Provides a resource to manage an S3 Multi-Region Access Point associated with specified buckets.
provider "aws" {
region = "us-east-1"
alias = "primary_region"
}
provider "aws" {
region = "us-west-2"
alias = "secondary_region"
}
resource "aws_s3_bucket" "foo_bucket" {
provider = aws.primary_region
bucket = "example-bucket-foo"
}
resource "aws_s3_bucket" "bar_bucket" {
provider = aws.secondary_region
bucket = "example-bucket-bar"
}
resource "aws_s3control_multi_region_access_point" "example" {
details {
name = "example"
region {
bucket = aws_s3_bucket.foo_bucket.id
}
region {
bucket = aws_s3_bucket.bar_bucket.id
}
}
}
This resource supports the following arguments:
account_id
- (Optional) The AWS account ID for the owner of the buckets for which you want to create a Multi-Region Access Point. Defaults to automatically determined account ID of the Terraform AWS provider.details
- (Required) A configuration block containing details about the Multi-Region Access Point. See Details Configuration Block below for more detailscreate
- (Default 60m
)delete
- (Default 15m
)The details
block supports the following:
name
- (Required) The name of the Multi-Region Access Point.public_access_block
- (Optional) Configuration block to manage the PublicAccessBlock
configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. See Public Access Block Configuration below for more details.region
- (Required) The Region configuration block to specify the bucket associated with the Multi-Region Access Point. See Region Configuration below for more details.For more information, see the documentation on Multi-Region Access Points.
The public_access_block
block supports the following:
block_public_acls
- (Optional) Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true
. Enabling this setting does not affect existing policies or ACLs. When set to true
causes the following behavior:
block_public_policy
- (Optional) Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true
. Enabling this setting does not affect existing bucket policies. When set to true
causes Amazon S3 to:
ignore_public_acls
- (Optional) Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true
. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to true
causes Amazon S3 to:
restrict_public_buckets
- (Optional) Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true
. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to true
:
The region
block supports the following:
bucket
- (Required) The name of the associated bucket for the Region.bucket_account_id
- (Optional) The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.This resource exports the following attributes in addition to the arguments above:
alias
- The alias for the Multi-Region Access Point.arn
- Amazon Resource Name (ARN) of the Multi-Region Access Point.domain_name
- The DNS domain name of the S3 Multi-Region Access Point in the format _alias
_.accesspoint.s3-global.amazonaws.com. For more information, see the documentation on Multi-Region Access Point Requests.id
- The AWS account ID and access point name separated by a colon (:
).status
- The current status of the Multi-Region Access Point. One of: READY
, INCONSISTENT_ACROSS_REGIONS
, CREATING
, PARTIALLY_CREATED
, PARTIALLY_DELETED
, DELETING
.In Terraform v1.5.0 and later, use an import
block to import Multi-Region Access Points using the account_id
and name
of the Multi-Region Access Point separated by a colon (:
). For example:
import {
to = aws_s3control_multi_region_access_point.example
id = "123456789012:example"
}
Using terraform import
, import Multi-Region Access Points using the account_id
and name
of the Multi-Region Access Point separated by a colon (:
). For example:
% terraform import aws_s3control_multi_region_access_point.example 123456789012:example