Resource: aws_s3_bucket_object_lock_configuration

Provides an S3 bucket Object Lock configuration resource. For more information about Object Locking, go to Using S3 Object Lock in the Amazon S3 User Guide.

Example Usage

Object Lock configuration for new or existing buckets

resource "aws_s3_bucket" "example" {
  bucket = "mybucket"
}

resource "aws_s3_bucket_versioning" "example" {
  bucket = aws_s3_bucket.example.id

  versioning_configuration {
    status = "Enabled"
  }
}

resource "aws_s3_bucket_object_lock_configuration" "example" {
  bucket = aws_s3_bucket.example.id

  rule {
    default_retention {
      mode = "COMPLIANCE"
      days = 5
    }
  }
}

Argument Reference

This resource supports the following arguments:

rule

The rule configuration block supports the following arguments:

default_retention

The default_retention configuration block supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import S3 bucket Object Lock configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example:

If the owner (account ID) of the source bucket is the same account used to configure the Terraform AWS Provider, import using the bucket:

import {
  to = aws_s3_bucket_object_lock_configuration.example
  id = "bucket-name"
}

If the owner (account ID) of the source bucket differs from the account used to configure the Terraform AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

import { to = aws_s3_bucket_object_lock_configuration.example id = "bucket-name,123456789012" }

Using terraform import to import S3 bucket Object Lock configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example:

If the owner (account ID) of the source bucket is the same account used to configure the Terraform AWS Provider, import using the bucket:

% terraform import aws_s3_bucket_object_lock_configuration.example bucket-name

If the owner (account ID) of the source bucket differs from the account used to configure the Terraform AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

% terraform import aws_s3_bucket_object_lock_configuration.example bucket-name,123456789012