s3_lifecycle - Manage s3 bucket lifecycle rules in AWS
New in version 2.0.
Synopsis
- Manage s3 bucket lifecycle rules in AWS
Requirements (on host that executes module)
- boto
- python >= 2.6
- python-dateutil
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| aws_access_key | no | AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used. aliases: ec2_access_key, access_key | ||
| aws_secret_key | no | AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used. aliases: ec2_secret_key, secret_key | ||
| ec2_url | no | Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used. | ||
| expiration_date | no | Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. | ||
| expiration_days | no | Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer. | ||
| name | yes | Name of the s3 bucket | ||
| prefix | no | Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket. | ||
| profile (added in 1.6)
| no | Uses a boto profile. Only works with boto >= 2.24.0. | ||
| region | no | The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
aliases: aws_region, ec2_region | ||
| rule_id | no | Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided. | ||
| security_token (added in 1.6)
| no | AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used. aliases: access_token | ||
| state | no | present |
| Create or remove the lifecycle rule |
| status | no | enabled |
| If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied. |
| storage_class | no | glacier |
| The storage class to transition to. Currently there are two supported values - 'glacier' or 'standard_ia'. The 'standard_ia' class is only being available from Ansible version 2.2. |
| transition_date | no | Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required." | ||
| transition_days | no | Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required. | ||
| validate_certs (added in 1.5)
| no | yes |
| When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0. |
Examples
# Note: These examples do not set authentication details, see the AWS Guide for details.
# Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days
- s3_lifecycle:
name: mybucket
expiration_days: 30
prefix: /logs/
status: enabled
state: present
# Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days
- s3_lifecycle:
name: mybucket
transition_days: 7
expiration_days: 90
prefix: /logs/
status: enabled
state: present
# Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030.
# Note that midnight GMT must be specified.
# Be sure to quote your date strings
- s3_lifecycle:
name: mybucket
transition_date: "2020-12-30T00:00:00.000Z"
expiration_date: "2030-12-30T00:00:00.000Z"
prefix: /logs/
status: enabled
state: present
# Disable the rule created above
- s3_lifecycle:
name: mybucket
prefix: /logs/
status: disabled
state: present
# Delete the lifecycle rule created above
- s3_lifecycle:
name: mybucket
prefix: /logs/
state: absent
# Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class.
- s3_lifecycle:
name: mybucket
prefix: /backups/
storage_class: standard_ia
transition_days: 31
state: present
status: enabled
Notes
Note
- If specifying expiration time as days then transition time must also be specified in days
- If specifying expiration time as a date then transition time must also be specified as a date
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence
AWS_URLorEC2_URL,AWS_ACCESS_KEY_IDorAWS_ACCESS_KEYorEC2_ACCESS_KEY,AWS_SECRET_ACCESS_KEYorAWS_SECRET_KEYorEC2_SECRET_KEY,AWS_SECURITY_TOKENorEC2_SECURITY_TOKEN,AWS_REGIONorEC2_REGION - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See http://boto.readthedocs.org/en/latest/boto_config_tut.html
-
AWS_REGIONorEC2_REGIONcan be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
Status
This module is flagged as stableinterface which means that the maintainers for this module guarantee that no backward incompatible interface changes will be made.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/s3_lifecycle_module.html