn}
            storageClass: STANDARD
    options:
      provider: ${aws.west}
      dependson:
        - ${westBucketVersioningV2}

Create BucketReplicationConfig Resource

new BucketReplicationConfig(name: string, args: BucketReplicationConfigArgs, opts?: CustomResourceOptions);
@overload
def BucketReplicationConfig(resource_name: str,
                            opts: Optional[ResourceOptions] = None,
                            bucket: Optional[str] = None,
                            role: Optional[str] = None,
                            rules: Optional[Sequence[BucketReplicationConfigRuleArgs]] = None,
                            token: Optional[str] = None)
@overload
def BucketReplicationConfig(resource_name: str,
                            args: BucketReplicationConfigArgs,
                            opts: Optional[ResourceOptions] = None)
func NewBucketReplicationConfig(ctx *Context, name string, args BucketReplicationConfigArgs, opts ...ResourceOption) (*BucketReplicationConfig, error)
public BucketReplicationConfig(string name, BucketReplicationConfigArgs args, CustomResourceOptions? opts = null)
public BucketReplicationConfig(String name, BucketReplicationConfigArgs args)
public BucketReplicationConfig(String name, BucketReplicationConfigArgs args, CustomResourceOptions options)
type: aws:s3:BucketReplicationConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args BucketReplicationConfigArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args BucketReplicationConfigArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args BucketReplicationConfigArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args BucketReplicationConfigArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args BucketReplicationConfigArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

BucketReplicationConfig Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The BucketReplicationConfig resource accepts the following input properties:

Bucket string

Name of the source S3 bucket you want Amazon S3 to monitor.

Role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

Rules List<BucketReplicationConfigRuleArgs>

List of configuration blocks describing the rules managing the replication. See below.

Token string

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

Bucket string

Name of the source S3 bucket you want Amazon S3 to monitor.

Role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

Rules []BucketReplicationConfigRuleArgs

List of configuration blocks describing the rules managing the replication. See below.

Token string

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket String

Name of the source S3 bucket you want Amazon S3 to monitor.

role String

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules List<BucketReplicationConfigRuleArgs>

List of configuration blocks describing the rules managing the replication. See below.

token String

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket string

Name of the source S3 bucket you want Amazon S3 to monitor.

role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules BucketReplicationConfigRuleArgs[]

List of configuration blocks describing the rules managing the replication. See below.

token string

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket str

Name of the source S3 bucket you want Amazon S3 to monitor.

role str

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules Sequence[BucketReplicationConfigRuleArgs]

List of configuration blocks describing the rules managing the replication. See below.

token str

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket String

Name of the source S3 bucket you want Amazon S3 to monitor.

role String

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules List<Property Map>

List of configuration blocks describing the rules managing the replication. See below.

token String

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

Outputs

All input properties are implicitly available as output properties. Additionally, the BucketReplicationConfig resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing BucketReplicationConfig Resource

Get an existing BucketReplicationConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: BucketReplicationConfigState, opts?: CustomResourceOptions): BucketReplicationConfig
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        bucket: Optional[str] = None,
        role: Optional[str] = None,
        rules: Optional[Sequence[BucketReplicationConfigRuleArgs]] = None,
        token: Optional[str] = None) -> BucketReplicationConfig
func GetBucketReplicationConfig(ctx *Context, name string, id IDInput, state *BucketReplicationConfigState, opts ...ResourceOption) (*BucketReplicationConfig, error)
public static BucketReplicationConfig Get(string name, Input<string> id, BucketReplicationConfigState? state, CustomResourceOptions? opts = null)
public static BucketReplicationConfig get(String name, Output<String> id, BucketReplicationConfigState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Bucket string

Name of the source S3 bucket you want Amazon S3 to monitor.

Role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

Rules List<BucketReplicationConfigRuleArgs>

List of configuration blocks describing the rules managing the replication. See below.

Token string

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

Bucket string

Name of the source S3 bucket you want Amazon S3 to monitor.

Role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

Rules []BucketReplicationConfigRuleArgs

List of configuration blocks describing the rules managing the replication. See below.

Token string

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket String

Name of the source S3 bucket you want Amazon S3 to monitor.

role String

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules List<BucketReplicationConfigRuleArgs>

List of configuration blocks describing the rules managing the replication. See below.

token String

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket string

Name of the source S3 bucket you want Amazon S3 to monitor.

role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules BucketReplicationConfigRuleArgs[]

List of configuration blocks describing the rules managing the replication. See below.

token string

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket str

Name of the source S3 bucket you want Amazon S3 to monitor.

role str

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules Sequence[BucketReplicationConfigRuleArgs]

List of configuration blocks describing the rules managing the replication. See below.

token str

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

bucket String

Name of the source S3 bucket you want Amazon S3 to monitor.

role String

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules List<Property Map>

List of configuration blocks describing the rules managing the replication. See below.

token String

Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication.

Supporting Types

BucketReplicationConfigRule

Destination BucketReplicationConfigRuleDestination

Specifies the destination for the rule. See below.

Status string

Status of the rule. Either "Enabled" or "Disabled". The rule is ignored if status is not "Enabled".

DeleteMarkerReplication BucketReplicationConfigRuleDeleteMarkerReplication

Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when filter is used)documented below.

ExistingObjectReplication BucketReplicationConfigRuleExistingObjectReplication

Replicate existing objects in the source bucket according to the rule configurations. See below.

Filter BucketReplicationConfigRuleFilter

Filter that identifies subset of objects to which the replication rule applies. See below. If not specified, the rule will default to using prefix.

Id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

Prefix string

Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length. Defaults to an empty string ("") if filter is not specified.

Deprecated:

Use filter instead

Priority int

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

SourceSelectionCriteria BucketReplicationConfigRuleSourceSelectionCriteria

Specifies special object selection criteria. See below.

Destination BucketReplicationConfigRuleDestination

Specifies the destination for the rule. See below.

Status string

Status of the rule. Either "Enabled" or "Disabled". The rule is ignored if status is not "Enabled".

DeleteMarkerReplication BucketReplicationConfigRuleDeleteMarkerReplication

Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when filter is used)documented below.

ExistingObjectReplication BucketReplicationConfigRuleExistingObjectReplication

Replicate existing objects in the source bucket according to the rule configurations. See below.

Filter BucketReplicationConfigRuleFilter

Filter that identifies subset of objects to which the replication rule applies. See below. If not specified, the rule will default to using prefix.

Id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

Prefix string

Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length. Defaults to an empty string ("") if filter is not specified.

Deprecated:

Use filter instead

Priority int

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

SourceSelectionCriteria BucketReplicationConfigRuleSourceSelectionCriteria

Specifies special object selection criteria. See below.

destination BucketReplicationConfigRuleDestination

Specifies the destination for the rule. See below.

status String

Status of the rule. Either "Enabled" or "Disabled". The rule is ignored if status is not "Enabled".

deleteMarkerReplication BucketReplicationConfigRuleDeleteMarkerReplication

Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when filter is used)documented below.

existingObjectReplication BucketReplicationConfigRuleExistingObjectReplication

Replicate existing objects in the source bucket according to the rule configurations. See below.

filter BucketReplicationConfigRuleFilter

Filter that identifies subset of objects to which the replication rule applies. See below. If not specified, the rule will default to using prefix.

id String

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix String

Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length. Defaults to an empty string ("") if filter is not specified.

Deprecated:

Use filter instead

priority Integer

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

sourceSelectionCriteria BucketReplicationConfigRuleSourceSelectionCriteria

Specifies special object selection criteria. See below.

destination BucketReplicationConfigRuleDestination

Specifies the destination for the rule. See below.

status string

Status of the rule. Either "Enabled" or "Disabled". The rule is ignored if status is not "Enabled".

deleteMarkerReplication BucketReplicationConfigRuleDeleteMarkerReplication

Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when filter is used)documented below.

existingObjectReplication BucketReplicationConfigRuleExistingObjectReplication

Replicate existing objects in the source bucket according to the rule configurations. See below.

filter BucketReplicationConfigRuleFilter

Filter that identifies subset of objects to which the replication rule applies. See below. If not specified, the rule will default to using prefix.

id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix string

Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length. Defaults to an empty string ("") if filter is not specified.

Deprecated:

Use filter instead

priority number

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

sourceSelectionCriteria BucketReplicationConfigRuleSourceSelectionCriteria

Specifies special object selection criteria. See below.

destination BucketReplicationConfigRuleDestination

Specifies the destination for the rule. See below.

status str

Status of the rule. Either "Enabled" or "Disabled". The rule is ignored if status is not "Enabled".

delete_marker_replication BucketReplicationConfigRuleDeleteMarkerReplication

Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when filter is used)documented below.

existing_object_replication BucketReplicationConfigRuleExistingObjectReplication

Replicate existing objects in the source bucket according to the rule configurations. See below.

filter BucketReplicationConfigRuleFilter

Filter that identifies subset of objects to which the replication rule applies. See below. If not specified, the rule will default to using prefix.

id str

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix str

Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length. Defaults to an empty string ("") if filter is not specified.

Deprecated:

Use filter instead

priority int

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

source_selection_criteria BucketReplicationConfigRuleSourceSelectionCriteria

Specifies special object selection criteria. See below.

destination Property Map

Specifies the destination for the rule. See below.

status String

Status of the rule. Either "Enabled" or "Disabled". The rule is ignored if status is not "Enabled".

deleteMarkerReplication Property Map

Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when filter is used)documented below.

existingObjectReplication Property Map

Replicate existing objects in the source bucket according to the rule configurations. See below.

filter Property Map

Filter that identifies subset of objects to which the replication rule applies. See below. If not specified, the rule will default to using prefix.

id String

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix String

Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length. Defaults to an empty string ("") if filter is not specified.

Deprecated:

Use filter instead

priority Number

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

sourceSelectionCriteria Property Map

Specifies special object selection criteria. See below.

BucketReplicationConfigRuleDeleteMarkerReplication

Status string

Whether delete markers should be replicated. Either "Enabled" or "Disabled".

Status string

Whether delete markers should be replicated. Either "Enabled" or "Disabled".

status String

Whether delete markers should be replicated. Either "Enabled" or "Disabled".

status string

Whether delete markers should be replicated. Either "Enabled" or "Disabled".

status str

Whether delete markers should be replicated. Either "Enabled" or "Disabled".

status String

Whether delete markers should be replicated. Either "Enabled" or "Disabled".

BucketReplicationConfigRuleDestination

Bucket string

ARN of the bucket where you want Amazon S3 to store the results.

AccessControlTranslation BucketReplicationConfigRuleDestinationAccessControlTranslation

Configuration block that specifies the overrides to use for object owners on replication. See below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with account owner override configuration.

Account string

Account ID to specify the replica ownership. Must be used in conjunction with access_control_translation override configuration.

EncryptionConfiguration BucketReplicationConfigRuleDestinationEncryptionConfiguration

Configuration block that provides information about encryption. See below. If source_selection_criteria is specified, you must specify this element.

Metrics BucketReplicationConfigRuleDestinationMetrics

Configuration block that specifies replication metrics-related settings enabling replication metrics and events. See below.

ReplicationTime BucketReplicationConfigRuleDestinationReplicationTime

Configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. See below. Replication Time Control must be used in conjunction with metrics.

StorageClass string

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

Bucket string

ARN of the bucket where you want Amazon S3 to store the results.

AccessControlTranslation BucketReplicationConfigRuleDestinationAccessControlTranslation

Configuration block that specifies the overrides to use for object owners on replication. See below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with account owner override configuration.

Account string

Account ID to specify the replica ownership. Must be used in conjunction with access_control_translation override configuration.

EncryptionConfiguration BucketReplicationConfigRuleDestinationEncryptionConfiguration

Configuration block that provides information about encryption. See below. If source_selection_criteria is specified, you must specify this element.

Metrics BucketReplicationConfigRuleDestinationMetrics

Configuration block that specifies replication metrics-related settings enabling replication metrics and events. See below.

ReplicationTime BucketReplicationConfigRuleDestinationReplicationTime

Configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. See below. Replication Time Control must be used in conjunction with metrics.

StorageClass string

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket String

ARN of the bucket where you want Amazon S3 to store the results.

accessControlTranslation BucketReplicationConfigRuleDestinationAccessControlTranslation

Configuration block that specifies the overrides to use for object owners on replication. See below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with account owner override configuration.

account String

Account ID to specify the replica ownership. Must be used in conjunction with access_control_translation override configuration.

encryptionConfiguration BucketReplicationConfigRuleDestinationEncryptionConfiguration

Configuration block that provides information about encryption. See below. If source_selection_criteria is specified, you must specify this element.

metrics BucketReplicationConfigRuleDestinationMetrics

Configuration block that specifies replication metrics-related settings enabling replication metrics and events. See below.

replicationTime BucketReplicationConfigRuleDestinationReplicationTime

Configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. See below. Replication Time Control must be used in conjunction with metrics.

storageClass String

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket string

ARN of the bucket where you want Amazon S3 to store the results.

accessControlTranslation BucketReplicationConfigRuleDestinationAccessControlTranslation

Configuration block that specifies the overrides to use for object owners on replication. See below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with account owner override configuration.

account string

Account ID to specify the replica ownership. Must be used in conjunction with access_control_translation override configuration.

encryptionConfiguration BucketReplicationConfigRuleDestinationEncryptionConfiguration

Configuration block that provides information about encryption. See below. If source_selection_criteria is specified, you must specify this element.

metrics BucketReplicationConfigRuleDestinationMetrics

Configuration block that specifies replication metrics-related settings enabling replication metrics and events. See below.

replicationTime BucketReplicationConfigRuleDestinationReplicationTime

Configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. See below. Replication Time Control must be used in conjunction with metrics.

storageClass string

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket str

ARN of the bucket where you want Amazon S3 to store the results.

access_control_translation BucketReplicationConfigRuleDestinationAccessControlTranslation

Configuration block that specifies the overrides to use for object owners on replication. See below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with account owner override configuration.

account str

Account ID to specify the replica ownership. Must be used in conjunction with access_control_translation override configuration.

encryption_configuration BucketReplicationConfigRuleDestinationEncryptionConfiguration

Configuration block that provides information about encryption. See below. If source_selection_criteria is specified, you must specify this element.

metrics BucketReplicationConfigRuleDestinationMetrics

Configuration block that specifies replication metrics-related settings enabling replication metrics and events. See below.

replication_time BucketReplicationConfigRuleDestinationReplicationTime

Configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. See below. Replication Time Control must be used in conjunction with metrics.

storage_class str

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket String

ARN of the bucket where you want Amazon S3 to store the results.

accessControlTranslation Property Map

Configuration block that specifies the overrides to use for object owners on replication. See below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with account owner override configuration.

account String

Account ID to specify the replica ownership. Must be used in conjunction with access_control_translation override configuration.

encryptionConfiguration Property Map

Configuration block that provides information about encryption. See below. If source_selection_criteria is specified, you must specify this element.

metrics Property Map

Configuration block that specifies replication metrics-related settings enabling replication metrics and events. See below.

replicationTime Property Map

Configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. See below. Replication Time Control must be used in conjunction with metrics.

storageClass String

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

BucketReplicationConfigRuleDestinationAccessControlTranslation

Owner string

Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference. Valid values: Destination.

Owner string

Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference. Valid values: Destination.

owner String

Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference. Valid values: Destination.

owner string

Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference. Valid values: Destination.

owner str

Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference. Valid values: Destination.

owner String

Specifies the replica ownership. For default and valid values, see PUT bucket replication in the Amazon S3 API Reference. Valid values: Destination.

BucketReplicationConfigRuleDestinationEncryptionConfiguration

ReplicaKmsKeyId string

ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

ReplicaKmsKeyId string

ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

replicaKmsKeyId String

ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

replicaKmsKeyId string

ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

replica_kms_key_id str

ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

replicaKmsKeyId String

ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

BucketReplicationConfigRuleDestinationMetrics

Status string

Status of the Destination Metrics. Either "Enabled" or "Disabled".

EventThreshold BucketReplicationConfigRuleDestinationMetricsEventThreshold

Configuration block that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event. See below.

Status string

Status of the Destination Metrics. Either "Enabled" or "Disabled".

EventThreshold BucketReplicationConfigRuleDestinationMetricsEventThreshold

Configuration block that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event. See below.

status String

Status of the Destination Metrics. Either "Enabled" or "Disabled".

eventThreshold BucketReplicationConfigRuleDestinationMetricsEventThreshold

Configuration block that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event. See below.

status string

Status of the Destination Metrics. Either "Enabled" or "Disabled".

eventThreshold BucketReplicationConfigRuleDestinationMetricsEventThreshold

Configuration block that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event. See below.

status str

Status of the Destination Metrics. Either "Enabled" or "Disabled".

event_threshold BucketReplicationConfigRuleDestinationMetricsEventThreshold

Configuration block that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event. See below.

status String

Status of the Destination Metrics. Either "Enabled" or "Disabled".

eventThreshold Property Map

Configuration block that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event. See below.

BucketReplicationConfigRuleDestinationMetricsEventThreshold

Minutes int

Time in minutes. Valid values: 15.

Minutes int

Time in minutes. Valid values: 15.

minutes Integer

Time in minutes. Valid values: 15.

minutes number

Time in minutes. Valid values: 15.

minutes int

Time in minutes. Valid values: 15.

minutes Number

Time in minutes. Valid values: 15.

BucketReplicationConfigRuleDestinationReplicationTime

Status string

Status of the Replication Time Control. Either "Enabled" or "Disabled".

Time BucketReplicationConfigRuleDestinationReplicationTimeTime

Configuration block specifying the time by which replication should be complete for all objects and operations on objects. See below.

Status string

Status of the Replication Time Control. Either "Enabled" or "Disabled".

Time BucketReplicationConfigRuleDestinationReplicationTimeTime

Configuration block specifying the time by which replication should be complete for all objects and operations on objects. See below.

status String

Status of the Replication Time Control. Either "Enabled" or "Disabled".

time BucketReplicationConfigRuleDestinationReplicationTimeTime

Configuration block specifying the time by which replication should be complete for all objects and operations on objects. See below.

status string

Status of the Replication Time Control. Either "Enabled" or "Disabled".

time BucketReplicationConfigRuleDestinationReplicationTimeTime

Configuration block specifying the time by which replication should be complete for all objects and operations on objects. See below.

status str

Status of the Replication Time Control. Either "Enabled" or "Disabled".

time BucketReplicationConfigRuleDestinationReplicationTimeTime

Configuration block specifying the time by which replication should be complete for all objects and operations on objects. See below.

status String

Status of the Replication Time Control. Either "Enabled" or "Disabled".

time Property Map

Configuration block specifying the time by which replication should be complete for all objects and operations on objects. See below.

BucketReplicationConfigRuleDestinationReplicationTimeTime

Minutes int

Time in minutes. Valid values: 15.

Minutes int

Time in minutes. Valid values: 15.

minutes Integer

Time in minutes. Valid values: 15.

minutes number

Time in minutes. Valid values: 15.

minutes int

Time in minutes. Valid values: 15.

minutes Number

Time in minutes. Valid values: 15.

BucketReplicationConfigRuleExistingObjectReplication

Status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

Status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status String

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status str

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status String

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

BucketReplicationConfigRuleFilter

And BucketReplicationConfigRuleFilterAnd

Configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.

Prefix string

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Tag BucketReplicationConfigRuleFilterTag

Configuration block for specifying a tag key and value. See below.

And BucketReplicationConfigRuleFilterAnd

Configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.

Prefix string

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Tag BucketReplicationConfigRuleFilterTag

Configuration block for specifying a tag key and value. See below.

and BucketReplicationConfigRuleFilterAnd

Configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.

prefix String

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tag BucketReplicationConfigRuleFilterTag

Configuration block for specifying a tag key and value. See below.

and BucketReplicationConfigRuleFilterAnd

Configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.

prefix string

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tag BucketReplicationConfigRuleFilterTag

Configuration block for specifying a tag key and value. See below.

and_ BucketReplicationConfigRuleFilterAnd

Configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.

prefix str

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tag BucketReplicationConfigRuleFilterTag

Configuration block for specifying a tag key and value. See below.

and Property Map

Configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.

prefix String

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tag Property Map

Configuration block for specifying a tag key and value. See below.

BucketReplicationConfigRuleFilterAnd

Prefix string

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Tags Dictionary<string, string>

Map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

Prefix string

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Tags map[string]string

Map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix String

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags Map<String,String>

Map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix string

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags {[key: string]: string}

Map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix str

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags Mapping[str, str]

Map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix String

Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags Map<String>

Map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

BucketReplicationConfigRuleFilterTag

Key string

Name of the object key.

Value string

Value of the tag.

Key string

Name of the object key.

Value string

Value of the tag.

key String

Name of the object key.

value String

Value of the tag.

key string

Name of the object key.

value string

Value of the tag.

key str

Name of the object key.

value str

Value of the tag.

key String

Name of the object key.

value String

Value of the tag.

BucketReplicationConfigRuleSourceSelectionCriteria

ReplicaModifications BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications

Configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas.

SseKmsEncryptedObjects BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects

Configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, replica_kms_key_id in destination encryption_configuration must be specified as well.

ReplicaModifications BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications

Configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas.

SseKmsEncryptedObjects BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects

Configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, replica_kms_key_id in destination encryption_configuration must be specified as well.

replicaModifications BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications

Configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas.

sseKmsEncryptedObjects BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects

Configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, replica_kms_key_id in destination encryption_configuration must be specified as well.

replicaModifications BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications

Configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas.

sseKmsEncryptedObjects BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects

Configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, replica_kms_key_id in destination encryption_configuration must be specified as well.

replica_modifications BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications

Configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas.

sse_kms_encrypted_objects BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects

Configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, replica_kms_key_id in destination encryption_configuration must be specified as well.

replicaModifications Property Map

Configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas.

sseKmsEncryptedObjects Property Map

Configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, replica_kms_key_id in destination encryption_configuration must be specified as well.

BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications

Status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

Status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status String

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status str

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status String

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects

Status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

Status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status String

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status string

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status str

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

status String

Whether the existing objects should be replicated. Either "Enabled" or "Disabled".

Import

S3 bucket replication configuration can be imported using the bucket, e.g.

 $ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-name

Package Details

Repository
AWS Classic pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.