pulumi-aws-kotlin/com.pulumi.aws.s3.kotlin/BucketServerSideEncryptionConfigurationV2

BucketServerSideEncryptionConfigurationV2

class BucketServerSideEncryptionConfigurationV2 : KotlinCustomResource

Provides a S3 bucket server-side encryption configuration resource.

NOTE: Destroying an aws.s3.BucketServerSideEncryptionConfigurationV2 resource resets the bucket to Amazon S3 bucket default encryption.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationV2;
import com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationV2Args;
import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationV2RuleArgs;
import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var mykey = new Key("mykey", KeyArgs.builder()
            .description("This key is used to encrypt bucket objects")
            .deletionWindowInDays(10)
            .build());
        var mybucket = new BucketV2("mybucket");
        var example = new BucketServerSideEncryptionConfigurationV2("example", BucketServerSideEncryptionConfigurationV2Args.builder()
            .bucket(mybucket.id())
            .rules(BucketServerSideEncryptionConfigurationV2RuleArgs.builder()
                .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs.builder()
                    .kmsMasterKeyId(mykey.arn())
                    .sseAlgorithm("aws:kms")
                    .build())
                .build())
            .build());
    }
}
Content copied to clipboard

Import

If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,): Using pulumi import to import S3 bucket server-side encryption configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example: If the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the bucket:

$ pulumi import aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2 example bucket-name
Content copied to clipboard

If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

$ pulumi import aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2 example bucket-name,123456789012
Content copied to clipboard

Properties

Link copied to clipboard
val bucket: Output<String>

ID (name) of the bucket.

Link copied to clipboard
val expectedBucketOwner: Output<String>?

Account ID of the expected bucket owner.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val rules: Output<List<BucketServerSideEncryptionConfigurationV2Rule>>

Set of server-side encryption configuration rules. See below. Currently, only a single rule is supported.

Link copied to clipboard
val urn: Output<String>