1. Pulumi Registry
  2. AWS Classic
  3. API Docs
  4. s3
  5. BucketV2
aws logo
AWS Classic v5.32.0, Mar 17 23

aws.s3.BucketV2

Provides a S3 bucket resource.

This functionality is for managing S3 in an AWS Partition. To manage S3 on Outposts, see the aws.s3control.Bucket resource.

NOTE on S3 Bucket Accelerate Configuration: S3 Bucket Accelerate can be configured in either the standalone resource aws.s3.BucketAccelerateConfigurationV2 or with the deprecated parameter acceleration_status in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket canned ACL Configuration: S3 Bucket canned ACL can be configured in either the standalone resource aws.s3.BucketAclV2 or with the deprecated parameter acl in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket ACL Grants Configuration: S3 Bucket grants can be configured in either the standalone resource aws.s3.BucketAclV2 or with the deprecated parameter grant in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket CORS Configuration: S3 Bucket CORS can be configured in either the standalone resource aws.s3.BucketCorsConfigurationV2 or with the deprecated parameter cors_rule in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Lifecycle Configuration: S3 Bucket Lifecycle can be configured in either the standalone resource aws.s3.BucketLifecycleConfigurationV2 or with the deprecated parameter lifecycle_rule in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Logging Configuration: S3 Bucket logging can be configured in either the standalone resource aws.s3.BucketLoggingV2 or with the deprecated parameter logging in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Object Lock Configuration: S3 Bucket Object Lock can be configured in either the standalone resource aws.s3.BucketObjectLockConfigurationV2 or with the deprecated parameter object_lock_configuration in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Policy Configuration: S3 Bucket Policy can be configured in either the standalone resource aws.s3.BucketPolicy or with the deprecated parameter policy in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Replication Configuration: S3 Bucket Replication can be configured in either the standalone resource aws.s3.BucketReplicationConfig or with the deprecated parameter replication_configuration in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Request Payment Configuration: S3 Bucket Request Payment can be configured in either the standalone resource aws.s3.BucketRequestPaymentConfigurationV2 or with the deprecated parameter request_payer in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Server Side Encryption Configuration: S3 Bucket Server Side Encryption can be configured in either the standalone resource aws.s3.BucketServerSideEncryptionConfigurationV2 or with the deprecated parameter server_side_encryption_configuration in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Versioning Configuration: S3 Bucket versioning can be configured in either the standalone resource aws.s3.BucketVersioningV2 or with the deprecated parameter versioning in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

NOTE on S3 Bucket Website Configuration: S3 Bucket Website can be configured in either the standalone resource aws.s3.BucketWebsiteConfigurationV2 or with the deprecated parameter website in the resource aws.s3.BucketV2. Configuring with both will cause inconsistencies and may overwrite configuration.

Example Usage

Private Bucket w/ Tags

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
    {
        Tags = 
        {
            { "Name", "My bucket" },
            { "Environment", "Dev" },
        },
    });

    var example = new Aws.S3.BucketAclV2("example", new()
    {
        Bucket = bucketV2.Id,
        Acl = "private",
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		bucketV2, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
			Tags: pulumi.StringMap{
				"Name":        pulumi.String("My bucket"),
				"Environment": pulumi.String("Dev"),
			},
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketAclV2(ctx, "example", &s3.BucketAclV2Args{
			Bucket: bucketV2.ID(),
			Acl:    pulumi.String("private"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()        
            .tags(Map.ofEntries(
                Map.entry("Name", "My bucket"),
                Map.entry("Environment", "Dev")
            ))
            .build());

        var example = new BucketAclV2("example", BucketAclV2Args.builder()        
            .bucket(bucketV2.id())
            .acl("private")
            .build());

    }
}

import pulumi
import pulumi_aws as aws

bucket_v2 = aws.s3.BucketV2("bucketV2", tags={
    "Name": "My bucket",
    "Environment": "Dev",
})
example = aws.s3.BucketAclV2("example",
    bucket=bucket_v2.id,
    acl="private")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const bucketV2 = new aws.s3.BucketV2("bucketV2", {tags: {
    Name: "My bucket",
    Environment: "Dev",
}});
const example = new aws.s3.BucketAclV2("example", {
    bucket: bucketV2.id,
    acl: "private",
});

resources:
  bucketV2:
    type: aws:s3:BucketV2
    properties:
      tags:
        Name: My bucket
        Environment: Dev
  example:
    type: aws:s3:BucketAclV2
    properties:
      bucket: ${bucketV2.id}
      acl: private

Static Website Hosting

using System.Collections.Generic;
using System.IO;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
    {
        Acl = "public-read",
        Policy = File.ReadAllText("policy.json"),
        Websites = new[]
        {
            new Aws.S3.Inputs.BucketV2WebsiteArgs
            {
                IndexDocument = "index.html",
                ErrorDocument = "error.html",
                RoutingRules = @"[{
    ""Condition"": {
        ""KeyPrefixEquals"": ""docs/""
    },
    ""Redirect"": {
        ""ReplaceKeyPrefixWith"": ""documents/""
    }
}]
",
            },
        },
    });

});

package main

import (
	"os"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
			Acl:    pulumi.String("public-read"),
			Policy: readFileOrPanic("policy.json"),
			Websites: s3.BucketV2WebsiteArray{
				&s3.BucketV2WebsiteArgs{
					IndexDocument: pulumi.String("index.html"),
					ErrorDocument: pulumi.String("error.html"),
					RoutingRules:  pulumi.String("[{\n    \"Condition\": {\n        \"KeyPrefixEquals\": \"docs/\"\n    },\n    \"Redirect\": {\n        \"ReplaceKeyPrefixWith\": \"documents/\"\n    }\n}]\n"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2WebsiteArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()        
            .acl("public-read")
            .policy(Files.readString(Paths.get("policy.json")))
            .websites(BucketV2WebsiteArgs.builder()
                .indexDocument("index.html")
                .errorDocument("error.html")
                .routingRules("""
[{
    "Condition": {
        "KeyPrefixEquals": "docs/"
    },
    "Redirect": {
        "ReplaceKeyPrefixWith": "documents/"
    }
}]
                """)
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

bucket_v2 = aws.s3.BucketV2("bucketV2",
    acl="public-read",
    policy=(lambda path: open(path).read())("policy.json"),
    websites=[aws.s3.BucketV2WebsiteArgs(
        index_document="index.html",
        error_document="error.html",
        routing_rules="""[{
    "Condition": {
        "KeyPrefixEquals": "docs/"
    },
    "Redirect": {
        "ReplaceKeyPrefixWith": "documents/"
    }
}]
""",
    )])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as fs from "fs";

const bucketV2 = new aws.s3.BucketV2("bucketV2", {
    acl: "public-read",
    policy: fs.readFileSync("policy.json"),
    websites: [{
        indexDocument: "index.html",
        errorDocument: "error.html",
        routingRules: `[{
    "Condition": {
        "KeyPrefixEquals": "docs/"
    },
    "Redirect": {
        "ReplaceKeyPrefixWith": "documents/"
    }
}]
`,
    }],
});

resources:
  bucketV2:
    type: aws:s3:BucketV2
    properties:
      acl: public-read
      policy:
        fn::readFile: policy.json
      websites:
        - indexDocument: index.html
          errorDocument: error.html
          routingRules: |
            [{
                "Condition": {
                    "KeyPrefixEquals": "docs/"
                },
                "Redirect": {
                    "ReplaceKeyPrefixWith": "documents/"
                }
            }]

Using CORS

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
    {
        Acl = "public-read",
        CorsRules = new[]
        {
            new Aws.S3.Inputs.BucketV2CorsRuleArgs
            {
                AllowedHeaders = new[]
                {
                    "*",
                },
                AllowedMethods = new[]
                {
                    "PUT",
                    "POST",
                },
                AllowedOrigins = new[]
                {
                    "https://s3-website-test.domain.example",
                },
                ExposeHeaders = new[]
                {
                    "ETag",
                },
                MaxAgeSeconds = 3000,
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
			Acl: pulumi.String("public-read"),
			CorsRules: s3.BucketV2CorsRuleArray{
				&s3.BucketV2CorsRuleArgs{
					AllowedHeaders: pulumi.StringArray{
						pulumi.String("*"),
					},
					AllowedMethods: pulumi.StringArray{
						pulumi.String("PUT"),
						pulumi.String("POST"),
					},
					AllowedOrigins: pulumi.StringArray{
						pulumi.String("https://s3-website-test.domain.example"),
					},
					ExposeHeaders: pulumi.StringArray{
						pulumi.String("ETag"),
					},
					MaxAgeSeconds: pulumi.Int(3000),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2CorsRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()        
            .acl("public-read")
            .corsRules(BucketV2CorsRuleArgs.builder()
                .allowedHeaders("*")
                .allowedMethods(                
                    "PUT",
                    "POST")
                .allowedOrigins("https://s3-website-test.domain.example")
                .exposeHeaders("ETag")
                .maxAgeSeconds(3000)
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

bucket_v2 = aws.s3.BucketV2("bucketV2",
    acl="public-read",
    cors_rules=[aws.s3.BucketV2CorsRuleArgs(
        allowed_headers=["*"],
        allowed_methods=[
            "PUT",
            "POST",
        ],
        allowed_origins=["https://s3-website-test.domain.example"],
        expose_headers=["ETag"],
        max_age_seconds=3000,
    )])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const bucketV2 = new aws.s3.BucketV2("bucketV2", {
    acl: "public-read",
    corsRules: [{
        allowedHeaders: ["*"],
        allowedMethods: [
            "PUT",
            "POST",
        ],
        allowedOrigins: ["https://s3-website-test.domain.example"],
        exposeHeaders: ["ETag"],
        maxAgeSeconds: 3000,
    }],
});

resources:
  bucketV2:
    type: aws:s3:BucketV2
    properties:
      acl: public-read
      corsRules:
        - allowedHeaders:
            - '*'
          allowedMethods:
            - PUT
            - POST
          allowedOrigins:
            - https://s3-website-test.domain.example
          exposeHeaders:
            - ETag
          maxAgeSeconds: 3000

Using versioning

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
    {
        Acl = "private",
        Versionings = new[]
        {
            new Aws.S3.Inputs.BucketV2VersioningArgs
            {
                Enabled = true,
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
			Acl: pulumi.String("private"),
			Versionings: s3.BucketV2VersioningArray{
				&s3.BucketV2VersioningArgs{
					Enabled: pulumi.Bool(true),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2VersioningArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()        
            .acl("private")
            .versionings(BucketV2VersioningArgs.builder()
                .enabled(true)
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

bucket_v2 = aws.s3.BucketV2("bucketV2",
    acl="private",
    versionings=[aws.s3.BucketV2VersioningArgs(
        enabled=True,
    )])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const bucketV2 = new aws.s3.BucketV2("bucketV2", {
    acl: "private",
    versionings: [{
        enabled: true,
    }],
});

resources:
  bucketV2:
    type: aws:s3:BucketV2
    properties:
      acl: private
      versionings:
        - enabled: true

Enable Logging

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var logBucket = new Aws.S3.BucketV2("logBucket", new()
    {
        Acl = "log-delivery-write",
    });

    var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
    {
        Acl = "private",
        Loggings = new[]
        {
            new Aws.S3.Inputs.BucketV2LoggingArgs
            {
                TargetBucket = logBucket.Id,
                TargetPrefix = "log/",
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		logBucket, err := s3.NewBucketV2(ctx, "logBucket", &s3.BucketV2Args{
			Acl: pulumi.String("log-delivery-write"),
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
			Acl: pulumi.String("private"),
			Loggings: s3.BucketV2LoggingArray{
				&s3.BucketV2LoggingArgs{
					TargetBucket: logBucket.ID(),
					TargetPrefix: pulumi.String("log/"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2LoggingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var logBucket = new BucketV2("logBucket", BucketV2Args.builder()        
            .acl("log-delivery-write")
            .build());

        var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()        
            .acl("private")
            .loggings(BucketV2LoggingArgs.builder()
                .targetBucket(logBucket.id())
                .targetPrefix("log/")
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

log_bucket = aws.s3.BucketV2("logBucket", acl="log-delivery-write")
bucket_v2 = aws.s3.BucketV2("bucketV2",
    acl="private",
    loggings=[aws.s3.BucketV2LoggingArgs(
        target_bucket=log_bucket.id,
        target_prefix="log/",
    )])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const logBucket = new aws.s3.BucketV2("logBucket", {acl: "log-delivery-write"});
const bucketV2 = new aws.s3.BucketV2("bucketV2", {
    acl: "private",
    loggings: [{
        targetBucket: logBucket.id,
        targetPrefix: "log/",
    }],
});

resources:
  logBucket:
    type: aws:s3:BucketV2
    properties:
      acl: log-delivery-write
  bucketV2:
    type: aws:s3:BucketV2
    properties:
      acl: private
      loggings:
        - targetBucket: ${logBucket.id}
          targetPrefix: log/

Using object lifecycle

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var bucket = new Aws.S3.BucketV2("bucket", new()
    {
        Acl = "private",
        LifecycleRules = new[]
        {
            new Aws.S3.Inputs.BucketV2LifecycleRuleArgs
            {
                Enabled = true,
                Expirations = new[]
                {
                    new Aws.S3.Inputs.BucketV2LifecycleRuleExpirationArgs
                    {
                        Days = 90,
                    },
                },
                Id = "log",
                Prefix = "log/",
                Tags = 
                {
                    { "autoclean", "true" },
                    { "rule", "log" },
                },
                Transitions = new[]
                {
                    new Aws.S3.Inputs.BucketV2LifecycleRuleTransitionArgs
                    {
                        Days = 30,
                        StorageClass = "STANDARD_IA",
                    },
                    new Aws.S3.Inputs.BucketV2LifecycleRuleTransitionArgs
                    {
                        Days = 60,
                        StorageClass = "GLACIER",
                    },
                },
            },
            new Aws.S3.Inputs.BucketV2LifecycleRuleArgs
            {
                Enabled = true,
                Expirations = new[]
                {
                    new Aws.S3.Inputs.BucketV2LifecycleRuleExpirationArgs
                    {
                        Date = "2016-01-12",
                    },
                },
                Id = "tmp",
                Prefix = "tmp/",
            },
        },
    });

    var versioningBucket = new Aws.S3.BucketV2("versioningBucket", new()
    {
        Acl = "private",
        LifecycleRules = new[]
        {
            new Aws.S3.Inputs.BucketV2LifecycleRuleArgs
            {
                Enabled = true,
                NoncurrentVersionExpirations = new[]
                {
                    new Aws.S3.Inputs.BucketV2LifecycleRuleNoncurrentVersionExpirationArgs
                    {
                        Days = 90,
                    },
                },
                NoncurrentVersionTransitions = new[]
                {
                    new Aws.S3.Inputs.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs
                    {
                        Days = 30,
                        StorageClass = "STANDARD_IA",
                    },
                    new Aws.S3.Inputs.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs
                    {
                        Days = 60,
                        StorageClass = "GLACIER",
                    },
                },
                Prefix = "config/",
            },
        },
        Versionings = new[]
        {
            new Aws.S3.Inputs.BucketV2VersioningArgs
            {
                Enabled = true,
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := s3.NewBucketV2(ctx, "bucket", &s3.BucketV2Args{
			Acl: pulumi.String("private"),
			LifecycleRules: s3.BucketV2LifecycleRuleArray{
				&s3.BucketV2LifecycleRuleArgs{
					Enabled: pulumi.Bool(true),
					Expirations: s3.BucketV2LifecycleRuleExpirationArray{
						&s3.BucketV2LifecycleRuleExpirationArgs{
							Days: pulumi.Int(90),
						},
					},
					Id:     pulumi.String("log"),
					Prefix: pulumi.String("log/"),
					Tags: pulumi.StringMap{
						"autoclean": pulumi.String("true"),
						"rule":      pulumi.String("log"),
					},
					Transitions: s3.BucketV2LifecycleRuleTransitionArray{
						&s3.BucketV2LifecycleRuleTransitionArgs{
							Days:         pulumi.Int(30),
							StorageClass: pulumi.String("STANDARD_IA"),
						},
						&s3.BucketV2LifecycleRuleTransitionArgs{
							Days:         pulumi.Int(60),
							StorageClass: pulumi.String("GLACIER"),
						},
					},
				},
				&s3.BucketV2LifecycleRuleArgs{
					Enabled: pulumi.Bool(true),
					Expirations: s3.BucketV2LifecycleRuleExpirationArray{
						&s3.BucketV2LifecycleRuleExpirationArgs{
							Date: pulumi.String("2016-01-12"),
						},
					},
					Id:     pulumi.String("tmp"),
					Prefix: pulumi.String("tmp/"),
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketV2(ctx, "versioningBucket", &s3.BucketV2Args{
			Acl: pulumi.String("private"),
			LifecycleRules: s3.BucketV2LifecycleRuleArray{
				&s3.BucketV2LifecycleRuleArgs{
					Enabled: pulumi.Bool(true),
					NoncurrentVersionExpirations: s3.BucketV2LifecycleRuleNoncurrentVersionExpirationArray{
						&s3.BucketV2LifecycleRuleNoncurrentVersionExpirationArgs{
							Days: pulumi.Int(90),
						},
					},
					NoncurrentVersionTransitions: s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArray{
						&s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs{
							Days:         pulumi.Int(30),
							StorageClass: pulumi.String("STANDARD_IA"),
						},
						&s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs{
							Days:         pulumi.Int(60),
							StorageClass: pulumi.String("GLACIER"),
						},
					},
					Prefix: pulumi.String("config/"),
				},
			},
			Versionings: s3.BucketV2VersioningArray{
				&s3.BucketV2VersioningArgs{
					Enabled: pulumi.Bool(true),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2LifecycleRuleArgs;
import com.pulumi.aws.s3.inputs.BucketV2VersioningArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var bucket = new BucketV2("bucket", BucketV2Args.builder()        
            .acl("private")
            .lifecycleRules(            
                BucketV2LifecycleRuleArgs.builder()
                    .enabled(true)
                    .expirations(BucketV2LifecycleRuleExpirationArgs.builder()
                        .days(90)
                        .build())
                    .id("log")
                    .prefix("log/")
                    .tags(Map.ofEntries(
                        Map.entry("autoclean", "true"),
                        Map.entry("rule", "log")
                    ))
                    .transitions(                    
                        BucketV2LifecycleRuleTransitionArgs.builder()
                            .days(30)
                            .storageClass("STANDARD_IA")
                            .build(),
                        BucketV2LifecycleRuleTransitionArgs.builder()
                            .days(60)
                            .storageClass("GLACIER")
                            .build())
                    .build(),
                BucketV2LifecycleRuleArgs.builder()
                    .enabled(true)
                    .expirations(BucketV2LifecycleRuleExpirationArgs.builder()
                        .date("2016-01-12")
                        .build())
                    .id("tmp")
                    .prefix("tmp/")
                    .build())
            .build());

        var versioningBucket = new BucketV2("versioningBucket", BucketV2Args.builder()        
            .acl("private")
            .lifecycleRules(BucketV2LifecycleRuleArgs.builder()
                .enabled(true)
                .noncurrentVersionExpirations(BucketV2LifecycleRuleNoncurrentVersionExpirationArgs.builder()
                    .days(90)
                    .build())
                .noncurrentVersionTransitions(                
                    BucketV2LifecycleRuleNoncurrentVersionTransitionArgs.builder()
                        .days(30)
                        .storageClass("STANDARD_IA")
                        .build(),
                    BucketV2LifecycleRuleNoncurrentVersionTransitionArgs.builder()
                        .days(60)
                        .storageClass("GLACIER")
                        .build())
                .prefix("config/")
                .build())
            .versionings(BucketV2VersioningArgs.builder()
                .enabled(true)
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

bucket = aws.s3.BucketV2("bucket",
    acl="private",
    lifecycle_rules=[
        aws.s3.BucketV2LifecycleRuleArgs(
            enabled=True,
            expirations=[aws.s3.BucketV2LifecycleRuleExpirationArgs(
                days=90,
            )],
            id="log",
            prefix="log/",
            tags={
                "autoclean": "true",
                "rule": "log",
            },
            transitions=[
                aws.s3.BucketV2LifecycleRuleTransitionArgs(
                    days=30,
                    storage_class="STANDARD_IA",
                ),
                aws.s3.BucketV2LifecycleRuleTransitionArgs(
                    days=60,
                    storage_class="GLACIER",
                ),
            ],
        ),
        aws.s3.BucketV2LifecycleRuleArgs(
            enabled=True,
            expirations=[aws.s3.BucketV2LifecycleRuleExpirationArgs(
                date="2016-01-12",
            )],
            id="tmp",
            prefix="tmp/",
        ),
    ])
versioning_bucket = aws.s3.BucketV2("versioningBucket",
    acl="private",
    lifecycle_rules=[aws.s3.BucketV2LifecycleRuleArgs(
        enabled=True,
        noncurrent_version_expirations=[aws.s3.BucketV2LifecycleRuleNoncurrentVersionExpirationArgs(
            days=90,
        )],
        noncurrent_version_transitions=[
            aws.s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs(
                days=30,
                storage_class="STANDARD_IA",
            ),
            aws.s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs(
                days=60,
                storage_class="GLACIER",
            ),
        ],
        prefix="config/",
    )],
    versionings=[aws.s3.BucketV2VersioningArgs(
        enabled=True,
    )])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const bucket = new aws.s3.BucketV2("bucket", {
    acl: "private",
    lifecycleRules: [
        {
            enabled: true,
            expirations: [{
                days: 90,
            }],
            id: "log",
            prefix: "log/",
            tags: {
                autoclean: "true",
                rule: "log",
            },
            transitions: [
                {
                    days: 30,
                    storageClass: "STANDARD_IA",
                },
                {
                    days: 60,
                    storageClass: "GLACIER",
                },
            ],
        },
        {
            enabled: true,
            expirations: [{
                date: "2016-01-12",
            }],
            id: "tmp",
            prefix: "tmp/",
        },
    ],
});
const versioningBucket = new aws.s3.BucketV2("versioningBucket", {
    acl: "private",
    lifecycleRules: [{
        enabled: true,
        noncurrentVersionExpirations: [{
            days: 90,
        }],
        noncurrentVersionTransitions: [
            {
                days: 30,
                storageClass: "STANDARD_IA",
            },
            {
                days: 60,
                storageClass: "GLACIER",
            },
        ],
        prefix: "config/",
    }],
    versionings: [{
        enabled: true,
    }],
});

resources:
  bucket:
    type: aws:s3:BucketV2
    properties:
      acl: private
      lifecycleRules:
        - enabled: true
          expirations:
            - days: 90
          id: log
          prefix: log/
          tags:
            autoclean: 'true'
            rule: log
          transitions:
            - days: 30
              storageClass: STANDARD_IA
            - days: 60
              storageClass: GLACIER
        - enabled: true
          expirations:
            - date: 2016-01-12
          id: tmp
          prefix: tmp/
  versioningBucket:
    type: aws:s3:BucketV2
    properties:
      acl: private
      lifecycleRules:
        - enabled: true
          noncurrentVersionExpirations:
            - days: 90
          noncurrentVersionTransitions:
            - days: 30
              storageClass: STANDARD_IA
            - days: 60
              storageClass: GLACIER
          prefix: config/
      versionings:
        - enabled: true

Using object lock configuration

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var central = new Aws.Provider("central", new()
    {
        Region = "eu-central-1",
    });

    var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Principals = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                    {
                        Type = "Service",
                        Identifiers = new[]
                        {
                            "s3.amazonaws.com",
                        },
                    },
                },
                Actions = new[]
                {
                    "sts:AssumeRole",
                },
            },
        },
    });

    var replicationRole = new Aws.Iam.Role("replicationRole", new()
    {
        AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var destination = new Aws.S3.BucketV2("destination", new()
    {
        Versionings = new[]
        {
            new Aws.S3.Inputs.BucketV2VersioningArgs
            {
                Enabled = true,
            },
        },
    });

    var source = new Aws.S3.BucketV2("source", new()
    {
        Acl = "private",
        Versionings = new[]
        {
            new Aws.S3.Inputs.BucketV2VersioningArgs
            {
                Enabled = true,
            },
        },
        ReplicationConfigurations = new[]
        {
            new Aws.S3.Inputs.BucketV2ReplicationConfigurationArgs
            {
                Role = replicationRole.Arn,
                Rules = new[]
                {
                    new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleArgs
                    {
                        Id = "foobar",
                        Status = "Enabled",
                        Filters = new[]
                        {
                            new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleFilterArgs
                            {
                                Tags = null,
                            },
                        },
                        Destinations = new[]
                        {
                            new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleDestinationArgs
                            {
                                Bucket = destination.Arn,
                                StorageClass = "STANDARD",
                                ReplicationTimes = new[]
                                {
                                    new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs
                                    {
                                        Status = "Enabled",
                                        Minutes = 15,
                                    },
                                },
                                Metrics = new[]
                                {
                                    new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleDestinationMetricArgs
                                    {
                                        Status = "Enabled",
                                        Minutes = 15,
                                    },
                                },
                            },
                        },
                    },
                },
            },
        },
    }, new CustomResourceOptions
    {
        Provider = aws.Central,
    });

    var replicationPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "s3:GetReplicationConfiguration",
                    "s3:ListBucket",
                },
                Resources = new[]
                {
                    source.Arn,
                },
            },
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "s3:GetObjectVersionForReplication",
                    "s3:GetObjectVersionAcl",
                    "s3:GetObjectVersionTagging",
                },
                Resources = new[]
                {
                    $"{source.Arn}/*",
                },
            },
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "s3:ReplicateObject",
                    "s3:ReplicateDelete",
                    "s3:ReplicateTags",
                },
                Resources = new[]
                {
                    $"{destination.Arn}/*",
                },
            },
        },
    });

    var replicationPolicy = new Aws.Iam.Policy("replicationPolicy", new()
    {
        PolicyDocument = replicationPolicyDocument.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("replicationRolePolicyAttachment", new()
    {
        Role = replicationRole.Name,
        PolicyArn = replicationPolicy.Arn,
    });

});

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := aws.NewProvider(ctx, "central", &aws.ProviderArgs{
			Region: pulumi.String("eu-central-1"),
		})
		if err != nil {
			return err
		}
		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"s3.amazonaws.com",
							},
						},
					},
					Actions: []string{
						"sts:AssumeRole",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		replicationRole, err := iam.NewRole(ctx, "replicationRole", &iam.RoleArgs{
			AssumeRolePolicy: *pulumi.String(assumeRole.Json),
		})
		if err != nil {
			return err
		}
		destination, err := s3.NewBucketV2(ctx, "destination", &s3.BucketV2Args{
			Versionings: s3.BucketV2VersioningArray{
				&s3.BucketV2VersioningArgs{
					Enabled: pulumi.Bool(true),
				},
			},
		})
		if err != nil {
			return err
		}
		source, err := s3.NewBucketV2(ctx, "source", &s3.BucketV2Args{
			Acl: pulumi.String("private"),
			Versionings: s3.BucketV2VersioningArray{
				&s3.BucketV2VersioningArgs{
					Enabled: pulumi.Bool(true),
				},
			},
			ReplicationConfigurations: s3.BucketV2ReplicationConfigurationArray{
				&s3.BucketV2ReplicationConfigurationArgs{
					Role: replicationRole.Arn,
					Rules: s3.BucketV2ReplicationConfigurationRuleArray{
						&s3.BucketV2ReplicationConfigurationRuleArgs{
							Id:     pulumi.String("foobar"),
							Status: pulumi.String("Enabled"),
							Filters: s3.BucketV2ReplicationConfigurationRuleFilterArray{
								&s3.BucketV2ReplicationConfigurationRuleFilterArgs{
									Tags: nil,
								},
							},
							Destinations: s3.BucketV2ReplicationConfigurationRuleDestinationArray{
								&s3.BucketV2ReplicationConfigurationRuleDestinationArgs{
									Bucket:       destination.Arn,
									StorageClass: pulumi.String("STANDARD"),
									ReplicationTimes: s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArray{
										&s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs{
											Status:  pulumi.String("Enabled"),
											Minutes: pulumi.Int(15),
										},
									},
									Metrics: s3.BucketV2ReplicationConfigurationRuleDestinationMetricArray{
										&s3.BucketV2ReplicationConfigurationRuleDestinationMetricArgs{
											Status:  pulumi.String("Enabled"),
											Minutes: pulumi.Int(15),
										},
									},
								},
							},
						},
					},
				},
			},
		}, pulumi.Provider(aws.Central))
		if err != nil {
			return err
		}
		replicationPolicyDocument := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
			Statements: iam.GetPolicyDocumentStatementArray{
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("s3:GetReplicationConfiguration"),
						pulumi.String("s3:ListBucket"),
					},
					Resources: pulumi.StringArray{
						source.Arn,
					},
				},
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("s3:GetObjectVersionForReplication"),
						pulumi.String("s3:GetObjectVersionAcl"),
						pulumi.String("s3:GetObjectVersionTagging"),
					},
					Resources: pulumi.StringArray{
						source.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v/*", arn), nil
						}).(pulumi.StringOutput),
					},
				},
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("s3:ReplicateObject"),
						pulumi.String("s3:ReplicateDelete"),
						pulumi.String("s3:ReplicateTags"),
					},
					Resources: pulumi.StringArray{
						destination.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v/*", arn), nil
						}).(pulumi.StringOutput),
					},
				},
			},
		}, nil)
		replicationPolicy, err := iam.NewPolicy(ctx, "replicationPolicy", &iam.PolicyArgs{
			Policy: replicationPolicyDocument.ApplyT(func(replicationPolicyDocument iam.GetPolicyDocumentResult) (*string, error) {
				return &replicationPolicyDocument.Json, nil
			}).(pulumi.StringPtrOutput),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRolePolicyAttachment(ctx, "replicationRolePolicyAttachment", &iam.RolePolicyAttachmentArgs{
			Role:      replicationRole.Name,
			PolicyArn: replicationPolicy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2ObjectLockConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new BucketV2("example", BucketV2Args.builder()        
            .objectLockConfiguration(BucketV2ObjectLockConfigurationArgs.builder()
                .objectLockEnabled("Enabled")
                .rule(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

central = aws.Provider("central", region="eu-central-1")
assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    effect="Allow",
    principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
        type="Service",
        identifiers=["s3.amazonaws.com"],
    )],
    actions=["sts:AssumeRole"],
)])
replication_role = aws.iam.Role("replicationRole", assume_role_policy=assume_role.json)
destination = aws.s3.BucketV2("destination", versionings=[aws.s3.BucketV2VersioningArgs(
    enabled=True,
)])
source = aws.s3.BucketV2("source",
    acl="private",
    versionings=[aws.s3.BucketV2VersioningArgs(
        enabled=True,
    )],
    replication_configurations=[aws.s3.BucketV2ReplicationConfigurationArgs(
        role=replication_role.arn,
        rules=[aws.s3.BucketV2ReplicationConfigurationRuleArgs(
            id="foobar",
            status="Enabled",
            filters=[aws.s3.BucketV2ReplicationConfigurationRuleFilterArgs(
                tags={},
            )],
            destinations=[aws.s3.BucketV2ReplicationConfigurationRuleDestinationArgs(
                bucket=destination.arn,
                storage_class="STANDARD",
                replication_times=[aws.s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs(
                    status="Enabled",
                    minutes=15,
                )],
                metrics=[aws.s3.BucketV2ReplicationConfigurationRuleDestinationMetricArgs(
                    status="Enabled",
                    minutes=15,
                )],
            )],
        )],
    )],
    opts=pulumi.ResourceOptions(provider=aws["central"]))
replication_policy_document = aws.iam.get_policy_document_output(statements=[
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=[
            "s3:GetReplicationConfiguration",
            "s3:ListBucket",
        ],
        resources=[source.arn],
    ),
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=[
            "s3:GetObjectVersionForReplication",
            "s3:GetObjectVersionAcl",
            "s3:GetObjectVersionTagging",
        ],
        resources=[source.arn.apply(lambda arn: f"{arn}/*")],
    ),
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=[
            "s3:ReplicateObject",
            "s3:ReplicateDelete",
            "s3:ReplicateTags",
        ],
        resources=[destination.arn.apply(lambda arn: f"{arn}/*")],
    ),
])
replication_policy = aws.iam.Policy("replicationPolicy", policy=replication_policy_document.json)
replication_role_policy_attachment = aws.iam.RolePolicyAttachment("replicationRolePolicyAttachment",
    role=replication_role.name,
    policy_arn=replication_policy.arn)

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const central = new aws.Provider("central", {region: "eu-central-1"});
const assumeRole = aws.iam.getPolicyDocument({
    statements: [{
        effect: "Allow",
        principals: [{
            type: "Service",
            identifiers: ["s3.amazonaws.com"],
        }],
        actions: ["sts:AssumeRole"],
    }],
});
const replicationRole = new aws.iam.Role("replicationRole", {assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json)});
const destination = new aws.s3.BucketV2("destination", {versionings: [{
    enabled: true,
}]});
const source = new aws.s3.BucketV2("source", {
    acl: "private",
    versionings: [{
        enabled: true,
    }],
    replicationConfigurations: [{
        role: replicationRole.arn,
        rules: [{
            id: "foobar",
            status: "Enabled",
            filters: [{
                tags: {},
            }],
            destinations: [{
                bucket: destination.arn,
                storageClass: "STANDARD",
                replicationTimes: [{
                    status: "Enabled",
                    minutes: 15,
                }],
                metrics: [{
                    status: "Enabled",
                    minutes: 15,
                }],
            }],
        }],
    }],
}, {
    provider: aws.central,
});
const replicationPolicyDocument = aws.iam.getPolicyDocumentOutput({
    statements: [
        {
            effect: "Allow",
            actions: [
                "s3:GetReplicationConfiguration",
                "s3:ListBucket",
            ],
            resources: [source.arn],
        },
        {
            effect: "Allow",
            actions: [
                "s3:GetObjectVersionForReplication",
                "s3:GetObjectVersionAcl",
                "s3:GetObjectVersionTagging",
            ],
            resources: [pulumi.interpolate`${source.arn}/*`],
        },
        {
            effect: "Allow",
            actions: [
                "s3:ReplicateObject",
                "s3:ReplicateDelete",
                "s3:ReplicateTags",
            ],
            resources: [pulumi.interpolate`${destination.arn}/*`],
        },
    ],
});
const replicationPolicy = new aws.iam.Policy("replicationPolicy", {policy: replicationPolicyDocument.apply(replicationPolicyDocument => replicationPolicyDocument.json)});
const replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment("replicationRolePolicyAttachment", {
    role: replicationRole.name,
    policyArn: replicationPolicy.arn,
});

resources:
  example:
    type: aws:s3:BucketV2
    properties:
      objectLockConfiguration:
        objectLockEnabled: Enabled
        rule:
          - defaultRetention:
              - days: 5
                mode: COMPLIANCE

Using replication configuration

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var mykey = new Aws.Kms.Key("mykey", new()
    {
        Description = "This key is used to encrypt bucket objects",
        DeletionWindowInDays = 10,
    });

    var mybucket = new Aws.S3.BucketV2("mybucket", new()
    {
        ServerSideEncryptionConfigurations = new[]
        {
            new Aws.S3.Inputs.BucketV2ServerSideEncryptionConfigurationArgs
            {
                Rules = new[]
                {
                    new Aws.S3.Inputs.BucketV2ServerSideEncryptionConfigurationRuleArgs
                    {
                        ApplyServerSideEncryptionByDefaults = new[]
                        {
                            new Aws.S3.Inputs.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs
                            {
                                KmsMasterKeyId = mykey.Arn,
                                SseAlgorithm = "aws:kms",
                            },
                        },
                    },
                },
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/kms"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		mykey, err := kms.NewKey(ctx, "mykey", &kms.KeyArgs{
			Description:          pulumi.String("This key is used to encrypt bucket objects"),
			DeletionWindowInDays: pulumi.Int(10),
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketV2(ctx, "mybucket", &s3.BucketV2Args{
			ServerSideEncryptionConfigurations: s3.BucketV2ServerSideEncryptionConfigurationArray{
				&s3.BucketV2ServerSideEncryptionConfigurationArgs{
					Rules: s3.BucketV2ServerSideEncryptionConfigurationRuleArray{
						&s3.BucketV2ServerSideEncryptionConfigurationRuleArgs{
							ApplyServerSideEncryptionByDefaults: s3.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArray{
								&s3.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{
									KmsMasterKeyId: mykey.Arn,
									SseAlgorithm:   pulumi.String("aws:kms"),
								},
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.Provider;
import com.pulumi.aws.ProviderArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2VersioningArgs;
import com.pulumi.aws.s3.inputs.BucketV2ReplicationConfigurationArgs;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var central = new Provider("central", ProviderArgs.builder()        
            .region("eu-central-1")
            .build());

        final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("s3.amazonaws.com")
                    .build())
                .actions("sts:AssumeRole")
                .build())
            .build());

        var replicationRole = new Role("replicationRole", RoleArgs.builder()        
            .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        var destination = new BucketV2("destination", BucketV2Args.builder()        
            .versionings(BucketV2VersioningArgs.builder()
                .enabled(true)
                .build())
            .build());

        var source = new BucketV2("source", BucketV2Args.builder()        
            .acl("private")
            .versionings(BucketV2VersioningArgs.builder()
                .enabled(true)
                .build())
            .replicationConfigurations(BucketV2ReplicationConfigurationArgs.builder()
                .role(replicationRole.arn())
                .rules(BucketV2ReplicationConfigurationRuleArgs.builder()
                    .id("foobar")
                    .status("Enabled")
                    .filters(BucketV2ReplicationConfigurationRuleFilterArgs.builder()
                        .tags()
                        .build())
                    .destinations(BucketV2ReplicationConfigurationRuleDestinationArgs.builder()
                        .bucket(destination.arn())
                        .storageClass("STANDARD")
                        .replicationTimes(BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs.builder()
                            .status("Enabled")
                            .minutes(15)
                            .build())
                        .metrics(BucketV2ReplicationConfigurationRuleDestinationMetricArgs.builder()
                            .status("Enabled")
                            .minutes(15)
                            .build())
                        .build())
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(aws.central())
                .build());

        final var replicationPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(            
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                    
                        "s3:GetReplicationConfiguration",
                        "s3:ListBucket")
                    .resources(source.arn())
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                    
                        "s3:GetObjectVersionForReplication",
                        "s3:GetObjectVersionAcl",
                        "s3:GetObjectVersionTagging")
                    .resources(source.arn().applyValue(arn -> String.format("%s/*", arn)))
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                    
                        "s3:ReplicateObject",
                        "s3:ReplicateDelete",
                        "s3:ReplicateTags")
                    .resources(destination.arn().applyValue(arn -> String.format("%s/*", arn)))
                    .build())
            .build());

        var replicationPolicy = new Policy("replicationPolicy", PolicyArgs.builder()        
            .policy(replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(replicationPolicyDocument -> replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
            .build());

        var replicationRolePolicyAttachment = new RolePolicyAttachment("replicationRolePolicyAttachment", RolePolicyAttachmentArgs.builder()        
            .role(replicationRole.name())
            .policyArn(replicationPolicy.arn())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

mykey = aws.kms.Key("mykey",
    description="This key is used to encrypt bucket objects",
    deletion_window_in_days=10)
mybucket = aws.s3.BucketV2("mybucket", server_side_encryption_configurations=[aws.s3.BucketV2ServerSideEncryptionConfigurationArgs(
    rules=[aws.s3.BucketV2ServerSideEncryptionConfigurationRuleArgs(
        apply_server_side_encryption_by_defaults=[aws.s3.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs(
            kms_master_key_id=mykey.arn,
            sse_algorithm="aws:kms",
        )],
    )],
)])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const mykey = new aws.kms.Key("mykey", {
    description: "This key is used to encrypt bucket objects",
    deletionWindowInDays: 10,
});
const mybucket = new aws.s3.BucketV2("mybucket", {serverSideEncryptionConfigurations: [{
    rules: [{
        applyServerSideEncryptionByDefaults: [{
            kmsMasterKeyId: mykey.arn,
            sseAlgorithm: "aws:kms",
        }],
    }],
}]});

resources:
  central:
    type: pulumi:providers:aws
    properties:
      region: eu-central-1
  replicationRole:
    type: aws:iam:Role
    properties:
      assumeRolePolicy: ${assumeRole.json}
  replicationPolicy:
    type: aws:iam:Policy
    properties:
      policy: ${replicationPolicyDocument.json}
  replicationRolePolicyAttachment:
    type: aws:iam:RolePolicyAttachment
    properties:
      role: ${replicationRole.name}
      policyArn: ${replicationPolicy.arn}
  destination:
    type: aws:s3:BucketV2
    properties:
      versionings:
        - enabled: true
  source:
    type: aws:s3:BucketV2
    properties:
      acl: private
      versionings:
        - enabled: true
      replicationConfigurations:
        - role: ${replicationRole.arn}
          rules:
            - id: foobar
              status: Enabled
              filters:
                - tags: {}
              destinations:
                - bucket: ${destination.arn}
                  storageClass: STANDARD
                  replicationTimes:
                    - status: Enabled
                      minutes: 15
                  metrics:
                    - status: Enabled
                      minutes: 15
    options:
      provider: ${aws.central}
variables:
  assumeRole:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            principals:
              - type: Service
                identifiers:
                  - s3.amazonaws.com
            actions:
              - sts:AssumeRole
  replicationPolicyDocument:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            actions:
              - s3:GetReplicationConfiguration
              - s3:ListBucket
            resources:
              - ${source.arn}
          - effect: Allow
            actions:
              - s3:GetObjectVersionForReplication
              - s3:GetObjectVersionAcl
              - s3:GetObjectVersionTagging
            resources:
              - ${source.arn}/*
          - effect: Allow
            actions:
              - s3:ReplicateObject
              - s3:ReplicateDelete
              - s3:ReplicateTags
            resources:
              - ${destination.arn}/*

Enable SSE-KMS Server Side Encryption

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var currentUser = Aws.S3.GetCanonicalUserId.Invoke();

    var bucket = new Aws.S3.BucketV2("bucket", new()
    {
        Grants = new[]
        {
            new Aws.S3.Inputs.BucketV2GrantArgs
            {
                Id = currentUser.Apply(getCanonicalUserIdResult => getCanonicalUserIdResult.Id),
                Type = "CanonicalUser",
                Permissions = new[]
                {
                    "FULL_CONTROL",
                },
            },
            new Aws.S3.Inputs.BucketV2GrantArgs
            {
                Type = "Group",
                Permissions = new[]
                {
                    "READ_ACP",
                    "WRITE",
                },
                Uri = "http://acs.amazonaws.com/groups/s3/LogDelivery",
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		currentUser, err := s3.GetCanonicalUserId(ctx, nil, nil)
		if err != nil {
			return err
		}
		_, err = s3.NewBucketV2(ctx, "bucket", &s3.BucketV2Args{
			Grants: s3.BucketV2GrantArray{
				&s3.BucketV2GrantArgs{
					Id:   *pulumi.String(currentUser.Id),
					Type: pulumi.String("CanonicalUser"),
					Permissions: pulumi.StringArray{
						pulumi.String("FULL_CONTROL"),
					},
				},
				&s3.BucketV2GrantArgs{
					Type: pulumi.String("Group"),
					Permissions: pulumi.StringArray{
						pulumi.String("READ_ACP"),
						pulumi.String("WRITE"),
					},
					Uri: pulumi.String("http://acs.amazonaws.com/groups/s3/LogDelivery"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2ServerSideEncryptionConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var mykey = new Key("mykey", KeyArgs.builder()        
            .description("This key is used to encrypt bucket objects")
            .deletionWindowInDays(10)
            .build());

        var mybucket = new BucketV2("mybucket", BucketV2Args.builder()        
            .serverSideEncryptionConfigurations(BucketV2ServerSideEncryptionConfigurationArgs.builder()
                .rules(BucketV2ServerSideEncryptionConfigurationRuleArgs.builder()
                    .applyServerSideEncryptionByDefaults(BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()
                        .kmsMasterKeyId(mykey.arn())
                        .sseAlgorithm("aws:kms")
                        .build())
                    .build())
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

current_user = aws.s3.get_canonical_user_id()
bucket = aws.s3.BucketV2("bucket", grants=[
    aws.s3.BucketV2GrantArgs(
        id=current_user.id,
        type="CanonicalUser",
        permissions=["FULL_CONTROL"],
    ),
    aws.s3.BucketV2GrantArgs(
        type="Group",
        permissions=[
            "READ_ACP",
            "WRITE",
        ],
        uri="http://acs.amazonaws.com/groups/s3/LogDelivery",
    ),
])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const currentUser = aws.s3.getCanonicalUserId({});
const bucket = new aws.s3.BucketV2("bucket", {grants: [
    {
        id: currentUser.then(currentUser => currentUser.id),
        type: "CanonicalUser",
        permissions: ["FULL_CONTROL"],
    },
    {
        type: "Group",
        permissions: [
            "READ_ACP",
            "WRITE",
        ],
        uri: "http://acs.amazonaws.com/groups/s3/LogDelivery",
    },
]});

resources:
  mykey:
    type: aws:kms:Key
    properties:
      description: This key is used to encrypt bucket objects
      deletionWindowInDays: 10
  mybucket:
    type: aws:s3:BucketV2
    properties:
      serverSideEncryptionConfigurations:
        - rules:
            - applyServerSideEncryptionByDefaults:
                - kmsMasterKeyId: ${mykey.arn}
                  sseAlgorithm: aws:kms

Using ACL policy grants

Coming soon!

Coming soon!

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.S3Functions;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2GrantArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var currentUser = S3Functions.getCanonicalUserId();

        var bucket = new BucketV2("bucket", BucketV2Args.builder()        
            .grants(            
                BucketV2GrantArgs.builder()
                    .id(currentUser.applyValue(getCanonicalUserIdResult -> getCanonicalUserIdResult.id()))
                    .type("CanonicalUser")
                    .permissions("FULL_CONTROL")
                    .build(),
                BucketV2GrantArgs.builder()
                    .type("Group")
                    .permissions(                    
                        "READ_ACP",
                        "WRITE")
                    .uri("http://acs.amazonaws.com/groups/s3/LogDelivery")
                    .build())
            .build());

    }
}

Coming soon!

Coming soon!

resources:
  bucket:
    type: aws:s3:BucketV2
    properties:
      grants:
        - id: ${currentUser.id}
          type: CanonicalUser
          permissions:
            - FULL_CONTROL
        - type: Group
          permissions:
            - READ_ACP
            - WRITE
          uri: http://acs.amazonaws.com/groups/s3/LogDelivery
variables:
  currentUser:
    fn::invoke:
      Function: aws:s3:getCanonicalUserId
      Arguments: {}

Create BucketV2 Resource

new BucketV2(name: string, args?: BucketV2Args, opts?: CustomResourceOptions);
@overload
def BucketV2(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             acceleration_status: Optional[str] = None,
             acl: Optional[str] = None,
             bucket: Optional[str] = None,
             bucket_prefix: Optional[str] = None,
             cors_rules: Optional[Sequence[BucketV2CorsRuleArgs]] = None,
             force_destroy: Optional[bool] = None,
             grants: Optional[Sequence[BucketV2GrantArgs]] = None,
             lifecycle_rules: Optional[Sequence[BucketV2LifecycleRuleArgs]] = None,
             loggings: Optional[Sequence[BucketV2LoggingArgs]] = None,
             object_lock_configuration: Optional[BucketV2ObjectLockConfigurationArgs] = None,
             object_lock_enabled: Optional[bool] = None,
             policy: Optional[str] = None,
             replication_configurations: Optional[Sequence[BucketV2ReplicationConfigurationArgs]] = None,
             request_payer: Optional[str] = None,
             server_side_encryption_configurations: Optional[Sequence[BucketV2ServerSideEncryptionConfigurationArgs]] = None,
             tags: Optional[Mapping[str, str]] = None,
             versionings: Optional[Sequence[BucketV2VersioningArgs]] = None,
             websites: Optional[Sequence[BucketV2WebsiteArgs]] = None)
@overload
def BucketV2(resource_name: str,
             args: Optional[BucketV2Args] = None,
             opts: Optional[ResourceOptions] = None)
func NewBucketV2(ctx *Context, name string, args *BucketV2Args, opts ...ResourceOption) (*BucketV2, error)
public BucketV2(string name, BucketV2Args? args = null, CustomResourceOptions? opts = null)
public BucketV2(String name, BucketV2Args args)
public BucketV2(String name, BucketV2Args args, CustomResourceOptions options)

type: aws:s3:BucketV2
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
name string
The unique name of the resource.
args BucketV2Args
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args BucketV2Args
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args BucketV2Args
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args BucketV2Args
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args BucketV2Args
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

BucketV2 Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The BucketV2 resource accepts the following input properties:

AccelerationStatus string

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

Acl string

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

Bucket string

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

BucketPrefix string

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

CorsRules List<BucketV2CorsRuleArgs>

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

ForceDestroy bool

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

Grants List<BucketV2GrantArgs>

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

LifecycleRules List<BucketV2LifecycleRuleArgs>

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

Loggings List<BucketV2LoggingArgs>

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

ObjectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

ObjectLockEnabled bool

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Policy string

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

ReplicationConfigurations List<BucketV2ReplicationConfigurationArgs>

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

RequestPayer string

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

ServerSideEncryptionConfigurations List<BucketV2ServerSideEncryptionConfigurationArgs>

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

Tags Dictionary<string, string>

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Versionings List<BucketV2VersioningArgs>

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

Websites List<BucketV2WebsiteArgs>

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

AccelerationStatus string

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

Acl string

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

Bucket string

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

BucketPrefix string

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

CorsRules []BucketV2CorsRuleArgs

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

ForceDestroy bool

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

Grants []BucketV2GrantArgs

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

LifecycleRules []BucketV2LifecycleRuleArgs

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

Loggings []BucketV2LoggingArgs

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

ObjectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

ObjectLockEnabled bool

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Policy string

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

ReplicationConfigurations []BucketV2ReplicationConfigurationArgs

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

RequestPayer string

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

ServerSideEncryptionConfigurations []BucketV2ServerSideEncryptionConfigurationArgs

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

Tags map[string]string

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Versionings []BucketV2VersioningArgs

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

Websites []BucketV2WebsiteArgs

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

accelerationStatus String

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl String

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

bucket String

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucketPrefix String

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

corsRules List<BucketV2CorsRuleArgs>

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

forceDestroy Boolean

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants List<BucketV2GrantArgs>

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

lifecycleRules List<BucketV2LifecycleRuleArgs>

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings List<BucketV2LoggingArgs>

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

objectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled Boolean

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy String

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

replicationConfigurations List<BucketV2ReplicationConfigurationArgs>

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

requestPayer String

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

serverSideEncryptionConfigurations List<BucketV2ServerSideEncryptionConfigurationArgs>

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags Map<String,String>

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

versionings List<BucketV2VersioningArgs>

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

websites List<BucketV2WebsiteArgs>

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

accelerationStatus string

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl string

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

bucket string

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucketPrefix string

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

corsRules BucketV2CorsRuleArgs[]

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

forceDestroy boolean

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants BucketV2GrantArgs[]

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

lifecycleRules BucketV2LifecycleRuleArgs[]

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings BucketV2LoggingArgs[]

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

objectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled boolean

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy string

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

replicationConfigurations BucketV2ReplicationConfigurationArgs[]

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

requestPayer string

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

serverSideEncryptionConfigurations BucketV2ServerSideEncryptionConfigurationArgs[]

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags {[key: string]: string}

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

versionings BucketV2VersioningArgs[]

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

websites BucketV2WebsiteArgs[]

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

acceleration_status str

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl str

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

bucket str

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucket_prefix str

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

cors_rules Sequence[BucketV2CorsRuleArgs]

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

force_destroy bool

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants Sequence[BucketV2GrantArgs]

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

lifecycle_rules Sequence[BucketV2LifecycleRuleArgs]

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings Sequence[BucketV2LoggingArgs]

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

object_lock_configuration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

object_lock_enabled bool

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy str

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

replication_configurations Sequence[BucketV2ReplicationConfigurationArgs]

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

request_payer str

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

server_side_encryption_configurations Sequence[BucketV2ServerSideEncryptionConfigurationArgs]

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags Mapping[str, str]

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

versionings Sequence[BucketV2VersioningArgs]

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

websites Sequence[BucketV2WebsiteArgs]

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

accelerationStatus String

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl String

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

bucket String

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucketPrefix String

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

corsRules List<Property Map>

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

forceDestroy Boolean

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants List<Property Map>

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

lifecycleRules List<Property Map>

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings List<Property Map>

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

objectLockConfiguration Property Map

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled Boolean

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy String

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

replicationConfigurations List<Property Map>

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

requestPayer String

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

serverSideEncryptionConfigurations List<Property Map>

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags Map<String>

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

versionings List<Property Map>

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

websites List<Property Map>

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

Outputs

All input properties are implicitly available as output properties. Additionally, the BucketV2 resource produces the following output properties:

Arn string

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

BucketDomainName string

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

BucketRegionalDomainName string

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

HostedZoneId string

Route 53 Hosted Zone ID for this bucket's region.

Id string

The provider-assigned unique ID for this managed resource.

Region string

AWS region this bucket resides in.

TagsAll Dictionary<string, string>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

WebsiteDomain string

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

WebsiteEndpoint string

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

Arn string

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

BucketDomainName string

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

BucketRegionalDomainName string

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

HostedZoneId string

Route 53 Hosted Zone ID for this bucket's region.

Id string

The provider-assigned unique ID for this managed resource.

Region string

AWS region this bucket resides in.

TagsAll map[string]string

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

WebsiteDomain string

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

WebsiteEndpoint string

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

arn String

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucketDomainName String

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucketRegionalDomainName String

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

hostedZoneId String

Route 53 Hosted Zone ID for this bucket's region.

id String

The provider-assigned unique ID for this managed resource.

region String

AWS region this bucket resides in.

tagsAll Map<String,String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

websiteDomain String

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websiteEndpoint String

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

arn string

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucketDomainName string

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucketRegionalDomainName string

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

hostedZoneId string

Route 53 Hosted Zone ID for this bucket's region.

id string

The provider-assigned unique ID for this managed resource.

region string

AWS region this bucket resides in.

tagsAll {[key: string]: string}

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

websiteDomain string

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websiteEndpoint string

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

arn str

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucket_domain_name str

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucket_regional_domain_name str

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

hosted_zone_id str

Route 53 Hosted Zone ID for this bucket's region.

id str

The provider-assigned unique ID for this managed resource.

region str

AWS region this bucket resides in.

tags_all Mapping[str, str]

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

website_domain str

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

website_endpoint str

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

arn String

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucketDomainName String

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucketRegionalDomainName String

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

hostedZoneId String

Route 53 Hosted Zone ID for this bucket's region.

id String

The provider-assigned unique ID for this managed resource.

region String

AWS region this bucket resides in.

tagsAll Map<String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

websiteDomain String

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websiteEndpoint String

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

Look up Existing BucketV2 Resource

Get an existing BucketV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: BucketV2State, opts?: CustomResourceOptions): BucketV2
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        acceleration_status: Optional[str] = None,
        acl: Optional[str] = None,
        arn: Optional[str] = None,
        bucket: Optional[str] = None,
        bucket_domain_name: Optional[str] = None,
        bucket_prefix: Optional[str] = None,
        bucket_regional_domain_name: Optional[str] = None,
        cors_rules: Optional[Sequence[BucketV2CorsRuleArgs]] = None,
        force_destroy: Optional[bool] = None,
        grants: Optional[Sequence[BucketV2GrantArgs]] = None,
        hosted_zone_id: Optional[str] = None,
        lifecycle_rules: Optional[Sequence[BucketV2LifecycleRuleArgs]] = None,
        loggings: Optional[Sequence[BucketV2LoggingArgs]] = None,
        object_lock_configuration: Optional[BucketV2ObjectLockConfigurationArgs] = None,
        object_lock_enabled: Optional[bool] = None,
        policy: Optional[str] = None,
        region: Optional[str] = None,
        replication_configurations: Optional[Sequence[BucketV2ReplicationConfigurationArgs]] = None,
        request_payer: Optional[str] = None,
        server_side_encryption_configurations: Optional[Sequence[BucketV2ServerSideEncryptionConfigurationArgs]] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        versionings: Optional[Sequence[BucketV2VersioningArgs]] = None,
        website_domain: Optional[str] = None,
        website_endpoint: Optional[str] = None,
        websites: Optional[Sequence[BucketV2WebsiteArgs]] = None) -> BucketV2
func GetBucketV2(ctx *Context, name string, id IDInput, state *BucketV2State, opts ...ResourceOption) (*BucketV2, error)
public static BucketV2 Get(string name, Input<string> id, BucketV2State? state, CustomResourceOptions? opts = null)
public static BucketV2 get(String name, Output<String> id, BucketV2State state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccelerationStatus string

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

Acl string

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

Arn string

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

Bucket string

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

BucketDomainName string

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

BucketPrefix string

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

BucketRegionalDomainName string

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

CorsRules List<BucketV2CorsRuleArgs>

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

ForceDestroy bool

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

Grants List<BucketV2GrantArgs>

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

HostedZoneId string

Route 53 Hosted Zone ID for this bucket's region.

LifecycleRules List<BucketV2LifecycleRuleArgs>

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

Loggings List<BucketV2LoggingArgs>

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

ObjectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

ObjectLockEnabled bool

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Policy string

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

Region string

AWS region this bucket resides in.

ReplicationConfigurations List<BucketV2ReplicationConfigurationArgs>

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

RequestPayer string

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

ServerSideEncryptionConfigurations List<BucketV2ServerSideEncryptionConfigurationArgs>

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

Tags Dictionary<string, string>

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll Dictionary<string, string>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Versionings List<BucketV2VersioningArgs>

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

WebsiteDomain string

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

WebsiteEndpoint string

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

Websites List<BucketV2WebsiteArgs>

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

AccelerationStatus string

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

Acl string

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

Arn string

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

Bucket string

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

BucketDomainName string

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

BucketPrefix string

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

BucketRegionalDomainName string

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

CorsRules []BucketV2CorsRuleArgs

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

ForceDestroy bool

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

Grants []BucketV2GrantArgs

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

HostedZoneId string

Route 53 Hosted Zone ID for this bucket's region.

LifecycleRules []BucketV2LifecycleRuleArgs

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

Loggings []BucketV2LoggingArgs

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

ObjectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

ObjectLockEnabled bool

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Policy string

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

Region string

AWS region this bucket resides in.

ReplicationConfigurations []BucketV2ReplicationConfigurationArgs

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

RequestPayer string

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

ServerSideEncryptionConfigurations []BucketV2ServerSideEncryptionConfigurationArgs

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

Tags map[string]string

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll map[string]string

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Versionings []BucketV2VersioningArgs

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

WebsiteDomain string

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

WebsiteEndpoint string

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

Websites []BucketV2WebsiteArgs

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

accelerationStatus String

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl String

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

arn String

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucket String

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucketDomainName String

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucketPrefix String

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

bucketRegionalDomainName String

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

corsRules List<BucketV2CorsRuleArgs>

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

forceDestroy Boolean

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants List<BucketV2GrantArgs>

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

hostedZoneId String

Route 53 Hosted Zone ID for this bucket's region.

lifecycleRules List<BucketV2LifecycleRuleArgs>

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings List<BucketV2LoggingArgs>

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

objectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled Boolean

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy String

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

region String

AWS region this bucket resides in.

replicationConfigurations List<BucketV2ReplicationConfigurationArgs>

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

requestPayer String

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

serverSideEncryptionConfigurations List<BucketV2ServerSideEncryptionConfigurationArgs>

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags Map<String,String>

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String,String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

versionings List<BucketV2VersioningArgs>

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

websiteDomain String

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websiteEndpoint String

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websites List<BucketV2WebsiteArgs>

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

accelerationStatus string

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl string

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

arn string

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucket string

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucketDomainName string

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucketPrefix string

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

bucketRegionalDomainName string

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

corsRules BucketV2CorsRuleArgs[]

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

forceDestroy boolean

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants BucketV2GrantArgs[]

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

hostedZoneId string

Route 53 Hosted Zone ID for this bucket's region.

lifecycleRules BucketV2LifecycleRuleArgs[]

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings BucketV2LoggingArgs[]

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

objectLockConfiguration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled boolean

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy string

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

region string

AWS region this bucket resides in.

replicationConfigurations BucketV2ReplicationConfigurationArgs[]

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

requestPayer string

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

serverSideEncryptionConfigurations BucketV2ServerSideEncryptionConfigurationArgs[]

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags {[key: string]: string}

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll {[key: string]: string}

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

versionings BucketV2VersioningArgs[]

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

websiteDomain string

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websiteEndpoint string

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websites BucketV2WebsiteArgs[]

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

acceleration_status str

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl str

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

arn str

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucket str

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucket_domain_name str

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucket_prefix str

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

bucket_regional_domain_name str

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

cors_rules Sequence[BucketV2CorsRuleArgs]

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

force_destroy bool

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants Sequence[BucketV2GrantArgs]

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

hosted_zone_id str

Route 53 Hosted Zone ID for this bucket's region.

lifecycle_rules Sequence[BucketV2LifecycleRuleArgs]

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings Sequence[BucketV2LoggingArgs]

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

object_lock_configuration BucketV2ObjectLockConfigurationArgs

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

object_lock_enabled bool

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy str

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

region str

AWS region this bucket resides in.

replication_configurations Sequence[BucketV2ReplicationConfigurationArgs]

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

request_payer str

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

server_side_encryption_configurations Sequence[BucketV2ServerSideEncryptionConfigurationArgs]

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags Mapping[str, str]

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tags_all Mapping[str, str]

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

versionings Sequence[BucketV2VersioningArgs]

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

website_domain str

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

website_endpoint str

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websites Sequence[BucketV2WebsiteArgs]

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

accelerationStatus String

Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended. Cannot be used in cn-north-1 or us-gov-west-1. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAccelerateConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_accelerate_configuration resource instead

acl String

The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, and log-delivery-write. Defaults to private. Conflicts with grant. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

arn String

ARN of the bucket. Will be of format arn:aws:s3:::bucketname.

bucket String

Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.

bucketDomainName String

Bucket domain name. Will be of format bucketname.s3.amazonaws.com.

bucketPrefix String

Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.

bucketRegionalDomainName String

Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.

corsRules List<Property Map>

Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketCorsConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_cors_configuration resource instead

forceDestroy Boolean

Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to true. Once this parameter is set to true, there must be a successful pulumi up run before a destroy is required to update this value in the resource state. Without a successful pulumi up after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful pulumi up is required to set this value in state before it will take effect on a destroy operation.

grants List<Property Map>

An ACL policy grant. See Grant below for details. Conflicts with acl. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketAclV2 instead.

Deprecated:

Use the aws_s3_bucket_acl resource instead

hostedZoneId String

Route 53 Hosted Zone ID for this bucket's region.

lifecycleRules List<Property Map>

Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLifecycleConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_lifecycle_configuration resource instead

loggings List<Property Map>

Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketLoggingV2 instead.

Deprecated:

Use the aws_s3_bucket_logging resource instead

objectLockConfiguration Property Map

Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the object_lock_enabled parameter and the resource aws.s3.BucketObjectLockConfigurationV2 instead.

Deprecated:

Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled Boolean

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

policy String

Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketPolicy instead.

Deprecated:

Use the aws_s3_bucket_policy resource instead

region String

AWS region this bucket resides in.

replicationConfigurations List<Property Map>

Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketReplicationConfig instead.

Deprecated:

Use the aws_s3_bucket_replication_configuration resource instead

requestPayer String

Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketRequestPaymentConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_request_payment_configuration resource instead

serverSideEncryptionConfigurations List<Property Map>

Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketServerSideEncryptionConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

tags Map<String>

Map of tags to assign to the bucket. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

versionings List<Property Map>

Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketVersioningV2 instead.

Deprecated:

Use the aws_s3_bucket_versioning resource instead

websiteDomain String

(Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websiteEndpoint String

(Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource

websites List<Property Map>

Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource aws.s3.BucketWebsiteConfigurationV2 instead.

Deprecated:

Use the aws_s3_bucket_website_configuration resource instead

Supporting Types

BucketV2CorsRule

AllowedMethods List<string>

One or more HTTP methods that you allow the origin to execute. Can be GET, PUT, POST, DELETE or HEAD.

AllowedOrigins List<string>

One or more origins you want customers to be able to access the bucket from.

AllowedHeaders List<string>

List of headers allowed.

ExposeHeaders List<string>

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

MaxAgeSeconds int

Specifies time in seconds that browser can cache the response for a preflight request.

AllowedMethods []string

One or more HTTP methods that you allow the origin to execute. Can be GET, PUT, POST, DELETE or HEAD.

AllowedOrigins []string

One or more origins you want customers to be able to access the bucket from.

AllowedHeaders []string

List of headers allowed.

ExposeHeaders []string

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

MaxAgeSeconds int

Specifies time in seconds that browser can cache the response for a preflight request.

allowedMethods List<String>

One or more HTTP methods that you allow the origin to execute. Can be GET, PUT, POST, DELETE or HEAD.

allowedOrigins List<String>

One or more origins you want customers to be able to access the bucket from.

allowedHeaders List<String>

List of headers allowed.

exposeHeaders List<String>

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

maxAgeSeconds Integer

Specifies time in seconds that browser can cache the response for a preflight request.

allowedMethods string[]

One or more HTTP methods that you allow the origin to execute. Can be GET, PUT, POST, DELETE or HEAD.

allowedOrigins string[]

One or more origins you want customers to be able to access the bucket from.

allowedHeaders string[]

List of headers allowed.

exposeHeaders string[]

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

maxAgeSeconds number

Specifies time in seconds that browser can cache the response for a preflight request.

allowed_methods Sequence[str]

One or more HTTP methods that you allow the origin to execute. Can be GET, PUT, POST, DELETE or HEAD.

allowed_origins Sequence[str]

One or more origins you want customers to be able to access the bucket from.

allowed_headers Sequence[str]

List of headers allowed.

expose_headers Sequence[str]

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

max_age_seconds int

Specifies time in seconds that browser can cache the response for a preflight request.

allowedMethods List<String>

One or more HTTP methods that you allow the origin to execute. Can be GET, PUT, POST, DELETE or HEAD.

allowedOrigins List<String>

One or more origins you want customers to be able to access the bucket from.

allowedHeaders List<String>

List of headers allowed.

exposeHeaders List<String>

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

maxAgeSeconds Number

Specifies time in seconds that browser can cache the response for a preflight request.

BucketV2Grant

Permissions List<string>

List of permissions to apply for grantee. Valid values are READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL.

Type string

Type of grantee to apply for. Valid values are CanonicalUser and Group. AmazonCustomerByEmail is not supported.

Id string

Canonical user id to grant for. Used only when type is CanonicalUser.

Uri string

Uri address to grant for. Used only when type is Group.

Permissions []string

List of permissions to apply for grantee. Valid values are READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL.

Type string

Type of grantee to apply for. Valid values are CanonicalUser and Group. AmazonCustomerByEmail is not supported.

Id string

Canonical user id to grant for. Used only when type is CanonicalUser.

Uri string

Uri address to grant for. Used only when type is Group.

permissions List<String>

List of permissions to apply for grantee. Valid values are READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL.

type String

Type of grantee to apply for. Valid values are CanonicalUser and Group. AmazonCustomerByEmail is not supported.

id String

Canonical user id to grant for. Used only when type is CanonicalUser.

uri String

Uri address to grant for. Used only when type is Group.

permissions string[]

List of permissions to apply for grantee. Valid values are READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL.

type string

Type of grantee to apply for. Valid values are CanonicalUser and Group. AmazonCustomerByEmail is not supported.

id string

Canonical user id to grant for. Used only when type is CanonicalUser.

uri string

Uri address to grant for. Used only when type is Group.

permissions Sequence[str]

List of permissions to apply for grantee. Valid values are READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL.

type str

Type of grantee to apply for. Valid values are CanonicalUser and Group. AmazonCustomerByEmail is not supported.

id str

Canonical user id to grant for. Used only when type is CanonicalUser.

uri str

Uri address to grant for. Used only when type is Group.

permissions List<String>

List of permissions to apply for grantee. Valid values are READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL.

type String

Type of grantee to apply for. Valid values are CanonicalUser and Group. AmazonCustomerByEmail is not supported.

id String

Canonical user id to grant for. Used only when type is CanonicalUser.

uri String

Uri address to grant for. Used only when type is Group.

BucketV2LifecycleRule

Enabled bool

Specifies lifecycle rule status.

AbortIncompleteMultipartUploadDays int

Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.

Expirations List<BucketV2LifecycleRuleExpiration>

Specifies a period in the object's expire. See Expiration below for details.

Id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

NoncurrentVersionExpirations List<BucketV2LifecycleRuleNoncurrentVersionExpiration>

Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.

NoncurrentVersionTransitions List<BucketV2LifecycleRuleNoncurrentVersionTransition>

Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.

Prefix string

Object key prefix identifying one or more objects to which the rule applies.

Tags Dictionary<string, string>

Specifies object tags key and value.

Transitions List<BucketV2LifecycleRuleTransition>

Specifies a period in the object's transitions. See Transition below for details.

Enabled bool

Specifies lifecycle rule status.

AbortIncompleteMultipartUploadDays int

Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.

Expirations []BucketV2LifecycleRuleExpiration

Specifies a period in the object's expire. See Expiration below for details.

Id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

NoncurrentVersionExpirations []BucketV2LifecycleRuleNoncurrentVersionExpiration

Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.

NoncurrentVersionTransitions []BucketV2LifecycleRuleNoncurrentVersionTransition

Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.

Prefix string

Object key prefix identifying one or more objects to which the rule applies.

Tags map[string]string

Specifies object tags key and value.

Transitions []BucketV2LifecycleRuleTransition

Specifies a period in the object's transitions. See Transition below for details.

enabled Boolean

Specifies lifecycle rule status.

abortIncompleteMultipartUploadDays Integer

Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.

expirations List<BucketV2LifecycleRuleExpiration>

Specifies a period in the object's expire. See Expiration below for details.

id String

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

noncurrentVersionExpirations List<BucketV2LifecycleRuleNoncurrentVersionExpiration>

Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.

noncurrentVersionTransitions List<BucketV2LifecycleRuleNoncurrentVersionTransition>

Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.

prefix String

Object key prefix identifying one or more objects to which the rule applies.

tags Map<String,String>

Specifies object tags key and value.

transitions List<BucketV2LifecycleRuleTransition>

Specifies a period in the object's transitions. See Transition below for details.

enabled boolean

Specifies lifecycle rule status.

abortIncompleteMultipartUploadDays number

Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.

expirations BucketV2LifecycleRuleExpiration[]

Specifies a period in the object's expire. See Expiration below for details.

id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

noncurrentVersionExpirations BucketV2LifecycleRuleNoncurrentVersionExpiration[]

Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.

noncurrentVersionTransitions BucketV2LifecycleRuleNoncurrentVersionTransition[]

Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.

prefix string

Object key prefix identifying one or more objects to which the rule applies.

tags {[key: string]: string}

Specifies object tags key and value.

transitions BucketV2LifecycleRuleTransition[]

Specifies a period in the object's transitions. See Transition below for details.

enabled bool

Specifies lifecycle rule status.

abort_incomplete_multipart_upload_days int

Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.

expirations Sequence[BucketV2LifecycleRuleExpiration]

Specifies a period in the object's expire. See Expiration below for details.

id str

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

noncurrent_version_expirations Sequence[BucketV2LifecycleRuleNoncurrentVersionExpiration]

Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.

noncurrent_version_transitions Sequence[BucketV2LifecycleRuleNoncurrentVersionTransition]

Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.

prefix str

Object key prefix identifying one or more objects to which the rule applies.

tags Mapping[str, str]

Specifies object tags key and value.

transitions Sequence[BucketV2LifecycleRuleTransition]

Specifies a period in the object's transitions. See Transition below for details.

enabled Boolean

Specifies lifecycle rule status.

abortIncompleteMultipartUploadDays Number

Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.

expirations List<Property Map>

Specifies a period in the object's expire. See Expiration below for details.

id String

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

noncurrentVersionExpirations List<Property Map>

Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.

noncurrentVersionTransitions List<Property Map>

Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.

prefix String

Object key prefix identifying one or more objects to which the rule applies.

tags Map<String>

Specifies object tags key and value.

transitions List<Property Map>

Specifies a period in the object's transitions. See Transition below for details.

BucketV2LifecycleRuleExpiration

Date string

Specifies the date after which you want the corresponding action to take effect.

Days int

Specifies the number of days after object creation when the specific rule action takes effect.

ExpiredObjectDeleteMarker bool

On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

Date string

Specifies the date after which you want the corresponding action to take effect.

Days int

Specifies the number of days after object creation when the specific rule action takes effect.

ExpiredObjectDeleteMarker bool

On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

date String

Specifies the date after which you want the corresponding action to take effect.

days Integer

Specifies the number of days after object creation when the specific rule action takes effect.

expiredObjectDeleteMarker Boolean

On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

date string

Specifies the date after which you want the corresponding action to take effect.

days number

Specifies the number of days after object creation when the specific rule action takes effect.

expiredObjectDeleteMarker boolean

On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

date str

Specifies the date after which you want the corresponding action to take effect.

days int

Specifies the number of days after object creation when the specific rule action takes effect.

expired_object_delete_marker bool

On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

date String

Specifies the date after which you want the corresponding action to take effect.

days Number

Specifies the number of days after object creation when the specific rule action takes effect.

expiredObjectDeleteMarker Boolean

On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

BucketV2LifecycleRuleNoncurrentVersionExpiration

Days int

Specifies the number of days noncurrent object versions expire.

Days int

Specifies the number of days noncurrent object versions expire.

days Integer

Specifies the number of days noncurrent object versions expire.

days number

Specifies the number of days noncurrent object versions expire.

days int

Specifies the number of days noncurrent object versions expire.

days Number

Specifies the number of days noncurrent object versions expire.

BucketV2LifecycleRuleNoncurrentVersionTransition

StorageClass string

Specifies the Amazon S3 storage class to which you want the object to transition.

Days int

Specifies the number of days noncurrent object versions transition.

StorageClass string

Specifies the Amazon S3 storage class to which you want the object to transition.

Days int

Specifies the number of days noncurrent object versions transition.

storageClass String

Specifies the Amazon S3 storage class to which you want the object to transition.

days Integer

Specifies the number of days noncurrent object versions transition.

storageClass string

Specifies the Amazon S3 storage class to which you want the object to transition.

days number

Specifies the number of days noncurrent object versions transition.

storage_class str

Specifies the Amazon S3 storage class to which you want the object to transition.

days int

Specifies the number of days noncurrent object versions transition.

storageClass String

Specifies the Amazon S3 storage class to which you want the object to transition.

days Number

Specifies the number of days noncurrent object versions transition.

BucketV2LifecycleRuleTransition

StorageClass string

Specifies the Amazon S3 storage class to which you want the object to transition.

Date string

Specifies the date after which you want the corresponding action to take effect.

Days int

Specifies the number of days after object creation when the specific rule action takes effect.

StorageClass string

Specifies the Amazon S3 storage class to which you want the object to transition.

Date string

Specifies the date after which you want the corresponding action to take effect.

Days int

Specifies the number of days after object creation when the specific rule action takes effect.

storageClass String

Specifies the Amazon S3 storage class to which you want the object to transition.

date String

Specifies the date after which you want the corresponding action to take effect.

days Integer

Specifies the number of days after object creation when the specific rule action takes effect.

storageClass string

Specifies the Amazon S3 storage class to which you want the object to transition.

date string

Specifies the date after which you want the corresponding action to take effect.

days number

Specifies the number of days after object creation when the specific rule action takes effect.

storage_class str

Specifies the Amazon S3 storage class to which you want the object to transition.

date str

Specifies the date after which you want the corresponding action to take effect.

days int

Specifies the number of days after object creation when the specific rule action takes effect.

storageClass String

Specifies the Amazon S3 storage class to which you want the object to transition.

date String

Specifies the date after which you want the corresponding action to take effect.

days Number

Specifies the number of days after object creation when the specific rule action takes effect.

BucketV2Logging

TargetBucket string

Name of the bucket that will receive the log objects.

TargetPrefix string

To specify a key prefix for log objects.

TargetBucket string

Name of the bucket that will receive the log objects.

TargetPrefix string

To specify a key prefix for log objects.

targetBucket String

Name of the bucket that will receive the log objects.

targetPrefix String

To specify a key prefix for log objects.

targetBucket string

Name of the bucket that will receive the log objects.

targetPrefix string

To specify a key prefix for log objects.

target_bucket str

Name of the bucket that will receive the log objects.

target_prefix str

To specify a key prefix for log objects.

targetBucket String

Name of the bucket that will receive the log objects.

targetPrefix String

To specify a key prefix for log objects.

BucketV2ObjectLockConfiguration

ObjectLockEnabled string

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Deprecated:

Use the top-level parameter object_lock_enabled instead

Rules List<BucketV2ObjectLockConfigurationRule>

Object Lock rule in place for this bucket (documented below).

Deprecated:

Use the aws_s3_bucket_object_lock_configuration resource instead

ObjectLockEnabled string

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Deprecated:

Use the top-level parameter object_lock_enabled instead

Rules []BucketV2ObjectLockConfigurationRule

Object Lock rule in place for this bucket (documented below).

Deprecated:

Use the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled String

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Deprecated:

Use the top-level parameter object_lock_enabled instead

rules List<BucketV2ObjectLockConfigurationRule>

Object Lock rule in place for this bucket (documented below).

Deprecated:

Use the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled string

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Deprecated:

Use the top-level parameter object_lock_enabled instead

rules BucketV2ObjectLockConfigurationRule[]

Object Lock rule in place for this bucket (documented below).

Deprecated:

Use the aws_s3_bucket_object_lock_configuration resource instead

object_lock_enabled str

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Deprecated:

Use the top-level parameter object_lock_enabled instead

rules Sequence[BucketV2ObjectLockConfigurationRule]

Object Lock rule in place for this bucket (documented below).

Deprecated:

Use the aws_s3_bucket_object_lock_configuration resource instead

objectLockEnabled String

Indicates whether this bucket has an Object Lock configuration enabled. Valid values are true or false. This argument is not supported in all regions or partitions.

Deprecated:

Use the top-level parameter object_lock_enabled instead

rules List<Property Map>

Object Lock rule in place for this bucket (documented below).

Deprecated:

Use the aws_s3_bucket_object_lock_configuration resource instead

BucketV2ObjectLockConfigurationRule

DefaultRetentions List<BucketV2ObjectLockConfigurationRuleDefaultRetention>

Default retention period that you want to apply to new objects placed in this bucket (documented below).

DefaultRetentions []BucketV2ObjectLockConfigurationRuleDefaultRetention

Default retention period that you want to apply to new objects placed in this bucket (documented below).

defaultRetentions List<BucketV2ObjectLockConfigurationRuleDefaultRetention>

Default retention period that you want to apply to new objects placed in this bucket (documented below).

defaultRetentions BucketV2ObjectLockConfigurationRuleDefaultRetention[]

Default retention period that you want to apply to new objects placed in this bucket (documented below).

default_retentions Sequence[BucketV2ObjectLockConfigurationRuleDefaultRetention]

Default retention period that you want to apply to new objects placed in this bucket (documented below).

defaultRetentions List<Property Map>

Default retention period that you want to apply to new objects placed in this bucket (documented below).

BucketV2ObjectLockConfigurationRuleDefaultRetention

Mode string

Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are GOVERNANCE and COMPLIANCE.

Days int

Number of days that you want to specify for the default retention period.

Years int

Number of years that you want to specify for the default retention period.

Mode string

Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are GOVERNANCE and COMPLIANCE.

Days int

Number of days that you want to specify for the default retention period.

Years int

Number of years that you want to specify for the default retention period.

mode String

Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are GOVERNANCE and COMPLIANCE.

days Integer

Number of days that you want to specify for the default retention period.

years Integer

Number of years that you want to specify for the default retention period.

mode string

Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are GOVERNANCE and COMPLIANCE.

days number

Number of days that you want to specify for the default retention period.

years number

Number of years that you want to specify for the default retention period.

mode str

Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are GOVERNANCE and COMPLIANCE.

days int

Number of days that you want to specify for the default retention period.

years int

Number of years that you want to specify for the default retention period.

mode String

Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are GOVERNANCE and COMPLIANCE.

days Number

Number of days that you want to specify for the default retention period.

years Number

Number of years that you want to specify for the default retention period.

BucketV2ReplicationConfiguration

Role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

Rules List<BucketV2ReplicationConfigurationRule>

Specifies the rules managing the replication (documented below).

Role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

Rules []BucketV2ReplicationConfigurationRule

Specifies the rules managing the replication (documented below).

role String

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules List<BucketV2ReplicationConfigurationRule>

Specifies the rules managing the replication (documented below).

role string

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules BucketV2ReplicationConfigurationRule[]

Specifies the rules managing the replication (documented below).

role str

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules Sequence[BucketV2ReplicationConfigurationRule]

Specifies the rules managing the replication (documented below).

role String

ARN of the IAM role for Amazon S3 to assume when replicating the objects.

rules List<Property Map>

Specifies the rules managing the replication (documented below).

BucketV2ReplicationConfigurationRule

Destinations List<BucketV2ReplicationConfigurationRuleDestination>

Specifies the destination for the rule (documented below).

Status string

Status of the rule. Either Enabled or Disabled. The rule is ignored if status is not Enabled.

DeleteMarkerReplicationStatus string

Whether delete markers are replicated. The only valid value is Enabled. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when filter is used).

Filters List<BucketV2ReplicationConfigurationRuleFilter>

Filter that identifies subset of objects to which the replication rule applies (documented below).

Id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

Prefix string

Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Priority int

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

SourceSelectionCriterias List<BucketV2ReplicationConfigurationRuleSourceSelectionCriteria>

Specifies special object selection criteria (documented below).

Destinations []BucketV2ReplicationConfigurationRuleDestination

Specifies the destination for the rule (documented below).

Status string

Status of the rule. Either Enabled or Disabled. The rule is ignored if status is not Enabled.

DeleteMarkerReplicationStatus string

Whether delete markers are replicated. The only valid value is Enabled. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when filter is used).

Filters []BucketV2ReplicationConfigurationRuleFilter

Filter that identifies subset of objects to which the replication rule applies (documented below).

Id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

Prefix string

Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Priority int

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

SourceSelectionCriterias []BucketV2ReplicationConfigurationRuleSourceSelectionCriteria

Specifies special object selection criteria (documented below).

destinations List<BucketV2ReplicationConfigurationRuleDestination>

Specifies the destination for the rule (documented below).

status String

Status of the rule. Either Enabled or Disabled. The rule is ignored if status is not Enabled.

deleteMarkerReplicationStatus String

Whether delete markers are replicated. The only valid value is Enabled. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when filter is used).

filters List<BucketV2ReplicationConfigurationRuleFilter>

Filter that identifies subset of objects to which the replication rule applies (documented below).

id String

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix String

Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.

priority Integer

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

sourceSelectionCriterias List<BucketV2ReplicationConfigurationRuleSourceSelectionCriteria>

Specifies special object selection criteria (documented below).

destinations BucketV2ReplicationConfigurationRuleDestination[]

Specifies the destination for the rule (documented below).

status string

Status of the rule. Either Enabled or Disabled. The rule is ignored if status is not Enabled.

deleteMarkerReplicationStatus string

Whether delete markers are replicated. The only valid value is Enabled. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when filter is used).

filters BucketV2ReplicationConfigurationRuleFilter[]

Filter that identifies subset of objects to which the replication rule applies (documented below).

id string

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix string

Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.

priority number

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

sourceSelectionCriterias BucketV2ReplicationConfigurationRuleSourceSelectionCriteria[]

Specifies special object selection criteria (documented below).

destinations Sequence[BucketV2ReplicationConfigurationRuleDestination]

Specifies the destination for the rule (documented below).

status str

Status of the rule. Either Enabled or Disabled. The rule is ignored if status is not Enabled.

delete_marker_replication_status str

Whether delete markers are replicated. The only valid value is Enabled. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when filter is used).

filters Sequence[BucketV2ReplicationConfigurationRuleFilter]

Filter that identifies subset of objects to which the replication rule applies (documented below).

id str

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix str

Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.

priority int

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

source_selection_criterias Sequence[BucketV2ReplicationConfigurationRuleSourceSelectionCriteria]

Specifies special object selection criteria (documented below).

destinations List<Property Map>

Specifies the destination for the rule (documented below).

status String

Status of the rule. Either Enabled or Disabled. The rule is ignored if status is not Enabled.

deleteMarkerReplicationStatus String

Whether delete markers are replicated. The only valid value is Enabled. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when filter is used).

filters List<Property Map>

Filter that identifies subset of objects to which the replication rule applies (documented below).

id String

Unique identifier for the rule. Must be less than or equal to 255 characters in length.

prefix String

Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.

priority Number

Priority associated with the rule. Priority should only be set if filter is configured. If not provided, defaults to 0. Priority must be unique between multiple rules.

sourceSelectionCriterias List<Property Map>

Specifies special object selection criteria (documented below).

BucketV2ReplicationConfigurationRuleDestination

Bucket string

ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.

AccessControlTranslations List<BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation>

Specifies the overrides to use for object owners on replication. Must be used in conjunction with account_id owner override configuration.

AccountId string

Account ID to use for overriding the object owner on replication. Must be used in conjunction with access_control_translation override configuration.

Metrics List<BucketV2ReplicationConfigurationRuleDestinationMetric>

Enables replication metrics (required for S3 RTC) (documented below).

ReplicaKmsKeyId string

Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with sse_kms_encrypted_objects source selection criteria.

ReplicationTimes List<BucketV2ReplicationConfigurationRuleDestinationReplicationTime>

Enables S3 Replication Time Control (S3 RTC) (documented below).

StorageClass string

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

Bucket string

ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.

AccessControlTranslations []BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation

Specifies the overrides to use for object owners on replication. Must be used in conjunction with account_id owner override configuration.

AccountId string

Account ID to use for overriding the object owner on replication. Must be used in conjunction with access_control_translation override configuration.

Metrics []BucketV2ReplicationConfigurationRuleDestinationMetric

Enables replication metrics (required for S3 RTC) (documented below).

ReplicaKmsKeyId string

Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with sse_kms_encrypted_objects source selection criteria.

ReplicationTimes []BucketV2ReplicationConfigurationRuleDestinationReplicationTime

Enables S3 Replication Time Control (S3 RTC) (documented below).

StorageClass string

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket String

ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.

accessControlTranslations List<BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation>

Specifies the overrides to use for object owners on replication. Must be used in conjunction with account_id owner override configuration.

accountId String

Account ID to use for overriding the object owner on replication. Must be used in conjunction with access_control_translation override configuration.

metrics List<BucketV2ReplicationConfigurationRuleDestinationMetric>

Enables replication metrics (required for S3 RTC) (documented below).

replicaKmsKeyId String

Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with sse_kms_encrypted_objects source selection criteria.

replicationTimes List<BucketV2ReplicationConfigurationRuleDestinationReplicationTime>

Enables S3 Replication Time Control (S3 RTC) (documented below).

storageClass String

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket string

ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.

accessControlTranslations BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation[]

Specifies the overrides to use for object owners on replication. Must be used in conjunction with account_id owner override configuration.

accountId string

Account ID to use for overriding the object owner on replication. Must be used in conjunction with access_control_translation override configuration.

metrics BucketV2ReplicationConfigurationRuleDestinationMetric[]

Enables replication metrics (required for S3 RTC) (documented below).

replicaKmsKeyId string

Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with sse_kms_encrypted_objects source selection criteria.

replicationTimes BucketV2ReplicationConfigurationRuleDestinationReplicationTime[]

Enables S3 Replication Time Control (S3 RTC) (documented below).

storageClass string

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket str

ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.

access_control_translations Sequence[BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation]

Specifies the overrides to use for object owners on replication. Must be used in conjunction with account_id owner override configuration.

account_id str

Account ID to use for overriding the object owner on replication. Must be used in conjunction with access_control_translation override configuration.

metrics Sequence[BucketV2ReplicationConfigurationRuleDestinationMetric]

Enables replication metrics (required for S3 RTC) (documented below).

replica_kms_key_id str

Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with sse_kms_encrypted_objects source selection criteria.

replication_times Sequence[BucketV2ReplicationConfigurationRuleDestinationReplicationTime]

Enables S3 Replication Time Control (S3 RTC) (documented below).

storage_class str

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

bucket String

ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.

accessControlTranslations List<Property Map>

Specifies the overrides to use for object owners on replication. Must be used in conjunction with account_id owner override configuration.

accountId String

Account ID to use for overriding the object owner on replication. Must be used in conjunction with access_control_translation override configuration.

metrics List<Property Map>

Enables replication metrics (required for S3 RTC) (documented below).

replicaKmsKeyId String

Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with sse_kms_encrypted_objects source selection criteria.

replicationTimes List<Property Map>

Enables S3 Replication Time Control (S3 RTC) (documented below).

storageClass String

The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.

BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation

Owner string
Owner string
owner String
owner string
owner str
owner String

BucketV2ReplicationConfigurationRuleDestinationMetric

Minutes int

Threshold within which objects are to be replicated. The only valid value is 15.

Status string

Status of replication metrics. Either Enabled or Disabled.

Minutes int

Threshold within which objects are to be replicated. The only valid value is 15.

Status string

Status of replication metrics. Either Enabled or Disabled.

minutes Integer

Threshold within which objects are to be replicated. The only valid value is 15.

status String

Status of replication metrics. Either Enabled or Disabled.

minutes number

Threshold within which objects are to be replicated. The only valid value is 15.

status string

Status of replication metrics. Either Enabled or Disabled.

minutes int

Threshold within which objects are to be replicated. The only valid value is 15.

status str

Status of replication metrics. Either Enabled or Disabled.

minutes Number

Threshold within which objects are to be replicated. The only valid value is 15.

status String

Status of replication metrics. Either Enabled or Disabled.

BucketV2ReplicationConfigurationRuleDestinationReplicationTime

Minutes int

Threshold within which objects are to be replicated. The only valid value is 15.

Status string

Status of RTC. Either Enabled or Disabled.

Minutes int

Threshold within which objects are to be replicated. The only valid value is 15.

Status string

Status of RTC. Either Enabled or Disabled.

minutes Integer

Threshold within which objects are to be replicated. The only valid value is 15.

status String

Status of RTC. Either Enabled or Disabled.

minutes number

Threshold within which objects are to be replicated. The only valid value is 15.

status string

Status of RTC. Either Enabled or Disabled.

minutes int

Threshold within which objects are to be replicated. The only valid value is 15.

status str

Status of RTC. Either Enabled or Disabled.

minutes Number

Threshold within which objects are to be replicated. The only valid value is 15.

status String

Status of RTC. Either Enabled or Disabled.

BucketV2ReplicationConfigurationRuleFilter

Prefix string

Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Tags Dictionary<string, string>

A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

Prefix string

Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

Tags map[string]string

A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix String

Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags Map<String,String>

A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix string

Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags {[key: string]: string}

A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix str

Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags Mapping[str, str]

A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

prefix String

Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.

tags Map<String>

A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.

BucketV2ReplicationConfigurationRuleSourceSelectionCriteria

SseKmsEncryptedObjects List<BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject>

Match SSE-KMS encrypted objects (documented below). If specified, replica_kms_key_id in destination must be specified as well.

SseKmsEncryptedObjects []BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject

Match SSE-KMS encrypted objects (documented below). If specified, replica_kms_key_id in destination must be specified as well.

sseKmsEncryptedObjects List<BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject>

Match SSE-KMS encrypted objects (documented below). If specified, replica_kms_key_id in destination must be specified as well.

sseKmsEncryptedObjects BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject[]

Match SSE-KMS encrypted objects (documented below). If specified, replica_kms_key_id in destination must be specified as well.

sse_kms_encrypted_objects Sequence[BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject]

Match SSE-KMS encrypted objects (documented below). If specified, replica_kms_key_id in destination must be specified as well.

sseKmsEncryptedObjects List<Property Map>

Match SSE-KMS encrypted objects (documented below). If specified, replica_kms_key_id in destination must be specified as well.

BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject

Enabled bool

Boolean which indicates if this criteria is enabled.

Enabled bool

Boolean which indicates if this criteria is enabled.

enabled Boolean

Boolean which indicates if this criteria is enabled.

enabled boolean

Boolean which indicates if this criteria is enabled.

enabled bool

Boolean which indicates if this criteria is enabled.

enabled Boolean

Boolean which indicates if this criteria is enabled.

BucketV2ServerSideEncryptionConfiguration

Rules List<BucketV2ServerSideEncryptionConfigurationRule>

Single object for server-side encryption by default configuration. (documented below)

Rules []BucketV2ServerSideEncryptionConfigurationRule

Single object for server-side encryption by default configuration. (documented below)

rules List<BucketV2ServerSideEncryptionConfigurationRule>

Single object for server-side encryption by default configuration. (documented below)

rules BucketV2ServerSideEncryptionConfigurationRule[]

Single object for server-side encryption by default configuration. (documented below)

rules Sequence[BucketV2ServerSideEncryptionConfigurationRule]

Single object for server-side encryption by default configuration. (documented below)

rules List<Property Map>

Single object for server-side encryption by default configuration. (documented below)

BucketV2ServerSideEncryptionConfigurationRule

ApplyServerSideEncryptionByDefaults List<BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault>

Single object for setting server-side encryption by default. (documented below)

BucketKeyEnabled bool

Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.

ApplyServerSideEncryptionByDefaults []BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault

Single object for setting server-side encryption by default. (documented below)

BucketKeyEnabled bool

Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.

applyServerSideEncryptionByDefaults List<BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault>

Single object for setting server-side encryption by default. (documented below)

bucketKeyEnabled Boolean

Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.

applyServerSideEncryptionByDefaults BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault[]

Single object for setting server-side encryption by default. (documented below)

bucketKeyEnabled boolean

Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.

apply_server_side_encryption_by_defaults Sequence[BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault]

Single object for setting server-side encryption by default. (documented below)

bucket_key_enabled bool

Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.

applyServerSideEncryptionByDefaults List<Property Map>

Single object for setting server-side encryption by default. (documented below)

bucketKeyEnabled Boolean

Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.

BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault

SseAlgorithm string

Server-side encryption algorithm to use. Valid values are AES256 and aws:kms

KmsMasterKeyId string

AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms.

SseAlgorithm string

Server-side encryption algorithm to use. Valid values are AES256 and aws:kms

KmsMasterKeyId string

AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms.

sseAlgorithm String

Server-side encryption algorithm to use. Valid values are AES256 and aws:kms

kmsMasterKeyId String

AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms.

sseAlgorithm string

Server-side encryption algorithm to use. Valid values are AES256 and aws:kms

kmsMasterKeyId string

AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms.

sse_algorithm str

Server-side encryption algorithm to use. Valid values are AES256 and aws:kms

kms_master_key_id str

AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms.

sseAlgorithm String

Server-side encryption algorithm to use. Valid values are AES256 and aws:kms

kmsMasterKeyId String

AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms.

BucketV2Versioning

Enabled bool

Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.

MfaDelete bool

Enable MFA delete for either Change the versioning state of your bucket or Permanently delete an object version. Default is false. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS

Enabled bool

Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.

MfaDelete bool

Enable MFA delete for either Change the versioning state of your bucket or Permanently delete an object version. Default is false. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS

enabled Boolean

Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.

mfaDelete Boolean

Enable MFA delete for either Change the versioning state of your bucket or Permanently delete an object version. Default is false. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS

enabled boolean

Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.

mfaDelete boolean

Enable MFA delete for either Change the versioning state of your bucket or Permanently delete an object version. Default is false. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS

enabled bool

Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.

mfa_delete bool

Enable MFA delete for either Change the versioning state of your bucket or Permanently delete an object version. Default is false. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS

enabled Boolean

Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.

mfaDelete Boolean

Enable MFA delete for either Change the versioning state of your bucket or Permanently delete an object version. Default is false. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS

BucketV2Website

ErrorDocument string

Absolute path to the document to return in case of a 4XX error.

IndexDocument string

Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.

RedirectAllRequestsTo string

Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http:// or https://) to use when redirecting requests. The default is the protocol that is used in the original request.

RoutingRules string

JSON array containing routing rules describing redirect behavior and when redirects are applied.

ErrorDocument string

Absolute path to the document to return in case of a 4XX error.

IndexDocument string

Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.

RedirectAllRequestsTo string

Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http:// or https://) to use when redirecting requests. The default is the protocol that is used in the original request.

RoutingRules string

JSON array containing routing rules describing redirect behavior and when redirects are applied.

errorDocument String

Absolute path to the document to return in case of a 4XX error.

indexDocument String

Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.

redirectAllRequestsTo String

Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http:// or https://) to use when redirecting requests. The default is the protocol that is used in the original request.

routingRules String

JSON array containing routing rules describing redirect behavior and when redirects are applied.

errorDocument string

Absolute path to the document to return in case of a 4XX error.

indexDocument string

Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.

redirectAllRequestsTo string

Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http:// or https://) to use when redirecting requests. The default is the protocol that is used in the original request.

routingRules string

JSON array containing routing rules describing redirect behavior and when redirects are applied.

error_document str

Absolute path to the document to return in case of a 4XX error.

index_document str

Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.

redirect_all_requests_to str

Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http:// or https://) to use when redirecting requests. The default is the protocol that is used in the original request.

routing_rules str

JSON array containing routing rules describing redirect behavior and when redirects are applied.

errorDocument String

Absolute path to the document to return in case of a 4XX error.

indexDocument String

Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.

redirectAllRequestsTo String

Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http:// or https://) to use when redirecting requests. The default is the protocol that is used in the original request.

routingRules String

JSON array containing routing rules describing redirect behavior and when redirects are applied.

Import

S3 bucket can be imported using the bucket, e.g.,

 $ pulumi import aws:s3/bucketV2:BucketV2 bucket bucket-name

Package Details

Repository
AWS Classic pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.