Put Bucket Replication
s3_put_bucket_replication | R Documentation |
This operation is not supported by directory buckets¶
Description¶
This operation is not supported by directory buckets.
Creates a replication configuration or replaces an existing one. For more information, see Replication in the Amazon S3 User Guide.
Specify the replication configuration in the request body. In the
replication configuration, you provide the name of the destination
bucket or buckets where you want Amazon S3 to replicate objects, the IAM
role that Amazon S3 can assume to replicate objects on your behalf, and
other relevant information. You can invoke this request for a specific
Amazon Web Services Region by using the
aws:RequestedRegion
condition key.
A replication configuration must include at least one rule, and can contain a maximum of 1,000. Each rule identifies a subset of objects to replicate by filtering the objects in the source bucket. To choose additional subsets of objects to replicate, add a rule for each subset.
To specify a subset of the objects in the source bucket to apply a
replication rule to, add the Filter element as a child of the Rule
element. You can filter objects based on an object key prefix, one or
more object tags, or both. When you add the Filter element in the
configuration, you must also add the following elements:
DeleteMarkerReplication
, Status
, and Priority
.
If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.
For information about enabling versioning on a bucket, see Using Versioning.
Handling Replication of Encrypted Objects¶
By default, Amazon S3 doesn't replicate objects that are stored at rest
using server-side encryption with KMS keys. To replicate Amazon Web
Services KMS-encrypted objects, add the following:
SourceSelectionCriteria
, SseKmsEncryptedObjects
, Status
,
EncryptionConfiguration
, and ReplicaKmsKeyID
. For information about
replication configuration, see Replicating Objects Created with SSE
Using KMS
keys.
For information on put_bucket_replication
errors, see List of
replication-related error
codes
Permissions¶
To create a put_bucket_replication
request, you must have
s3:PutReplicationConfiguration
permissions for the bucket.
By default, a resource owner, in this case the Amazon Web Services account that created the bucket, can perform this operation. The resource owner can also grant others permissions to perform the operation. For more information about permissions, see Specifying Permissions in a Policy and Managing Access Permissions to Your Amazon S3 Resources.
To perform this operation, the user or role performing the action must have the iam:PassRole permission.
The following operations are related to put_bucket_replication
:
-
get_bucket_replication
-
delete_bucket_replication
Usage¶
s3_put_bucket_replication(Bucket, ContentMD5, ChecksumAlgorithm,
ReplicationConfiguration, Token, ExpectedBucketOwner)
Arguments¶
Bucket
[required] The name of the bucket
ContentMD5
The base64-encoded 128-bit MD5 digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit. For more information, see RFC 1864.
For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.
ChecksumAlgorithm
Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding
x-amz-checksum
orx-amz-trailer
header sent. Otherwise, Amazon S3 fails the request with the HTTP status code400 Bad Request
. For more information, see Checking object integrity in the Amazon S3 User Guide.If you provide an individual checksum, Amazon S3 ignores any provided
ChecksumAlgorithm
parameter.ReplicationConfiguration
[required]
Token
A token to allow Object Lock to be enabled for an existing bucket.
ExpectedBucketOwner
The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code
403 Forbidden
(access denied).
Value¶
An empty list.
Request syntax¶
svc$put_bucket_replication(
Bucket = "string",
ContentMD5 = "string",
ChecksumAlgorithm = "CRC32"|"CRC32C"|"SHA1"|"SHA256",
ReplicationConfiguration = list(
Role = "string",
Rules = list(
list(
ID = "string",
Priority = 123,
Prefix = "string",
Filter = list(
Prefix = "string",
Tag = list(
Key = "string",
Value = "string"
),
And = list(
Prefix = "string",
Tags = list(
list(
Key = "string",
Value = "string"
)
)
)
),
Status = "Enabled"|"Disabled",
SourceSelectionCriteria = list(
SseKmsEncryptedObjects = list(
Status = "Enabled"|"Disabled"
),
ReplicaModifications = list(
Status = "Enabled"|"Disabled"
)
),
ExistingObjectReplication = list(
Status = "Enabled"|"Disabled"
),
Destination = list(
Bucket = "string",
Account = "string",
StorageClass = "STANDARD"|"REDUCED_REDUNDANCY"|"STANDARD_IA"|"ONEZONE_IA"|"INTELLIGENT_TIERING"|"GLACIER"|"DEEP_ARCHIVE"|"OUTPOSTS"|"GLACIER_IR"|"SNOW"|"EXPRESS_ONEZONE",
AccessControlTranslation = list(
Owner = "Destination"
),
EncryptionConfiguration = list(
ReplicaKmsKeyID = "string"
),
ReplicationTime = list(
Status = "Enabled"|"Disabled",
Time = list(
Minutes = 123
)
),
Metrics = list(
Status = "Enabled"|"Disabled",
EventThreshold = list(
Minutes = 123
)
)
),
DeleteMarkerReplication = list(
Status = "Enabled"|"Disabled"
)
)
)
),
Token = "string",
ExpectedBucketOwner = "string"
)
Examples¶
## Not run:
# The following example sets replication configuration on a bucket.
svc$put_bucket_replication(
Bucket = "examplebucket",
ReplicationConfiguration = list(
Role = "arn:aws:iam::123456789012:role/examplerole",
Rules = list(
list(
Destination = list(
Bucket = "arn:aws:s3:::destinationbucket",
StorageClass = "STANDARD"
),
Prefix = "",
Status = "Enabled"
)
)
)
)
## End(Not run)