Bucket
data class BucketReplicationConfigArgs(val bucket: Output<String>? = null, val role: Output<String>? = null, val rules: Output<List<BucketReplicationConfigRuleArgs>>? = null, val token: Output<String>? = null) : ConvertibleToJava<BucketReplicationConfigArgs>
Provides an independent configuration resource for S3 bucket replication configuration.
NOTE: S3 Buckets only support a single replication configuration. Declaring multiple
aws.s3.BucketReplicationConfigresources to the same S3 Bucket will cause a perpetual difference in configuration.
Example Usage
Using replication configuration
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.Provider;
import com.pulumi.aws.ProviderArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var central = new Provider("central", ProviderArgs.builder()
.region("eu-central-1")
.build());
final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("s3.amazonaws.com")
.build())
.actions("sts:AssumeRole")
.build())
.build());
var replicationRole = new Role("replicationRole", RoleArgs.builder()
.assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
var destinationBucketV2 = new BucketV2("destinationBucketV2");
var sourceBucketV2 = new BucketV2("sourceBucketV2", BucketV2Args.Empty, CustomResourceOptions.builder()
.provider(aws.central())
.build());
final var replicationPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetReplicationConfiguration",
"s3:ListBucket")
.resources(sourceBucketV2.arn())
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging")
.resources(sourceBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags")
.resources(destinationBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
.build())
.build());
var replicationPolicy = new Policy("replicationPolicy", PolicyArgs.builder()
.policy(replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(replicationPolicyDocument -> replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
.build());
var replicationRolePolicyAttachment = new RolePolicyAttachment("replicationRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
.role(replicationRole.name())
.policyArn(replicationPolicy.arn())
.build());
var destinationBucketVersioningV2 = new BucketVersioningV2("destinationBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(destinationBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var sourceBucketAcl = new BucketAclV2("sourceBucketAcl", BucketAclV2Args.builder()
.bucket(sourceBucketV2.id())
.acl("private")
.build(), CustomResourceOptions.builder()
.provider(aws.central())
.build());
var sourceBucketVersioningV2 = new BucketVersioningV2("sourceBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(sourceBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.central())
.build());
var replicationBucketReplicationConfig = new BucketReplicationConfig("replicationBucketReplicationConfig", BucketReplicationConfigArgs.builder()
.role(replicationRole.arn())
.bucket(sourceBucketV2.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(destinationBucketV2.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.central())
.dependsOn(sourceBucketVersioningV2)
.build());
}
}Content copied to clipboard
Bi-Directional Replication
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var eastBucketV2 = new BucketV2("eastBucketV2");
var eastBucketVersioningV2 = new BucketVersioningV2("eastBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(eastBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var westBucketV2 = new BucketV2("westBucketV2", BucketV2Args.Empty, CustomResourceOptions.builder()
.provider(aws.west())
.build());
var westBucketVersioningV2 = new BucketVersioningV2("westBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(westBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.west())
.build());
var eastToWest = new BucketReplicationConfig("eastToWest", BucketReplicationConfigArgs.builder()
.role(aws_iam_role.east_replication().arn())
.bucket(eastBucketV2.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(westBucketV2.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(eastBucketVersioningV2)
.build());
var westToEast = new BucketReplicationConfig("westToEast", BucketReplicationConfigArgs.builder()
.role(aws_iam_role.west_replication().arn())
.bucket(westBucketV2.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(eastBucketV2.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.west())
.dependsOn(westBucketVersioningV2)
.build());
}
}Content copied to clipboard
Import
S3 bucket replication configuration can be imported using the bucket, e.g.
$ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-nameContent copied to clipboard
Constructors
Link copied to clipboard
fun BucketReplicationConfigArgs(bucket: Output<String>? = null, role: Output<String>? = null, rules: Output<List<BucketReplicationConfigRuleArgs>>? = null, token: Output<String>? = null)
Functions
Properties
Link copied to clipboard
Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication. //