Bucket
data class BucketReplicationConfigArgs(val bucket: Output<String>? = null, val role: Output<String>? = null, val rules: Output<List<BucketReplicationConfigRuleArgs>>? = null, val token: Output<String>? = null) : ConvertibleToJava<BucketReplicationConfigArgs>
Provides an independent configuration resource for S3 bucket replication configuration.
NOTE: S3 Buckets only support a single replication configuration. Declaring multiple
aws.s3.BucketReplicationConfigresources to the same S3 Bucket will cause a perpetual difference in configuration.
Example Usage
Using replication configuration
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.Provider;
import com.pulumi.aws.ProviderArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var central = new Provider("central", ProviderArgs.builder()
.region("eu-central-1")
.build());
final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("s3.amazonaws.com")
.build())
.actions("sts:AssumeRole")
.build())
.build());
var replicationRole = new Role("replicationRole", RoleArgs.builder()
.assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
var destinationBucketV2 = new BucketV2("destinationBucketV2");
var sourceBucketV2 = new BucketV2("sourceBucketV2", BucketV2Args.Empty, CustomResourceOptions.builder()
.provider(aws.central())
.build());
final var replicationPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetReplicationConfiguration",
"s3:ListBucket")
.resources(sourceBucketV2.arn())
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging")
.resources(sourceBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags")
.resources(destinationBucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
.build())
.build());
var replicationPolicy = new Policy("replicationPolicy", PolicyArgs.builder()
.policy(replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(replicationPolicyDocument -> replicationPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
.build());
var replicationRolePolicyAttachment = new RolePolicyAttachment("replicationRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
.role(replicationRole.name())
.policyArn(replicationPolicy.arn())
.build());
var destinationBucketVersioningV2 = new BucketVersioningV2("destinationBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(destinationBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var sourceBucketAcl = new BucketAclV2("sourceBucketAcl", BucketAclV2Args.builder()
.bucket(sourceBucketV2.id())
.acl("private")
.build(), CustomResourceOptions.builder()
.provider(aws.central())
.build());
var sourceBucketVersioningV2 = new BucketVersioningV2("sourceBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(sourceBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.central())
.build());
var replicationBucketReplicationConfig = new BucketReplicationConfig("replicationBucketReplicationConfig", BucketReplicationConfigArgs.builder()
.role(replicationRole.arn())
.bucket(sourceBucketV2.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(destinationBucketV2.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.central())
.dependsOn(sourceBucketVersioningV2)
.build());
}
}Content copied to clipboard
Bi-Directional Replication
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var eastBucketV2 = new BucketV2("eastBucketV2");
var eastBucketVersioningV2 = new BucketVersioningV2("eastBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(eastBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var westBucketV2 = new BucketV2("westBucketV2", BucketV2Args.Empty, CustomResourceOptions.builder()
.provider(aws.west())
.build());
var westBucketVersioningV2 = new BucketVersioningV2("westBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(westBucketV2.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.west())
.build());
var eastToWest = new BucketReplicationConfig("eastToWest", BucketReplicationConfigArgs.builder()
.role(aws_iam_role.east_replication().arn())
.bucket(eastBucketV2.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(westBucketV2.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(eastBucketVersioningV2)
.build());
var westToEast = new BucketReplicationConfig("westToEast", BucketReplicationConfigArgs.builder()
.role(aws_iam_role.west_replication().arn())
.bucket(westBucketV2.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(eastBucketV2.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(aws.west())
.dependsOn(westBucketVersioningV2)
.build());
}
}Content copied to clipboard
Import
S3 bucket replication configuration can be imported using the bucket, e.g.
$ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-nameContent copied to clipboard
Constructors
Link copied to clipboard
constructor(bucket: Output<String>? = null, role: Output<String>? = null, rules: Output<List<BucketReplicationConfigRuleArgs>>? = null, token: Output<String>? = null)
Properties
Link copied to clipboard
List of configuration blocks describing the rules managing the replication. See below.
Link copied to clipboard
Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication. //