pulumi-aws-kotlin/com.pulumi.aws.s3.kotlin/BucketServerSideEncryptionConfigurationV2Args

BucketServerSideEncryptionConfigurationV2Args

data class BucketServerSideEncryptionConfigurationV2Args(val bucket: Output<String>? = null, val expectedBucketOwner: Output<String>? = null, val rules: Output<List<BucketServerSideEncryptionConfigurationV2RuleArgs>>? = null) : ConvertibleToJava<BucketServerSideEncryptionConfigurationV2Args>

Provides a S3 bucket server-side encryption configuration resource.

NOTE: Destroying an aws.s3.BucketServerSideEncryptionConfigurationV2 resource resets the bucket to Amazon S3 bucket default encryption.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationV2;
import com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationV2Args;
import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationV2RuleArgs;
import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var mykey = new Key("mykey", KeyArgs.builder()
            .description("This key is used to encrypt bucket objects")
            .deletionWindowInDays(10)
            .build());
        var mybucket = new BucketV2("mybucket");
        var example = new BucketServerSideEncryptionConfigurationV2("example", BucketServerSideEncryptionConfigurationV2Args.builder()
            .bucket(mybucket.id())
            .rules(BucketServerSideEncryptionConfigurationV2RuleArgs.builder()
                .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs.builder()
                    .kmsMasterKeyId(mykey.arn())
                    .sseAlgorithm("aws:kms")
                    .build())
                .build())
            .build());
    }
}

Import

If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,): Using pulumi import to import S3 bucket server-side encryption configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example: If the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the bucket:

$ pulumi import aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2 example bucket-name

If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

$ pulumi import aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2 example bucket-name,123456789012

Constructors

BucketServerSideEncryptionConfigurationV2Args

fun BucketServerSideEncryptionConfigurationV2Args(bucket: Output<String>? = null, expectedBucketOwner: Output<String>? = null, rules: Output<List<BucketServerSideEncryptionConfigurationV2RuleArgs>>? = null)

Functions

toJava

open override fun toJava(): BucketServerSideEncryptionConfigurationV2Args

Properties

bucket

val bucket: Output<String>? = null

ID (name) of the bucket.

expectedBucketOwner

val expectedBucketOwner: Output<String>? = null

Account ID of the expected bucket owner.

rules

val rules: Output<List<BucketServerSideEncryptionConfigurationV2RuleArgs>>? = null

Set of server-side encryption configuration rules. See below. Currently, only a single rule is supported.