@pulumi/yandex
Version:
A Pulumi package for creating and managing yandex cloud resources.
437 lines • 14.6 kB
JavaScript
"use strict";
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.StorageBucket = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("./utilities");
/**
* Allows management of [Yandex.Cloud Storage Bucket](https://cloud.yandex.com/docs/storage/concepts/bucket).
*
* > **Note:** Your need to provide [static access key](https://cloud.yandex.com/docs/iam/concepts/authorization/access-key) (Access and Secret) to create storage client to work with Storage Service. To create them you need Service Account and proper permissions.
*
* ## Example Usage
* ### Simple Private Bucket
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const folderId = "<folder-id>";
* // Create SA
* const sa = new yandex.IamServiceAccount("sa", {folderId: folderId});
* // Grant permissions
* const sa_editor = new yandex.ResourcemanagerFolderIamMember("sa-editor", {
* folderId: folderId,
* role: "storage.editor",
* member: pulumi.interpolate`serviceAccount:${sa.id}`,
* });
* // Create Static Access Keys
* const sa_static_key = new yandex.IamServiceAccountStaticAccessKey("sa-static-key", {
* serviceAccountId: sa.id,
* description: "static access key for object storage",
* });
* // Use keys to create bucket
* const test = new yandex.StorageBucket("test", {
* accessKey: sa_static_key.accessKey,
* secretKey: sa_static_key.secretKey,
* bucket: "tf-test-bucket",
* });
* ```
* ### Static Website Hosting
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const test = new yandex.StorageBucket("test", {
* acl: "public-read",
* bucket: "storage-website-test.hashicorp.com",
* website: {
* errorDocument: "error.html",
* indexDocument: "index.html",
* routingRules: `[{
* "Condition": {
* "KeyPrefixEquals": "docs/"
* },
* "Redirect": {
* "ReplaceKeyPrefixWith": "documents/"
* }
* }]
* `,
* },
* });
* ```
* ### Using ACL policy grants
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const test = new yandex.StorageBucket("test", {
* bucket: "mybucket",
* grants: [
* {
* id: "myuser",
* permissions: ["FULL_CONTROL"],
* type: "CanonicalUser",
* },
* {
* permissions: [
* "READ",
* "WRITE",
* ],
* type: "Group",
* uri: "http://acs.amazonaws.com/groups/global/AllUsers",
* },
* ],
* });
* ```
* ### Using CORS
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const storageBucket = new yandex.StorageBucket("b", {
* acl: "public-read",
* bucket: "s3-website-test.hashicorp.com",
* corsRules: [{
* allowedHeaders: ["*"],
* allowedMethods: [
* "PUT",
* "POST",
* ],
* allowedOrigins: ["https://s3-website-test.hashicorp.com"],
* exposeHeaders: ["ETag"],
* maxAgeSeconds: 3000,
* }],
* });
* ```
* ### Using versioning
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const storageBucket = new yandex.StorageBucket("b", {
* acl: "private",
* bucket: "my-tf-test-bucket",
* versioning: {
* enabled: true,
* },
* });
* ```
* ### Enable Logging
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const logBucket = new yandex.StorageBucket("logBucket", {bucket: "my-tf-log-bucket"});
* const storageBucket = new yandex.StorageBucket("storageBucket", {
* bucket: "my-tf-test-bucket",
* acl: "private",
* loggings: [{
* targetBucket: logBucket.id,
* targetPrefix: "log/",
* }],
* });
* ```
* ### Using object lifecycle
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const bucket = new yandex.StorageBucket("bucket", {
* acl: "private",
* bucket: "my-bucket",
* lifecycleRules: [
* {
* enabled: true,
* expiration: {
* days: 90,
* },
* id: "log",
* prefix: "log/",
* transitions: [{
* days: 30,
* storageClass: "COLD",
* }],
* },
* {
* enabled: true,
* expiration: {
* date: "2020-12-21",
* },
* id: "tmp",
* prefix: "tmp/",
* },
* ],
* });
* const versioningBucket = new yandex.StorageBucket("versioning_bucket", {
* acl: "private",
* bucket: "my-versioning-bucket",
* lifecycleRules: [{
* enabled: true,
* noncurrentVersionExpiration: {
* days: 90,
* },
* noncurrentVersionTransitions: [{
* days: 30,
* storageClass: "COLD",
* }],
* prefix: "config/",
* }],
* versioning: {
* enabled: true,
* },
* });
* ```
* ### Using SSE
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const key_a = new yandex.KmsSymmetricKey("key-a", {
* description: "description for key",
* defaultAlgorithm: "AES_128",
* rotationPeriod: "8760h",
* });
* // equal to 1 year
* const test = new yandex.StorageBucket("test", {
* bucket: "mybucket",
* serverSideEncryptionConfiguration: {
* rule: {
* applyServerSideEncryptionByDefault: {
* kmsMasterKeyId: key_a.id,
* sseAlgorithm: "aws:kms",
* },
* },
* },
* });
* ```
* ### Bucket Policy
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const storageBucket = new yandex.StorageBucket("b", {
* bucket: "my-policy-bucket",
* policy: `{
* "Version": "2012-10-17",
* "Statement": [
* {
* "Effect": "Allow",
* "Principal": "*",
* "Action": "s3:*",
* "Resource": [
* "arn:aws:s3:::my-policy-bucket/*",
* "arn:aws:s3:::my-policy-bucket"
* ]
* },
* {
* "Effect": "Deny",
* "Principal": "*",
* "Action": "s3:PutObject",
* "Resource": [
* "arn:aws:s3:::my-policy-bucket/*",
* "arn:aws:s3:::my-policy-bucket"
* ]
* }
* ]
* }
* `,
* });
* ```
* ### All settings example
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as yandex from "@pulumi/yandex";
*
* const logBucket = new yandex.StorageBucket("logBucket", {
* bucket: "my-tf-log-bucket",
* lifecycleRules: [{
* id: "cleanupoldlogs",
* enabled: true,
* expiration: {
* days: 365,
* },
* }],
* });
* const key_a = new yandex.KmsSymmetricKey("key-a", {
* description: "description for key",
* defaultAlgorithm: "AES_128",
* rotationPeriod: "8760h",
* });
* // equal to 1 year
* const allSettings = new yandex.StorageBucket("allSettings", {
* bucket: "example-tf-settings-bucket",
* website: {
* indexDocument: "index.html",
* errorDocument: "error.html",
* },
* lifecycleRules: [
* {
* id: "test",
* enabled: true,
* prefix: "prefix/",
* expiration: {
* days: 30,
* },
* },
* {
* id: "log",
* enabled: true,
* prefix: "log/",
* transitions: [{
* days: 30,
* storageClass: "COLD",
* }],
* expiration: {
* days: 90,
* },
* },
* {
* id: "everything180",
* prefix: "",
* enabled: true,
* expiration: {
* days: 180,
* },
* },
* {
* id: "cleanupoldversions",
* prefix: "config/",
* enabled: true,
* noncurrentVersionTransitions: [{
* days: 30,
* storageClass: "COLD",
* }],
* noncurrentVersionExpiration: {
* days: 90,
* },
* },
* {
* id: "abortmultiparts",
* prefix: "",
* enabled: true,
* abortIncompleteMultipartUploadDays: 7,
* },
* ],
* corsRules: [{
* allowedHeaders: ["*"],
* allowedMethods: [
* "GET",
* "PUT",
* ],
* allowedOrigins: ["https://storage-cloud.example.com"],
* exposeHeaders: ["ETag"],
* maxAgeSeconds: 3000,
* }],
* versioning: {
* enabled: true,
* },
* serverSideEncryptionConfiguration: {
* rule: {
* applyServerSideEncryptionByDefault: {
* kmsMasterKeyId: key_a.id,
* sseAlgorithm: "aws:kms",
* },
* },
* },
* loggings: [{
* targetBucket: logBucket.id,
* targetPrefix: "tf-logs/",
* }],
* });
* ```
*
* ## Import
*
* Storage bucket can be imported using the `bucket`, e.g.
*
* ```sh
* $ pulumi import yandex:index/storageBucket:StorageBucket bucket bucket-name
* ```
*
* `false` in state. If you've set it to `true` in config, run `terraform apply` to update the value set in state. If you delete this resource before updating the value, objects in the bucket will not be destroyed.
*/
class StorageBucket extends pulumi.CustomResource {
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["accessKey"] = state ? state.accessKey : undefined;
resourceInputs["acl"] = state ? state.acl : undefined;
resourceInputs["bucket"] = state ? state.bucket : undefined;
resourceInputs["bucketDomainName"] = state ? state.bucketDomainName : undefined;
resourceInputs["bucketPrefix"] = state ? state.bucketPrefix : undefined;
resourceInputs["corsRules"] = state ? state.corsRules : undefined;
resourceInputs["forceDestroy"] = state ? state.forceDestroy : undefined;
resourceInputs["grants"] = state ? state.grants : undefined;
resourceInputs["lifecycleRules"] = state ? state.lifecycleRules : undefined;
resourceInputs["loggings"] = state ? state.loggings : undefined;
resourceInputs["policy"] = state ? state.policy : undefined;
resourceInputs["secretKey"] = state ? state.secretKey : undefined;
resourceInputs["serverSideEncryptionConfiguration"] = state ? state.serverSideEncryptionConfiguration : undefined;
resourceInputs["versioning"] = state ? state.versioning : undefined;
resourceInputs["website"] = state ? state.website : undefined;
resourceInputs["websiteDomain"] = state ? state.websiteDomain : undefined;
resourceInputs["websiteEndpoint"] = state ? state.websiteEndpoint : undefined;
}
else {
const args = argsOrState;
resourceInputs["accessKey"] = args ? args.accessKey : undefined;
resourceInputs["acl"] = args ? args.acl : undefined;
resourceInputs["bucket"] = args ? args.bucket : undefined;
resourceInputs["bucketPrefix"] = args ? args.bucketPrefix : undefined;
resourceInputs["corsRules"] = args ? args.corsRules : undefined;
resourceInputs["forceDestroy"] = args ? args.forceDestroy : undefined;
resourceInputs["grants"] = args ? args.grants : undefined;
resourceInputs["lifecycleRules"] = args ? args.lifecycleRules : undefined;
resourceInputs["loggings"] = args ? args.loggings : undefined;
resourceInputs["policy"] = args ? args.policy : undefined;
resourceInputs["secretKey"] = args ? args.secretKey : undefined;
resourceInputs["serverSideEncryptionConfiguration"] = args ? args.serverSideEncryptionConfiguration : undefined;
resourceInputs["versioning"] = args ? args.versioning : undefined;
resourceInputs["website"] = args ? args.website : undefined;
resourceInputs["websiteDomain"] = args ? args.websiteDomain : undefined;
resourceInputs["websiteEndpoint"] = args ? args.websiteEndpoint : undefined;
resourceInputs["bucketDomainName"] = undefined /*out*/;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(StorageBucket.__pulumiType, name, resourceInputs, opts);
}
/**
* Get an existing StorageBucket resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new StorageBucket(name, state, Object.assign(Object.assign({}, opts), { id: id }));
}
/**
* Returns true if the given object is an instance of StorageBucket. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === StorageBucket.__pulumiType;
}
}
exports.StorageBucket = StorageBucket;
/** @internal */
StorageBucket.__pulumiType = 'yandex:index/storageBucket:StorageBucket';
//# sourceMappingURL=storageBucket.js.map