Expand description
Provides an independent configuration resource for S3 bucket replication configuration.
NOTE: S3 Buckets only support a single replication configuration. Declaring multiple
aws.s3.BucketReplicationConfigresources to the same S3 Bucket will cause a perpetual difference in configuration.
This resource cannot be used with S3 directory buckets.
§Example Usage
§Using replication configuration
resources:
replicationRole:
type: aws:iam:Role
name: replication
properties:
name: tf-iam-role-replication-12345
assumeRolePolicy: ${assumeRole.json}
replicationPolicy:
type: aws:iam:Policy
name: replication
properties:
name: tf-iam-role-policy-replication-12345
policy: ${replication.json}
replicationRolePolicyAttachment:
type: aws:iam:RolePolicyAttachment
name: replication
properties:
role: ${replicationRole.name}
policyArn: ${replicationPolicy.arn}
destination:
type: aws:s3:BucketV2
properties:
bucket: tf-test-bucket-destination-12345
destinationBucketVersioningV2:
type: aws:s3:BucketVersioningV2
name: destination
properties:
bucket: ${destination.id}
versioningConfiguration:
status: Enabled
source:
type: aws:s3:BucketV2
properties:
bucket: tf-test-bucket-source-12345
sourceBucketAcl:
type: aws:s3:BucketAclV2
name: source_bucket_acl
properties:
bucket: ${source.id}
acl: private
sourceBucketVersioningV2:
type: aws:s3:BucketVersioningV2
name: source
properties:
bucket: ${source.id}
versioningConfiguration:
status: Enabled
replicationBucketReplicationConfig:
type: aws:s3:BucketReplicationConfig
name: replication
properties:
role: ${replicationRole.arn}
bucket: ${source.id}
rules:
- id: foobar
filter:
prefix: foo
status: Enabled
destination:
bucket: ${destination.arn}
storageClass: STANDARD
options:
dependsOn:
- ${sourceBucketVersioningV2}
variables:
assumeRole:
fn::invoke:
function: aws:iam:getPolicyDocument
arguments:
statements:
- effect: Allow
principals:
- type: Service
identifiers:
- s3.amazonaws.com
actions:
- sts:AssumeRole
replication:
fn::invoke:
function: aws:iam:getPolicyDocument
arguments:
statements:
- effect: Allow
actions:
- s3:GetReplicationConfiguration
- s3:ListBucket
resources:
- ${source.arn}
- effect: Allow
actions:
- s3:GetObjectVersionForReplication
- s3:GetObjectVersionAcl
- s3:GetObjectVersionTagging
resources:
- ${source.arn}/*
- effect: Allow
actions:
- s3:ReplicateObject
- s3:ReplicateDelete
- s3:ReplicateTags
resources:
- ${destination.arn}/*§Bi-Directional Replication
ⓘ
use pulumi_wasm_rust::Output;
use pulumi_wasm_rust::{add_export, pulumi_main};
#[pulumi_main]
fn test_main() -> Result<(), Error> {
let east = bucket_v_2::create(
"east",
BucketV2Args::builder().bucket("tf-test-bucket-east-12345").build_struct(),
);
let eastBucketVersioningV2 = bucket_versioning_v_2::create(
"eastBucketVersioningV2",
BucketVersioningV2Args::builder()
.bucket("${east.id}")
.versioning_configuration(
BucketVersioningV2VersioningConfiguration::builder()
.status("Enabled")
.build_struct(),
)
.build_struct(),
);
let eastToWest = bucket_replication_config::create(
"eastToWest",
BucketReplicationConfigArgs::builder()
.bucket("${east.id}")
.role("${eastReplication.arn}")
.rules(
vec![
BucketReplicationConfigRule::builder()
.destination(BucketReplicationConfigRuleDestination::builder()
.bucket("${west.arn}").storageClass("STANDARD").build_struct())
.filter(BucketReplicationConfigRuleFilter::builder().prefix("foo")
.build_struct()).id("foobar").status("Enabled").build_struct(),
],
)
.build_struct(),
);
let west = bucket_v_2::create(
"west",
BucketV2Args::builder().bucket("tf-test-bucket-west-12345").build_struct(),
);
let westBucketVersioningV2 = bucket_versioning_v_2::create(
"westBucketVersioningV2",
BucketVersioningV2Args::builder()
.bucket("${west.id}")
.versioning_configuration(
BucketVersioningV2VersioningConfiguration::builder()
.status("Enabled")
.build_struct(),
)
.build_struct(),
);
let westToEast = bucket_replication_config::create(
"westToEast",
BucketReplicationConfigArgs::builder()
.bucket("${west.id}")
.role("${westReplication.arn}")
.rules(
vec![
BucketReplicationConfigRule::builder()
.destination(BucketReplicationConfigRuleDestination::builder()
.bucket("${east.arn}").storageClass("STANDARD").build_struct())
.filter(BucketReplicationConfigRuleFilter::builder().prefix("foo")
.build_struct()).id("foobar").status("Enabled").build_struct(),
],
)
.build_struct(),
);
}§Import
Using pulumi import, import S3 bucket replication configuration using the bucket. For example:
$ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-nameStructs§
- Use builder syntax to set the inputs and finish with
build_struct().
Functions§
- Registers a new resource with the given unique name and arguments