opentelekomcloud_s3_bucket
Provides a S3 bucket resource.
Example Usage
Private Bucket w/ Tags
resource "opentelekomcloud_s3_bucket" "b" { bucket = "my-tf-test-bucket" acl = "private" tags { Name = "My bucket" Environment = "Dev" } }
Static Website Hosting
resource "opentelekomcloud_s3_bucket" "b" { bucket = "s3-website-test.hashicorp.com" acl = "public-read" policy = "${file("policy.json")}" website { index_document = "index.html" error_document = "error.html" routing_rules = <<EOF [{ "Condition": { "KeyPrefixEquals": "docs/" }, "Redirect": { "ReplaceKeyPrefixWith": "documents/" } }] EOF } }
Using CORS
resource "opentelekomcloud_s3_bucket" "b" { bucket = "s3-website-test.hashicorp.com" acl = "public-read" cors_rule { allowed_headers = ["*"] allowed_methods = ["PUT", "POST"] allowed_origins = ["https://s3-website-test.hashicorp.com"] expose_headers = ["ETag"] max_age_seconds = 3000 } }
Using versioning
resource "opentelekomcloud_s3_bucket" "b" { bucket = "my-tf-test-bucket" acl = "private" versioning { enabled = true } }
Enable Logging
resource "opentelekomcloud_s3_bucket" "log_bucket" { bucket = "my-tf-log-bucket" acl = "log-delivery-write" } resource "opentelekomcloud_s3_bucket" "b" { bucket = "my-tf-test-bucket" acl = "private" logging { target_bucket = "${opentelekomcloud_s3_bucket.log_bucket.id}" target_prefix = "log/" } }
Using object lifecycle
resource "opentelekomcloud_s3_bucket" "bucket" { bucket = "my-bucket" acl = "private" lifecycle_rule { id = "log" enabled = true prefix = "log/" tags { "rule" = "log" "autoclean" = "true" } expiration { days = 90 } } lifecycle_rule { id = "tmp" prefix = "tmp/" enabled = true expiration { date = "2016-01-12" } } } resource "opentelekomcloud_s3_bucket" "versioning_bucket" { bucket = "my-versioning-bucket" acl = "private" versioning { enabled = true } lifecycle_rule { prefix = "config/" enabled = true } }
Argument Reference
The following arguments are supported:
-
bucket
- (Optional, Forces new resource) The name of the bucket. If omitted, Terraform will assign a random, unique name. -
bucket_prefix
- (Optional, Forces new resource) Creates a unique bucket name beginning with the specified prefix. Conflicts withbucket
. -
acl
- (Optional) The canned ACL to apply. Defaults to "private". -
policy
- (Optional) A valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), Terraform may view the policy as constantly changing in aterraform plan
. In this case, please make sure you use the verbose/specific version of the policy. -
tags
- (Optional) A mapping of tags to assign to the bucket. -
force_destroy
- (Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable. -
website
- (Optional) A website object (documented below). -
cors_rule
- (Optional) A rule of Cross-Origin Resource Sharing (documented below). -
versioning
- (Optional) A state of versioning (documented below) -
logging
- (Optional) A settings of bucket logging (documented below). -
lifecycle_rule
- (Optional) A configuration of object lifecycle management (documented below). -
region
- (Optional) If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee.
The website
object supports the following:
-
index_document
- (Required, unless usingredirect_all_requests_to
) Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders. -
error_document
- (Optional) An absolute path to the document to return in case of a 4XX error. -
redirect_all_requests_to
- (Optional) A hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http://
orhttps://
) to use when redirecting requests. The default is the protocol that is used in the original request. -
routing_rules
- (Optional) A json array containing routing rules describing redirect behavior and when redirects are applied.
The CORS
object supports the following:
-
allowed_headers
(Optional) Specifies which headers are allowed. -
allowed_methods
(Required) Specifies which methods are allowed. Can beGET
,PUT
,POST
,DELETE
orHEAD
. -
allowed_origins
(Required) Specifies which origins are allowed. -
expose_headers
(Optional) Specifies expose header in the response. -
max_age_seconds
(Optional) Specifies time in seconds that browser can cache the response for a preflight request.
The versioning
object supports the following:
-
enabled
- (Optional) Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket. -
mfa_delete
- (Optional) Enable MFA delete for eitherChange the versioning state of your bucket
orPermanently delete an object version
. Default isfalse
.
The logging
object supports the following:
-
target_bucket
- (Required) The name of the bucket that will receive the log objects. -
target_prefix
- (Optional) To specify a key prefix for log objects.
The lifecycle_rule
object supports the following:
-
id
- (Optional) Unique identifier for the rule. -
prefix
- (Optional) Object key prefix identifying one or more objects to which the rule applies. -
tags
- (Optional) Specifies object tags key and value. -
enabled
- (Required) Specifies lifecycle rule status. -
abort_incomplete_multipart_upload_days
(Optional) Specifies the number of days after initiating a multipart upload when the multipart upload must be completed. -
expiration
- (Optional) Specifies a period in the object's expire (documented below). -
noncurrent_version_expiration
- (Optional) Specifies when noncurrent object versions expire (documented below).
At least one of expiration
, noncurrent_version_expiration
must be specified.
The expiration
object supports the following
-
date
(Optional) Specifies the date after which you want the corresponding action to take effect. -
days
(Optional) Specifies the number of days after object creation when the specific rule action takes effect. -
expired_object_delete_marker
(Optional) On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers.
The noncurrent_version_expiration
object supports the following
-
days
(Required) Specifies the number of days an object is noncurrent object versions expire.
The rules
object supports the following:
-
id
- (Optional) Unique identifier for the rule. -
destination
- (Required) Specifies the destination for the rule (documented below). -
prefix
- (Required) Object keyname prefix identifying one or more objects to which the rule applies. Set as an empty string to replicate the whole bucket. -
status
- (Required) The status of the rule. EitherEnabled
orDisabled
. The rule is ignored if status is not Enabled.
The destination
object supports the following:
-
bucket
- (Required) The ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule. -
storage_class
- (Optional) The class of storage used to store the object.
Attributes Reference
The following attributes are exported:
-
id
- The name of the bucket. -
arn
- The ARN of the bucket. Will be of formatarn:aws:s3:::bucketname
. -
bucket_domain_name
- The bucket domain name. Will be of formatbucketname.s3.amazonaws.com
. -
hosted_zone_id
- The Route 53 Hosted Zone ID for this bucket's region. -
region
- The AWS region this bucket resides in. -
website_endpoint
- The website endpoint, if the bucket is configured with a website. If not, this will be an empty string. -
website_domain
- The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.
Import
S3 bucket can be imported using the bucket
, e.g.
$ terraform import opentelekomcloud_s3_bucket.bucket bucket-name
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/opentelekomcloud/r/s3_bucket.html