aws.s3.BucketV2
Provides a S3 bucket resource.
This functionality is for managing S3 in an AWS Partition. To manage S3 on Outposts, see the
aws.s3control.Bucket
resource.
NOTE on S3 Bucket Accelerate Configuration: S3 Bucket Accelerate can be configured in either the standalone resource
aws.s3.BucketAccelerateConfigurationV2
or with the deprecated parameteracceleration_status
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket canned ACL Configuration: S3 Bucket canned ACL can be configured in either the standalone resource
aws.s3.BucketAclV2
or with the deprecated parameteracl
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket ACL Grants Configuration: S3 Bucket grants can be configured in either the standalone resource
aws.s3.BucketAclV2
or with the deprecated parametergrant
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket CORS Configuration: S3 Bucket CORS can be configured in either the standalone resource
aws.s3.BucketCorsConfigurationV2
or with the deprecated parametercors_rule
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Lifecycle Configuration: S3 Bucket Lifecycle can be configured in either the standalone resource
aws.s3.BucketLifecycleConfigurationV2
or with the deprecated parameterlifecycle_rule
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Logging Configuration: S3 Bucket logging can be configured in either the standalone resource
aws.s3.BucketLoggingV2
or with the deprecated parameterlogging
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Object Lock Configuration: S3 Bucket Object Lock can be configured in either the standalone resource
aws.s3.BucketObjectLockConfigurationV2
or with the deprecated parameterobject_lock_configuration
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Policy Configuration: S3 Bucket Policy can be configured in either the standalone resource
aws.s3.BucketPolicy
or with the deprecated parameterpolicy
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Replication Configuration: S3 Bucket Replication can be configured in either the standalone resource
aws.s3.BucketReplicationConfig
or with the deprecated parameterreplication_configuration
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Request Payment Configuration: S3 Bucket Request Payment can be configured in either the standalone resource
aws.s3.BucketRequestPaymentConfigurationV2
or with the deprecated parameterrequest_payer
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Server Side Encryption Configuration: S3 Bucket Server Side Encryption can be configured in either the standalone resource
aws.s3.BucketServerSideEncryptionConfigurationV2
or with the deprecated parameterserver_side_encryption_configuration
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Versioning Configuration: S3 Bucket versioning can be configured in either the standalone resource
aws.s3.BucketVersioningV2
or with the deprecated parameterversioning
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
NOTE on S3 Bucket Website Configuration: S3 Bucket Website can be configured in either the standalone resource
aws.s3.BucketWebsiteConfigurationV2
or with the deprecated parameterwebsite
in the resourceaws.s3.BucketV2
. Configuring with both will cause inconsistencies and may overwrite configuration.
Example Usage
Private Bucket w/ Tags
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
{
Tags =
{
{ "Name", "My bucket" },
{ "Environment", "Dev" },
},
});
var example = new Aws.S3.BucketAclV2("example", new()
{
Bucket = bucketV2.Id,
Acl = "private",
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
bucketV2, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
Tags: pulumi.StringMap{
"Name": pulumi.String("My bucket"),
"Environment": pulumi.String("Dev"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "example", &s3.BucketAclV2Args{
Bucket: bucketV2.ID(),
Acl: pulumi.String("private"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
.tags(Map.ofEntries(
Map.entry("Name", "My bucket"),
Map.entry("Environment", "Dev")
))
.build());
var example = new BucketAclV2("example", BucketAclV2Args.builder()
.bucket(bucketV2.id())
.acl("private")
.build());
}
}
import pulumi
import pulumi_aws as aws
bucket_v2 = aws.s3.BucketV2("bucketV2", tags={
"Name": "My bucket",
"Environment": "Dev",
})
example = aws.s3.BucketAclV2("example",
bucket=bucket_v2.id,
acl="private")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const bucketV2 = new aws.s3.BucketV2("bucketV2", {tags: {
Name: "My bucket",
Environment: "Dev",
}});
const example = new aws.s3.BucketAclV2("example", {
bucket: bucketV2.id,
acl: "private",
});
resources:
bucketV2:
type: aws:s3:BucketV2
properties:
tags:
Name: My bucket
Environment: Dev
example:
type: aws:s3:BucketAclV2
properties:
bucket: ${bucketV2.id}
acl: private
Static Website Hosting
using System.Collections.Generic;
using System.IO;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
{
Acl = "public-read",
Policy = File.ReadAllText("policy.json"),
Websites = new[]
{
new Aws.S3.Inputs.BucketV2WebsiteArgs
{
IndexDocument = "index.html",
ErrorDocument = "error.html",
RoutingRules = @"[{
""Condition"": {
""KeyPrefixEquals"": ""docs/""
},
""Redirect"": {
""ReplaceKeyPrefixWith"": ""documents/""
}
}]
",
},
},
});
});
package main
import (
"os"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := os.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
Acl: pulumi.String("public-read"),
Policy: readFileOrPanic("policy.json"),
Websites: s3.BucketV2WebsiteArray{
&s3.BucketV2WebsiteArgs{
IndexDocument: pulumi.String("index.html"),
ErrorDocument: pulumi.String("error.html"),
RoutingRules: pulumi.String("[{\n \"Condition\": {\n \"KeyPrefixEquals\": \"docs/\"\n },\n \"Redirect\": {\n \"ReplaceKeyPrefixWith\": \"documents/\"\n }\n}]\n"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2WebsiteArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
.acl("public-read")
.policy(Files.readString(Paths.get("policy.json")))
.websites(BucketV2WebsiteArgs.builder()
.indexDocument("index.html")
.errorDocument("error.html")
.routingRules("""
[{
"Condition": {
"KeyPrefixEquals": "docs/"
},
"Redirect": {
"ReplaceKeyPrefixWith": "documents/"
}
}]
""")
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
bucket_v2 = aws.s3.BucketV2("bucketV2",
acl="public-read",
policy=(lambda path: open(path).read())("policy.json"),
websites=[aws.s3.BucketV2WebsiteArgs(
index_document="index.html",
error_document="error.html",
routing_rules="""[{
"Condition": {
"KeyPrefixEquals": "docs/"
},
"Redirect": {
"ReplaceKeyPrefixWith": "documents/"
}
}]
""",
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as fs from "fs";
const bucketV2 = new aws.s3.BucketV2("bucketV2", {
acl: "public-read",
policy: fs.readFileSync("policy.json"),
websites: [{
indexDocument: "index.html",
errorDocument: "error.html",
routingRules: `[{
"Condition": {
"KeyPrefixEquals": "docs/"
},
"Redirect": {
"ReplaceKeyPrefixWith": "documents/"
}
}]
`,
}],
});
resources:
bucketV2:
type: aws:s3:BucketV2
properties:
acl: public-read
policy:
fn::readFile: policy.json
websites:
- indexDocument: index.html
errorDocument: error.html
routingRules: |
[{
"Condition": {
"KeyPrefixEquals": "docs/"
},
"Redirect": {
"ReplaceKeyPrefixWith": "documents/"
}
}]
Using CORS
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
{
Acl = "public-read",
CorsRules = new[]
{
new Aws.S3.Inputs.BucketV2CorsRuleArgs
{
AllowedHeaders = new[]
{
"*",
},
AllowedMethods = new[]
{
"PUT",
"POST",
},
AllowedOrigins = new[]
{
"https://s3-website-test.domain.example",
},
ExposeHeaders = new[]
{
"ETag",
},
MaxAgeSeconds = 3000,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
Acl: pulumi.String("public-read"),
CorsRules: s3.BucketV2CorsRuleArray{
&s3.BucketV2CorsRuleArgs{
AllowedHeaders: pulumi.StringArray{
pulumi.String("*"),
},
AllowedMethods: pulumi.StringArray{
pulumi.String("PUT"),
pulumi.String("POST"),
},
AllowedOrigins: pulumi.StringArray{
pulumi.String("https://s3-website-test.domain.example"),
},
ExposeHeaders: pulumi.StringArray{
pulumi.String("ETag"),
},
MaxAgeSeconds: pulumi.Int(3000),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2CorsRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
.acl("public-read")
.corsRules(BucketV2CorsRuleArgs.builder()
.allowedHeaders("*")
.allowedMethods(
"PUT",
"POST")
.allowedOrigins("https://s3-website-test.domain.example")
.exposeHeaders("ETag")
.maxAgeSeconds(3000)
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
bucket_v2 = aws.s3.BucketV2("bucketV2",
acl="public-read",
cors_rules=[aws.s3.BucketV2CorsRuleArgs(
allowed_headers=["*"],
allowed_methods=[
"PUT",
"POST",
],
allowed_origins=["https://s3-website-test.domain.example"],
expose_headers=["ETag"],
max_age_seconds=3000,
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const bucketV2 = new aws.s3.BucketV2("bucketV2", {
acl: "public-read",
corsRules: [{
allowedHeaders: ["*"],
allowedMethods: [
"PUT",
"POST",
],
allowedOrigins: ["https://s3-website-test.domain.example"],
exposeHeaders: ["ETag"],
maxAgeSeconds: 3000,
}],
});
resources:
bucketV2:
type: aws:s3:BucketV2
properties:
acl: public-read
corsRules:
- allowedHeaders:
- '*'
allowedMethods:
- PUT
- POST
allowedOrigins:
- https://s3-website-test.domain.example
exposeHeaders:
- ETag
maxAgeSeconds: 3000
Using versioning
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
{
Acl = "private",
Versionings = new[]
{
new Aws.S3.Inputs.BucketV2VersioningArgs
{
Enabled = true,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
Acl: pulumi.String("private"),
Versionings: s3.BucketV2VersioningArray{
&s3.BucketV2VersioningArgs{
Enabled: pulumi.Bool(true),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2VersioningArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
.acl("private")
.versionings(BucketV2VersioningArgs.builder()
.enabled(true)
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
bucket_v2 = aws.s3.BucketV2("bucketV2",
acl="private",
versionings=[aws.s3.BucketV2VersioningArgs(
enabled=True,
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const bucketV2 = new aws.s3.BucketV2("bucketV2", {
acl: "private",
versionings: [{
enabled: true,
}],
});
resources:
bucketV2:
type: aws:s3:BucketV2
properties:
acl: private
versionings:
- enabled: true
Enable Logging
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var logBucket = new Aws.S3.BucketV2("logBucket", new()
{
Acl = "log-delivery-write",
});
var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
{
Acl = "private",
Loggings = new[]
{
new Aws.S3.Inputs.BucketV2LoggingArgs
{
TargetBucket = logBucket.Id,
TargetPrefix = "log/",
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
logBucket, err := s3.NewBucketV2(ctx, "logBucket", &s3.BucketV2Args{
Acl: pulumi.String("log-delivery-write"),
})
if err != nil {
return err
}
_, err = s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
Acl: pulumi.String("private"),
Loggings: s3.BucketV2LoggingArray{
&s3.BucketV2LoggingArgs{
TargetBucket: logBucket.ID(),
TargetPrefix: pulumi.String("log/"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2LoggingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var logBucket = new BucketV2("logBucket", BucketV2Args.builder()
.acl("log-delivery-write")
.build());
var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
.acl("private")
.loggings(BucketV2LoggingArgs.builder()
.targetBucket(logBucket.id())
.targetPrefix("log/")
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
log_bucket = aws.s3.BucketV2("logBucket", acl="log-delivery-write")
bucket_v2 = aws.s3.BucketV2("bucketV2",
acl="private",
loggings=[aws.s3.BucketV2LoggingArgs(
target_bucket=log_bucket.id,
target_prefix="log/",
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const logBucket = new aws.s3.BucketV2("logBucket", {acl: "log-delivery-write"});
const bucketV2 = new aws.s3.BucketV2("bucketV2", {
acl: "private",
loggings: [{
targetBucket: logBucket.id,
targetPrefix: "log/",
}],
});
resources:
logBucket:
type: aws:s3:BucketV2
properties:
acl: log-delivery-write
bucketV2:
type: aws:s3:BucketV2
properties:
acl: private
loggings:
- targetBucket: ${logBucket.id}
targetPrefix: log/
Using object lifecycle
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var bucket = new Aws.S3.BucketV2("bucket", new()
{
Acl = "private",
LifecycleRules = new[]
{
new Aws.S3.Inputs.BucketV2LifecycleRuleArgs
{
Enabled = true,
Expirations = new[]
{
new Aws.S3.Inputs.BucketV2LifecycleRuleExpirationArgs
{
Days = 90,
},
},
Id = "log",
Prefix = "log/",
Tags =
{
{ "autoclean", "true" },
{ "rule", "log" },
},
Transitions = new[]
{
new Aws.S3.Inputs.BucketV2LifecycleRuleTransitionArgs
{
Days = 30,
StorageClass = "STANDARD_IA",
},
new Aws.S3.Inputs.BucketV2LifecycleRuleTransitionArgs
{
Days = 60,
StorageClass = "GLACIER",
},
},
},
new Aws.S3.Inputs.BucketV2LifecycleRuleArgs
{
Enabled = true,
Expirations = new[]
{
new Aws.S3.Inputs.BucketV2LifecycleRuleExpirationArgs
{
Date = "2016-01-12",
},
},
Id = "tmp",
Prefix = "tmp/",
},
},
});
var versioningBucket = new Aws.S3.BucketV2("versioningBucket", new()
{
Acl = "private",
LifecycleRules = new[]
{
new Aws.S3.Inputs.BucketV2LifecycleRuleArgs
{
Enabled = true,
NoncurrentVersionExpirations = new[]
{
new Aws.S3.Inputs.BucketV2LifecycleRuleNoncurrentVersionExpirationArgs
{
Days = 90,
},
},
NoncurrentVersionTransitions = new[]
{
new Aws.S3.Inputs.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs
{
Days = 30,
StorageClass = "STANDARD_IA",
},
new Aws.S3.Inputs.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs
{
Days = 60,
StorageClass = "GLACIER",
},
},
Prefix = "config/",
},
},
Versionings = new[]
{
new Aws.S3.Inputs.BucketV2VersioningArgs
{
Enabled = true,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := s3.NewBucketV2(ctx, "bucket", &s3.BucketV2Args{
Acl: pulumi.String("private"),
LifecycleRules: s3.BucketV2LifecycleRuleArray{
&s3.BucketV2LifecycleRuleArgs{
Enabled: pulumi.Bool(true),
Expirations: s3.BucketV2LifecycleRuleExpirationArray{
&s3.BucketV2LifecycleRuleExpirationArgs{
Days: pulumi.Int(90),
},
},
Id: pulumi.String("log"),
Prefix: pulumi.String("log/"),
Tags: pulumi.StringMap{
"autoclean": pulumi.String("true"),
"rule": pulumi.String("log"),
},
Transitions: s3.BucketV2LifecycleRuleTransitionArray{
&s3.BucketV2LifecycleRuleTransitionArgs{
Days: pulumi.Int(30),
StorageClass: pulumi.String("STANDARD_IA"),
},
&s3.BucketV2LifecycleRuleTransitionArgs{
Days: pulumi.Int(60),
StorageClass: pulumi.String("GLACIER"),
},
},
},
&s3.BucketV2LifecycleRuleArgs{
Enabled: pulumi.Bool(true),
Expirations: s3.BucketV2LifecycleRuleExpirationArray{
&s3.BucketV2LifecycleRuleExpirationArgs{
Date: pulumi.String("2016-01-12"),
},
},
Id: pulumi.String("tmp"),
Prefix: pulumi.String("tmp/"),
},
},
})
if err != nil {
return err
}
_, err = s3.NewBucketV2(ctx, "versioningBucket", &s3.BucketV2Args{
Acl: pulumi.String("private"),
LifecycleRules: s3.BucketV2LifecycleRuleArray{
&s3.BucketV2LifecycleRuleArgs{
Enabled: pulumi.Bool(true),
NoncurrentVersionExpirations: s3.BucketV2LifecycleRuleNoncurrentVersionExpirationArray{
&s3.BucketV2LifecycleRuleNoncurrentVersionExpirationArgs{
Days: pulumi.Int(90),
},
},
NoncurrentVersionTransitions: s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArray{
&s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs{
Days: pulumi.Int(30),
StorageClass: pulumi.String("STANDARD_IA"),
},
&s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs{
Days: pulumi.Int(60),
StorageClass: pulumi.String("GLACIER"),
},
},
Prefix: pulumi.String("config/"),
},
},
Versionings: s3.BucketV2VersioningArray{
&s3.BucketV2VersioningArgs{
Enabled: pulumi.Bool(true),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2LifecycleRuleArgs;
import com.pulumi.aws.s3.inputs.BucketV2VersioningArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucket = new BucketV2("bucket", BucketV2Args.builder()
.acl("private")
.lifecycleRules(
BucketV2LifecycleRuleArgs.builder()
.enabled(true)
.expirations(BucketV2LifecycleRuleExpirationArgs.builder()
.days(90)
.build())
.id("log")
.prefix("log/")
.tags(Map.ofEntries(
Map.entry("autoclean", "true"),
Map.entry("rule", "log")
))
.transitions(
BucketV2LifecycleRuleTransitionArgs.builder()
.days(30)
.storageClass("STANDARD_IA")
.build(),
BucketV2LifecycleRuleTransitionArgs.builder()
.days(60)
.storageClass("GLACIER")
.build())
.build(),
BucketV2LifecycleRuleArgs.builder()
.enabled(true)
.expirations(BucketV2LifecycleRuleExpirationArgs.builder()
.date("2016-01-12")
.build())
.id("tmp")
.prefix("tmp/")
.build())
.build());
var versioningBucket = new BucketV2("versioningBucket", BucketV2Args.builder()
.acl("private")
.lifecycleRules(BucketV2LifecycleRuleArgs.builder()
.enabled(true)
.noncurrentVersionExpirations(BucketV2LifecycleRuleNoncurrentVersionExpirationArgs.builder()
.days(90)
.build())
.noncurrentVersionTransitions(
BucketV2LifecycleRuleNoncurrentVersionTransitionArgs.builder()
.days(30)
.storageClass("STANDARD_IA")
.build(),
BucketV2LifecycleRuleNoncurrentVersionTransitionArgs.builder()
.days(60)
.storageClass("GLACIER")
.build())
.prefix("config/")
.build())
.versionings(BucketV2VersioningArgs.builder()
.enabled(true)
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
bucket = aws.s3.BucketV2("bucket",
acl="private",
lifecycle_rules=[
aws.s3.BucketV2LifecycleRuleArgs(
enabled=True,
expirations=[aws.s3.BucketV2LifecycleRuleExpirationArgs(
days=90,
)],
id="log",
prefix="log/",
tags={
"autoclean": "true",
"rule": "log",
},
transitions=[
aws.s3.BucketV2LifecycleRuleTransitionArgs(
days=30,
storage_class="STANDARD_IA",
),
aws.s3.BucketV2LifecycleRuleTransitionArgs(
days=60,
storage_class="GLACIER",
),
],
),
aws.s3.BucketV2LifecycleRuleArgs(
enabled=True,
expirations=[aws.s3.BucketV2LifecycleRuleExpirationArgs(
date="2016-01-12",
)],
id="tmp",
prefix="tmp/",
),
])
versioning_bucket = aws.s3.BucketV2("versioningBucket",
acl="private",
lifecycle_rules=[aws.s3.BucketV2LifecycleRuleArgs(
enabled=True,
noncurrent_version_expirations=[aws.s3.BucketV2LifecycleRuleNoncurrentVersionExpirationArgs(
days=90,
)],
noncurrent_version_transitions=[
aws.s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs(
days=30,
storage_class="STANDARD_IA",
),
aws.s3.BucketV2LifecycleRuleNoncurrentVersionTransitionArgs(
days=60,
storage_class="GLACIER",
),
],
prefix="config/",
)],
versionings=[aws.s3.BucketV2VersioningArgs(
enabled=True,
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const bucket = new aws.s3.BucketV2("bucket", {
acl: "private",
lifecycleRules: [
{
enabled: true,
expirations: [{
days: 90,
}],
id: "log",
prefix: "log/",
tags: {
autoclean: "true",
rule: "log",
},
transitions: [
{
days: 30,
storageClass: "STANDARD_IA",
},
{
days: 60,
storageClass: "GLACIER",
},
],
},
{
enabled: true,
expirations: [{
date: "2016-01-12",
}],
id: "tmp",
prefix: "tmp/",
},
],
});
const versioningBucket = new aws.s3.BucketV2("versioningBucket", {
acl: "private",
lifecycleRules: [{
enabled: true,
noncurrentVersionExpirations: [{
days: 90,
}],
noncurrentVersionTransitions: [
{
days: 30,
storageClass: "STANDARD_IA",
},
{
days: 60,
storageClass: "GLACIER",
},
],
prefix: "config/",
}],
versionings: [{
enabled: true,
}],
});
resources:
bucket:
type: aws:s3:BucketV2
properties:
acl: private
lifecycleRules:
- enabled: true
expirations:
- days: 90
id: log
prefix: log/
tags:
autoclean: 'true'
rule: log
transitions:
- days: 30
storageClass: STANDARD_IA
- days: 60
storageClass: GLACIER
- enabled: true
expirations:
- date: 2016-01-12
id: tmp
prefix: tmp/
versioningBucket:
type: aws:s3:BucketV2
properties:
acl: private
lifecycleRules:
- enabled: true
noncurrentVersionExpirations:
- days: 90
noncurrentVersionTransitions:
- days: 30
storageClass: STANDARD_IA
- days: 60
storageClass: GLACIER
prefix: config/
versionings:
- enabled: true
Using object lock configuration
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var central = new Aws.Provider("central", new()
{
Region = "eu-central-1",
});
var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Principals = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
{
Type = "Service",
Identifiers = new[]
{
"s3.amazonaws.com",
},
},
},
Actions = new[]
{
"sts:AssumeRole",
},
},
},
});
var replicationRole = new Aws.Iam.Role("replicationRole", new()
{
AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var destination = new Aws.S3.BucketV2("destination", new()
{
Versionings = new[]
{
new Aws.S3.Inputs.BucketV2VersioningArgs
{
Enabled = true,
},
},
});
var source = new Aws.S3.BucketV2("source", new()
{
Acl = "private",
Versionings = new[]
{
new Aws.S3.Inputs.BucketV2VersioningArgs
{
Enabled = true,
},
},
ReplicationConfigurations = new[]
{
new Aws.S3.Inputs.BucketV2ReplicationConfigurationArgs
{
Role = replicationRole.Arn,
Rules = new[]
{
new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleArgs
{
Id = "foobar",
Status = "Enabled",
Filters = new[]
{
new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleFilterArgs
{
Tags = null,
},
},
Destinations = new[]
{
new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleDestinationArgs
{
Bucket = destination.Arn,
StorageClass = "STANDARD",
ReplicationTimes = new[]
{
new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs
{
Status = "Enabled",
Minutes = 15,
},
},
Metrics = new[]
{
new Aws.S3.Inputs.BucketV2ReplicationConfigurationRuleDestinationMetricArgs
{
Status = "Enabled",
Minutes = 15,
},
},
},
},
},
},
},
},
}, new CustomResourceOptions
{
Provider = aws.Central,
});
var replicationPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Actions = new[]
{
"s3:GetReplicationConfiguration",
"s3:ListBucket",
},
Resources = new[]
{
source.Arn,
},
},
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Actions = new[]
{
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging",
},
Resources = new[]
{
$"{source.Arn}/*",
},
},
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Actions = new[]
{
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
},
Resources = new[]
{
$"{destination.Arn}/*",
},
},
},
});
var replicationPolicy = new Aws.Iam.Policy("replicationPolicy", new()
{
PolicyDocument = replicationPolicyDocument.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("replicationRolePolicyAttachment", new()
{
Role = replicationRole.Name,
PolicyArn = replicationPolicy.Arn,
});
});
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := aws.NewProvider(ctx, "central", &aws.ProviderArgs{
Region: pulumi.String("eu-central-1"),
})
if err != nil {
return err
}
assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
Statements: []iam.GetPolicyDocumentStatement{
{
Effect: pulumi.StringRef("Allow"),
Principals: []iam.GetPolicyDocumentStatementPrincipal{
{
Type: "Service",
Identifiers: []string{
"s3.amazonaws.com",
},
},
},
Actions: []string{
"sts:AssumeRole",
},
},
},
}, nil)
if err != nil {
return err
}
replicationRole, err := iam.NewRole(ctx, "replicationRole", &iam.RoleArgs{
AssumeRolePolicy: *pulumi.String(assumeRole.Json),
})
if err != nil {
return err
}
destination, err := s3.NewBucketV2(ctx, "destination", &s3.BucketV2Args{
Versionings: s3.BucketV2VersioningArray{
&s3.BucketV2VersioningArgs{
Enabled: pulumi.Bool(true),
},
},
})
if err != nil {
return err
}
source, err := s3.NewBucketV2(ctx, "source", &s3.BucketV2Args{
Acl: pulumi.String("private"),
Versionings: s3.BucketV2VersioningArray{
&s3.BucketV2VersioningArgs{
Enabled: pulumi.Bool(true),
},
},
ReplicationConfigurations: s3.BucketV2ReplicationConfigurationArray{
&s3.BucketV2ReplicationConfigurationArgs{
Role: replicationRole.Arn,
Rules: s3.BucketV2ReplicationConfigurationRuleArray{
&s3.BucketV2ReplicationConfigurationRuleArgs{
Id: pulumi.String("foobar"),
Status: pulumi.String("Enabled"),
Filters: s3.BucketV2ReplicationConfigurationRuleFilterArray{
&s3.BucketV2ReplicationConfigurationRuleFilterArgs{
Tags: nil,
},
},
Destinations: s3.BucketV2ReplicationConfigurationRuleDestinationArray{
&s3.BucketV2ReplicationConfigurationRuleDestinationArgs{
Bucket: destination.Arn,
StorageClass: pulumi.String("STANDARD"),
ReplicationTimes: s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArray{
&s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs{
Status: pulumi.String("Enabled"),
Minutes: pulumi.Int(15),
},
},
Metrics: s3.BucketV2ReplicationConfigurationRuleDestinationMetricArray{
&s3.BucketV2ReplicationConfigurationRuleDestinationMetricArgs{
Status: pulumi.String("Enabled"),
Minutes: pulumi.Int(15),
},
},
},
},
},
},
},
},
}, pulumi.Provider(aws.Central))
if err != nil {
return err
}
replicationPolicyDocument := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
Statements: iam.GetPolicyDocumentStatementArray{
&iam.GetPolicyDocumentStatementArgs{
Effect: pulumi.String("Allow"),
Actions: pulumi.StringArray{
pulumi.String("s3:GetReplicationConfiguration"),
pulumi.String("s3:ListBucket"),
},
Resources: pulumi.StringArray{
source.Arn,
},
},
&iam.GetPolicyDocumentStatementArgs{
Effect: pulumi.String("Allow"),
Actions: pulumi.StringArray{
pulumi.String("s3:GetObjectVersionForReplication"),
pulumi.String("s3:GetObjectVersionAcl"),
pulumi.String("s3:GetObjectVersionTagging"),
},
Resources: pulumi.StringArray{
source.Arn.ApplyT(func(arn string) (string, error) {
return fmt.Sprintf("%v/*", arn), nil
}).(pulumi.StringOutput),
},
},
&iam.GetPolicyDocumentStatementArgs{
Effect: pulumi.String("Allow"),
Actions: pulumi.StringArray{
pulumi.String("s3:ReplicateObject"),
pulumi.String("s3:ReplicateDelete"),
pulumi.String("s3:ReplicateTags"),
},
Resources: pulumi.StringArray{
destination.Arn.ApplyT(func(arn string) (string, error) {
return fmt.Sprintf("%v/*", arn), nil
}).(pulumi.StringOutput),
},
},
},
}, nil)
replicationPolicy, err := iam.NewPolicy(ctx, "replicationPolicy", &iam.PolicyArgs{
Policy: replicationPolicyDocument.ApplyT(func(replicationPolicyDocument iam.GetPolicyDocumentResult) (*string, error) {
return &replicationPolicyDocument.Json, nil
}).(pulumi.StringPtrOutput),
})
if err != nil {
return err
}
_, err = iam.NewRolePolicyAttachment(ctx, "replicationRolePolicyAttachment", &iam.RolePolicyAttachmentArgs{
Role: replicationRole.Name,
PolicyArn: replicationPolicy.Arn,
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2ObjectLockConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new BucketV2("example", BucketV2Args.builder()
.objectLockConfiguration(BucketV2ObjectLockConfigurationArgs.builder()
.objectLockEnabled("Enabled")
.rule(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
central = aws.Provider("central", region="eu-central-1")
assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
effect="Allow",
principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
type="Service",
identifiers=["s3.amazonaws.com"],
)],
actions=["sts:AssumeRole"],
)])
replication_role = aws.iam.Role("replicationRole", assume_role_policy=assume_role.json)
destination = aws.s3.BucketV2("destination", versionings=[aws.s3.BucketV2VersioningArgs(
enabled=True,
)])
source = aws.s3.BucketV2("source",
acl="private",
versionings=[aws.s3.BucketV2VersioningArgs(
enabled=True,
)],
replication_configurations=[aws.s3.BucketV2ReplicationConfigurationArgs(
role=replication_role.arn,
rules=[aws.s3.BucketV2ReplicationConfigurationRuleArgs(
id="foobar",
status="Enabled",
filters=[aws.s3.BucketV2ReplicationConfigurationRuleFilterArgs(
tags={},
)],
destinations=[aws.s3.BucketV2ReplicationConfigurationRuleDestinationArgs(
bucket=destination.arn,
storage_class="STANDARD",
replication_times=[aws.s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs(
status="Enabled",
minutes=15,
)],
metrics=[aws.s3.BucketV2ReplicationConfigurationRuleDestinationMetricArgs(
status="Enabled",
minutes=15,
)],
)],
)],
)],
opts=pulumi.ResourceOptions(provider=aws["central"]))
replication_policy_document = aws.iam.get_policy_document_output(statements=[
aws.iam.GetPolicyDocumentStatementArgs(
effect="Allow",
actions=[
"s3:GetReplicationConfiguration",
"s3:ListBucket",
],
resources=[source.arn],
),
aws.iam.GetPolicyDocumentStatementArgs(
effect="Allow",
actions=[
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging",
],
resources=[source.arn.apply(lambda arn: f"{arn}/*")],
),
aws.iam.GetPolicyDocumentStatementArgs(
effect="Allow",
actions=[
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
],
resources=[destination.arn.apply(lambda arn: f"{arn}/*")],
),
])
replication_policy = aws.iam.Policy("replicationPolicy", policy=replication_policy_document.json)
replication_role_policy_attachment = aws.iam.RolePolicyAttachment("replicationRolePolicyAttachment",
role=replication_role.name,
policy_arn=replication_policy.arn)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const central = new aws.Provider("central", {region: "eu-central-1"});
const assumeRole = aws.iam.getPolicyDocument({
statements: [{
effect: "Allow",
principals: [{
type: "Service",
identifiers: ["s3.amazonaws.com"],
}],
actions: ["sts:AssumeRole"],
}],
});
const replicationRole = new aws.iam.Role("replicationRole", {assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json)});
const destination = new aws.s3.BucketV2("destination", {versionings: [{
enabled: true,
}]});
const source = new aws.s3.BucketV2("source", {
acl: "private",
versionings: [{
enabled: true,
}],
replicationConfigurations: [{
role: replicationRole.arn,
rules: [{
id: "foobar",
status: "Enabled",
filters: [{
tags: {},
}],
destinations: [{
bucket: destination.arn,
storageClass: "STANDARD",
replicationTimes: [{
status: "Enabled",
minutes: 15,
}],
metrics: [{
status: "Enabled",
minutes: 15,
}],
}],
}],
}],
}, {
provider: aws.central,
});
const replicationPolicyDocument = aws.iam.getPolicyDocumentOutput({
statements: [
{
effect: "Allow",
actions: [
"s3:GetReplicationConfiguration",
"s3:ListBucket",
],
resources: [source.arn],
},
{
effect: "Allow",
actions: [
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging",
],
resources: [pulumi.interpolate`${source.arn}/*`],
},
{
effect: "Allow",
actions: [
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
],
resources: [pulumi.interpolate`${destination.arn}/*`],
},
],
});
const replicationPolicy = new aws.iam.Policy("replicationPolicy", {policy: replicationPolicyDocument.apply(replicationPolicyDocument => replicationPolicyDocument.json)});
const replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment("replicationRolePolicyAttachment", {
role: replicationRole.name,
policyArn: replicationPolicy.arn,
});
resources:
example:
type: aws:s3:BucketV2
properties:
objectLockConfiguration:
objectLockEnabled: Enabled
rule:
- defaultRetention:
- days: 5
mode: COMPLIANCE
Using replication configuration
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var mykey = new Aws.Kms.Key("mykey", new()
{
Description = "This key is used to encrypt bucket objects",
DeletionWindowInDays = 10,
});
var mybucket = new Aws.S3.BucketV2("mybucket", new()
{
ServerSideEncryptionConfigurations = new[]
{
new Aws.S3.Inputs.BucketV2ServerSideEncryptionConfigurationArgs
{
Rules = new[]
{
new Aws.S3.Inputs.BucketV2ServerSideEncryptionConfigurationRuleArgs
{
ApplyServerSideEncryptionByDefaults = new[]
{
new Aws.S3.Inputs.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs
{
KmsMasterKeyId = mykey.Arn,
SseAlgorithm = "aws:kms",
},
},
},
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/kms"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
mykey, err := kms.NewKey(ctx, "mykey", &kms.KeyArgs{
Description: pulumi.String("This key is used to encrypt bucket objects"),
DeletionWindowInDays: pulumi.Int(10),
})
if err != nil {
return err
}
_, err = s3.NewBucketV2(ctx, "mybucket", &s3.BucketV2Args{
ServerSideEncryptionConfigurations: s3.BucketV2ServerSideEncryptionConfigurationArray{
&s3.BucketV2ServerSideEncryptionConfigurationArgs{
Rules: s3.BucketV2ServerSideEncryptionConfigurationRuleArray{
&s3.BucketV2ServerSideEncryptionConfigurationRuleArgs{
ApplyServerSideEncryptionByDefaults: s3.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArray{
&s3.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{
KmsMasterKeyId: mykey.Arn,
SseAlgorithm: pulumi.String("aws:kms"),
},
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.Provider;
import com.pulumi.aws.ProviderArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2VersioningArgs;
import com.pulumi.aws.s3.inputs.BucketV2ReplicationConfigurationArgs;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var central = new Provider("central", ProviderArgs.builder()
.region("eu-central-1")
.build());
final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("s3.amazonaws.com")
.build())
.actions("sts:AssumeRole")
.build())
.build());
var replicationRole = new Role("replicationRole", RoleArgs.builder()
.assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
var destination = new BucketV2("destination", BucketV2Args.builder()
.versionings(BucketV2VersioningArgs.builder()
.enabled(true)
.build())
.build());
var source = new BucketV2("source", BucketV2Args.builder()
.acl("private")
.versionings(BucketV2VersioningArgs.builder()
.enabled(true)
.build())
.replicationConfigurations(BucketV2ReplicationConfigurationArgs.builder()
.role(replicationRole.arn())
.rules(BucketV2ReplicationConfigurationRuleArgs.builder()
.id("foobar")
.status("Enabled")
.filters(BucketV2ReplicationConfigurationRuleFilterArgs.builder()
.tags()
.build())
.destinations(BucketV2ReplicationConfigurationRuleDestinationArgs.builder()
.bucket(destination.arn())
.storageClass("STANDARD")
.replicationTimes(BucketV2ReplicationConfigurationRuleDestinationReplicationTimeArgs.builder()
.status("Enabled")
.minutes(15)
.build())
.metrics(BucketV2ReplicationConfigurationRuleDestinationMetricArgs.builder()
.status("Enabled")
.minutes(15)
.build())
.build())
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.central())
.build());
final var replicationPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetReplicationConfiguration",
"s3:ListBucket")
.resources(source.arn())
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging")
.resources(source.arn().applyValue(arn -> String.format("%s/*", arn)))
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags")
.resources(destination.arn().applyValue(arn -> String.format("%s/*", arn)))
.build())
.build());
var replicationPolicy = new Policy("replicationPolicy", PolicyArgs.builder()
.policy(replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(replicationPolicyDocument -> replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
.build());
var replicationRolePolicyAttachment = new RolePolicyAttachment("replicationRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
.role(replicationRole.name())
.policyArn(replicationPolicy.arn())
.build());
}
}
import pulumi
import pulumi_aws as aws
mykey = aws.kms.Key("mykey",
description="This key is used to encrypt bucket objects",
deletion_window_in_days=10)
mybucket = aws.s3.BucketV2("mybucket", server_side_encryption_configurations=[aws.s3.BucketV2ServerSideEncryptionConfigurationArgs(
rules=[aws.s3.BucketV2ServerSideEncryptionConfigurationRuleArgs(
apply_server_side_encryption_by_defaults=[aws.s3.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs(
kms_master_key_id=mykey.arn,
sse_algorithm="aws:kms",
)],
)],
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const mykey = new aws.kms.Key("mykey", {
description: "This key is used to encrypt bucket objects",
deletionWindowInDays: 10,
});
const mybucket = new aws.s3.BucketV2("mybucket", {serverSideEncryptionConfigurations: [{
rules: [{
applyServerSideEncryptionByDefaults: [{
kmsMasterKeyId: mykey.arn,
sseAlgorithm: "aws:kms",
}],
}],
}]});
resources:
central:
type: pulumi:providers:aws
properties:
region: eu-central-1
replicationRole:
type: aws:iam:Role
properties:
assumeRolePolicy: ${assumeRole.json}
replicationPolicy:
type: aws:iam:Policy
properties:
policy: ${replicationPolicyDocument.json}
replicationRolePolicyAttachment:
type: aws:iam:RolePolicyAttachment
properties:
role: ${replicationRole.name}
policyArn: ${replicationPolicy.arn}
destination:
type: aws:s3:BucketV2
properties:
versionings:
- enabled: true
source:
type: aws:s3:BucketV2
properties:
acl: private
versionings:
- enabled: true
replicationConfigurations:
- role: ${replicationRole.arn}
rules:
- id: foobar
status: Enabled
filters:
- tags: {}
destinations:
- bucket: ${destination.arn}
storageClass: STANDARD
replicationTimes:
- status: Enabled
minutes: 15
metrics:
- status: Enabled
minutes: 15
options:
provider: ${aws.central}
variables:
assumeRole:
fn::invoke:
Function: aws:iam:getPolicyDocument
Arguments:
statements:
- effect: Allow
principals:
- type: Service
identifiers:
- s3.amazonaws.com
actions:
- sts:AssumeRole
replicationPolicyDocument:
fn::invoke:
Function: aws:iam:getPolicyDocument
Arguments:
statements:
- effect: Allow
actions:
- s3:GetReplicationConfiguration
- s3:ListBucket
resources:
- ${source.arn}
- effect: Allow
actions:
- s3:GetObjectVersionForReplication
- s3:GetObjectVersionAcl
- s3:GetObjectVersionTagging
resources:
- ${source.arn}/*
- effect: Allow
actions:
- s3:ReplicateObject
- s3:ReplicateDelete
- s3:ReplicateTags
resources:
- ${destination.arn}/*
Enable SSE-KMS Server Side Encryption
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var currentUser = Aws.S3.GetCanonicalUserId.Invoke();
var bucket = new Aws.S3.BucketV2("bucket", new()
{
Grants = new[]
{
new Aws.S3.Inputs.BucketV2GrantArgs
{
Id = currentUser.Apply(getCanonicalUserIdResult => getCanonicalUserIdResult.Id),
Type = "CanonicalUser",
Permissions = new[]
{
"FULL_CONTROL",
},
},
new Aws.S3.Inputs.BucketV2GrantArgs
{
Type = "Group",
Permissions = new[]
{
"READ_ACP",
"WRITE",
},
Uri = "http://acs.amazonaws.com/groups/s3/LogDelivery",
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
currentUser, err := s3.GetCanonicalUserId(ctx, nil, nil)
if err != nil {
return err
}
_, err = s3.NewBucketV2(ctx, "bucket", &s3.BucketV2Args{
Grants: s3.BucketV2GrantArray{
&s3.BucketV2GrantArgs{
Id: *pulumi.String(currentUser.Id),
Type: pulumi.String("CanonicalUser"),
Permissions: pulumi.StringArray{
pulumi.String("FULL_CONTROL"),
},
},
&s3.BucketV2GrantArgs{
Type: pulumi.String("Group"),
Permissions: pulumi.StringArray{
pulumi.String("READ_ACP"),
pulumi.String("WRITE"),
},
Uri: pulumi.String("http://acs.amazonaws.com/groups/s3/LogDelivery"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2ServerSideEncryptionConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var mykey = new Key("mykey", KeyArgs.builder()
.description("This key is used to encrypt bucket objects")
.deletionWindowInDays(10)
.build());
var mybucket = new BucketV2("mybucket", BucketV2Args.builder()
.serverSideEncryptionConfigurations(BucketV2ServerSideEncryptionConfigurationArgs.builder()
.rules(BucketV2ServerSideEncryptionConfigurationRuleArgs.builder()
.applyServerSideEncryptionByDefaults(BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()
.kmsMasterKeyId(mykey.arn())
.sseAlgorithm("aws:kms")
.build())
.build())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
current_user = aws.s3.get_canonical_user_id()
bucket = aws.s3.BucketV2("bucket", grants=[
aws.s3.BucketV2GrantArgs(
id=current_user.id,
type="CanonicalUser",
permissions=["FULL_CONTROL"],
),
aws.s3.BucketV2GrantArgs(
type="Group",
permissions=[
"READ_ACP",
"WRITE",
],
uri="http://acs.amazonaws.com/groups/s3/LogDelivery",
),
])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const currentUser = aws.s3.getCanonicalUserId({});
const bucket = new aws.s3.BucketV2("bucket", {grants: [
{
id: currentUser.then(currentUser => currentUser.id),
type: "CanonicalUser",
permissions: ["FULL_CONTROL"],
},
{
type: "Group",
permissions: [
"READ_ACP",
"WRITE",
],
uri: "http://acs.amazonaws.com/groups/s3/LogDelivery",
},
]});
resources:
mykey:
type: aws:kms:Key
properties:
description: This key is used to encrypt bucket objects
deletionWindowInDays: 10
mybucket:
type: aws:s3:BucketV2
properties:
serverSideEncryptionConfigurations:
- rules:
- applyServerSideEncryptionByDefaults:
- kmsMasterKeyId: ${mykey.arn}
sseAlgorithm: aws:kms
Using ACL policy grants
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.S3Functions;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.inputs.BucketV2GrantArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var currentUser = S3Functions.getCanonicalUserId();
var bucket = new BucketV2("bucket", BucketV2Args.builder()
.grants(
BucketV2GrantArgs.builder()
.id(currentUser.applyValue(getCanonicalUserIdResult -> getCanonicalUserIdResult.id()))
.type("CanonicalUser")
.permissions("FULL_CONTROL")
.build(),
BucketV2GrantArgs.builder()
.type("Group")
.permissions(
"READ_ACP",
"WRITE")
.uri("http://acs.amazonaws.com/groups/s3/LogDelivery")
.build())
.build());
}
}
Coming soon!
Coming soon!
resources:
bucket:
type: aws:s3:BucketV2
properties:
grants:
- id: ${currentUser.id}
type: CanonicalUser
permissions:
- FULL_CONTROL
- type: Group
permissions:
- READ_ACP
- WRITE
uri: http://acs.amazonaws.com/groups/s3/LogDelivery
variables:
currentUser:
fn::invoke:
Function: aws:s3:getCanonicalUserId
Arguments: {}
Create BucketV2 Resource
new BucketV2(name: string, args?: BucketV2Args, opts?: CustomResourceOptions);
@overload
def BucketV2(resource_name: str,
opts: Optional[ResourceOptions] = None,
acceleration_status: Optional[str] = None,
acl: Optional[str] = None,
bucket: Optional[str] = None,
bucket_prefix: Optional[str] = None,
cors_rules: Optional[Sequence[BucketV2CorsRuleArgs]] = None,
force_destroy: Optional[bool] = None,
grants: Optional[Sequence[BucketV2GrantArgs]] = None,
lifecycle_rules: Optional[Sequence[BucketV2LifecycleRuleArgs]] = None,
loggings: Optional[Sequence[BucketV2LoggingArgs]] = None,
object_lock_configuration: Optional[BucketV2ObjectLockConfigurationArgs] = None,
object_lock_enabled: Optional[bool] = None,
policy: Optional[str] = None,
replication_configurations: Optional[Sequence[BucketV2ReplicationConfigurationArgs]] = None,
request_payer: Optional[str] = None,
server_side_encryption_configurations: Optional[Sequence[BucketV2ServerSideEncryptionConfigurationArgs]] = None,
tags: Optional[Mapping[str, str]] = None,
versionings: Optional[Sequence[BucketV2VersioningArgs]] = None,
websites: Optional[Sequence[BucketV2WebsiteArgs]] = None)
@overload
def BucketV2(resource_name: str,
args: Optional[BucketV2Args] = None,
opts: Optional[ResourceOptions] = None)
func NewBucketV2(ctx *Context, name string, args *BucketV2Args, opts ...ResourceOption) (*BucketV2, error)
public BucketV2(string name, BucketV2Args? args = null, CustomResourceOptions? opts = null)
public BucketV2(String name, BucketV2Args args)
public BucketV2(String name, BucketV2Args args, CustomResourceOptions options)
type: aws:s3:BucketV2
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BucketV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args BucketV2Args
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args BucketV2Args
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BucketV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args BucketV2Args
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
BucketV2 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The BucketV2 resource accepts the following input properties:
- Acceleration
Status string Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- Acl string
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Bucket string
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- Bucket
Prefix string Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- Cors
Rules List<BucketV2Cors Rule Args> Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- Force
Destroy bool Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- Grants
List<Bucket
V2Grant Args> An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Lifecycle
Rules List<BucketV2Lifecycle Rule Args> Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- Loggings
List<Bucket
V2Logging Args> Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- Object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- Object
Lock boolEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- Policy string
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- Replication
Configurations List<BucketV2Replication Configuration Args> Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- Request
Payer string Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- Server
Side List<BucketEncryption Configurations V2Server Side Encryption Configuration Args> Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Dictionary<string, string>
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- Versionings
List<Bucket
V2Versioning Args> Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- Websites
List<Bucket
V2Website Args> Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- Acceleration
Status string Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- Acl string
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Bucket string
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- Bucket
Prefix string Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- Cors
Rules []BucketV2Cors Rule Args Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- Force
Destroy bool Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- Grants
[]Bucket
V2Grant Args An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Lifecycle
Rules []BucketV2Lifecycle Rule Args Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- Loggings
[]Bucket
V2Logging Args Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- Object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- Object
Lock boolEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- Policy string
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- Replication
Configurations []BucketV2Replication Configuration Args Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- Request
Payer string Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- Server
Side []BucketEncryption Configurations V2Server Side Encryption Configuration Args Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- map[string]string
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- Versionings
[]Bucket
V2Versioning Args Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- Websites
[]Bucket
V2Website Args Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration
Status String Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl String
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- bucket String
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket
Prefix String Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- cors
Rules List<BucketV2Cors Rule Args> Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force
Destroy Boolean Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants
List<Bucket
V2Grant Args> An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- lifecycle
Rules List<BucketV2Lifecycle Rule Args> Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings
List<Bucket
V2Logging Args> Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock BooleanEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy String
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- replication
Configurations List<BucketV2Replication Configuration Args> Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request
Payer String Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server
Side List<BucketEncryption Configurations V2Server Side Encryption Configuration Args> Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Map<String,String>
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- versionings
List<Bucket
V2Versioning Args> Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- websites
List<Bucket
V2Website Args> Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration
Status string Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl string
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- bucket string
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket
Prefix string Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- cors
Rules BucketV2Cors Rule Args[] Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force
Destroy boolean Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants
Bucket
V2Grant Args[] An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- lifecycle
Rules BucketV2Lifecycle Rule Args[] Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings
Bucket
V2Logging Args[] Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock booleanEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy string
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- replication
Configurations BucketV2Replication Configuration Args[] Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request
Payer string Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server
Side BucketEncryption Configurations V2Server Side Encryption Configuration Args[] Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- {[key: string]: string}
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- versionings
Bucket
V2Versioning Args[] Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- websites
Bucket
V2Website Args[] Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration_
status str Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl str
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- bucket str
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket_
prefix str Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- cors_
rules Sequence[BucketV2Cors Rule Args] Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force_
destroy bool Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants
Sequence[Bucket
V2Grant Args] An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- lifecycle_
rules Sequence[BucketV2Lifecycle Rule Args] Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings
Sequence[Bucket
V2Logging Args] Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object_
lock_ Bucketconfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object_
lock_ boolenabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy str
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- replication_
configurations Sequence[BucketV2Replication Configuration Args] Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request_
payer str Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server_
side_ Sequence[Bucketencryption_ configurations V2Server Side Encryption Configuration Args] Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Mapping[str, str]
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- versionings
Sequence[Bucket
V2Versioning Args] Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- websites
Sequence[Bucket
V2Website Args] Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration
Status String Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl String
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- bucket String
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket
Prefix String Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- cors
Rules List<Property Map> Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force
Destroy Boolean Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants List<Property Map>
An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- lifecycle
Rules List<Property Map> Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings List<Property Map>
Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object
Lock Property MapConfiguration Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock BooleanEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy String
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- replication
Configurations List<Property Map> Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request
Payer String Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server
Side List<Property Map>Encryption Configurations Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Map<String>
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- versionings List<Property Map>
Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- websites List<Property Map>
Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
Outputs
All input properties are implicitly available as output properties. Additionally, the BucketV2 resource produces the following output properties:
- Arn string
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- Bucket
Domain stringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- Bucket
Regional stringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- Hosted
Zone stringId Route 53 Hosted Zone ID for this bucket's region.
- Id string
The provider-assigned unique ID for this managed resource.
- Region string
AWS region this bucket resides in.
- Dictionary<string, string>
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- Website
Domain string (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- Website
Endpoint string (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- Arn string
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- Bucket
Domain stringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- Bucket
Regional stringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- Hosted
Zone stringId Route 53 Hosted Zone ID for this bucket's region.
- Id string
The provider-assigned unique ID for this managed resource.
- Region string
AWS region this bucket resides in.
- map[string]string
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- Website
Domain string (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- Website
Endpoint string (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- arn String
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket
Domain StringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket
Regional StringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- hosted
Zone StringId Route 53 Hosted Zone ID for this bucket's region.
- id String
The provider-assigned unique ID for this managed resource.
- region String
AWS region this bucket resides in.
- Map<String,String>
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- website
Domain String (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website
Endpoint String (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- arn string
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket
Domain stringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket
Regional stringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- hosted
Zone stringId Route 53 Hosted Zone ID for this bucket's region.
- id string
The provider-assigned unique ID for this managed resource.
- region string
AWS region this bucket resides in.
- {[key: string]: string}
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- website
Domain string (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website
Endpoint string (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- arn str
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket_
domain_ strname Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket_
regional_ strdomain_ name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- hosted_
zone_ strid Route 53 Hosted Zone ID for this bucket's region.
- id str
The provider-assigned unique ID for this managed resource.
- region str
AWS region this bucket resides in.
- Mapping[str, str]
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- website_
domain str (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website_
endpoint str (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- arn String
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket
Domain StringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket
Regional StringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- hosted
Zone StringId Route 53 Hosted Zone ID for this bucket's region.
- id String
The provider-assigned unique ID for this managed resource.
- region String
AWS region this bucket resides in.
- Map<String>
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- website
Domain String (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website
Endpoint String (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
Look up Existing BucketV2 Resource
Get an existing BucketV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: BucketV2State, opts?: CustomResourceOptions): BucketV2
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
acceleration_status: Optional[str] = None,
acl: Optional[str] = None,
arn: Optional[str] = None,
bucket: Optional[str] = None,
bucket_domain_name: Optional[str] = None,
bucket_prefix: Optional[str] = None,
bucket_regional_domain_name: Optional[str] = None,
cors_rules: Optional[Sequence[BucketV2CorsRuleArgs]] = None,
force_destroy: Optional[bool] = None,
grants: Optional[Sequence[BucketV2GrantArgs]] = None,
hosted_zone_id: Optional[str] = None,
lifecycle_rules: Optional[Sequence[BucketV2LifecycleRuleArgs]] = None,
loggings: Optional[Sequence[BucketV2LoggingArgs]] = None,
object_lock_configuration: Optional[BucketV2ObjectLockConfigurationArgs] = None,
object_lock_enabled: Optional[bool] = None,
policy: Optional[str] = None,
region: Optional[str] = None,
replication_configurations: Optional[Sequence[BucketV2ReplicationConfigurationArgs]] = None,
request_payer: Optional[str] = None,
server_side_encryption_configurations: Optional[Sequence[BucketV2ServerSideEncryptionConfigurationArgs]] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
versionings: Optional[Sequence[BucketV2VersioningArgs]] = None,
website_domain: Optional[str] = None,
website_endpoint: Optional[str] = None,
websites: Optional[Sequence[BucketV2WebsiteArgs]] = None) -> BucketV2
func GetBucketV2(ctx *Context, name string, id IDInput, state *BucketV2State, opts ...ResourceOption) (*BucketV2, error)
public static BucketV2 Get(string name, Input<string> id, BucketV2State? state, CustomResourceOptions? opts = null)
public static BucketV2 get(String name, Output<String> id, BucketV2State state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Acceleration
Status string Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- Acl string
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Arn string
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- Bucket string
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- Bucket
Domain stringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- Bucket
Prefix string Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- Bucket
Regional stringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- Cors
Rules List<BucketV2Cors Rule Args> Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- Force
Destroy bool Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- Grants
List<Bucket
V2Grant Args> An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Hosted
Zone stringId Route 53 Hosted Zone ID for this bucket's region.
- Lifecycle
Rules List<BucketV2Lifecycle Rule Args> Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- Loggings
List<Bucket
V2Logging Args> Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- Object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- Object
Lock boolEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- Policy string
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- Region string
AWS region this bucket resides in.
- Replication
Configurations List<BucketV2Replication Configuration Args> Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- Request
Payer string Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- Server
Side List<BucketEncryption Configurations V2Server Side Encryption Configuration Args> Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Dictionary<string, string>
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- Dictionary<string, string>
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- Versionings
List<Bucket
V2Versioning Args> Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- Website
Domain string (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- Website
Endpoint string (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- Websites
List<Bucket
V2Website Args> Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- Acceleration
Status string Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- Acl string
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Arn string
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- Bucket string
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- Bucket
Domain stringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- Bucket
Prefix string Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- Bucket
Regional stringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- Cors
Rules []BucketV2Cors Rule Args Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- Force
Destroy bool Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- Grants
[]Bucket
V2Grant Args An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- Hosted
Zone stringId Route 53 Hosted Zone ID for this bucket's region.
- Lifecycle
Rules []BucketV2Lifecycle Rule Args Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- Loggings
[]Bucket
V2Logging Args Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- Object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- Object
Lock boolEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- Policy string
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- Region string
AWS region this bucket resides in.
- Replication
Configurations []BucketV2Replication Configuration Args Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- Request
Payer string Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- Server
Side []BucketEncryption Configurations V2Server Side Encryption Configuration Args Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- map[string]string
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- map[string]string
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- Versionings
[]Bucket
V2Versioning Args Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- Website
Domain string (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- Website
Endpoint string (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- Websites
[]Bucket
V2Website Args Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration
Status String Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl String
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- arn String
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket String
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket
Domain StringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket
Prefix String Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- bucket
Regional StringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- cors
Rules List<BucketV2Cors Rule Args> Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force
Destroy Boolean Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants
List<Bucket
V2Grant Args> An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- hosted
Zone StringId Route 53 Hosted Zone ID for this bucket's region.
- lifecycle
Rules List<BucketV2Lifecycle Rule Args> Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings
List<Bucket
V2Logging Args> Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock BooleanEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy String
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- region String
AWS region this bucket resides in.
- replication
Configurations List<BucketV2Replication Configuration Args> Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request
Payer String Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server
Side List<BucketEncryption Configurations V2Server Side Encryption Configuration Args> Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Map<String,String>
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String,String>
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- versionings
List<Bucket
V2Versioning Args> Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- website
Domain String (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website
Endpoint String (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- websites
List<Bucket
V2Website Args> Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration
Status string Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl string
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- arn string
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket string
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket
Domain stringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket
Prefix string Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- bucket
Regional stringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- cors
Rules BucketV2Cors Rule Args[] Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force
Destroy boolean Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants
Bucket
V2Grant Args[] An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- hosted
Zone stringId Route 53 Hosted Zone ID for this bucket's region.
- lifecycle
Rules BucketV2Lifecycle Rule Args[] Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings
Bucket
V2Logging Args[] Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object
Lock BucketConfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock booleanEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy string
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- region string
AWS region this bucket resides in.
- replication
Configurations BucketV2Replication Configuration Args[] Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request
Payer string Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server
Side BucketEncryption Configurations V2Server Side Encryption Configuration Args[] Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- {[key: string]: string}
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- {[key: string]: string}
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- versionings
Bucket
V2Versioning Args[] Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- website
Domain string (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website
Endpoint string (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- websites
Bucket
V2Website Args[] Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration_
status str Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl str
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- arn str
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket str
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket_
domain_ strname Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket_
prefix str Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- bucket_
regional_ strdomain_ name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- cors_
rules Sequence[BucketV2Cors Rule Args] Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force_
destroy bool Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants
Sequence[Bucket
V2Grant Args] An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- hosted_
zone_ strid Route 53 Hosted Zone ID for this bucket's region.
- lifecycle_
rules Sequence[BucketV2Lifecycle Rule Args] Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings
Sequence[Bucket
V2Logging Args] Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object_
lock_ Bucketconfiguration V2Object Lock Configuration Args Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object_
lock_ boolenabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy str
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- region str
AWS region this bucket resides in.
- replication_
configurations Sequence[BucketV2Replication Configuration Args] Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request_
payer str Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server_
side_ Sequence[Bucketencryption_ configurations V2Server Side Encryption Configuration Args] Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Mapping[str, str]
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- Mapping[str, str]
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- versionings
Sequence[Bucket
V2Versioning Args] Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- website_
domain str (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website_
endpoint str (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- websites
Sequence[Bucket
V2Website Args] Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
- acceleration
Status String Sets the accelerate configuration of an existing bucket. Can be
Enabled
orSuspended
. Cannot be used incn-north-1
orus-gov-west-1
. This provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAccelerateConfigurationV2
instead.Use the aws_s3_bucket_accelerate_configuration resource instead
- acl String
The canned ACL to apply. Valid values are
private
,public-read
,public-read-write
,aws-exec-read
,authenticated-read
, andlog-delivery-write
. Defaults toprivate
. Conflicts withgrant
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- arn String
ARN of the bucket. Will be of format
arn:aws:s3:::bucketname
.- bucket String
Name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules may be found here.
- bucket
Domain StringName Bucket domain name. Will be of format
bucketname.s3.amazonaws.com
.- bucket
Prefix String Creates a unique bucket name beginning with the specified prefix. Conflicts with
bucket
. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules may be found here.- bucket
Regional StringDomain Name Bucket region-specific domain name. The bucket domain name including the region name, please refer here for format. Note: The AWS CloudFront allows specifying S3 region-specific endpoint when creating S3 origin, it will prevent redirect issues from CloudFront to S3 Origin URL.
- cors
Rules List<Property Map> Rule of Cross-Origin Resource Sharing. See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketCorsConfigurationV2
instead.Use the aws_s3_bucket_cors_configuration resource instead
- force
Destroy Boolean Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error. These objects are not recoverable. This only deletes objects when the bucket is destroyed, not when setting this parameter to
true
. Once this parameter is set totrue
, there must be a successfulpulumi up
run before a destroy is required to update this value in the resource state. Without a successfulpulumi up
after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successfulpulumi up
is required to set this value in state before it will take effect on a destroy operation.- grants List<Property Map>
An ACL policy grant. See Grant below for details. Conflicts with
acl
. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketAclV2
instead.Use the aws_s3_bucket_acl resource instead
- hosted
Zone StringId Route 53 Hosted Zone ID for this bucket's region.
- lifecycle
Rules List<Property Map> Configuration of object lifecycle management. See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLifecycleConfigurationV2
instead.Use the aws_s3_bucket_lifecycle_configuration resource instead
- loggings List<Property Map>
Configuration of S3 bucket logging parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketLoggingV2
instead.Use the aws_s3_bucket_logging resource instead
- object
Lock Property MapConfiguration Configuration of S3 object locking. See Object Lock Configuration below for details. the provider wil only perform drift detection if a configuration value is provided. Use the
object_lock_enabled
parameter and the resourceaws.s3.BucketObjectLockConfigurationV2
instead.Use the top-level parameter object_lock_enabled and the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock BooleanEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.- policy String
Valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketPolicy
instead.Use the aws_s3_bucket_policy resource instead
- region String
AWS region this bucket resides in.
- replication
Configurations List<Property Map> Configuration of replication configuration. See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketReplicationConfig
instead.Use the aws_s3_bucket_replication_configuration resource instead
- request
Payer String Specifies who should bear the cost of Amazon S3 data transfer. Can be either
BucketOwner
orRequester
. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information. The provider will only perform drift detection if a configuration value is provided. Use the resourceaws.s3.BucketRequestPaymentConfigurationV2
instead.Use the aws_s3_bucket_request_payment_configuration resource instead
- server
Side List<Property Map>Encryption Configurations Configuration of server-side encryption configuration. See Server Side Encryption Configuration below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketServerSideEncryptionConfigurationV2
instead.Use the aws_s3_bucket_server_side_encryption_configuration resource instead
- Map<String>
Map of tags to assign to the bucket. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String>
Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block.- versionings List<Property Map>
Configuration of the S3 bucket versioning state. See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketVersioningV2
instead.Use the aws_s3_bucket_versioning resource instead
- website
Domain String (Deprecated) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- website
Endpoint String (Deprecated) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource
- websites List<Property Map>
Configuration of the S3 bucket website. See Website below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource
aws.s3.BucketWebsiteConfigurationV2
instead.Use the aws_s3_bucket_website_configuration resource instead
Supporting Types
BucketV2CorsRule
- Allowed
Methods List<string> One or more HTTP methods that you allow the origin to execute. Can be
GET
,PUT
,POST
,DELETE
orHEAD
.- Allowed
Origins List<string> One or more origins you want customers to be able to access the bucket from.
- Allowed
Headers List<string> List of headers allowed.
- Expose
Headers List<string> One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object).- Max
Age intSeconds Specifies time in seconds that browser can cache the response for a preflight request.
- Allowed
Methods []string One or more HTTP methods that you allow the origin to execute. Can be
GET
,PUT
,POST
,DELETE
orHEAD
.- Allowed
Origins []string One or more origins you want customers to be able to access the bucket from.
- Allowed
Headers []string List of headers allowed.
- Expose
Headers []string One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object).- Max
Age intSeconds Specifies time in seconds that browser can cache the response for a preflight request.
- allowed
Methods List<String> One or more HTTP methods that you allow the origin to execute. Can be
GET
,PUT
,POST
,DELETE
orHEAD
.- allowed
Origins List<String> One or more origins you want customers to be able to access the bucket from.
- allowed
Headers List<String> List of headers allowed.
- expose
Headers List<String> One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object).- max
Age IntegerSeconds Specifies time in seconds that browser can cache the response for a preflight request.
- allowed
Methods string[] One or more HTTP methods that you allow the origin to execute. Can be
GET
,PUT
,POST
,DELETE
orHEAD
.- allowed
Origins string[] One or more origins you want customers to be able to access the bucket from.
- allowed
Headers string[] List of headers allowed.
- expose
Headers string[] One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object).- max
Age numberSeconds Specifies time in seconds that browser can cache the response for a preflight request.
- allowed_
methods Sequence[str] One or more HTTP methods that you allow the origin to execute. Can be
GET
,PUT
,POST
,DELETE
orHEAD
.- allowed_
origins Sequence[str] One or more origins you want customers to be able to access the bucket from.
- allowed_
headers Sequence[str] List of headers allowed.
- expose_
headers Sequence[str] One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object).- max_
age_ intseconds Specifies time in seconds that browser can cache the response for a preflight request.
- allowed
Methods List<String> One or more HTTP methods that you allow the origin to execute. Can be
GET
,PUT
,POST
,DELETE
orHEAD
.- allowed
Origins List<String> One or more origins you want customers to be able to access the bucket from.
- allowed
Headers List<String> List of headers allowed.
- expose
Headers List<String> One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequest
object).- max
Age NumberSeconds Specifies time in seconds that browser can cache the response for a preflight request.
BucketV2Grant
- Permissions List<string>
List of permissions to apply for grantee. Valid values are
READ
,WRITE
,READ_ACP
,WRITE_ACP
,FULL_CONTROL
.- Type string
Type of grantee to apply for. Valid values are
CanonicalUser
andGroup
.AmazonCustomerByEmail
is not supported.- Id string
Canonical user id to grant for. Used only when
type
isCanonicalUser
.- Uri string
Uri address to grant for. Used only when
type
isGroup
.
- Permissions []string
List of permissions to apply for grantee. Valid values are
READ
,WRITE
,READ_ACP
,WRITE_ACP
,FULL_CONTROL
.- Type string
Type of grantee to apply for. Valid values are
CanonicalUser
andGroup
.AmazonCustomerByEmail
is not supported.- Id string
Canonical user id to grant for. Used only when
type
isCanonicalUser
.- Uri string
Uri address to grant for. Used only when
type
isGroup
.
- permissions List<String>
List of permissions to apply for grantee. Valid values are
READ
,WRITE
,READ_ACP
,WRITE_ACP
,FULL_CONTROL
.- type String
Type of grantee to apply for. Valid values are
CanonicalUser
andGroup
.AmazonCustomerByEmail
is not supported.- id String
Canonical user id to grant for. Used only when
type
isCanonicalUser
.- uri String
Uri address to grant for. Used only when
type
isGroup
.
- permissions string[]
List of permissions to apply for grantee. Valid values are
READ
,WRITE
,READ_ACP
,WRITE_ACP
,FULL_CONTROL
.- type string
Type of grantee to apply for. Valid values are
CanonicalUser
andGroup
.AmazonCustomerByEmail
is not supported.- id string
Canonical user id to grant for. Used only when
type
isCanonicalUser
.- uri string
Uri address to grant for. Used only when
type
isGroup
.
- permissions Sequence[str]
List of permissions to apply for grantee. Valid values are
READ
,WRITE
,READ_ACP
,WRITE_ACP
,FULL_CONTROL
.- type str
Type of grantee to apply for. Valid values are
CanonicalUser
andGroup
.AmazonCustomerByEmail
is not supported.- id str
Canonical user id to grant for. Used only when
type
isCanonicalUser
.- uri str
Uri address to grant for. Used only when
type
isGroup
.
- permissions List<String>
List of permissions to apply for grantee. Valid values are
READ
,WRITE
,READ_ACP
,WRITE_ACP
,FULL_CONTROL
.- type String
Type of grantee to apply for. Valid values are
CanonicalUser
andGroup
.AmazonCustomerByEmail
is not supported.- id String
Canonical user id to grant for. Used only when
type
isCanonicalUser
.- uri String
Uri address to grant for. Used only when
type
isGroup
.
BucketV2LifecycleRule
- Enabled bool
Specifies lifecycle rule status.
- Abort
Incomplete intMultipart Upload Days Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
- Expirations
List<Bucket
V2Lifecycle Rule Expiration> Specifies a period in the object's expire. See Expiration below for details.
- Id string
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- Noncurrent
Version List<BucketExpirations V2Lifecycle Rule Noncurrent Version Expiration> Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.
- Noncurrent
Version List<BucketTransitions V2Lifecycle Rule Noncurrent Version Transition> Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.
- Prefix string
Object key prefix identifying one or more objects to which the rule applies.
- Dictionary<string, string>
Specifies object tags key and value.
- Transitions
List<Bucket
V2Lifecycle Rule Transition> Specifies a period in the object's transitions. See Transition below for details.
- Enabled bool
Specifies lifecycle rule status.
- Abort
Incomplete intMultipart Upload Days Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
- Expirations
[]Bucket
V2Lifecycle Rule Expiration Specifies a period in the object's expire. See Expiration below for details.
- Id string
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- Noncurrent
Version []BucketExpirations V2Lifecycle Rule Noncurrent Version Expiration Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.
- Noncurrent
Version []BucketTransitions V2Lifecycle Rule Noncurrent Version Transition Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.
- Prefix string
Object key prefix identifying one or more objects to which the rule applies.
- map[string]string
Specifies object tags key and value.
- Transitions
[]Bucket
V2Lifecycle Rule Transition Specifies a period in the object's transitions. See Transition below for details.
- enabled Boolean
Specifies lifecycle rule status.
- abort
Incomplete IntegerMultipart Upload Days Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
- expirations
List<Bucket
V2Lifecycle Rule Expiration> Specifies a period in the object's expire. See Expiration below for details.
- id String
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- noncurrent
Version List<BucketExpirations V2Lifecycle Rule Noncurrent Version Expiration> Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.
- noncurrent
Version List<BucketTransitions V2Lifecycle Rule Noncurrent Version Transition> Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.
- prefix String
Object key prefix identifying one or more objects to which the rule applies.
- Map<String,String>
Specifies object tags key and value.
- transitions
List<Bucket
V2Lifecycle Rule Transition> Specifies a period in the object's transitions. See Transition below for details.
- enabled boolean
Specifies lifecycle rule status.
- abort
Incomplete numberMultipart Upload Days Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
- expirations
Bucket
V2Lifecycle Rule Expiration[] Specifies a period in the object's expire. See Expiration below for details.
- id string
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- noncurrent
Version BucketExpirations V2Lifecycle Rule Noncurrent Version Expiration[] Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.
- noncurrent
Version BucketTransitions V2Lifecycle Rule Noncurrent Version Transition[] Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.
- prefix string
Object key prefix identifying one or more objects to which the rule applies.
- {[key: string]: string}
Specifies object tags key and value.
- transitions
Bucket
V2Lifecycle Rule Transition[] Specifies a period in the object's transitions. See Transition below for details.
- enabled bool
Specifies lifecycle rule status.
- abort_
incomplete_ intmultipart_ upload_ days Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
- expirations
Sequence[Bucket
V2Lifecycle Rule Expiration] Specifies a period in the object's expire. See Expiration below for details.
- id str
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- noncurrent_
version_ Sequence[Bucketexpirations V2Lifecycle Rule Noncurrent Version Expiration] Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.
- noncurrent_
version_ Sequence[Buckettransitions V2Lifecycle Rule Noncurrent Version Transition] Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.
- prefix str
Object key prefix identifying one or more objects to which the rule applies.
- Mapping[str, str]
Specifies object tags key and value.
- transitions
Sequence[Bucket
V2Lifecycle Rule Transition] Specifies a period in the object's transitions. See Transition below for details.
- enabled Boolean
Specifies lifecycle rule status.
- abort
Incomplete NumberMultipart Upload Days Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
- expirations List<Property Map>
Specifies a period in the object's expire. See Expiration below for details.
- id String
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- noncurrent
Version List<Property Map>Expirations Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.
- noncurrent
Version List<Property Map>Transitions Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.
- prefix String
Object key prefix identifying one or more objects to which the rule applies.
- Map<String>
Specifies object tags key and value.
- transitions List<Property Map>
Specifies a period in the object's transitions. See Transition below for details.
BucketV2LifecycleRuleExpiration
- Date string
Specifies the date after which you want the corresponding action to take effect.
- Days int
Specifies the number of days after object creation when the specific rule action takes effect.
- Expired
Object boolDelete Marker On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.
- Date string
Specifies the date after which you want the corresponding action to take effect.
- Days int
Specifies the number of days after object creation when the specific rule action takes effect.
- Expired
Object boolDelete Marker On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.
- date String
Specifies the date after which you want the corresponding action to take effect.
- days Integer
Specifies the number of days after object creation when the specific rule action takes effect.
- expired
Object BooleanDelete Marker On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.
- date string
Specifies the date after which you want the corresponding action to take effect.
- days number
Specifies the number of days after object creation when the specific rule action takes effect.
- expired
Object booleanDelete Marker On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.
- date str
Specifies the date after which you want the corresponding action to take effect.
- days int
Specifies the number of days after object creation when the specific rule action takes effect.
- expired_
object_ booldelete_ marker On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.
- date String
Specifies the date after which you want the corresponding action to take effect.
- days Number
Specifies the number of days after object creation when the specific rule action takes effect.
- expired
Object BooleanDelete Marker On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.
BucketV2LifecycleRuleNoncurrentVersionExpiration
- Days int
Specifies the number of days noncurrent object versions expire.
- Days int
Specifies the number of days noncurrent object versions expire.
- days Integer
Specifies the number of days noncurrent object versions expire.
- days number
Specifies the number of days noncurrent object versions expire.
- days int
Specifies the number of days noncurrent object versions expire.
- days Number
Specifies the number of days noncurrent object versions expire.
BucketV2LifecycleRuleNoncurrentVersionTransition
- Storage
Class string Specifies the Amazon S3 storage class to which you want the object to transition.
- Days int
Specifies the number of days noncurrent object versions transition.
- Storage
Class string Specifies the Amazon S3 storage class to which you want the object to transition.
- Days int
Specifies the number of days noncurrent object versions transition.
- storage
Class String Specifies the Amazon S3 storage class to which you want the object to transition.
- days Integer
Specifies the number of days noncurrent object versions transition.
- storage
Class string Specifies the Amazon S3 storage class to which you want the object to transition.
- days number
Specifies the number of days noncurrent object versions transition.
- storage_
class str Specifies the Amazon S3 storage class to which you want the object to transition.
- days int
Specifies the number of days noncurrent object versions transition.
- storage
Class String Specifies the Amazon S3 storage class to which you want the object to transition.
- days Number
Specifies the number of days noncurrent object versions transition.
BucketV2LifecycleRuleTransition
- Storage
Class string Specifies the Amazon S3 storage class to which you want the object to transition.
- Date string
Specifies the date after which you want the corresponding action to take effect.
- Days int
Specifies the number of days after object creation when the specific rule action takes effect.
- Storage
Class string Specifies the Amazon S3 storage class to which you want the object to transition.
- Date string
Specifies the date after which you want the corresponding action to take effect.
- Days int
Specifies the number of days after object creation when the specific rule action takes effect.
- storage
Class String Specifies the Amazon S3 storage class to which you want the object to transition.
- date String
Specifies the date after which you want the corresponding action to take effect.
- days Integer
Specifies the number of days after object creation when the specific rule action takes effect.
- storage
Class string Specifies the Amazon S3 storage class to which you want the object to transition.
- date string
Specifies the date after which you want the corresponding action to take effect.
- days number
Specifies the number of days after object creation when the specific rule action takes effect.
- storage_
class str Specifies the Amazon S3 storage class to which you want the object to transition.
- date str
Specifies the date after which you want the corresponding action to take effect.
- days int
Specifies the number of days after object creation when the specific rule action takes effect.
- storage
Class String Specifies the Amazon S3 storage class to which you want the object to transition.
- date String
Specifies the date after which you want the corresponding action to take effect.
- days Number
Specifies the number of days after object creation when the specific rule action takes effect.
BucketV2Logging
- Target
Bucket string Name of the bucket that will receive the log objects.
- Target
Prefix string To specify a key prefix for log objects.
- Target
Bucket string Name of the bucket that will receive the log objects.
- Target
Prefix string To specify a key prefix for log objects.
- target
Bucket String Name of the bucket that will receive the log objects.
- target
Prefix String To specify a key prefix for log objects.
- target
Bucket string Name of the bucket that will receive the log objects.
- target
Prefix string To specify a key prefix for log objects.
- target_
bucket str Name of the bucket that will receive the log objects.
- target_
prefix str To specify a key prefix for log objects.
- target
Bucket String Name of the bucket that will receive the log objects.
- target
Prefix String To specify a key prefix for log objects.
BucketV2ObjectLockConfiguration
- Object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.Use the top-level parameter object_lock_enabled instead
- Rules
List<Bucket
V2Object Lock Configuration Rule> Object Lock rule in place for this bucket (documented below).
Use the aws_s3_bucket_object_lock_configuration resource instead
- Object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.Use the top-level parameter object_lock_enabled instead
- Rules
[]Bucket
V2Object Lock Configuration Rule Object Lock rule in place for this bucket (documented below).
Use the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock StringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.Use the top-level parameter object_lock_enabled instead
- rules
List<Bucket
V2Object Lock Configuration Rule> Object Lock rule in place for this bucket (documented below).
Use the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock stringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.Use the top-level parameter object_lock_enabled instead
- rules
Bucket
V2Object Lock Configuration Rule[] Object Lock rule in place for this bucket (documented below).
Use the aws_s3_bucket_object_lock_configuration resource instead
- object_
lock_ strenabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.Use the top-level parameter object_lock_enabled instead
- rules
Sequence[Bucket
V2Object Lock Configuration Rule] Object Lock rule in place for this bucket (documented below).
Use the aws_s3_bucket_object_lock_configuration resource instead
- object
Lock StringEnabled Indicates whether this bucket has an Object Lock configuration enabled. Valid values are
true
orfalse
. This argument is not supported in all regions or partitions.Use the top-level parameter object_lock_enabled instead
- rules List<Property Map>
Object Lock rule in place for this bucket (documented below).
Use the aws_s3_bucket_object_lock_configuration resource instead
BucketV2ObjectLockConfigurationRule
- Default
Retentions List<BucketV2Object Lock Configuration Rule Default Retention> Default retention period that you want to apply to new objects placed in this bucket (documented below).
- Default
Retentions []BucketV2Object Lock Configuration Rule Default Retention Default retention period that you want to apply to new objects placed in this bucket (documented below).
- default
Retentions List<BucketV2Object Lock Configuration Rule Default Retention> Default retention period that you want to apply to new objects placed in this bucket (documented below).
- default
Retentions BucketV2Object Lock Configuration Rule Default Retention[] Default retention period that you want to apply to new objects placed in this bucket (documented below).
- default_
retentions Sequence[BucketV2Object Lock Configuration Rule Default Retention] Default retention period that you want to apply to new objects placed in this bucket (documented below).
- default
Retentions List<Property Map> Default retention period that you want to apply to new objects placed in this bucket (documented below).
BucketV2ObjectLockConfigurationRuleDefaultRetention
- Mode string
Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are
GOVERNANCE
andCOMPLIANCE
.- Days int
Number of days that you want to specify for the default retention period.
- Years int
Number of years that you want to specify for the default retention period.
- Mode string
Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are
GOVERNANCE
andCOMPLIANCE
.- Days int
Number of days that you want to specify for the default retention period.
- Years int
Number of years that you want to specify for the default retention period.
- mode String
Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are
GOVERNANCE
andCOMPLIANCE
.- days Integer
Number of days that you want to specify for the default retention period.
- years Integer
Number of years that you want to specify for the default retention period.
- mode string
Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are
GOVERNANCE
andCOMPLIANCE
.- days number
Number of days that you want to specify for the default retention period.
- years number
Number of years that you want to specify for the default retention period.
- mode str
Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are
GOVERNANCE
andCOMPLIANCE
.- days int
Number of days that you want to specify for the default retention period.
- years int
Number of years that you want to specify for the default retention period.
- mode String
Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are
GOVERNANCE
andCOMPLIANCE
.- days Number
Number of days that you want to specify for the default retention period.
- years Number
Number of years that you want to specify for the default retention period.
BucketV2ReplicationConfiguration
- Role string
ARN of the IAM role for Amazon S3 to assume when replicating the objects.
- Rules
List<Bucket
V2Replication Configuration Rule> Specifies the rules managing the replication (documented below).
- Role string
ARN of the IAM role for Amazon S3 to assume when replicating the objects.
- Rules
[]Bucket
V2Replication Configuration Rule Specifies the rules managing the replication (documented below).
- role String
ARN of the IAM role for Amazon S3 to assume when replicating the objects.
- rules
List<Bucket
V2Replication Configuration Rule> Specifies the rules managing the replication (documented below).
- role string
ARN of the IAM role for Amazon S3 to assume when replicating the objects.
- rules
Bucket
V2Replication Configuration Rule[] Specifies the rules managing the replication (documented below).
- role str
ARN of the IAM role for Amazon S3 to assume when replicating the objects.
- rules
Sequence[Bucket
V2Replication Configuration Rule] Specifies the rules managing the replication (documented below).
- role String
ARN of the IAM role for Amazon S3 to assume when replicating the objects.
- rules List<Property Map>
Specifies the rules managing the replication (documented below).
BucketV2ReplicationConfigurationRule
- Destinations
List<Bucket
V2Replication Configuration Rule Destination> Specifies the destination for the rule (documented below).
- Status string
Status of the rule. Either
Enabled
orDisabled
. The rule is ignored if status is not Enabled.- Delete
Marker stringReplication Status Whether delete markers are replicated. The only valid value is
Enabled
. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., whenfilter
is used).- Filters
List<Bucket
V2Replication Configuration Rule Filter> Filter that identifies subset of objects to which the replication rule applies (documented below).
- Id string
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- Prefix string
Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- Priority int
Priority associated with the rule. Priority should only be set if
filter
is configured. If not provided, defaults to0
. Priority must be unique between multiple rules.- Source
Selection List<BucketCriterias V2Replication Configuration Rule Source Selection Criteria> Specifies special object selection criteria (documented below).
- Destinations
[]Bucket
V2Replication Configuration Rule Destination Specifies the destination for the rule (documented below).
- Status string
Status of the rule. Either
Enabled
orDisabled
. The rule is ignored if status is not Enabled.- Delete
Marker stringReplication Status Whether delete markers are replicated. The only valid value is
Enabled
. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., whenfilter
is used).- Filters
[]Bucket
V2Replication Configuration Rule Filter Filter that identifies subset of objects to which the replication rule applies (documented below).
- Id string
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- Prefix string
Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- Priority int
Priority associated with the rule. Priority should only be set if
filter
is configured. If not provided, defaults to0
. Priority must be unique between multiple rules.- Source
Selection []BucketCriterias V2Replication Configuration Rule Source Selection Criteria Specifies special object selection criteria (documented below).
- destinations
List<Bucket
V2Replication Configuration Rule Destination> Specifies the destination for the rule (documented below).
- status String
Status of the rule. Either
Enabled
orDisabled
. The rule is ignored if status is not Enabled.- delete
Marker StringReplication Status Whether delete markers are replicated. The only valid value is
Enabled
. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., whenfilter
is used).- filters
List<Bucket
V2Replication Configuration Rule Filter> Filter that identifies subset of objects to which the replication rule applies (documented below).
- id String
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- prefix String
Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- priority Integer
Priority associated with the rule. Priority should only be set if
filter
is configured. If not provided, defaults to0
. Priority must be unique between multiple rules.- source
Selection List<BucketCriterias V2Replication Configuration Rule Source Selection Criteria> Specifies special object selection criteria (documented below).
- destinations
Bucket
V2Replication Configuration Rule Destination[] Specifies the destination for the rule (documented below).
- status string
Status of the rule. Either
Enabled
orDisabled
. The rule is ignored if status is not Enabled.- delete
Marker stringReplication Status Whether delete markers are replicated. The only valid value is
Enabled
. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., whenfilter
is used).- filters
Bucket
V2Replication Configuration Rule Filter[] Filter that identifies subset of objects to which the replication rule applies (documented below).
- id string
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- prefix string
Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- priority number
Priority associated with the rule. Priority should only be set if
filter
is configured. If not provided, defaults to0
. Priority must be unique between multiple rules.- source
Selection BucketCriterias V2Replication Configuration Rule Source Selection Criteria[] Specifies special object selection criteria (documented below).
- destinations
Sequence[Bucket
V2Replication Configuration Rule Destination] Specifies the destination for the rule (documented below).
- status str
Status of the rule. Either
Enabled
orDisabled
. The rule is ignored if status is not Enabled.- delete_
marker_ strreplication_ status Whether delete markers are replicated. The only valid value is
Enabled
. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., whenfilter
is used).- filters
Sequence[Bucket
V2Replication Configuration Rule Filter] Filter that identifies subset of objects to which the replication rule applies (documented below).
- id str
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- prefix str
Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- priority int
Priority associated with the rule. Priority should only be set if
filter
is configured. If not provided, defaults to0
. Priority must be unique between multiple rules.- source_
selection_ Sequence[Bucketcriterias V2Replication Configuration Rule Source Selection Criteria] Specifies special object selection criteria (documented below).
- destinations List<Property Map>
Specifies the destination for the rule (documented below).
- status String
Status of the rule. Either
Enabled
orDisabled
. The rule is ignored if status is not Enabled.- delete
Marker StringReplication Status Whether delete markers are replicated. The only valid value is
Enabled
. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., whenfilter
is used).- filters List<Property Map>
Filter that identifies subset of objects to which the replication rule applies (documented below).
- id String
Unique identifier for the rule. Must be less than or equal to 255 characters in length.
- prefix String
Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- priority Number
Priority associated with the rule. Priority should only be set if
filter
is configured. If not provided, defaults to0
. Priority must be unique between multiple rules.- source
Selection List<Property Map>Criterias Specifies special object selection criteria (documented below).
BucketV2ReplicationConfigurationRuleDestination
- Bucket string
ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
- Access
Control List<BucketTranslations V2Replication Configuration Rule Destination Access Control Translation> Specifies the overrides to use for object owners on replication. Must be used in conjunction with
account_id
owner override configuration.- Account
Id string Account ID to use for overriding the object owner on replication. Must be used in conjunction with
access_control_translation
override configuration.- Metrics
List<Bucket
V2Replication Configuration Rule Destination Metric> Enables replication metrics (required for S3 RTC) (documented below).
- Replica
Kms stringKey Id Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with
sse_kms_encrypted_objects
source selection criteria.- Replication
Times List<BucketV2Replication Configuration Rule Destination Replication Time> Enables S3 Replication Time Control (S3 RTC) (documented below).
- Storage
Class string The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.
- Bucket string
ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
- Access
Control []BucketTranslations V2Replication Configuration Rule Destination Access Control Translation Specifies the overrides to use for object owners on replication. Must be used in conjunction with
account_id
owner override configuration.- Account
Id string Account ID to use for overriding the object owner on replication. Must be used in conjunction with
access_control_translation
override configuration.- Metrics
[]Bucket
V2Replication Configuration Rule Destination Metric Enables replication metrics (required for S3 RTC) (documented below).
- Replica
Kms stringKey Id Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with
sse_kms_encrypted_objects
source selection criteria.- Replication
Times []BucketV2Replication Configuration Rule Destination Replication Time Enables S3 Replication Time Control (S3 RTC) (documented below).
- Storage
Class string The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.
- bucket String
ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
- access
Control List<BucketTranslations V2Replication Configuration Rule Destination Access Control Translation> Specifies the overrides to use for object owners on replication. Must be used in conjunction with
account_id
owner override configuration.- account
Id String Account ID to use for overriding the object owner on replication. Must be used in conjunction with
access_control_translation
override configuration.- metrics
List<Bucket
V2Replication Configuration Rule Destination Metric> Enables replication metrics (required for S3 RTC) (documented below).
- replica
Kms StringKey Id Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with
sse_kms_encrypted_objects
source selection criteria.- replication
Times List<BucketV2Replication Configuration Rule Destination Replication Time> Enables S3 Replication Time Control (S3 RTC) (documented below).
- storage
Class String The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.
- bucket string
ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
- access
Control BucketTranslations V2Replication Configuration Rule Destination Access Control Translation[] Specifies the overrides to use for object owners on replication. Must be used in conjunction with
account_id
owner override configuration.- account
Id string Account ID to use for overriding the object owner on replication. Must be used in conjunction with
access_control_translation
override configuration.- metrics
Bucket
V2Replication Configuration Rule Destination Metric[] Enables replication metrics (required for S3 RTC) (documented below).
- replica
Kms stringKey Id Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with
sse_kms_encrypted_objects
source selection criteria.- replication
Times BucketV2Replication Configuration Rule Destination Replication Time[] Enables S3 Replication Time Control (S3 RTC) (documented below).
- storage
Class string The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.
- bucket str
ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
- access_
control_ Sequence[Buckettranslations V2Replication Configuration Rule Destination Access Control Translation] Specifies the overrides to use for object owners on replication. Must be used in conjunction with
account_id
owner override configuration.- account_
id str Account ID to use for overriding the object owner on replication. Must be used in conjunction with
access_control_translation
override configuration.- metrics
Sequence[Bucket
V2Replication Configuration Rule Destination Metric] Enables replication metrics (required for S3 RTC) (documented below).
- replica_
kms_ strkey_ id Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with
sse_kms_encrypted_objects
source selection criteria.- replication_
times Sequence[BucketV2Replication Configuration Rule Destination Replication Time] Enables S3 Replication Time Control (S3 RTC) (documented below).
- storage_
class str The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.
- bucket String
ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
- access
Control List<Property Map>Translations Specifies the overrides to use for object owners on replication. Must be used in conjunction with
account_id
owner override configuration.- account
Id String Account ID to use for overriding the object owner on replication. Must be used in conjunction with
access_control_translation
override configuration.- metrics List<Property Map>
Enables replication metrics (required for S3 RTC) (documented below).
- replica
Kms StringKey Id Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with
sse_kms_encrypted_objects
source selection criteria.- replication
Times List<Property Map> Enables S3 Replication Time Control (S3 RTC) (documented below).
- storage
Class String The storage class used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.
BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation
- Owner string
- Owner string
- owner String
- owner string
- owner str
- owner String
BucketV2ReplicationConfigurationRuleDestinationMetric
BucketV2ReplicationConfigurationRuleDestinationReplicationTime
BucketV2ReplicationConfigurationRuleFilter
- Prefix string
Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- Dictionary<string, string>
A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.
- Prefix string
Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- map[string]string
A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.
- prefix String
Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- Map<String,String>
A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.
- prefix string
Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- {[key: string]: string}
A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.
- prefix str
Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- Mapping[str, str]
A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.
- prefix String
Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
- Map<String>
A map of tags that identifies subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.
BucketV2ReplicationConfigurationRuleSourceSelectionCriteria
- Sse
Kms List<BucketEncrypted Objects V2Replication Configuration Rule Source Selection Criteria Sse Kms Encrypted Object> Match SSE-KMS encrypted objects (documented below). If specified,
replica_kms_key_id
indestination
must be specified as well.
- Sse
Kms []BucketEncrypted Objects V2Replication Configuration Rule Source Selection Criteria Sse Kms Encrypted Object Match SSE-KMS encrypted objects (documented below). If specified,
replica_kms_key_id
indestination
must be specified as well.
- sse
Kms List<BucketEncrypted Objects V2Replication Configuration Rule Source Selection Criteria Sse Kms Encrypted Object> Match SSE-KMS encrypted objects (documented below). If specified,
replica_kms_key_id
indestination
must be specified as well.
- sse
Kms BucketEncrypted Objects V2Replication Configuration Rule Source Selection Criteria Sse Kms Encrypted Object[] Match SSE-KMS encrypted objects (documented below). If specified,
replica_kms_key_id
indestination
must be specified as well.
- sse_
kms_ Sequence[Bucketencrypted_ objects V2Replication Configuration Rule Source Selection Criteria Sse Kms Encrypted Object] Match SSE-KMS encrypted objects (documented below). If specified,
replica_kms_key_id
indestination
must be specified as well.
- sse
Kms List<Property Map>Encrypted Objects Match SSE-KMS encrypted objects (documented below). If specified,
replica_kms_key_id
indestination
must be specified as well.
BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject
- Enabled bool
Boolean which indicates if this criteria is enabled.
- Enabled bool
Boolean which indicates if this criteria is enabled.
- enabled Boolean
Boolean which indicates if this criteria is enabled.
- enabled boolean
Boolean which indicates if this criteria is enabled.
- enabled bool
Boolean which indicates if this criteria is enabled.
- enabled Boolean
Boolean which indicates if this criteria is enabled.
BucketV2ServerSideEncryptionConfiguration
- Rules
List<Bucket
V2Server Side Encryption Configuration Rule> Single object for server-side encryption by default configuration. (documented below)
- Rules
[]Bucket
V2Server Side Encryption Configuration Rule Single object for server-side encryption by default configuration. (documented below)
- rules
List<Bucket
V2Server Side Encryption Configuration Rule> Single object for server-side encryption by default configuration. (documented below)
- rules
Bucket
V2Server Side Encryption Configuration Rule[] Single object for server-side encryption by default configuration. (documented below)
- rules
Sequence[Bucket
V2Server Side Encryption Configuration Rule] Single object for server-side encryption by default configuration. (documented below)
- rules List<Property Map>
Single object for server-side encryption by default configuration. (documented below)
BucketV2ServerSideEncryptionConfigurationRule
- Apply
Server List<BucketSide Encryption By Defaults V2Server Side Encryption Configuration Rule Apply Server Side Encryption By Default> Single object for setting server-side encryption by default. (documented below)
- Bucket
Key boolEnabled Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
- Apply
Server []BucketSide Encryption By Defaults V2Server Side Encryption Configuration Rule Apply Server Side Encryption By Default Single object for setting server-side encryption by default. (documented below)
- Bucket
Key boolEnabled Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
- apply
Server List<BucketSide Encryption By Defaults V2Server Side Encryption Configuration Rule Apply Server Side Encryption By Default> Single object for setting server-side encryption by default. (documented below)
- bucket
Key BooleanEnabled Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
- apply
Server BucketSide Encryption By Defaults V2Server Side Encryption Configuration Rule Apply Server Side Encryption By Default[] Single object for setting server-side encryption by default. (documented below)
- bucket
Key booleanEnabled Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
- apply_
server_ Sequence[Bucketside_ encryption_ by_ defaults V2Server Side Encryption Configuration Rule Apply Server Side Encryption By Default] Single object for setting server-side encryption by default. (documented below)
- bucket_
key_ boolenabled Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
- apply
Server List<Property Map>Side Encryption By Defaults Single object for setting server-side encryption by default. (documented below)
- bucket
Key BooleanEnabled Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault
- Sse
Algorithm string Server-side encryption algorithm to use. Valid values are
AES256
andaws:kms
- Kms
Master stringKey Id AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of
sse_algorithm
asaws:kms
. The defaultaws/s3
AWS KMS master key is used if this element is absent while thesse_algorithm
isaws:kms
.
- Sse
Algorithm string Server-side encryption algorithm to use. Valid values are
AES256
andaws:kms
- Kms
Master stringKey Id AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of
sse_algorithm
asaws:kms
. The defaultaws/s3
AWS KMS master key is used if this element is absent while thesse_algorithm
isaws:kms
.
- sse
Algorithm String Server-side encryption algorithm to use. Valid values are
AES256
andaws:kms
- kms
Master StringKey Id AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of
sse_algorithm
asaws:kms
. The defaultaws/s3
AWS KMS master key is used if this element is absent while thesse_algorithm
isaws:kms
.
- sse
Algorithm string Server-side encryption algorithm to use. Valid values are
AES256
andaws:kms
- kms
Master stringKey Id AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of
sse_algorithm
asaws:kms
. The defaultaws/s3
AWS KMS master key is used if this element is absent while thesse_algorithm
isaws:kms
.
- sse_
algorithm str Server-side encryption algorithm to use. Valid values are
AES256
andaws:kms
- kms_
master_ strkey_ id AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of
sse_algorithm
asaws:kms
. The defaultaws/s3
AWS KMS master key is used if this element is absent while thesse_algorithm
isaws:kms
.
- sse
Algorithm String Server-side encryption algorithm to use. Valid values are
AES256
andaws:kms
- kms
Master StringKey Id AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of
sse_algorithm
asaws:kms
. The defaultaws/s3
AWS KMS master key is used if this element is absent while thesse_algorithm
isaws:kms
.
BucketV2Versioning
- Enabled bool
Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
- Mfa
Delete bool Enable MFA delete for either
Change the versioning state of your bucket
orPermanently delete an object version
. Default isfalse
. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS
- Enabled bool
Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
- Mfa
Delete bool Enable MFA delete for either
Change the versioning state of your bucket
orPermanently delete an object version
. Default isfalse
. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS
- enabled Boolean
Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
- mfa
Delete Boolean Enable MFA delete for either
Change the versioning state of your bucket
orPermanently delete an object version
. Default isfalse
. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS
- enabled boolean
Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
- mfa
Delete boolean Enable MFA delete for either
Change the versioning state of your bucket
orPermanently delete an object version
. Default isfalse
. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS
- enabled bool
Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
- mfa_
delete bool Enable MFA delete for either
Change the versioning state of your bucket
orPermanently delete an object version
. Default isfalse
. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS
- enabled Boolean
Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
- mfa
Delete Boolean Enable MFA delete for either
Change the versioning state of your bucket
orPermanently delete an object version
. Default isfalse
. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS
BucketV2Website
- Error
Document string Absolute path to the document to return in case of a 4XX error.
- Index
Document string Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
- Redirect
All stringRequests To Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (
http://
orhttps://
) to use when redirecting requests. The default is the protocol that is used in the original request.- Routing
Rules string JSON array containing routing rules describing redirect behavior and when redirects are applied.
- Error
Document string Absolute path to the document to return in case of a 4XX error.
- Index
Document string Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
- Redirect
All stringRequests To Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (
http://
orhttps://
) to use when redirecting requests. The default is the protocol that is used in the original request.- Routing
Rules string JSON array containing routing rules describing redirect behavior and when redirects are applied.
- error
Document String Absolute path to the document to return in case of a 4XX error.
- index
Document String Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
- redirect
All StringRequests To Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (
http://
orhttps://
) to use when redirecting requests. The default is the protocol that is used in the original request.- routing
Rules String JSON array containing routing rules describing redirect behavior and when redirects are applied.
- error
Document string Absolute path to the document to return in case of a 4XX error.
- index
Document string Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
- redirect
All stringRequests To Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (
http://
orhttps://
) to use when redirecting requests. The default is the protocol that is used in the original request.- routing
Rules string JSON array containing routing rules describing redirect behavior and when redirects are applied.
- error_
document str Absolute path to the document to return in case of a 4XX error.
- index_
document str Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
- redirect_
all_ strrequests_ to Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (
http://
orhttps://
) to use when redirecting requests. The default is the protocol that is used in the original request.- routing_
rules str JSON array containing routing rules describing redirect behavior and when redirects are applied.
- error
Document String Absolute path to the document to return in case of a 4XX error.
- index
Document String Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
- redirect
All StringRequests To Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (
http://
orhttps://
) to use when redirecting requests. The default is the protocol that is used in the original request.- routing
Rules String JSON array containing routing rules describing redirect behavior and when redirects are applied.
Import
S3 bucket can be imported using the bucket
, e.g.,
$ pulumi import aws:s3/bucketV2:BucketV2 bucket bucket-name
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
aws
Terraform Provider.