Try SpotterCreate and manage S3 buckets
| "added in version" 0.1.0 of amazon.cloud"
Authors: Ansible Cloud Team (@ansible-collections)
Install with ansible-galaxy collection install amazon.cloud:==0.1.0
collections:
- name: amazon.cloud
version: 0.1.0Create and manage S3 buckets (list, create, update, describe, delete).
tags:
aliases:
- resource_tags
description:
- A dict of tags to apply to the resource.
- To remove all tags set I(tags={}) and I(purge_tags=true).
required: false
type: dict
wait:
default: false
description:
- Wait for operation to complete before returning.
type: bool
state:
choices:
- present
- absent
- list
- describe
- get
default: present
description:
- Goal state for resource.
- I(state=present) creates the resource if it doesn't exist, or updates to the provided
state if the resource already exists.
- I(state=absent) ensures an existing instance is deleted.
- I(state=list) get all the existing resources.
- I(state=describe) or I(state=get) retrieves information on an existing resource.
type: str
region:
aliases:
- aws_region
- ec2_region
description:
- The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION
environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
type: str
ec2_url:
aliases:
- aws_endpoint_url
- endpoint_url
description:
- URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will
use EC2 endpoints). Ignored for modules where region is required. Must be specified
for all other modules if region is not used. If not set then the value of the EC2_URL
environment variable, if any, is used.
type: str
profile:
aliases:
- aws_profile
description:
- Using I(profile) will override I(aws_access_key), I(aws_secret_key) and I(security_token)
and support for passing them at the same time as I(profile) has been deprecated.
- I(aws_access_key), I(aws_secret_key) and I(security_token) will be made mutually
exclusive with I(profile) after 2022-06-01.
type: str
aws_config:
description:
- A dictionary to modify the botocore configuration.
- Parameters can be found at U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config).
type: dict
purge_tags:
default: true
description:
- Remove tags not listed in I(tags).
required: false
type: bool
bucket_name:
description:
- A name for the bucket.
- If you dont specify a name, AWS CloudFormation generates a unique physical ID and
uses that ID for the bucket name.
type: str
wait_timeout:
default: 320
description:
- How many seconds to wait for an operation to complete before timing out.
type: int
aws_ca_bundle:
description:
- The location of a CA Bundle to use when validating SSL certificates.
- 'Note: The CA Bundle is read ''module'' side and may need to be explicitly copied
from the controller if not run locally.'
type: path
access_control:
choices:
- AuthenticatedRead
- AwsExecRead
- BucketOwnerFullControl
- BucketOwnerRead
- LogDeliveryWrite
- Private
- PublicRead
- PublicReadWrite
description:
- A canned access control list (ACL) that grants predefined permissions to the bucket.
type: str
aws_access_key:
aliases:
- ec2_access_key
- access_key
description:
- C(AWS access key). If not set then the value of the C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY)
or C(EC2_ACCESS_KEY) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_access_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
aws_secret_key:
aliases:
- ec2_secret_key
- secret_key
description:
- C(AWS secret key). If not set then the value of the C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY),
or C(EC2_SECRET_KEY) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_secret_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
security_token:
aliases:
- aws_session_token
- session_token
- aws_security_token
- access_token
description:
- C(AWS STS security token). If not set then the value of the C(AWS_SECURITY_TOKEN)
or C(EC2_SECURITY_TOKEN) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(security_token) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
- Aliases I(aws_session_token) and I(session_token) have been added in version 3.2.0.
type: str
validate_certs:
default: true
description:
- When set to "no", SSL certificates will not be validated for communication with
the AWS APIs.
type: bool
bucket_encryption:
description:
- Specifies default encryption for a bucket using server-side encryption with either
Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS).
suboptions:
server_side_encryption_configuration:
description:
- Specifies the default server-side encryption configuration.
elements: dict
required: true
suboptions:
bucket_key_enabled:
description:
- Specifies whether Amazon S3 should use an S3 Bucket Key with server-side
encryption using KMS (SSE-KMS) for new objects in the bucket.
- Existing objects are not affected.
- Setting the I(bucket_key_enabled) element to true causes Amazon S3 to use
an S3 Bucket Key.
- By default, S3 Bucket Key is not enabled.
type: bool
server_side_encryption_by_default:
description:
- Specifies the default server-side encryption to apply to new objects in
the bucket.
- If a PUT Object request doesnt specify any server-side encryption, this
default encryption will be applied.
suboptions:
kms_master_key_id:
description:
- I(kms_master_key)ID can only be used when you set the value of I(sse_algorithm)
as aws:kms.
type: str
sse_algorithm:
choices:
- AES256
- aws:kms
description:
- Not Provived.
required: true
type: str
type: dict
type: list
type: dict
cors_configuration:
description:
- Rules that define cross-origin resource sharing of objects in this bucket.
suboptions:
cors_rules:
description:
- A set of origins and methods (cross-origin access that you want to allow).
- You can add up to 100 rules to the configuration.
elements: dict
suboptions:
allowed_headers:
description:
- Headers that are specified in the Access-Control-Request-Headers header.
elements: str
type: list
allowed_methods:
choices:
- DELETE
- GET
- HEAD
- POST
- PUT
description:
- An HTTP method that you allow the origin to execute.
elements: str
required: true
type: list
allowed_origins:
description:
- One or more origins you want customers to be able to access the bucket from.
elements: str
required: true
type: list
exposed_headers:
description:
- One or more headers in the response that you want customers to be able to
access from their applications (for example, from a JavaScript XMLHttpRequest
object).
elements: str
type: list
id:
description:
- A unique identifier for this rule.
type: str
max_age:
description:
- The time in seconds that your browser is to cache the preflight response
for the specified resource.
type: int
type: list
type: dict
ownership_controls:
description:
- Specifies the container element for object ownership rules.
suboptions:
rules:
description:
- Not Provived.
elements: dict
required: true
suboptions:
object_ownership:
choices:
- BucketOwnerEnforced
- BucketOwnerPreferred
- ObjectWriter
description:
- Specifies an object ownership rule.
type: str
type: list
type: dict
object_lock_enabled:
description:
- Indicates whether this bucket has an Object Lock configuration enabled.
type: bool
logging_configuration:
description:
- Settings that define where logs are stored.
suboptions:
destination_bucket_name:
description:
- The name of an Amazon S3 bucket where Amazon S3 store server access log files.
- You can store log files in any bucket that you own.
- By default, logs are stored in the bucket where the I(logging_configuration)
property is defined.
type: str
log_file_prefix:
description:
- Not Provived.
type: str
type: dict
website_configuration:
description:
- Specifies website configuration parameters for an Amazon S3 bucket.
suboptions:
error_document:
description:
- The name of the error document for the website.
type: str
index_document:
description:
- The name of the index document for the website.
type: str
redirect_all_requests_to:
description:
- Specifies the redirect behavior of all requests to a website endpoint of an
Amazon S3 bucket.
suboptions:
host_name:
description:
- Name of the host where requests are redirected.
required: true
type: str
protocol:
choices:
- http
- https
description:
- Protocol to use when redirecting requests.
- The default is the protocol that is used in the original request.
type: str
type: dict
routing_rules:
description:
- Specifies the redirect behavior and when a redirect is applied.
elements: dict
suboptions:
redirect_rule:
description:
- Container for redirect information.
- You can redirect requests to another host, to another page, or with another
protocol.
- In the event of an error, you can specify a different error code to return.Specifies
how requests are redirected.
- In the event of an error, you can specify a different error code to return.
required: true
suboptions:
host_name:
description:
- The host name to use in the redirect request.
type: str
http_redirect_code:
description:
- The HTTP redirect code to use on the response.
- Not required if one of the siblings is present.
type: str
protocol:
choices:
- http
- https
description:
- Protocol to use when redirecting requests.
- The default is the protocol that is used in the original request.
type: str
replace_key_prefix_with:
description:
- The object key prefix to use in the redirect request.
type: str
replace_key_with:
description:
- The specific object key to use in the redirect request.d
type: str
type: dict
routing_rule_condition:
description:
- A container for describing a condition that must be met for the specified
redirect to apply.You must specify at least one of I(http_error_code_returned_equals)
and I(key_prefix_equals)
suboptions:
http_error_code_returned_equals:
description:
- The HTTP error code when the redirect is applied.
type: str
key_prefix_equals:
description:
- The object key name prefix when the redirect is applied.
type: str
type: dict
type: list
type: dict
metrics_configurations:
description:
- Settings that define a metrics configuration for the CloudWatch request metrics
from the bucket.
elements: dict
suboptions:
access_point_arn:
description:
- Not Provived.
type: str
id:
description:
- Not Provived.
required: true
type: str
prefix:
description:
- Not Provived.
type: str
tag_filters:
description:
- Tags to use to identify a subset of objects for an Amazon S3 bucket.
elements: dict
suboptions:
key:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
type: list
lifecycle_configuration:
description:
- Rules that define how Amazon S3 manages objects during their lifetime.
suboptions:
rules:
description:
- 'You must specify at least one of the following properties: I(abort_incomplete_multipart_upload),
I(expiration_date), I(expiration_in_days), I(noncurrent_version_expiration_in_days),
I(noncurrent_version_transition), I(noncurrent_version_transitions), I(transition),
or I(transitions).'
elements: dict
suboptions:
abort_incomplete_multipart_upload:
description:
- Specifies the days since the initiation of an incomplete multipart upload
that Amazon S3 will wait before permanently removing all parts of the upload.
suboptions:
days_after_initiation:
description:
- Specifies the number of days after which Amazon S3 aborts an incomplete
multipart upload.
required: true
type: int
type: dict
expiration_date:
description:
- The date value in ISO 8601 format.
- The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)
type: str
expiration_in_days:
description:
- Not Provived.
type: int
expired_object_delete_marker:
description:
- Not Provived.
type: bool
id:
description:
- Not Provived.
type: str
noncurrent_version_expiration:
description:
- Container for the expiration rule that describes when noncurrent objects
are expired.
- If your bucket is versioning-enabled (or versioning is suspended), you can
set this action to request that Amazon S3 expire noncurrent object versions
at a specific period in the objects lifetime
suboptions:
newer_noncurrent_versions:
description:
- Specified the number of newer noncurrent and current versions that must
exists before performing the associated action
type: int
noncurrent_days:
description:
- Specified the number of days an object is noncurrent before Amazon S3
can perform the associated action
required: true
type: int
type: dict
noncurrent_version_expiration_in_days:
description:
- Not Provived.
type: int
noncurrent_version_transition:
description:
- Container for the transition rule that describes when noncurrent objects
transition to the C(STANDARD_IA), C(ONEZONE_IA), C(INTELLIGENT_TIERING),
C(GLACIER_IR), C(GLACIER), or C(DEEP_ARCHIVE) storage class.
- If your bucket is versioning-enabled (or versioning is suspended), you can
set this action to request that Amazon S3 transition noncurrent object versions
to the C(STANDARD_IA), C(ONEZONE_IA), C(INTELLIGENT_TIERING), C(GLACIER_IR),
C(GLACIER), or C(DEEP_ARCHIVE) storage class at a specific period in the
objects lifetime.
suboptions:
newer_noncurrent_versions:
description:
- Specified the number of newer noncurrent and current versions that must
exists before performing the associated action
type: int
storage_class:
choices:
- DEEP_ARCHIVE
- GLACIER
- GLACIER_IR
- Glacier
- INTELLIGENT_TIERING
- ONEZONE_IA
- STANDARD_IA
description:
- The class of storage used to store the object.
required: true
type: str
transition_in_days:
description:
- Specifies the number of days an object is noncurrent before Amazon S3
can perform the associated action.
required: true
type: int
type: dict
noncurrent_version_transitions:
description:
- Container for the transition rule that describes when noncurrent objects
transition to the C(STANDARD_IA), C(ONEZONE_IA), C(INTELLIGENT_TIERING),
C(GLACIER_IR), C(GLACIER), or C(DEEP_ARCHIVE) storage class.
- If your bucket is versioning-enabled (or versioning is suspended), you can
set this action to request that Amazon S3 transition noncurrent object versions
to the C(STANDARD_IA), C(ONEZONE_IA), C(INTELLIGENT_TIERING), C(GLACIER_IR),
C(GLACIER), or C(DEEP_ARCHIVE) storage class at a specific period in the
objects lifetime.
elements: dict
suboptions:
newer_noncurrent_versions:
description:
- Specified the number of newer noncurrent and current versions that must
exists before performing the associated action
type: int
storage_class:
choices:
- DEEP_ARCHIVE
- GLACIER
- GLACIER_IR
- Glacier
- INTELLIGENT_TIERING
- ONEZONE_IA
- STANDARD_IA
description:
- The class of storage used to store the object.
required: true
type: str
transition_in_days:
description:
- Specifies the number of days an object is noncurrent before Amazon S3
can perform the associated action.
required: true
type: int
type: list
object_size_greater_than:
description:
- Not Provived.
type: str
object_size_less_than:
description:
- Not Provived.
type: str
prefix:
description:
- Not Provived.
type: str
status:
choices:
- Disabled
- Enabled
description:
- Not Provived.
required: true
type: str
tag_filters:
description:
- Tags to use to identify a subset of objects for an Amazon S3 bucket.
elements: dict
suboptions:
key:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
transition:
description:
- You must specify at least one of I(transition_date) and I(transition_in_days)
suboptions:
storage_class:
choices:
- DEEP_ARCHIVE
- GLACIER
- GLACIER_IR
- Glacier
- INTELLIGENT_TIERING
- ONEZONE_IA
- STANDARD_IA
description:
- Not Provived.
required: true
type: str
transition_date:
description:
- The date value in ISO 8601 format.
- The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)
type: str
transition_in_days:
description:
- Not Provived.
type: int
type: dict
transitions:
description:
- You must specify at least one of I(transition_date) and I(transition_in_days)
elements: dict
suboptions:
storage_class:
choices:
- DEEP_ARCHIVE
- GLACIER
- GLACIER_IR
- Glacier
- INTELLIGENT_TIERING
- ONEZONE_IA
- STANDARD_IA
description:
- Not Provived.
required: true
type: str
transition_date:
description:
- The date value in ISO 8601 format.
- The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)
type: str
transition_in_days:
description:
- Not Provived.
type: int
type: list
type: list
type: dict
accelerate_configuration:
description:
- Configuration for the transfer acceleration state.
suboptions:
acceleration_status:
choices:
- Enabled
- Suspended
description:
- Configures the transfer acceleration state for an Amazon S3 bucket.
required: true
type: str
type: dict
analytics_configurations:
description:
- Specifies the configuration and any analyses for the analytics filter of an Amazon
S3 bucket.
elements: dict
suboptions:
id:
description:
- The ID that identifies the analytics configuration.
required: true
type: str
prefix:
description:
- The prefix that an object must have to be included in the analytics results.
type: str
storage_class_analysis:
description:
- Specifies data related to access patterns to be collected and made available
to analyze the tradeoffs between different storage classes for an Amazon S3
bucket.
required: true
suboptions:
data_export:
description:
- Specifies how data related to the storage class analysis for an Amazon S3
bucket should be exported.
suboptions:
destination:
description:
- Specifies information about where to publish analysis or configuration
results for an Amazon S3 bucket and S3 Replication Time Control (S3
RTC).
required: true
suboptions:
bucket_account_id:
description:
- The account ID that owns the destination S3 bucket.
type: str
bucket_arn:
description:
- The Amazon Resource Name (ARN) of the bucket to which data is exported.
type: str
format:
choices:
- CSV
- ORC
- Parquet
description:
- Specifies the file format used when exporting data to Amazon S3.
type: str
prefix:
description:
- The prefix to use when exporting data.
- The prefix is prepended to all results.
type: str
type: dict
output_schema_version:
default: V_1
description:
- The version of the output schema to use when exporting data.
type: str
type: dict
type: dict
tag_filters:
description:
- Tags to use to identify a subset of objects for an Amazon S3 bucket.
elements: dict
suboptions:
key:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
type: list
inventory_configurations:
description:
- The inventory configuration for an Amazon S3 bucket.
elements: dict
suboptions:
destination:
description:
- Specifies information about where to publish analysis or configuration results
for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
required: true
suboptions:
bucket_account_id:
description:
- The account ID that owns the destination S3 bucket.
type: str
bucket_arn:
description:
- The Amazon Resource Name (ARN) of the bucket to which data is exported.
type: str
format:
choices:
- CSV
- ORC
- Parquet
description:
- Specifies the file format used when exporting data to Amazon S3.
type: str
prefix:
description:
- The prefix to use when exporting data.
- The prefix is prepended to all results.
type: str
type: dict
enabled:
description:
- Specifies whether the inventory is enabled or disabled.
required: true
type: bool
id:
description:
- The ID used to identify the inventory configuration.
required: true
type: str
included_object_versions:
choices:
- All
- Current
description:
- Object versions to include in the inventory list.
required: true
type: str
optional_fields:
choices:
- BucketKeyStatus
- ETag
- EncryptionStatus
- IntelligentTieringAccessTier
- IsMultipartUploaded
- LastModifiedDate
- ObjectLockLegalHoldStatus
- ObjectLockMode
- ObjectLockRetainUntilDate
- ReplicationStatus
- Size
- StorageClass
description:
- Contains the optional fields that are included in the inventory results.
elements: str
type: list
prefix:
description:
- The prefix that is prepended to all inventory results.
type: str
schedule_frequency:
choices:
- Daily
- Weekly
description:
- Specifies the schedule for generating inventory results.
required: true
type: str
type: list
versioning_configuration:
description:
- Describes the versioning state of an Amazon S3 bucket.
suboptions:
status:
choices:
- Enabled
- Suspended
default: Suspended
description:
- The versioning state of the bucket.
type: str
type: dict
object_lock_configuration:
description:
- Places an Object Lock configuration on the specified bucket.
suboptions:
object_lock_enabled:
default: Enabled
description:
- Not Provived.
type: str
rule:
description:
- The Object Lock rule in place for the specified object.
suboptions:
default_retention:
description:
- The default retention period that you want to apply to new objects placed
in the specified bucket.
suboptions:
days:
description:
- Not Provived.
type: int
mode:
choices:
- COMPLIANCE
- GOVERNANCE
description:
- Not Provived.
type: str
years:
description:
- Not Provived.
type: int
type: dict
type: dict
type: dict
replication_configuration:
description:
- Configuration for replicating objects in an S3 bucket.A container for replication
rules.
- You can add up to 1,000 rules.
- The maximum size of a replication configuration is 2 MB.
suboptions:
role:
description:
- The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM)
role that Amazon S3 assumes when replicating objects.
required: true
type: str
rules:
description:
- Specifies which Amazon S3 objects to replicate and where to store the replicas.
elements: dict
suboptions:
delete_marker_replication:
description:
- Not Provived.
suboptions:
status:
choices:
- Disabled
- Enabled
description:
- Not Provived.
type: str
type: dict
destination:
description:
- Specifies which Amazon S3 bucket to store replicated objects in and their
storage class.
required: true
suboptions:
access_control_translation:
description:
- Specify this only in a cross-account scenario (where source and destination
bucket owners are not the same), and you want to change replica ownership
to the AWS account that owns the destination bucket.
- If this is not specified in the replication configuration, the replicas
are owned by same AWS account that owns the source object.
suboptions:
owner:
default: Destination
description:
- Not Provived.
type: str
type: dict
account:
description:
- Not Provived.
type: str
bucket:
description:
- Not Provived.
type: str
encryption_configuration:
description:
- Specifies encryption-related information for an Amazon S3 bucket that
is a destination for replicated objects.
suboptions:
replica_kms_key_id:
description:
- Specifies the ID (Key ARN or Alias ARN) of the customer managed
customer master key (CMK) stored in AWS Key Management Service (KMS)
for the destination bucket.
required: true
type: str
type: dict
metrics:
description:
- Not Provived.
suboptions:
event_threshold:
description:
- Not Provived.
suboptions:
minutes:
description:
- Not Provived.
required: true
type: int
type: dict
status:
choices:
- Disabled
- Enabled
description:
- Not Provived.
required: true
type: str
type: dict
replication_time:
description:
- Not Provived.
suboptions:
status:
choices:
- Disabled
- Enabled
description:
- Not Provived.
required: true
type: str
time:
description:
- Not Provived.
required: true
suboptions:
minutes:
description:
- Not Provived.
required: true
type: int
type: dict
type: dict
storage_class:
choices:
- DEEP_ARCHIVE
- GLACIER
- GLACIER_IR
- INTELLIGENT_TIERING
- ONEZONE_IA
- REDUCED_REDUNDANCY
- STANDARD
- STANDARD_IA
description:
- The storage class to use when replicating objects, such as S3 Standard
or reduced redundancy.
type: str
type: dict
filter:
description:
- Not Provived.
suboptions:
and:
description:
- Not Provived.
suboptions:
prefix:
description:
- Not Provived.
type: str
tag_filters:
description:
- Tags to use to identify a subset of objects for an Amazon S3 bucket.
elements: dict
suboptions:
key:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
type: dict
prefix:
description:
- Not Provived.
type: str
tag_filter:
description:
- Tags to use to identify a subset of objects for an Amazon S3 bucket.
suboptions:
key:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: dict
type: dict
id:
description:
- A unique identifier for the rule.
type: str
prefix:
description:
- An object key name prefix that identifies the object or objects to which
the rule applies.
type: str
priority:
description:
- Not Provived.
type: int
source_selection_criteria:
description:
- A container that describes additional filters for identifying the source
objects that you want to replicate.
suboptions:
replica_modifications:
description:
- A filter that you can specify for selection for modifications on replicas.
suboptions:
status:
choices:
- Disabled
- Enabled
description:
- Specifies whether Amazon S3 replicates modifications on replicas.
required: true
type: str
type: dict
sse_kms_encrypted_objects:
description:
- A container for filter information for the selection of Amazon S3 objects
encrypted with AWS KMS.A container for filter information for the selection
of S3 objects encrypted with AWS KMS.
suboptions:
status:
choices:
- Disabled
- Enabled
description:
- Specifies whether Amazon S3 replicates objects created with server-side
encryption using a customer master key (CMK) stored in AWS Key Management
Service.
required: true
type: str
type: dict
type: dict
status:
choices:
- Disabled
- Enabled
description:
- Specifies whether the rule is enabled.
required: true
type: str
type: list
type: dict
notification_configuration:
description:
- Configuration that defines how Amazon S3 handles bucket notifications.Describes
the notification configuration for an Amazon S3 bucket.
suboptions:
event_bridge_configuration:
description:
- Describes the Amazon EventBridge notification configuration for an Amazon S3
bucket.
suboptions:
event_bridge_enabled:
default: 'true'
description:
- Specifies whether to send notifications to Amazon EventBridge when events
occur in an Amazon S3 bucket.
type: bool
type: dict
lambda_configurations:
description:
- Describes the AWS Lambda functions to invoke and the events for which to invoke
them.
elements: dict
suboptions:
event:
description:
- The Amazon S3 bucket event for which to invoke the AWS Lambda function.
required: true
type: str
filter:
description:
- The filtering rules that determine which objects invoke the AWS Lambda function.Specifies
object key name filtering rules.
suboptions:
s3_key:
description:
- A container for object key name prefix and suffix filtering rules.
required: true
suboptions:
rules:
description:
- Specifies the Amazon S3 object key name to filter on and whether
to filter on the suffix or prefix of the key name.
elements: dict
suboptions:
name:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
type: dict
type: dict
function:
description:
- The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3
invokes when the specified event type occurs.
required: true
type: str
type: list
queue_configurations:
description:
- The Amazon Simple Queue Service queues to publish messages to and the events
for which to publish messages.
elements: dict
suboptions:
event:
description:
- The Amazon S3 bucket event about which you want to publish messages to Amazon
SQS.
required: true
type: str
filter:
description:
- The filtering rules that determine which objects trigger notifications.
suboptions:
s3_key:
description:
- A container for object key name prefix and suffix filtering rules.
required: true
suboptions:
rules:
description:
- Specifies the Amazon S3 object key name to filter on and whether
to filter on the suffix or prefix of the key name.
elements: dict
suboptions:
name:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
type: dict
type: dict
queue:
description:
- The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3
publishes a message when it detects events of the specified type.
required: true
type: str
type: list
topic_configurations:
description:
- The topic to which notifications are sent and the events for which notifications
are generated.
elements: dict
suboptions:
event:
description:
- The Amazon S3 bucket event about which to send notifications.
required: true
type: str
filter:
description:
- The filtering rules that determine for which objects to send notifications.
suboptions:
s3_key:
description:
- A container for object key name prefix and suffix filtering rules.
required: true
suboptions:
rules:
description:
- Specifies the Amazon S3 object key name to filter on and whether
to filter on the suffix or prefix of the key name.
elements: dict
suboptions:
name:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
type: dict
type: dict
topic:
description:
- The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3
publishes a message when it detects events of the specified type.
required: true
type: str
type: list
type: dict
debug_botocore_endpoint_logs:
default: 'no'
description:
- Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action"
API calls made during a task, outputing the set to the resource_actions key in the
task results. Use the aws_resource_action callback to output to total list made
during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also
be used.
type: bool
public_access_block_configuration:
description:
- Configuration that defines how Amazon S3 handles public access.
suboptions:
block_public_acls:
description:
- Specifies whether Amazon S3 should block public access control lists (ACLs)
for this bucket and objects in this bucket.
- 'Setting this element to C(True) causes the following behavior:'
- '- PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.'
- '- PUT Object calls fail if the request includes a public ACL.'
- Enabling this setting doesnt affect existing policies or ACLs.
type: bool
block_public_policy:
description:
- Specifies whether Amazon S3 should block public bucket policies for this bucket.
- Setting this element to C(True) causes Amazon S3 to reject calls to PUT Bucket
policy if the specified bucket policy allows public access.
- Enabling this setting doesnt affect existing bucket policies.
type: bool
ignore_public_acls:
description:
- Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects
in this bucket.
- Setting this element to C(True) causes Amazon S3 to ignore all public ACLs on
this bucket and objects in this bucket.
- Enabling this setting doesnt affect the persistence of any existing ACLs and
doesnt prevent new public ACLs from being set.
type: bool
restrict_public_buckets:
description:
- Specifies whether Amazon S3 should restrict public bucket policies for this
bucket.
- Setting this element to C(True) restricts access to this bucket to only AWS
services and authorized users within this account if the bucket has a public
policy.
- Enabling this setting doesnt affect previously stored bucket policies, except
that public and cross-account access within any public bucket policy, including
non-public delegation to specific accounts, is blocked.
type: bool
type: dict
intelligent_tiering_configurations:
description:
- Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.
elements: dict
suboptions:
id:
description:
- The ID used to identify the S3 Intelligent-Tiering configuration.
required: true
type: str
prefix:
description:
- An object key name prefix that identifies the subset of objects to which the
rule applies.
type: str
status:
choices:
- Disabled
- Enabled
description:
- Specifies the status of the configuration.
required: true
type: str
tag_filters:
description:
- Tags to use to identify a subset of objects for an Amazon S3 bucket.
elements: dict
suboptions:
key:
description:
- Not Provived.
required: true
type: str
value:
description:
- Not Provived.
required: true
type: str
type: list
tierings:
description:
- Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration.
- At least one tier must be defined in the list.
- 'At most, you can specify two tiers in the list, one for each available I(access_tier):
C(ARCHIVE_ACCESS) and C(DEEP_ARCHIVE_ACCESS).'
elements: dict
suboptions:
access_tier:
choices:
- ARCHIVE_ACCESS
- DEEP_ARCHIVE_ACCESS
description:
- S3 Intelligent-Tiering access tier.
- See Storage class for automatically optimizing frequently and infrequently
accessed objects for a list of access tiers in the S3 Intelligent-Tiering
storage class.
required: true
type: str
days:
description:
- The number of consecutive days of no access after which an object will be
eligible to be transitioned to the corresponding tier.
- The minimum number of days specified for Archive Access tier must be at
least 90 days and Deep Archive Access tier must be at least 180 days.
- The maximum can be up to 2 years (730 days).
required: true
type: int
type: list
type: list
result:
contains:
identifier:
description: The unique identifier of the resource.
type: str
properties:
description: The resource properties.
type: dict
description: Dictionary containing resource information.
returned: always
type: complex