Viewing docs for CoreWeave v1.0.1
published on Monday, May 18, 2026 by Pulumi
published on Monday, May 18, 2026 by Pulumi
Viewing docs for CoreWeave v1.0.1
published on Monday, May 18, 2026 by Pulumi
published on Monday, May 18, 2026 by Pulumi
Bucket access policies allow you to define precise, S3-compatible access control for one bucket. They are evaluated after organization access policies. See Manage Bucket Policies for examples and further information. This data source provides a type-safe data structure for creating an S3-compatible JSON bucket policy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as coreweave from "@pulumi/coreweave";
const _default = coreweave.getObjectStorageBucketPolicyDocument({
version: "2012-10-17",
statements: [{
sid: "allow-all",
effect: "Allow",
actions: ["s3:*"],
resources: ["arn:aws:s3:::*"],
principal: {
CW: ["*"],
},
}],
});
import pulumi
import pulumi_coreweave as coreweave
default = coreweave.get_object_storage_bucket_policy_document(version="2012-10-17",
statements=[{
"sid": "allow-all",
"effect": "Allow",
"actions": ["s3:*"],
"resources": ["arn:aws:s3:::*"],
"principal": {
"CW": ["*"],
},
}])
package main
import (
"github.com/pulumi/pulumi-coreweave/sdk/go/coreweave"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := coreweave.GetObjectStorageBucketPolicyDocument(ctx, &coreweave.GetObjectStorageBucketPolicyDocumentArgs{
Version: pulumi.StringRef("2012-10-17"),
Statements: []coreweave.GetObjectStorageBucketPolicyDocumentStatement{
{
Sid: pulumi.StringRef("allow-all"),
Effect: pulumi.StringRef("Allow"),
Actions: []string{
"s3:*",
},
Resources: []string{
"arn:aws:s3:::*",
},
Principal: {
"CW": []string{
"*",
},
},
},
},
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using CoreWeave = Pulumi.CoreWeave;
return await Deployment.RunAsync(() =>
{
var @default = CoreWeave.GetObjectStorageBucketPolicyDocument.Invoke(new()
{
Version = "2012-10-17",
Statements = new[]
{
new CoreWeave.Inputs.GetObjectStorageBucketPolicyDocumentStatementInputArgs
{
Sid = "allow-all",
Effect = "Allow",
Actions = new[]
{
"s3:*",
},
Resources = new[]
{
"arn:aws:s3:::*",
},
Principal =
{
{ "CW", new[]
{
"*",
} },
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.coreweave.CoreweaveFunctions;
import com.pulumi.coreweave.inputs.GetObjectStorageBucketPolicyDocumentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var default = CoreweaveFunctions.getObjectStorageBucketPolicyDocument(GetObjectStorageBucketPolicyDocumentArgs.builder()
.version("2012-10-17")
.statements(GetObjectStorageBucketPolicyDocumentStatementArgs.builder()
.sid("allow-all")
.effect("Allow")
.actions("s3:*")
.resources("arn:aws:s3:::*")
.principal(Map.of("CW", "*"))
.build())
.build());
}
}
variables:
default:
fn::invoke:
function: coreweave:getObjectStorageBucketPolicyDocument
arguments:
version: 2012-10-17
statements:
- sid: allow-all
effect: Allow
actions:
- s3:*
resources:
- arn:aws:s3:::*
principal:
CW:
- '*'
Example coming soon!
Using getObjectStorageBucketPolicyDocument
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getObjectStorageBucketPolicyDocument(args: GetObjectStorageBucketPolicyDocumentArgs, opts?: InvokeOptions): Promise<GetObjectStorageBucketPolicyDocumentResult>
function getObjectStorageBucketPolicyDocumentOutput(args: GetObjectStorageBucketPolicyDocumentOutputArgs, opts?: InvokeOptions): Output<GetObjectStorageBucketPolicyDocumentResult>def get_object_storage_bucket_policy_document(id: Optional[str] = None,
statements: Optional[Sequence[GetObjectStorageBucketPolicyDocumentStatement]] = None,
version: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetObjectStorageBucketPolicyDocumentResult
def get_object_storage_bucket_policy_document_output(id: pulumi.Input[Optional[str]] = None,
statements: pulumi.Input[Optional[Sequence[pulumi.Input[GetObjectStorageBucketPolicyDocumentStatementArgs]]]] = None,
version: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetObjectStorageBucketPolicyDocumentResult]func GetObjectStorageBucketPolicyDocument(ctx *Context, args *GetObjectStorageBucketPolicyDocumentArgs, opts ...InvokeOption) (*GetObjectStorageBucketPolicyDocumentResult, error)
func GetObjectStorageBucketPolicyDocumentOutput(ctx *Context, args *GetObjectStorageBucketPolicyDocumentOutputArgs, opts ...InvokeOption) GetObjectStorageBucketPolicyDocumentResultOutput> Note: This function is named GetObjectStorageBucketPolicyDocument in the Go SDK.
public static class GetObjectStorageBucketPolicyDocument
{
public static Task<GetObjectStorageBucketPolicyDocumentResult> InvokeAsync(GetObjectStorageBucketPolicyDocumentArgs args, InvokeOptions? opts = null)
public static Output<GetObjectStorageBucketPolicyDocumentResult> Invoke(GetObjectStorageBucketPolicyDocumentInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetObjectStorageBucketPolicyDocumentResult> getObjectStorageBucketPolicyDocument(GetObjectStorageBucketPolicyDocumentArgs args, InvokeOptions options)
public static Output<GetObjectStorageBucketPolicyDocumentResult> getObjectStorageBucketPolicyDocument(GetObjectStorageBucketPolicyDocumentArgs args, InvokeOptions options)
fn::invoke:
function: coreweave:index/getObjectStorageBucketPolicyDocument:getObjectStorageBucketPolicyDocument
arguments:
# arguments dictionarydata "coreweave_getobjectstoragebucketpolicydocument" "name" {
# arguments
}The following arguments are supported:
- Id string
- An optional policy identifier
- Statements
List<Pulumi.
Core Weave. Inputs. Get Object Storage Bucket Policy Document Statement> - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- Version string
- The policy version, e.g.
"2012-10-17"
- Id string
- An optional policy identifier
- Statements
[]Get
Object Storage Bucket Policy Document Statement - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- Version string
- The policy version, e.g.
"2012-10-17"
- id string
- An optional policy identifier
- statements list(object)
- The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version string
- The policy version, e.g.
"2012-10-17"
- id String
- An optional policy identifier
- statements
List<Get
Object Storage Bucket Policy Document Statement> - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version String
- The policy version, e.g.
"2012-10-17"
- id string
- An optional policy identifier
- statements
Get
Object Storage Bucket Policy Document Statement[] - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version string
- The policy version, e.g.
"2012-10-17"
- id str
- An optional policy identifier
- statements
Sequence[Get
Object Storage Bucket Policy Document Statement] - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version str
- The policy version, e.g.
"2012-10-17"
- id String
- An optional policy identifier
- statements List<Property Map>
- The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version String
- The policy version, e.g.
"2012-10-17"
getObjectStorageBucketPolicyDocument Result
The following output properties are available:
- Json string
- The rendered policy document as JSON
- Id string
- An optional policy identifier
- Statements
List<Pulumi.
Core Weave. Outputs. Get Object Storage Bucket Policy Document Statement> - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- Version string
- The policy version, e.g.
"2012-10-17"
- Json string
- The rendered policy document as JSON
- Id string
- An optional policy identifier
- Statements
[]Get
Object Storage Bucket Policy Document Statement - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- Version string
- The policy version, e.g.
"2012-10-17"
- json string
- The rendered policy document as JSON
- id string
- An optional policy identifier
- statements list(object)
- The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version string
- The policy version, e.g.
"2012-10-17"
- json String
- The rendered policy document as JSON
- id String
- An optional policy identifier
- statements
List<Get
Object Storage Bucket Policy Document Statement> - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version String
- The policy version, e.g.
"2012-10-17"
- json string
- The rendered policy document as JSON
- id string
- An optional policy identifier
- statements
Get
Object Storage Bucket Policy Document Statement[] - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version string
- The policy version, e.g.
"2012-10-17"
- json str
- The rendered policy document as JSON
- id str
- An optional policy identifier
- statements
Sequence[Get
Object Storage Bucket Policy Document Statement] - The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version str
- The policy version, e.g.
"2012-10-17"
- json String
- The rendered policy document as JSON
- id String
- An optional policy identifier
- statements List<Property Map>
- The main policy element that defines the access rules for buckets and objects. Multiple statement blocks can be specified.
- version String
- The policy version, e.g.
"2012-10-17"
Supporting Types
GetObjectStorageBucketPolicyDocumentStatement
- Actions List<string>
- List of action strings, e.g.
["s3:PutObject"] - Condition
Dictionary<string, Immutable
Dictionary<string, string>> - Map of condition operators to JSON expressions
- Effect string
AlloworDeny- Principal
Dictionary<string, Immutable
Array<string>> - Map of principal types to ARNs
- Resources List<string>
- List of resource ARNs, e.g.
["arn:aws:s3:::bucket/*"] - Sid string
- An optional statement identifier
- Actions []string
- List of action strings, e.g.
["s3:PutObject"] - Condition map[string]map[string]string
- Map of condition operators to JSON expressions
- Effect string
AlloworDeny- Principal map[string][]string
- Map of principal types to ARNs
- Resources []string
- List of resource ARNs, e.g.
["arn:aws:s3:::bucket/*"] - Sid string
- An optional statement identifier
- actions list(string)
- List of action strings, e.g.
["s3:PutObject"] - condition map(map(string))
- Map of condition operators to JSON expressions
- effect string
AlloworDeny- principal map(list(string))
- Map of principal types to ARNs
- resources list(string)
- List of resource ARNs, e.g.
["arn:aws:s3:::bucket/*"] - sid string
- An optional statement identifier
- actions List<String>
- List of action strings, e.g.
["s3:PutObject"] - condition Map<String,Map<String,String>>
- Map of condition operators to JSON expressions
- effect String
AlloworDeny- principal Map<String,List<String>>
- Map of principal types to ARNs
- resources List<String>
- List of resource ARNs, e.g.
["arn:aws:s3:::bucket/*"] - sid String
- An optional statement identifier
- actions string[]
- List of action strings, e.g.
["s3:PutObject"] - condition {[key: string]: {[key: string]: string}}
- Map of condition operators to JSON expressions
- effect string
AlloworDeny- principal {[key: string]: string[]}
- Map of principal types to ARNs
- resources string[]
- List of resource ARNs, e.g.
["arn:aws:s3:::bucket/*"] - sid string
- An optional statement identifier
- actions Sequence[str]
- List of action strings, e.g.
["s3:PutObject"] - condition Mapping[str, Mapping[str, str]]
- Map of condition operators to JSON expressions
- effect str
AlloworDeny- principal Mapping[str, Sequence[str]]
- Map of principal types to ARNs
- resources Sequence[str]
- List of resource ARNs, e.g.
["arn:aws:s3:::bucket/*"] - sid str
- An optional statement identifier
- actions List<String>
- List of action strings, e.g.
["s3:PutObject"] - condition Map<Map<String>>
- Map of condition operators to JSON expressions
- effect String
AlloworDeny- principal Map<List<String>>
- Map of principal types to ARNs
- resources List<String>
- List of resource ARNs, e.g.
["arn:aws:s3:::bucket/*"] - sid String
- An optional statement identifier
Package Details
- Repository
- coreweave pulumi/pulumi-coreweave
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
coreweaveTerraform Provider.
Viewing docs for CoreWeave v1.0.1
published on Monday, May 18, 2026 by Pulumi
published on Monday, May 18, 2026 by Pulumi
