bucket#

State module for managing AWS S3 buckets.

async idem_aws.states.aws.s3.bucket.present(hub, ctx, name: str, resource_id: str = None, acl: str = None, create_bucket_configuration: CreateBucketConfiguration = None, grant_full_control: str = None, grant_read: str = None, grant_read_acp: str = None, grant_write: str = None, grant_write_acp: str = None, object_lock_enabled_for_bucket: bool = None, object_ownership: str = None, object_lock_configuration: ObjectLockConfiguration = None, tags: Dict[str, Any] = None) Dict[str, Any][source]#

Create an AWS S3 Bucket.

Parameters:
  • name (str) – An Idem name of the resource.

  • resource_id (str, Optional) – AWS S3 Bucket id

  • acl (str, Optional) – The associated acl for this bucket (‘private’, ‘public-read’, ‘public-read-write’, ‘authenticated-read’).

  • create_bucket_configuration (dict[str, Any], Optional) – The configuration information for the bucket. Defaults to None. LocationConstraint (str, Optional): Specifies the Region where the bucket will be created. If you don’t specify a Region, the bucket is created in the US East (N. Virginia) Region (us-east-1).

  • grant_full_control (str, Optional) – Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.

  • grant_read (str, Optional) – Allows grantee to list the objects in the bucket.

  • grant_read_acp (str, Optional) – Allows grantee to read the bucket ACL.

  • grant_write (str, Optional) – Allows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects.

  • grant_write_acp (str, Optional) – Allows grantee to write the ACL for the applicable bucket.

  • object_lock_enabled_for_bucket (bool, Optional) – Specifies whether you want S3 Object Lock to be enabled for the new bucket.

  • object_ownership (str, Optional) –

    The container element for object ownership for a bucket’s ownership controls.

    • BucketOwnerPreferred

      Objects uploaded to the bucket change ownership to the bucket owner if the objects are uploaded with the bucket-owner-full-control canned ACL.

    • ObjectWriter

      The uploading account will own the object if the object is uploaded with the bucket-owner-full-control canned ACL.

    • BucketOwnerEnforced

      Access control lists (ACLs) are disabled and no longer affect permissions. The bucket owner automatically owns and has full control over every object in the bucket. The bucket only accepts PUT requests that don’t specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed in the XML format.

  • object_lock_configuration (dict, Optional) –

    The Object Lock configuration that you want to apply to the specified bucket.

    • ObjectLockEnabled (str):

      Indicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.

    • Rule (dict):

      Specifies the Object Lock rule for the specified object. Enable this rule when you apply ObjectLockConfiguration to a bucket. Bucket settings require both a mode and a period. The period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.

      • DefaultRetention (dict):

        The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. Bucket settings require both a mode and a period. The period can be either Days or Years but you must select one. You cannot specify Days and Years at the same time.

        • Mode (str):

          The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Must be used with either Days or Years.

        • Days (int):

          The number of days that you want to specify for the default retention period. Must be used with Mode.

        • Years (int):

          The number of years that you want to specify for the default retention period. Must be used with Mode.

  • tags (dict or list, Optional) –

    dict in the format of {tag-key: tag-value} or List of tags in the format of [{"Key": tag-key, "Value": tag-value}] to associate with the AMI.

    • Key (str):

      The key name that can be used to look up or retrieve the associated value. For example, Department or Cost Center are common choices.

    • Value (str):

      The value associated with this tag. For example, tags with a key name of Department could have values such as Human Resources, Accounting, and Support. Tags with a key name of Cost Center might have values that consist of the number associated with the different cost centers in your company. Typically, many resources have tags with the same key name but with different values. Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

Request Syntax:
[s3-resource-id]:
  aws.s3.bucket.present:
    - name: "string"
    - acl: "private|public-read|public-read-write|authenticated-read"
    - create_bucket_configuration:
        LocationConstraint: "string"
    - grant_full_control: "string"
    - grant_read: "string"
    - grant_read_acp: "string"
    - grant_write: "string"
    - grant_write_acp: "string"
    - object_lock_enabled_for_bucket: True|False
    - object_ownership: "BucketOwnerPreferred|ObjectWriter|BucketOwnerEnforced"
    - object_lock_configuration:
        ObjectLockEnabled: "string"
        Rule:
          DefaultRetention:
            Mode: "string"
            Days: integer
    - tags:
        - Key: "string"
          Value: "string"
Returns:

dict[str, Any]

Examples

test_bucket-bb7bb32e9533:
  aws.s3.bucket.present:
    - name: "test_bucket-bb7bb32e9533"
    - acl: "private"
    - create_bucket_configuration:
        LocationConstraint: "sa-east-1"
    - object_lock_enabled_for_bucket: True
    - object_lock_configuration:
        ObjectLockEnabled: "Enabled"
        Rule:
          DefaultRetention:
            Mode: "GOVERNANCE"
            Days: 1
    - object_ownership: "BucketOwnerEnforced"
    - tags:
        - Key: "Name1"
          Value: "s3-test1"
        - Key: "Name2"
          Value: "s3-test2"
async idem_aws.states.aws.s3.bucket.absent(hub, ctx, name: str, resource_id: str = None) Dict[str, Any][source]#

Delete the specified s3 bucket.

Parameters:
  • name (str) – The Idem name of the s3 bucket.

  • resource_id (str, Optional) – AWS S3 Bucket name.

Request Syntax:
idem-name:
  aws.s3.bucket.absent:
    - name: value
    - resource_id: value
Returns:

dict[str, Any]

Examples

bucket-5435423646-456464:
  aws.s3.bucket.absent:
    - name: bucket1
    - resource_id: bucket1
async idem_aws.states.aws.s3.bucket.describe(hub, ctx) Dict[str, Dict[str, Any]][source]#

Describe the AWS bucket in a way that can be recreated/managed with the corresponding “present” function.

Returns:

dict[str, dict[str, Any]]

Examples

$ idem describe aws.s3