Aws
An AwsS3Data resource can be a data source, but not a data sink. In an AwsS3Data resource, an object's name is the S3 object's key name.
Constructors
Properties
Input only. AWS access key used to sign the API requests to the AWS S3 bucket. Permissions on the bucket must be granted to the access ID of the AWS access key. For information on our data retention policy for user credentials, see /storage-transfer/docs/data-retention#user-credentials.
S3 Bucket name (see Creating a bucket).
Optional. The Resource name of a secret in Secret Manager. The Azure SAS token must be stored in Secret Manager in JSON format: { "sas_token" : "SAS_TOKEN" } GoogleServiceAccount must be granted roles/secretmanager.secretAccessor for the resource. See Configure access to a source: Microsoft Azure Blob Storage (https://cloud.google.com/storage-transfer/docs/source-microsoft-azure#secret_manager) for more information. If credentials_secret is specified, do not specify azure_credentials. This feature is in preview. Format: projects/{project_number}/secrets/{secret_name}
The Amazon Resource Name (ARN) of the role to support temporary credentials via AssumeRoleWithWebIdentity. For more information about ARNs, see IAM ARNs. When a role ARN is provided, Transfer Service fetches temporary credentials for the session using a AssumeRoleWithWebIdentity call for the provided role using the GoogleServiceAccount for this project.