@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
681 lines (680 loc) • 37.7 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* Provides a resource for copying an S3 object.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const test = new aws.s3.ObjectCopy("test", {
* bucket: "destination_bucket",
* key: "destination_key",
* source: "source_bucket/source_key",
* grants: [{
* uri: "http://acs.amazonaws.com/groups/global/AllUsers",
* type: "Group",
* permissions: ["READ"],
* }],
* });
* ```
*
* ### Ignoring Provider `defaultTags`
*
* S3 objects support a [maximum of 10 tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html).
* If the resource's own `tags` and the provider-level `defaultTags` would together lead to more than 10 tags on an S3 object copy, use the `overrideProvider` configuration block to suppress any provider-level `defaultTags`.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const test = new aws.s3.ObjectCopy("test", {
* bucket: "destination_bucket",
* key: "destination_key",
* source: "source_bucket/source_key",
* overrideProvider: {
* defaultTags: {
* tags: {},
* },
* },
* });
* ```
*/
export declare class ObjectCopy extends pulumi.CustomResource {
/**
* Get an existing ObjectCopy resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ObjectCopyState, opts?: pulumi.CustomResourceOptions): ObjectCopy;
/**
* Returns true if the given object is an instance of ObjectCopy. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is ObjectCopy;
/**
* [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Conflicts with `grant`.
*/
readonly acl: pulumi.Output<string>;
/**
* ARN of the object.
*/
readonly arn: pulumi.Output<string>;
/**
* Name of the bucket to put the file in.
*/
readonly bucket: pulumi.Output<string>;
readonly bucketKeyEnabled: pulumi.Output<boolean>;
/**
* Specifies caching behavior along the request/reply chain Read [w3c cacheControl](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.
*/
readonly cacheControl: pulumi.Output<string>;
/**
* Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `CRC64NVME` `SHA1`, `SHA256`.
*/
readonly checksumAlgorithm: pulumi.Output<string | undefined>;
/**
* The base64-encoded, 32-bit CRC32 checksum of the object.
*/
readonly checksumCrc32: pulumi.Output<string>;
/**
* The base64-encoded, 32-bit CRC32C checksum of the object.
*/
readonly checksumCrc32c: pulumi.Output<string>;
/**
* The base64-encoded, 64-bit CRC64NVME checksum of the object.
*/
readonly checksumCrc64nvme: pulumi.Output<string>;
/**
* The base64-encoded, 160-bit SHA-1 digest of the object.
*/
readonly checksumSha1: pulumi.Output<string>;
/**
* The base64-encoded, 256-bit SHA-256 digest of the object.
*/
readonly checksumSha256: pulumi.Output<string>;
/**
* Specifies presentational information for the object. Read [w3c contentDisposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.
*/
readonly contentDisposition: pulumi.Output<string>;
/**
* Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.
*/
readonly contentEncoding: pulumi.Output<string>;
/**
* Language the content is in e.g., en-US or en-GB.
*/
readonly contentLanguage: pulumi.Output<string>;
/**
* Standard MIME type describing the format of the object data, e.g., `application/octet-stream`. All Valid MIME Types are valid for this input.
*/
readonly contentType: pulumi.Output<string>;
/**
* Copies the object if its entity tag (ETag) matches the specified tag.
*/
readonly copyIfMatch: pulumi.Output<string | undefined>;
/**
* Copies the object if it has been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
readonly copyIfModifiedSince: pulumi.Output<string | undefined>;
/**
* Copies the object if its entity tag (ETag) is different than the specified ETag.
*/
readonly copyIfNoneMatch: pulumi.Output<string | undefined>;
/**
* Copies the object if it hasn't been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
readonly copyIfUnmodifiedSince: pulumi.Output<string | undefined>;
/**
* Specifies the algorithm to use to when encrypting the object (for example, AES256).
*/
readonly customerAlgorithm: pulumi.Output<string>;
/**
* Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
*/
readonly customerKey: pulumi.Output<string | undefined>;
/**
* Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
*/
readonly customerKeyMd5: pulumi.Output<string>;
/**
* ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on [Common Response Headers](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonResponseHeaders.html).
*/
readonly etag: pulumi.Output<string>;
/**
* Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
*/
readonly expectedBucketOwner: pulumi.Output<string | undefined>;
/**
* Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
*/
readonly expectedSourceBucketOwner: pulumi.Output<string | undefined>;
/**
* If the object expiration is configured, this attribute will be set.
*/
readonly expiration: pulumi.Output<string>;
/**
* Date and time at which the object is no longer cacheable, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
readonly expires: pulumi.Output<string | undefined>;
/**
* Allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.
*/
readonly forceDestroy: pulumi.Output<boolean | undefined>;
/**
* Configuration block for header grants. Documented below. Conflicts with `acl`.
*/
readonly grants: pulumi.Output<outputs.s3.ObjectCopyGrant[] | undefined>;
/**
* Name of the object once it is in the bucket.
*/
readonly key: pulumi.Output<string>;
/**
* Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
*/
readonly kmsEncryptionContext: pulumi.Output<string>;
/**
* Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`, use the exported `arn` attribute: `kmsKeyId = aws_kms_key.foo.arn`
*/
readonly kmsKeyId: pulumi.Output<string>;
/**
* Returns the date that the object was last modified, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
readonly lastModified: pulumi.Output<string>;
/**
* Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).
*/
readonly metadata: pulumi.Output<{
[key: string]: string;
}>;
/**
* Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are `COPY` and `REPLACE`.
*/
readonly metadataDirective: pulumi.Output<string | undefined>;
/**
* The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.
*/
readonly objectLockLegalHoldStatus: pulumi.Output<string>;
/**
* Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.
*/
readonly objectLockMode: pulumi.Output<string>;
/**
* Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).
*/
readonly objectLockRetainUntilDate: pulumi.Output<string>;
readonly overrideProvider: pulumi.Output<outputs.s3.ObjectCopyOverrideProvider | undefined>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* If present, indicates that the requester was successfully charged for the request.
*/
readonly requestCharged: pulumi.Output<boolean>;
/**
* Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is `requester`.
*/
readonly requestPayer: pulumi.Output<string | undefined>;
/**
* Specifies server-side encryption of the object in S3. Valid values are `AES256` and `aws:kms`.
*/
readonly serverSideEncryption: pulumi.Output<string>;
/**
* Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (`/`). For example, `testbucket/test1.json`. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`. For example, `arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json`.
*
* The following arguments are optional:
*/
readonly source: pulumi.Output<string>;
/**
* Specifies the algorithm to use when decrypting the source object (for example, AES256).
*/
readonly sourceCustomerAlgorithm: pulumi.Output<string | undefined>;
/**
* Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
*/
readonly sourceCustomerKey: pulumi.Output<string | undefined>;
/**
* Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
*/
readonly sourceCustomerKeyMd5: pulumi.Output<string | undefined>;
/**
* Version of the copied object in the source bucket.
*/
readonly sourceVersionId: pulumi.Output<string>;
/**
* Specifies the desired [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html#AmazonS3-CopyObject-request-header-StorageClass) for the object. Defaults to `STANDARD`.
*/
readonly storageClass: pulumi.Output<string>;
/**
* Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are `COPY` and `REPLACE`.
*/
readonly taggingDirective: pulumi.Output<string | undefined>;
/**
* Map of tags to assign to the object. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
/**
* Version ID of the newly created copy.
*/
readonly versionId: pulumi.Output<string>;
/**
* Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).
*/
readonly websiteRedirect: pulumi.Output<string>;
/**
* Create a ObjectCopy resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ObjectCopyArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering ObjectCopy resources.
*/
export interface ObjectCopyState {
/**
* [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Conflicts with `grant`.
*/
acl?: pulumi.Input<string>;
/**
* ARN of the object.
*/
arn?: pulumi.Input<string>;
/**
* Name of the bucket to put the file in.
*/
bucket?: pulumi.Input<string>;
bucketKeyEnabled?: pulumi.Input<boolean>;
/**
* Specifies caching behavior along the request/reply chain Read [w3c cacheControl](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.
*/
cacheControl?: pulumi.Input<string>;
/**
* Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `CRC64NVME` `SHA1`, `SHA256`.
*/
checksumAlgorithm?: pulumi.Input<string>;
/**
* The base64-encoded, 32-bit CRC32 checksum of the object.
*/
checksumCrc32?: pulumi.Input<string>;
/**
* The base64-encoded, 32-bit CRC32C checksum of the object.
*/
checksumCrc32c?: pulumi.Input<string>;
/**
* The base64-encoded, 64-bit CRC64NVME checksum of the object.
*/
checksumCrc64nvme?: pulumi.Input<string>;
/**
* The base64-encoded, 160-bit SHA-1 digest of the object.
*/
checksumSha1?: pulumi.Input<string>;
/**
* The base64-encoded, 256-bit SHA-256 digest of the object.
*/
checksumSha256?: pulumi.Input<string>;
/**
* Specifies presentational information for the object. Read [w3c contentDisposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.
*/
contentDisposition?: pulumi.Input<string>;
/**
* Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.
*/
contentEncoding?: pulumi.Input<string>;
/**
* Language the content is in e.g., en-US or en-GB.
*/
contentLanguage?: pulumi.Input<string>;
/**
* Standard MIME type describing the format of the object data, e.g., `application/octet-stream`. All Valid MIME Types are valid for this input.
*/
contentType?: pulumi.Input<string>;
/**
* Copies the object if its entity tag (ETag) matches the specified tag.
*/
copyIfMatch?: pulumi.Input<string>;
/**
* Copies the object if it has been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
copyIfModifiedSince?: pulumi.Input<string>;
/**
* Copies the object if its entity tag (ETag) is different than the specified ETag.
*/
copyIfNoneMatch?: pulumi.Input<string>;
/**
* Copies the object if it hasn't been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
copyIfUnmodifiedSince?: pulumi.Input<string>;
/**
* Specifies the algorithm to use to when encrypting the object (for example, AES256).
*/
customerAlgorithm?: pulumi.Input<string>;
/**
* Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
*/
customerKey?: pulumi.Input<string>;
/**
* Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
*/
customerKeyMd5?: pulumi.Input<string>;
/**
* ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on [Common Response Headers](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonResponseHeaders.html).
*/
etag?: pulumi.Input<string>;
/**
* Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
*/
expectedBucketOwner?: pulumi.Input<string>;
/**
* Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
*/
expectedSourceBucketOwner?: pulumi.Input<string>;
/**
* If the object expiration is configured, this attribute will be set.
*/
expiration?: pulumi.Input<string>;
/**
* Date and time at which the object is no longer cacheable, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
expires?: pulumi.Input<string>;
/**
* Allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.
*/
forceDestroy?: pulumi.Input<boolean>;
/**
* Configuration block for header grants. Documented below. Conflicts with `acl`.
*/
grants?: pulumi.Input<pulumi.Input<inputs.s3.ObjectCopyGrant>[]>;
/**
* Name of the object once it is in the bucket.
*/
key?: pulumi.Input<string>;
/**
* Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
*/
kmsEncryptionContext?: pulumi.Input<string>;
/**
* Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`, use the exported `arn` attribute: `kmsKeyId = aws_kms_key.foo.arn`
*/
kmsKeyId?: pulumi.Input<string>;
/**
* Returns the date that the object was last modified, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
lastModified?: pulumi.Input<string>;
/**
* Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).
*/
metadata?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are `COPY` and `REPLACE`.
*/
metadataDirective?: pulumi.Input<string>;
/**
* The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.
*/
objectLockLegalHoldStatus?: pulumi.Input<string>;
/**
* Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.
*/
objectLockMode?: pulumi.Input<string>;
/**
* Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).
*/
objectLockRetainUntilDate?: pulumi.Input<string>;
overrideProvider?: pulumi.Input<inputs.s3.ObjectCopyOverrideProvider>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* If present, indicates that the requester was successfully charged for the request.
*/
requestCharged?: pulumi.Input<boolean>;
/**
* Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is `requester`.
*/
requestPayer?: pulumi.Input<string>;
/**
* Specifies server-side encryption of the object in S3. Valid values are `AES256` and `aws:kms`.
*/
serverSideEncryption?: pulumi.Input<string>;
/**
* Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (`/`). For example, `testbucket/test1.json`. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`. For example, `arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json`.
*
* The following arguments are optional:
*/
source?: pulumi.Input<string>;
/**
* Specifies the algorithm to use when decrypting the source object (for example, AES256).
*/
sourceCustomerAlgorithm?: pulumi.Input<string>;
/**
* Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
*/
sourceCustomerKey?: pulumi.Input<string>;
/**
* Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
*/
sourceCustomerKeyMd5?: pulumi.Input<string>;
/**
* Version of the copied object in the source bucket.
*/
sourceVersionId?: pulumi.Input<string>;
/**
* Specifies the desired [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html#AmazonS3-CopyObject-request-header-StorageClass) for the object. Defaults to `STANDARD`.
*/
storageClass?: pulumi.Input<string>;
/**
* Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are `COPY` and `REPLACE`.
*/
taggingDirective?: pulumi.Input<string>;
/**
* Map of tags to assign to the object. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
tagsAll?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Version ID of the newly created copy.
*/
versionId?: pulumi.Input<string>;
/**
* Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).
*/
websiteRedirect?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a ObjectCopy resource.
*/
export interface ObjectCopyArgs {
/**
* [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Conflicts with `grant`.
*/
acl?: pulumi.Input<string>;
/**
* Name of the bucket to put the file in.
*/
bucket: pulumi.Input<string>;
bucketKeyEnabled?: pulumi.Input<boolean>;
/**
* Specifies caching behavior along the request/reply chain Read [w3c cacheControl](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.
*/
cacheControl?: pulumi.Input<string>;
/**
* Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `CRC64NVME` `SHA1`, `SHA256`.
*/
checksumAlgorithm?: pulumi.Input<string>;
/**
* Specifies presentational information for the object. Read [w3c contentDisposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.
*/
contentDisposition?: pulumi.Input<string>;
/**
* Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.
*/
contentEncoding?: pulumi.Input<string>;
/**
* Language the content is in e.g., en-US or en-GB.
*/
contentLanguage?: pulumi.Input<string>;
/**
* Standard MIME type describing the format of the object data, e.g., `application/octet-stream`. All Valid MIME Types are valid for this input.
*/
contentType?: pulumi.Input<string>;
/**
* Copies the object if its entity tag (ETag) matches the specified tag.
*/
copyIfMatch?: pulumi.Input<string>;
/**
* Copies the object if it has been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
copyIfModifiedSince?: pulumi.Input<string>;
/**
* Copies the object if its entity tag (ETag) is different than the specified ETag.
*/
copyIfNoneMatch?: pulumi.Input<string>;
/**
* Copies the object if it hasn't been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
copyIfUnmodifiedSince?: pulumi.Input<string>;
/**
* Specifies the algorithm to use to when encrypting the object (for example, AES256).
*/
customerAlgorithm?: pulumi.Input<string>;
/**
* Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
*/
customerKey?: pulumi.Input<string>;
/**
* Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
*/
customerKeyMd5?: pulumi.Input<string>;
/**
* Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
*/
expectedBucketOwner?: pulumi.Input<string>;
/**
* Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
*/
expectedSourceBucketOwner?: pulumi.Input<string>;
/**
* Date and time at which the object is no longer cacheable, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
*/
expires?: pulumi.Input<string>;
/**
* Allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.
*/
forceDestroy?: pulumi.Input<boolean>;
/**
* Configuration block for header grants. Documented below. Conflicts with `acl`.
*/
grants?: pulumi.Input<pulumi.Input<inputs.s3.ObjectCopyGrant>[]>;
/**
* Name of the object once it is in the bucket.
*/
key: pulumi.Input<string>;
/**
* Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
*/
kmsEncryptionContext?: pulumi.Input<string>;
/**
* Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`, use the exported `arn` attribute: `kmsKeyId = aws_kms_key.foo.arn`
*/
kmsKeyId?: pulumi.Input<string>;
/**
* Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).
*/
metadata?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are `COPY` and `REPLACE`.
*/
metadataDirective?: pulumi.Input<string>;
/**
* The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.
*/
objectLockLegalHoldStatus?: pulumi.Input<string>;
/**
* Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.
*/
objectLockMode?: pulumi.Input<string>;
/**
* Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).
*/
objectLockRetainUntilDate?: pulumi.Input<string>;
overrideProvider?: pulumi.Input<inputs.s3.ObjectCopyOverrideProvider>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is `requester`.
*/
requestPayer?: pulumi.Input<string>;
/**
* Specifies server-side encryption of the object in S3. Valid values are `AES256` and `aws:kms`.
*/
serverSideEncryption?: pulumi.Input<string>;
/**
* Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (`/`). For example, `testbucket/test1.json`. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`. For example, `arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json`.
*
* The following arguments are optional:
*/
source: pulumi.Input<string>;
/**
* Specifies the algorithm to use when decrypting the source object (for example, AES256).
*/
sourceCustomerAlgorithm?: pulumi.Input<string>;
/**
* Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
*/
sourceCustomerKey?: pulumi.Input<string>;
/**
* Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
*/
sourceCustomerKeyMd5?: pulumi.Input<string>;
/**
* Specifies the desired [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html#AmazonS3-CopyObject-request-header-StorageClass) for the object. Defaults to `STANDARD`.
*/
storageClass?: pulumi.Input<string>;
/**
* Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are `COPY` and `REPLACE`.
*/
taggingDirective?: pulumi.Input<string>;
/**
* Map of tags to assign to the object. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).
*/
websiteRedirect?: pulumi.Input<string>;
}