Resource: aws_s3_bucket_lifecycle_configuration

Provides an independent configuration resource for S3 bucket lifecycle configuration.

An S3 Lifecycle configuration consists of one or more Lifecycle rules. Each rule consists of the following:

For more information see the Amazon S3 User Guide on Lifecycle Configuration Elements.

Example Usage

With neither a filter nor prefix specified

The Lifecycle rule applies to a subset of objects based on the key name prefix ("").

This configuration is intended to replicate the default behavior of the lifecycle_rule parameter in the Terraform AWS Provider aws_s3_bucket resource prior to v4.0.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Specifying an empty filter

The Lifecycle rule applies to all objects in the bucket.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {}

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Specifying a filter using key prefixes

The Lifecycle rule applies to a subset of objects based on the key name prefix (logs/).

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {
      prefix = "logs/"
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

If you want to apply a Lifecycle action to a subset of objects based on different key name prefixes, specify separate rules.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {
      prefix = "logs/"
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }

  rule {
    id = "rule-2"

    filter {
      prefix = "tmp/"
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Specifying a filter based on an object tag

The Lifecycle rule specifies a filter based on a tag key and value. The rule then applies only to a subset of objects with the specific tag.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {
      tag {
        key   = "Name"
        value = "Staging"
      }
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Specifying a filter based on multiple tags

The Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with two tags (with the specific tag keys and values). Notice tags is wrapped in the and configuration block.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {
      and {
        tags = {
          Key1 = "Value1"
          Key2 = "Value2"
        }
      }
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Specifying a filter based on both prefix and one or more tags

The Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with the specified prefix and two tags (with the specific tag keys and values). Notice both prefix and tags are wrapped in the and configuration block.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {
      and {
        prefix = "logs/"
        tags = {
          Key1 = "Value1"
          Key2 = "Value2"
        }
      }
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Specifying a filter based on object size

Object size values are in bytes. Maximum filter size is 5TB. Some storage classes have minimum object size limitations, for more information, see Comparing the Amazon S3 storage classes.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {
      object_size_greater_than = 500
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Specifying a filter based on object size range and prefix

The object_size_greater_than must be less than the object_size_less_than. Notice both the object size range and prefix are wrapped in the and configuration block.

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "rule-1"

    filter {
      and {
        prefix                   = "logs/"
        object_size_greater_than = 500
        object_size_less_than    = 64000
      }
    }

    # ... other transition/expiration actions ...

    status = "Enabled"
  }
}

Creating a Lifecycle Configuration for a bucket with versioning

resource "aws_s3_bucket" "bucket" {
  bucket = "my-bucket"
}

resource "aws_s3_bucket_acl" "bucket_acl" {
  bucket = aws_s3_bucket.bucket.id
  acl    = "private"
}

resource "aws_s3_bucket_lifecycle_configuration" "bucket-config" {
  bucket = aws_s3_bucket.bucket.id

  rule {
    id = "log"

    expiration {
      days = 90
    }

    filter {
      and {
        prefix = "log/"

        tags = {
          rule      = "log"
          autoclean = "true"
        }
      }
    }

    status = "Enabled"

    transition {
      days          = 30
      storage_class = "STANDARD_IA"
    }

    transition {
      days          = 60
      storage_class = "GLACIER"
    }
  }

  rule {
    id = "tmp"

    filter {
      prefix = "tmp/"
    }

    expiration {
      date = "2023-01-13T00:00:00Z"
    }

    status = "Enabled"
  }
}

resource "aws_s3_bucket" "versioning_bucket" {
  bucket = "my-versioning-bucket"
}

resource "aws_s3_bucket_acl" "versioning_bucket_acl" {
  bucket = aws_s3_bucket.versioning_bucket.id
  acl    = "private"
}

resource "aws_s3_bucket_versioning" "versioning" {
  bucket = aws_s3_bucket.versioning_bucket.id
  versioning_configuration {
    status = "Enabled"
  }
}

resource "aws_s3_bucket_lifecycle_configuration" "versioning-bucket-config" {
  # Must have bucket versioning enabled first
  depends_on = [aws_s3_bucket_versioning.versioning]

  bucket = aws_s3_bucket.versioning_bucket.id

  rule {
    id = "config"

    filter {
      prefix = "config/"
    }

    noncurrent_version_expiration {
      noncurrent_days = 90
    }

    noncurrent_version_transition {
      noncurrent_days = 30
      storage_class   = "STANDARD_IA"
    }

    noncurrent_version_transition {
      noncurrent_days = 60
      storage_class   = "GLACIER"
    }

    status = "Enabled"
  }
}

Argument Reference

This resource supports the following arguments:

rule

The rule configuration block supports the following arguments:

abort_incomplete_multipart_upload

The abort_incomplete_multipart_upload configuration block supports the following arguments:

expiration

The expiration configuration block supports the following arguments:

filter

The filter configuration block supports the following arguments:

noncurrent_version_expiration

The noncurrent_version_expiration configuration block supports the following arguments:

noncurrent_version_transition

The noncurrent_version_transition configuration block supports the following arguments:

transition

The transition configuration block supports the following arguments:

and

The and configuration block supports the following arguments:

tag

The tag configuration block supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import S3 bucket lifecycle configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example:

If the owner (account ID) of the source bucket is the same account used to configure the Terraform AWS Provider, import using the bucket:

import {
  to = aws_s3_bucket_lifecycle_configuration.example
  id = "bucket-name"
}

If the owner (account ID) of the source bucket differs from the account used to configure the Terraform AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

import {
  to = aws_s3_bucket_lifecycle_configuration.example
  id = "bucket-name,123456789012"
}

Using terraform import to import S3 bucket lifecycle configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example:

If the owner (account ID) of the source bucket is the same account used to configure the Terraform AWS Provider, import using the bucket:

% terraform import aws_s3_bucket_lifecycle_configuration.example bucket-name

If the owner (account ID) of the source bucket differs from the account used to configure the Terraform AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):

% terraform import aws_s3_bucket_lifecycle_configuration.example bucket-name,123456789012