Bucket
data class BucketReplicationConfigArgs(val bucket: Output<String>? = null, val role: Output<String>? = null, val rules: Output<List<BucketReplicationConfigRuleArgs>>? = null, val token: Output<String>? = null) : ConvertibleToJava<BucketReplicationConfigArgs>
Provides an independent configuration resource for S3 bucket replication configuration.
NOTE: S3 Buckets only support a single replication configuration. Declaring multiple
aws.s3.BucketReplicationConfigresources to the same S3 Bucket will cause a perpetual difference in configuration. This resource cannot be used with S3 directory buckets.
Example Usage
Using replication configuration
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const assumeRole = aws.iam.getPolicyDocument({
statements: [{
effect: "Allow",
principals: [{
type: "Service",
identifiers: ["s3.amazonaws.com"],
}],
actions: ["sts:AssumeRole"],
}],
});
const replicationRole = new aws.iam.Role("replication", {
name: "tf-iam-role-replication-12345",
assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json),
});
const destination = new aws.s3.BucketV2("destination", {bucket: "tf-test-bucket-destination-12345"});
const source = new aws.s3.BucketV2("source", {bucket: "tf-test-bucket-source-12345"});
const replication = aws.iam.getPolicyDocumentOutput({
statements: [
{
effect: "Allow",
actions: [
"s3:GetReplicationConfiguration",
"s3:ListBucket",
],
resources: [source.arn],
},
{
effect: "Allow",
actions: [
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging",
],
resources: [pulumi.interpolate`${source.arn}/*`],
},
{
effect: "Allow",
actions: [
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
],
resources: [pulumi.interpolate`${destination.arn}/*`],
},
],
});
const replicationPolicy = new aws.iam.Policy("replication", {
name: "tf-iam-role-policy-replication-12345",
policy: replication.apply(replication => replication.json),
});
const replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment("replication", {
role: replicationRole.name,
policyArn: replicationPolicy.arn,
});
const destinationBucketVersioningV2 = new aws.s3.BucketVersioningV2("destination", {
bucket: destination.id,
versioningConfiguration: {
status: "Enabled",
},
});
const sourceBucketAcl = new aws.s3.BucketAclV2("source_bucket_acl", {
bucket: source.id,
acl: "private",
});
const sourceBucketVersioningV2 = new aws.s3.BucketVersioningV2("source", {
bucket: source.id,
versioningConfiguration: {
status: "Enabled",
},
});
const replicationBucketReplicationConfig = new aws.s3.BucketReplicationConfig("replication", {
role: replicationRole.arn,
bucket: source.id,
rules: [{
id: "foobar",
filter: {
prefix: "foo",
},
status: "Enabled",
destination: {
bucket: destination.arn,
storageClass: "STANDARD",
},
}],
}, {
dependsOn: [sourceBucketVersioningV2],
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
assume_role = aws.iam.get_policy_document(statements=[{
"effect": "Allow",
"principals": [{
"type": "Service",
"identifiers": ["s3.amazonaws.com"],
}],
"actions": ["sts:AssumeRole"],
}])
replication_role = aws.iam.Role("replication",
name="tf-iam-role-replication-12345",
assume_role_policy=assume_role.json)
destination = aws.s3.BucketV2("destination", bucket="tf-test-bucket-destination-12345")
source = aws.s3.BucketV2("source", bucket="tf-test-bucket-source-12345")
replication = aws.iam.get_policy_document_output(statements=[
{
"effect": "Allow",
"actions": [
"s3:GetReplicationConfiguration",
"s3:ListBucket",
],
"resources": [source.arn],
},
{
"effect": "Allow",
"actions": [
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging",
],
"resources": [source.arn.apply(lambda arn: f"{arn}/*")],
},
{
"effect": "Allow",
"actions": [
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
],
"resources": [destination.arn.apply(lambda arn: f"{arn}/*")],
},
])
replication_policy = aws.iam.Policy("replication",
name="tf-iam-role-policy-replication-12345",
policy=replication.json)
replication_role_policy_attachment = aws.iam.RolePolicyAttachment("replication",
role=replication_role.name,
policy_arn=replication_policy.arn)
destination_bucket_versioning_v2 = aws.s3.BucketVersioningV2("destination",
bucket=destination.id,
versioning_configuration={
"status": "Enabled",
})
source_bucket_acl = aws.s3.BucketAclV2("source_bucket_acl",
bucket=source.id,
acl="private")
source_bucket_versioning_v2 = aws.s3.BucketVersioningV2("source",
bucket=source.id,
versioning_configuration={
"status": "Enabled",
})
replication_bucket_replication_config = aws.s3.BucketReplicationConfig("replication",
role=replication_role.arn,
bucket=source.id,
rules=[{
"id": "foobar",
"filter": {
"prefix": "foo",
},
"status": "Enabled",
"destination": {
"bucket": destination.arn,
"storage_class": "STANDARD",
},
}],
opts = pulumi.ResourceOptions(depends_on=[source_bucket_versioning_v2]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Principals = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
{
Type = "Service",
Identifiers = new[]
{
"s3.amazonaws.com",
},
},
},
Actions = new[]
{
"sts:AssumeRole",
},
},
},
});
var replicationRole = new Aws.Iam.Role("replication", new()
{
Name = "tf-iam-role-replication-12345",
AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var destination = new Aws.S3.BucketV2("destination", new()
{
Bucket = "tf-test-bucket-destination-12345",
});
var source = new Aws.S3.BucketV2("source", new()
{
Bucket = "tf-test-bucket-source-12345",
});
var replication = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Actions = new[]
{
"s3:GetReplicationConfiguration",
"s3:ListBucket",
},
Resources = new[]
{
source.Arn,
},
},
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Actions = new[]
{
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging",
},
Resources = new[]
{
$"{source.Arn}/*",
},
},
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Effect = "Allow",
Actions = new[]
{
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
},
Resources = new[]
{
$"{destination.Arn}/*",
},
},
},
});
var replicationPolicy = new Aws.Iam.Policy("replication", new()
{
Name = "tf-iam-role-policy-replication-12345",
PolicyDocument = replication.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("replication", new()
{
Role = replicationRole.Name,
PolicyArn = replicationPolicy.Arn,
});
var destinationBucketVersioningV2 = new Aws.S3.BucketVersioningV2("destination", new()
{
Bucket = destination.Id,
VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
{
Status = "Enabled",
},
});
var sourceBucketAcl = new Aws.S3.BucketAclV2("source_bucket_acl", new()
{
Bucket = source.Id,
Acl = "private",
});
var sourceBucketVersioningV2 = new Aws.S3.BucketVersioningV2("source", new()
{
Bucket = source.Id,
VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
{
Status = "Enabled",
},
});
var replicationBucketReplicationConfig = new Aws.S3.BucketReplicationConfig("replication", new()
{
Role = replicationRole.Arn,
Bucket = source.Id,
Rules = new[]
{
new Aws.S3.Inputs.BucketReplicationConfigRuleArgs
{
Id = "foobar",
Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs
{
Prefix = "foo",
},
Status = "Enabled",
Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs
{
Bucket = destination.Arn,
StorageClass = "STANDARD",
},
},
},
}, new CustomResourceOptions
{
DependsOn =
{
sourceBucketVersioningV2,
},
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
Statements: []iam.GetPolicyDocumentStatement{
{
Effect: pulumi.StringRef("Allow"),
Principals: []iam.GetPolicyDocumentStatementPrincipal{
{
Type: "Service",
Identifiers: []string{
"s3.amazonaws.com",
},
},
},
Actions: []string{
"sts:AssumeRole",
},
},
},
}, nil)
if err != nil {
return err
}
replicationRole, err := iam.NewRole(ctx, "replication", &iam.RoleArgs{
Name: pulumi.String("tf-iam-role-replication-12345"),
AssumeRolePolicy: pulumi.String(assumeRole.Json),
})
if err != nil {
return err
}
destination, err := s3.NewBucketV2(ctx, "destination", &s3.BucketV2Args{
Bucket: pulumi.String("tf-test-bucket-destination-12345"),
})
if err != nil {
return err
}
source, err := s3.NewBucketV2(ctx, "source", &s3.BucketV2Args{
Bucket: pulumi.String("tf-test-bucket-source-12345"),
})
if err != nil {
return err
}
replication := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
Statements: iam.GetPolicyDocumentStatementArray{
&iam.GetPolicyDocumentStatementArgs{
Effect: pulumi.String("Allow"),
Actions: pulumi.StringArray{
pulumi.String("s3:GetReplicationConfiguration"),
pulumi.String("s3:ListBucket"),
},
Resources: pulumi.StringArray{
source.Arn,
},
},
&iam.GetPolicyDocumentStatementArgs{
Effect: pulumi.String("Allow"),
Actions: pulumi.StringArray{
pulumi.String("s3:GetObjectVersionForReplication"),
pulumi.String("s3:GetObjectVersionAcl"),
pulumi.String("s3:GetObjectVersionTagging"),
},
Resources: pulumi.StringArray{
source.Arn.ApplyT(func(arn string) (string, error) {
return fmt.Sprintf("%v/*", arn), nil
}).(pulumi.StringOutput),
},
},
&iam.GetPolicyDocumentStatementArgs{
Effect: pulumi.String("Allow"),
Actions: pulumi.StringArray{
pulumi.String("s3:ReplicateObject"),
pulumi.String("s3:ReplicateDelete"),
pulumi.String("s3:ReplicateTags"),
},
Resources: pulumi.StringArray{
destination.Arn.ApplyT(func(arn string) (string, error) {
return fmt.Sprintf("%v/*", arn), nil
}).(pulumi.StringOutput),
},
},
},
}, nil)
replicationPolicy, err := iam.NewPolicy(ctx, "replication", &iam.PolicyArgs{
Name: pulumi.String("tf-iam-role-policy-replication-12345"),
Policy: pulumi.String(replication.ApplyT(func(replication iam.GetPolicyDocumentResult) (*string, error) {
return &replication.Json, nil
}).(pulumi.StringPtrOutput)),
})
if err != nil {
return err
}
_, err = iam.NewRolePolicyAttachment(ctx, "replication", &iam.RolePolicyAttachmentArgs{
Role: replicationRole.Name,
PolicyArn: replicationPolicy.Arn,
})
if err != nil {
return err
}
_, err = s3.NewBucketVersioningV2(ctx, "destination", &s3.BucketVersioningV2Args{
Bucket: destination.ID(),
VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
Status: pulumi.String("Enabled"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "source_bucket_acl", &s3.BucketAclV2Args{
Bucket: source.ID(),
Acl: pulumi.String("private"),
})
if err != nil {
return err
}
sourceBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "source", &s3.BucketVersioningV2Args{
Bucket: source.ID(),
VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
Status: pulumi.String("Enabled"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketReplicationConfig(ctx, "replication", &s3.BucketReplicationConfigArgs{
Role: replicationRole.Arn,
Bucket: source.ID(),
Rules: s3.BucketReplicationConfigRuleArray{
&s3.BucketReplicationConfigRuleArgs{
Id: pulumi.String("foobar"),
Filter: &s3.BucketReplicationConfigRuleFilterArgs{
Prefix: pulumi.String("foo"),
},
Status: pulumi.String("Enabled"),
Destination: &s3.BucketReplicationConfigRuleDestinationArgs{
Bucket: destination.Arn,
StorageClass: pulumi.String("STANDARD"),
},
},
},
}, pulumi.DependsOn([]pulumi.Resource{
sourceBucketVersioningV2,
}))
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("s3.amazonaws.com")
.build())
.actions("sts:AssumeRole")
.build())
.build());
var replicationRole = new Role("replicationRole", RoleArgs.builder()
.name("tf-iam-role-replication-12345")
.assumeRolePolicy(assumeRole.json())
.build());
var destination = new BucketV2("destination", BucketV2Args.builder()
.bucket("tf-test-bucket-destination-12345")
.build());
var source = new BucketV2("source", BucketV2Args.builder()
.bucket("tf-test-bucket-source-12345")
.build());
final var replication = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetReplicationConfiguration",
"s3:ListBucket")
.resources(source.arn())
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging")
.resources(source.arn().applyValue(_arn -> String.format("%s/*", _arn)))
.build(),
GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions(
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags")
.resources(destination.arn().applyValue(_arn -> String.format("%s/*", _arn)))
.build())
.build());
var replicationPolicy = new Policy("replicationPolicy", PolicyArgs.builder()
.name("tf-iam-role-policy-replication-12345")
.policy(replication.applyValue(_replication -> _replication.json()))
.build());
var replicationRolePolicyAttachment = new RolePolicyAttachment("replicationRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
.role(replicationRole.name())
.policyArn(replicationPolicy.arn())
.build());
var destinationBucketVersioningV2 = new BucketVersioningV2("destinationBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(destination.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var sourceBucketAcl = new BucketAclV2("sourceBucketAcl", BucketAclV2Args.builder()
.bucket(source.id())
.acl("private")
.build());
var sourceBucketVersioningV2 = new BucketVersioningV2("sourceBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(source.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var replicationBucketReplicationConfig = new BucketReplicationConfig("replicationBucketReplicationConfig", BucketReplicationConfigArgs.builder()
.role(replicationRole.arn())
.bucket(source.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(destination.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(sourceBucketVersioningV2)
.build());
}
}Content copied to clipboard
resources:
replicationRole:
type: aws:iam:Role
name: replication
properties:
name: tf-iam-role-replication-12345
assumeRolePolicy: ${assumeRole.json}
replicationPolicy:
type: aws:iam:Policy
name: replication
properties:
name: tf-iam-role-policy-replication-12345
policy: ${replication.json}
replicationRolePolicyAttachment:
type: aws:iam:RolePolicyAttachment
name: replication
properties:
role: ${replicationRole.name}
policyArn: ${replicationPolicy.arn}
destination:
type: aws:s3:BucketV2
properties:
bucket: tf-test-bucket-destination-12345
destinationBucketVersioningV2:
type: aws:s3:BucketVersioningV2
name: destination
properties:
bucket: ${destination.id}
versioningConfiguration:
status: Enabled
source:
type: aws:s3:BucketV2
properties:
bucket: tf-test-bucket-source-12345
sourceBucketAcl:
type: aws:s3:BucketAclV2
name: source_bucket_acl
properties:
bucket: ${source.id}
acl: private
sourceBucketVersioningV2:
type: aws:s3:BucketVersioningV2
name: source
properties:
bucket: ${source.id}
versioningConfiguration:
status: Enabled
replicationBucketReplicationConfig:
type: aws:s3:BucketReplicationConfig
name: replication
properties:
role: ${replicationRole.arn}
bucket: ${source.id}
rules:
- id: foobar
filter:
prefix: foo
status: Enabled
destination:
bucket: ${destination.arn}
storageClass: STANDARD
options:
dependsOn:
- ${sourceBucketVersioningV2}
variables:
assumeRole:
fn::invoke:
function: aws:iam:getPolicyDocument
arguments:
statements:
- effect: Allow
principals:
- type: Service
identifiers:
- s3.amazonaws.com
actions:
- sts:AssumeRole
replication:
fn::invoke:
function: aws:iam:getPolicyDocument
arguments:
statements:
- effect: Allow
actions:
- s3:GetReplicationConfiguration
- s3:ListBucket
resources:
- ${source.arn}
- effect: Allow
actions:
- s3:GetObjectVersionForReplication
- s3:GetObjectVersionAcl
- s3:GetObjectVersionTagging
resources:
- ${source.arn}/*
- effect: Allow
actions:
- s3:ReplicateObject
- s3:ReplicateDelete
- s3:ReplicateTags
resources:
- ${destination.arn}/*Content copied to clipboard
Bi-Directional Replication
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// ... other configuration ...
const east = new aws.s3.BucketV2("east", {bucket: "tf-test-bucket-east-12345"});
const eastBucketVersioningV2 = new aws.s3.BucketVersioningV2("east", {
bucket: east.id,
versioningConfiguration: {
status: "Enabled",
},
});
const west = new aws.s3.BucketV2("west", {bucket: "tf-test-bucket-west-12345"});
const westBucketVersioningV2 = new aws.s3.BucketVersioningV2("west", {
bucket: west.id,
versioningConfiguration: {
status: "Enabled",
},
});
const eastToWest = new aws.s3.BucketReplicationConfig("east_to_west", {
role: eastReplication.arn,
bucket: east.id,
rules: [{
id: "foobar",
filter: {
prefix: "foo",
},
status: "Enabled",
destination: {
bucket: west.arn,
storageClass: "STANDARD",
},
}],
}, {
dependsOn: [eastBucketVersioningV2],
});
const westToEast = new aws.s3.BucketReplicationConfig("west_to_east", {
role: westReplication.arn,
bucket: west.id,
rules: [{
id: "foobar",
filter: {
prefix: "foo",
},
status: "Enabled",
destination: {
bucket: east.arn,
storageClass: "STANDARD",
},
}],
}, {
dependsOn: [westBucketVersioningV2],
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
# ... other configuration ...
east = aws.s3.BucketV2("east", bucket="tf-test-bucket-east-12345")
east_bucket_versioning_v2 = aws.s3.BucketVersioningV2("east",
bucket=east.id,
versioning_configuration={
"status": "Enabled",
})
west = aws.s3.BucketV2("west", bucket="tf-test-bucket-west-12345")
west_bucket_versioning_v2 = aws.s3.BucketVersioningV2("west",
bucket=west.id,
versioning_configuration={
"status": "Enabled",
})
east_to_west = aws.s3.BucketReplicationConfig("east_to_west",
role=east_replication["arn"],
bucket=east.id,
rules=[{
"id": "foobar",
"filter": {
"prefix": "foo",
},
"status": "Enabled",
"destination": {
"bucket": west.arn,
"storage_class": "STANDARD",
},
}],
opts = pulumi.ResourceOptions(depends_on=[east_bucket_versioning_v2]))
west_to_east = aws.s3.BucketReplicationConfig("west_to_east",
role=west_replication["arn"],
bucket=west.id,
rules=[{
"id": "foobar",
"filter": {
"prefix": "foo",
},
"status": "Enabled",
"destination": {
"bucket": east.arn,
"storage_class": "STANDARD",
},
}],
opts = pulumi.ResourceOptions(depends_on=[west_bucket_versioning_v2]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
// ... other configuration ...
var east = new Aws.S3.BucketV2("east", new()
{
Bucket = "tf-test-bucket-east-12345",
});
var eastBucketVersioningV2 = new Aws.S3.BucketVersioningV2("east", new()
{
Bucket = east.Id,
VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
{
Status = "Enabled",
},
});
var west = new Aws.S3.BucketV2("west", new()
{
Bucket = "tf-test-bucket-west-12345",
});
var westBucketVersioningV2 = new Aws.S3.BucketVersioningV2("west", new()
{
Bucket = west.Id,
VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs
{
Status = "Enabled",
},
});
var eastToWest = new Aws.S3.BucketReplicationConfig("east_to_west", new()
{
Role = eastReplication.Arn,
Bucket = east.Id,
Rules = new[]
{
new Aws.S3.Inputs.BucketReplicationConfigRuleArgs
{
Id = "foobar",
Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs
{
Prefix = "foo",
},
Status = "Enabled",
Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs
{
Bucket = west.Arn,
StorageClass = "STANDARD",
},
},
},
}, new CustomResourceOptions
{
DependsOn =
{
eastBucketVersioningV2,
},
});
var westToEast = new Aws.S3.BucketReplicationConfig("west_to_east", new()
{
Role = westReplication.Arn,
Bucket = west.Id,
Rules = new[]
{
new Aws.S3.Inputs.BucketReplicationConfigRuleArgs
{
Id = "foobar",
Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs
{
Prefix = "foo",
},
Status = "Enabled",
Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs
{
Bucket = east.Arn,
StorageClass = "STANDARD",
},
},
},
}, new CustomResourceOptions
{
DependsOn =
{
westBucketVersioningV2,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// ... other configuration ...
east, err := s3.NewBucketV2(ctx, "east", &s3.BucketV2Args{
Bucket: pulumi.String("tf-test-bucket-east-12345"),
})
if err != nil {
return err
}
eastBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "east", &s3.BucketVersioningV2Args{
Bucket: east.ID(),
VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
Status: pulumi.String("Enabled"),
},
})
if err != nil {
return err
}
west, err := s3.NewBucketV2(ctx, "west", &s3.BucketV2Args{
Bucket: pulumi.String("tf-test-bucket-west-12345"),
})
if err != nil {
return err
}
westBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "west", &s3.BucketVersioningV2Args{
Bucket: west.ID(),
VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{
Status: pulumi.String("Enabled"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketReplicationConfig(ctx, "east_to_west", &s3.BucketReplicationConfigArgs{
Role: pulumi.Any(eastReplication.Arn),
Bucket: east.ID(),
Rules: s3.BucketReplicationConfigRuleArray{
&s3.BucketReplicationConfigRuleArgs{
Id: pulumi.String("foobar"),
Filter: &s3.BucketReplicationConfigRuleFilterArgs{
Prefix: pulumi.String("foo"),
},
Status: pulumi.String("Enabled"),
Destination: &s3.BucketReplicationConfigRuleDestinationArgs{
Bucket: west.Arn,
StorageClass: pulumi.String("STANDARD"),
},
},
},
}, pulumi.DependsOn([]pulumi.Resource{
eastBucketVersioningV2,
}))
if err != nil {
return err
}
_, err = s3.NewBucketReplicationConfig(ctx, "west_to_east", &s3.BucketReplicationConfigArgs{
Role: pulumi.Any(westReplication.Arn),
Bucket: west.ID(),
Rules: s3.BucketReplicationConfigRuleArray{
&s3.BucketReplicationConfigRuleArgs{
Id: pulumi.String("foobar"),
Filter: &s3.BucketReplicationConfigRuleFilterArgs{
Prefix: pulumi.String("foo"),
},
Status: pulumi.String("Enabled"),
Destination: &s3.BucketReplicationConfigRuleDestinationArgs{
Bucket: east.Arn,
StorageClass: pulumi.String("STANDARD"),
},
},
},
}, pulumi.DependsOn([]pulumi.Resource{
westBucketVersioningV2,
}))
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketVersioningV2;
import com.pulumi.aws.s3.BucketVersioningV2Args;
import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;
import com.pulumi.aws.s3.BucketReplicationConfig;
import com.pulumi.aws.s3.BucketReplicationConfigArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;
import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// ... other configuration ...
var east = new BucketV2("east", BucketV2Args.builder()
.bucket("tf-test-bucket-east-12345")
.build());
var eastBucketVersioningV2 = new BucketVersioningV2("eastBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(east.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var west = new BucketV2("west", BucketV2Args.builder()
.bucket("tf-test-bucket-west-12345")
.build());
var westBucketVersioningV2 = new BucketVersioningV2("westBucketVersioningV2", BucketVersioningV2Args.builder()
.bucket(west.id())
.versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()
.status("Enabled")
.build())
.build());
var eastToWest = new BucketReplicationConfig("eastToWest", BucketReplicationConfigArgs.builder()
.role(eastReplication.arn())
.bucket(east.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(west.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(eastBucketVersioningV2)
.build());
var westToEast = new BucketReplicationConfig("westToEast", BucketReplicationConfigArgs.builder()
.role(westReplication.arn())
.bucket(west.id())
.rules(BucketReplicationConfigRuleArgs.builder()
.id("foobar")
.filter(BucketReplicationConfigRuleFilterArgs.builder()
.prefix("foo")
.build())
.status("Enabled")
.destination(BucketReplicationConfigRuleDestinationArgs.builder()
.bucket(east.arn())
.storageClass("STANDARD")
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(westBucketVersioningV2)
.build());
}
}Content copied to clipboard
resources:
# ... other configuration ...
east:
type: aws:s3:BucketV2
properties:
bucket: tf-test-bucket-east-12345
eastBucketVersioningV2:
type: aws:s3:BucketVersioningV2
name: east
properties:
bucket: ${east.id}
versioningConfiguration:
status: Enabled
west:
type: aws:s3:BucketV2
properties:
bucket: tf-test-bucket-west-12345
westBucketVersioningV2:
type: aws:s3:BucketVersioningV2
name: west
properties:
bucket: ${west.id}
versioningConfiguration:
status: Enabled
eastToWest:
type: aws:s3:BucketReplicationConfig
name: east_to_west
properties:
role: ${eastReplication.arn}
bucket: ${east.id}
rules:
- id: foobar
filter:
prefix: foo
status: Enabled
destination:
bucket: ${west.arn}
storageClass: STANDARD
options:
dependsOn:
- ${eastBucketVersioningV2}
westToEast:
type: aws:s3:BucketReplicationConfig
name: west_to_east
properties:
role: ${westReplication.arn}
bucket: ${west.id}
rules:
- id: foobar
filter:
prefix: foo
status: Enabled
destination:
bucket: ${east.arn}
storageClass: STANDARD
options:
dependsOn:
- ${westBucketVersioningV2}Content copied to clipboard
Import
Using pulumi import, import S3 bucket replication configuration using the bucket. For example:
$ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-nameContent copied to clipboard
Constructors
Link copied to clipboard
constructor(bucket: Output<String>? = null, role: Output<String>? = null, rules: Output<List<BucketReplicationConfigRuleArgs>>? = null, token: Output<String>? = null)
Properties
Link copied to clipboard
List of configuration blocks describing the rules managing the replication. See below.
Link copied to clipboard
Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". For more details, see Using S3 Object Lock with replication. ////////////