{ "description": "Bucket is the Schema for the Buckets API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "BucketSpec defines the desired state of Bucket.\n\nIn terms of implementation, a Bucket is a resource.", "properties": { "accelerate": { "description": "Container for setting the transfer acceleration state.", "properties": { "status": { "type": "string" } }, "type": "object", "additionalProperties": false }, "acl": { "description": "The canned ACL to apply to the bucket.\n\nThis functionality is not supported for directory buckets.", "type": "string" }, "analytics": { "items": { "description": "Specifies the configuration and any analyses for the analytics filter of\nan Amazon S3 bucket.", "properties": { "filter": { "description": "The filter used to describe a set of objects for analyses. A filter must\nhave exactly one prefix, one tag, or one conjunction (AnalyticsAndOperator).\nIf no filter is provided, all objects will be considered in any analysis.", "properties": { "and": { "description": "A conjunction (logical AND) of predicates, which is used in evaluating a\nmetrics filter. The operator must have at least two predicates in any combination,\nand an object must match all of the predicates for the filter to apply.", "properties": { "prefix": { "type": "string" }, "tags": { "items": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "prefix": { "type": "string" }, "tag": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "type": "string" }, "storageClassAnalysis": { "description": "Specifies data related to access patterns to be collected and made available\nto analyze the tradeoffs between different storage classes for an Amazon\nS3 bucket.", "properties": { "dataExport": { "description": "Container for data related to the storage class analysis for an Amazon S3\nbucket for export.", "properties": { "destination": { "description": "Where to publish the analytics results.", "properties": { "s3BucketDestination": { "description": "Contains information about where to publish the analytics results.", "properties": { "bucket": { "type": "string" }, "bucketAccountID": { "type": "string" }, "format": { "type": "string" }, "prefix": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "outputSchemaVersion": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" }, "cors": { "description": "Describes the cross-origin access configuration for objects in an Amazon\nS3 bucket. For more information, see Enabling Cross-Origin Resource Sharing\n(https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon\nS3 User Guide.", "properties": { "corsRules": { "items": { "description": "Specifies a cross-origin access rule for an Amazon S3 bucket.", "properties": { "allowedHeaders": { "items": { "type": "string" }, "type": "array" }, "allowedMethods": { "items": { "type": "string" }, "type": "array" }, "allowedOrigins": { "items": { "type": "string" }, "type": "array" }, "exposeHeaders": { "items": { "type": "string" }, "type": "array" }, "id": { "type": "string" }, "maxAgeSeconds": { "format": "int64", "type": "integer" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "createBucketConfiguration": { "description": "The configuration information for the bucket.", "properties": { "locationConstraint": { "type": "string" } }, "type": "object", "additionalProperties": false }, "encryption": { "description": "Specifies the default server-side-encryption configuration.", "properties": { "rules": { "items": { "description": "Specifies the default server-side encryption configuration.\n\n - General purpose buckets - If you're specifying a customer managed KMS\n key, we recommend using a fully qualified KMS key ARN. If you use a KMS\n key alias instead, then KMS resolves the key within the requester\u2019s\n account. This behavior can result in data that's encrypted with a KMS\n key that belongs to the requester, and not the bucket owner.\n\n - Directory buckets - When you specify an KMS customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk)\n for encryption in your directory bucket, only use the key ID or key ARN.\n The key alias format of the KMS key isn't supported.", "properties": { "applyServerSideEncryptionByDefault": { "description": "Describes the default server-side encryption to apply to new objects in the\nbucket. If a PUT Object request doesn't specify any server-side encryption,\nthis default encryption will be applied. For more information, see PutBucketEncryption\n(https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html).\n\n * General purpose buckets - If you don't specify a customer managed key\n at configuration, Amazon S3 automatically creates an Amazon Web Services\n KMS key (aws/s3) in your Amazon Web Services account the first time that\n you add an object encrypted with SSE-KMS to a bucket. By default, Amazon\n S3 uses this KMS key for SSE-KMS.\n\n * Directory buckets - Your SSE-KMS configuration can only support 1 customer\n managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk)\n per directory bucket for the lifetime of the bucket. The Amazon Web Services\n managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)\n (aws/s3) isn't supported.\n\n * Directory buckets - For directory buckets, there are only two supported\n options for server-side encryption: SSE-S3 and SSE-KMS.", "properties": { "kmsMasterKeyID": { "type": "string" }, "sseAlgorithm": { "type": "string" } }, "type": "object", "additionalProperties": false }, "bucketKeyEnabled": { "type": "boolean" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "grantFullControl": { "description": "Allows grantee the read, write, read ACP, and write ACP permissions on the\nbucket.\n\nThis functionality is not supported for directory buckets.", "type": "string" }, "grantRead": { "description": "Allows grantee to list the objects in the bucket.\n\nThis functionality is not supported for directory buckets.", "type": "string" }, "grantReadACP": { "description": "Allows grantee to read the bucket ACL.\n\nThis functionality is not supported for directory buckets.", "type": "string" }, "grantWrite": { "description": "Allows grantee to create new objects in the bucket.\n\nFor the bucket and object owners of existing objects, also allows deletions\nand overwrites of those objects.\n\nThis functionality is not supported for directory buckets.", "type": "string" }, "grantWriteACP": { "description": "Allows grantee to write the ACL for the applicable bucket.\n\nThis functionality is not supported for directory buckets.", "type": "string" }, "intelligentTiering": { "items": { "description": "Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.\n\nFor information about the S3 Intelligent-Tiering storage class, see Storage\nclass for automatically optimizing frequently and infrequently accessed objects\n(https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).", "properties": { "filter": { "description": "The Filter is used to identify objects that the S3 Intelligent-Tiering configuration\napplies to.", "properties": { "and": { "description": "A container for specifying S3 Intelligent-Tiering filters. The filters determine\nthe subset of objects to which the rule applies.", "properties": { "prefix": { "type": "string" }, "tags": { "items": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "prefix": { "type": "string" }, "tag": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "type": "string" }, "status": { "type": "string" }, "tierings": { "items": { "description": "The S3 Intelligent-Tiering storage class is designed to optimize storage\ncosts by automatically moving data to the most cost-effective storage access\ntier, without additional operational overhead.", "properties": { "accessTier": { "type": "string" }, "days": { "format": "int64", "type": "integer" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "inventory": { "items": { "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information,\nsee GET Bucket inventory (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html)\nin the Amazon S3 API Reference.", "properties": { "destination": { "description": "Specifies the inventory configuration for an Amazon S3 bucket.", "properties": { "s3BucketDestination": { "description": "Contains the bucket name, file format, bucket owner (optional), and prefix\n(optional) where inventory results are published.", "properties": { "accountID": { "type": "string" }, "bucket": { "type": "string" }, "encryption": { "description": "Contains the type of server-side encryption used to encrypt the inventory\nresults.", "properties": { "sseKMS": { "description": "Specifies the use of SSE-KMS to encrypt delivered inventory reports.", "properties": { "keyID": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "format": { "type": "string" }, "prefix": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "filter": { "description": "Specifies an inventory filter. The inventory only includes objects that meet\nthe filter's criteria.", "properties": { "prefix": { "type": "string" } }, "type": "object", "additionalProperties": false }, "id": { "type": "string" }, "includedObjectVersions": { "type": "string" }, "isEnabled": { "type": "boolean" }, "optionalFields": { "items": { "type": "string" }, "type": "array" }, "schedule": { "description": "Specifies the schedule for generating inventory results.", "properties": { "frequency": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" }, "lifecycle": { "description": "Container for lifecycle rules. You can add as many as 1,000 rules.", "properties": { "rules": { "items": { "description": "A lifecycle rule for individual objects in an Amazon S3 bucket.\n\nFor more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html)\nin the Amazon S3 User Guide.", "properties": { "abortIncompleteMultipartUpload": { "description": "Specifies the days since the initiation of an incomplete multipart upload\nthat Amazon S3 will wait before permanently removing all parts of the upload.\nFor more information, see Aborting Incomplete Multipart Uploads Using a Bucket\nLifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config)\nin the Amazon S3 User Guide.", "properties": { "daysAfterInitiation": { "format": "int64", "type": "integer" } }, "type": "object", "additionalProperties": false }, "expiration": { "description": "Container for the expiration for the lifecycle of the object.\n\nFor more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html)\nin the Amazon S3 User Guide.", "properties": { "date": { "format": "date-time", "type": "string" }, "days": { "format": "int64", "type": "integer" }, "expiredObjectDeleteMarker": { "type": "boolean" } }, "type": "object", "additionalProperties": false }, "filter": { "description": "The Filter is used to identify objects that a Lifecycle Rule applies to.\nA Filter can have exactly one of Prefix, Tag, ObjectSizeGreaterThan, ObjectSizeLessThan,\nor And specified. If the Filter element is left empty, the Lifecycle Rule\napplies to all objects in the bucket.", "properties": { "and": { "description": "This is used in a Lifecycle Rule Filter to apply a logical AND to two or\nmore predicates. The Lifecycle Rule will apply to any object matching all\nof the predicates configured inside the And operator.", "properties": { "objectSizeGreaterThan": { "format": "int64", "type": "integer" }, "objectSizeLessThan": { "format": "int64", "type": "integer" }, "prefix": { "type": "string" }, "tags": { "items": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "objectSizeGreaterThan": { "format": "int64", "type": "integer" }, "objectSizeLessThan": { "format": "int64", "type": "integer" }, "prefix": { "type": "string" }, "tag": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "type": "string" }, "noncurrentVersionExpiration": { "description": "Specifies when noncurrent object versions expire. Upon expiration, Amazon\nS3 permanently deletes the noncurrent object versions. You set this lifecycle\nconfiguration action on a bucket that has versioning enabled (or suspended)\nto request that Amazon S3 delete noncurrent object versions at a specific\nperiod in the object's lifetime.\n\nThis parameter applies to general purpose buckets only. It is not supported\nfor directory bucket lifecycle configurations.", "properties": { "newerNoncurrentVersions": { "format": "int64", "type": "integer" }, "noncurrentDays": { "format": "int64", "type": "integer" } }, "type": "object", "additionalProperties": false }, "noncurrentVersionTransitions": { "items": { "description": "Container for the transition rule that describes when noncurrent objects\ntransition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR,\nGLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled\n(or versioning is suspended), you can set this action to request that Amazon\nS3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA,\nINTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at\na specific period in the object's lifetime.", "properties": { "newerNoncurrentVersions": { "format": "int64", "type": "integer" }, "noncurrentDays": { "format": "int64", "type": "integer" }, "storageClass": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "prefix": { "type": "string" }, "status": { "type": "string" }, "transitions": { "items": { "description": "Specifies when an object transitions to a specified storage class. For more\ninformation about Amazon S3 lifecycle configuration rules, see Transitioning\nObjects Using Amazon S3 Lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html)\nin the Amazon S3 User Guide.", "properties": { "date": { "format": "date-time", "type": "string" }, "days": { "format": "int64", "type": "integer" }, "storageClass": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "logging": { "description": "Container for logging status information.", "properties": { "loggingEnabled": { "description": "Describes where logs are stored and the prefix that Amazon S3 assigns to\nall log object keys for a bucket. For more information, see PUT Bucket logging\n(https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html)\nin the Amazon S3 API Reference.", "properties": { "targetBucket": { "type": "string" }, "targetGrants": { "items": { "description": "Container for granting information.\n\nBuckets that use the bucket owner enforced setting for Object Ownership don't\nsupport target grants. For more information, see Permissions server access\nlog delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general)\nin the Amazon S3 User Guide.", "properties": { "grantee": { "description": "Container for the person being granted permissions.", "properties": { "displayName": { "type": "string" }, "emailAddress": { "type": "string" }, "id": { "type": "string" }, "type_": { "type": "string" }, "uRI": { "type": "string" } }, "type": "object", "additionalProperties": false }, "permission": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "targetPrefix": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "metrics": { "items": { "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified\nby the metrics configuration ID) from an Amazon S3 bucket. If you're updating\nan existing metrics configuration, note that this is a full replacement of\nthe existing metrics configuration. If you don't include the elements you\nwant to keep, they are erased. For more information, see PutBucketMetricsConfiguration\n(https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).", "properties": { "filter": { "description": "Specifies a metrics configuration filter. The metrics configuration only\nincludes objects that meet the filter's criteria. A filter must be a prefix,\nan object tag, an access point ARN, or a conjunction (MetricsAndOperator).\nFor more information, see PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html).", "properties": { "accessPointARN": { "type": "string" }, "and": { "description": "A conjunction (logical AND) of predicates, which is used in evaluating a\nmetrics filter. The operator must have at least two predicates, and an object\nmust match all of the predicates in order for the filter to apply.", "properties": { "accessPointARN": { "type": "string" }, "prefix": { "type": "string" }, "tags": { "items": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "prefix": { "type": "string" }, "tag": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "name": { "description": "The name of the bucket to create.\n\nGeneral purpose buckets - For information about bucket naming restrictions,\nsee Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html)\nin the Amazon S3 User Guide.\n\nDirectory buckets - When you use this operation with a directory bucket,\nyou must use path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n. Virtual-hosted-style requests aren't supported. Directory bucket names\nmust be unique in the chosen Zone (Availability Zone or Local Zone). Bucket\nnames must also follow the format bucket-base-name--zone-id--x-s3 (for example,\nDOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming\nrestrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html)\nin the Amazon S3 User Guide", "type": "string", "x-kubernetes-validations": [ { "message": "Value is immutable once set", "rule": "self == oldSelf" } ] }, "notification": { "description": "A container for specifying the notification configuration of the bucket.\nIf this element is empty, notifications are turned off for the bucket.", "properties": { "lambdaFunctionConfigurations": { "items": { "description": "A container for specifying the configuration for Lambda notifications.", "properties": { "events": { "items": { "type": "string" }, "type": "array" }, "filter": { "description": "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring event notifications using object key name filtering\n(https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html)\nin the Amazon S3 User Guide.", "properties": { "key": { "description": "A container for object key name prefix and suffix filtering rules.", "properties": { "filterRules": { "description": "A list of containers for the key-value pair that defines the criteria for\nthe filter rule.", "items": { "description": "Specifies the Amazon S3 object key name to filter on. An object key name\nis the name assigned to an object in your Amazon S3 bucket. You specify whether\nto filter on the suffix or prefix of the object key name. A prefix is a specific\nstring of characters at the beginning of an object key name, which you can\nuse to organize objects. For example, you can start the key names of related\nobjects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule\nto find objects in a bucket with key names that have the same prefix. A suffix\nis similar to a prefix, but it is at the end of the object key name instead\nof at the beginning.", "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "description": "An optional unique identifier for configurations in a notification configuration.\nIf you don't provide one, Amazon S3 will assign an ID.", "type": "string" }, "lambdaFunctionARN": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "queueConfigurations": { "items": { "description": "Specifies the configuration for publishing messages to an Amazon Simple Queue\nService (Amazon SQS) queue when Amazon S3 detects specified events.", "properties": { "events": { "items": { "type": "string" }, "type": "array" }, "filter": { "description": "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring event notifications using object key name filtering\n(https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html)\nin the Amazon S3 User Guide.", "properties": { "key": { "description": "A container for object key name prefix and suffix filtering rules.", "properties": { "filterRules": { "description": "A list of containers for the key-value pair that defines the criteria for\nthe filter rule.", "items": { "description": "Specifies the Amazon S3 object key name to filter on. An object key name\nis the name assigned to an object in your Amazon S3 bucket. You specify whether\nto filter on the suffix or prefix of the object key name. A prefix is a specific\nstring of characters at the beginning of an object key name, which you can\nuse to organize objects. For example, you can start the key names of related\nobjects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule\nto find objects in a bucket with key names that have the same prefix. A suffix\nis similar to a prefix, but it is at the end of the object key name instead\nof at the beginning.", "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "description": "An optional unique identifier for configurations in a notification configuration.\nIf you don't provide one, Amazon S3 will assign an ID.", "type": "string" }, "queueARN": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "topicConfigurations": { "items": { "description": "A container for specifying the configuration for publication of messages\nto an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3\ndetects specified events.", "properties": { "events": { "items": { "type": "string" }, "type": "array" }, "filter": { "description": "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring event notifications using object key name filtering\n(https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html)\nin the Amazon S3 User Guide.", "properties": { "key": { "description": "A container for object key name prefix and suffix filtering rules.", "properties": { "filterRules": { "description": "A list of containers for the key-value pair that defines the criteria for\nthe filter rule.", "items": { "description": "Specifies the Amazon S3 object key name to filter on. An object key name\nis the name assigned to an object in your Amazon S3 bucket. You specify whether\nto filter on the suffix or prefix of the object key name. A prefix is a specific\nstring of characters at the beginning of an object key name, which you can\nuse to organize objects. For example, you can start the key names of related\nobjects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule\nto find objects in a bucket with key names that have the same prefix. A suffix\nis similar to a prefix, but it is at the end of the object key name instead\nof at the beginning.", "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "description": "An optional unique identifier for configurations in a notification configuration.\nIf you don't provide one, Amazon S3 will assign an ID.", "type": "string" }, "topicARN": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "objectLockEnabledForBucket": { "description": "Specifies whether you want S3 Object Lock to be enabled for the new bucket.\n\nThis functionality is not supported for directory buckets.", "type": "boolean" }, "objectOwnership": { "type": "string" }, "ownershipControls": { "description": "The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter)\nthat you want to apply to this Amazon S3 bucket.", "properties": { "rules": { "items": { "description": "The container element for an ownership control rule.", "properties": { "objectOwnership": { "description": "The container element for object ownership for a bucket's ownership controls.\n\nBucketOwnerPreferred - Objects uploaded to the bucket change ownership to\nthe bucket owner if the objects are uploaded with the bucket-owner-full-control\ncanned ACL.\n\nObjectWriter - The uploading account will own the object if the object is\nuploaded with the bucket-owner-full-control canned ACL.\n\nBucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer\naffect permissions. The bucket owner automatically owns and has full control\nover every object in the bucket. The bucket only accepts PUT requests that\ndon't specify an ACL or specify bucket owner full control ACLs (such as the\npredefined bucket-owner-full-control canned ACL or a custom ACL in XML format\nthat grants the same permissions).\n\nBy default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled.\nWe recommend keeping ACLs disabled, except in uncommon use cases where you\nmust control access for each object individually. For more information about\nS3 Object Ownership, see Controlling ownership of objects and disabling ACLs\nfor your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)\nin the Amazon S3 User Guide.\n\nThis functionality is not supported for directory buckets. Directory buckets\nuse the bucket owner enforced setting for S3 Object Ownership.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "policy": { "description": "The bucket policy as a JSON document.\n\nFor directory buckets, the only IAM action supported in the bucket policy\nis s3express:CreateSession.", "type": "string" }, "publicAccessBlock": { "description": "The PublicAccessBlock configuration that you want to apply to this Amazon\nS3 bucket. You can enable the configuration options in any combination. For\nmore information about when Amazon S3 considers a bucket or object public,\nsee The Meaning of \"Public\" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status)\nin the Amazon S3 User Guide.", "properties": { "blockPublicACLs": { "type": "boolean" }, "blockPublicPolicy": { "type": "boolean" }, "ignorePublicACLs": { "type": "boolean" }, "restrictPublicBuckets": { "type": "boolean" } }, "type": "object", "additionalProperties": false }, "replication": { "description": "A container for replication rules. You can add up to 1,000 rules. The maximum\nsize of a replication configuration is 2 MB.", "properties": { "role": { "type": "string" }, "rules": { "items": { "description": "Specifies which Amazon S3 objects to replicate and where to store the replicas.", "properties": { "deleteMarkerReplication": { "description": "Specifies whether Amazon S3 replicates delete markers. If you specify a Filter\nin your replication configuration, you must also include a DeleteMarkerReplication\nelement. If your Filter includes a Tag element, the DeleteMarkerReplication\nStatus must be set to Disabled, because Amazon S3 does not support replicating\ndelete markers for tag-based rules. For an example configuration, see Basic\nRule Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config).\n\nFor more information about delete marker replication, see Basic Rule Configuration\n(https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html).\n\nIf you are using an earlier version of the replication configuration, Amazon\nS3 handles replication of delete markers differently. For more information,\nsee Backward Compatibility (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).", "properties": { "status": { "type": "string" } }, "type": "object", "additionalProperties": false }, "destination": { "description": "Specifies information about where to publish analysis or configuration results\nfor an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).", "properties": { "accessControlTranslation": { "description": "A container for information about access control for replicas.", "properties": { "owner": { "type": "string" } }, "type": "object", "additionalProperties": false }, "account": { "type": "string" }, "bucket": { "type": "string" }, "encryptionConfiguration": { "description": "Specifies encryption-related information for an Amazon S3 bucket that is\na destination for replicated objects.\n\nIf you're specifying a customer managed KMS key, we recommend using a fully\nqualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves\nthe key within the requester\u2019s account. This behavior can result in data\nthat's encrypted with a KMS key that belongs to the requester, and not the\nbucket owner.", "properties": { "replicaKMSKeyID": { "type": "string" } }, "type": "object", "additionalProperties": false }, "metrics": { "description": "A container specifying replication metrics-related settings enabling replication\nmetrics and events.", "properties": { "eventThreshold": { "description": "A container specifying the time value for S3 Replication Time Control (S3\nRTC) and replication metrics EventThreshold.", "properties": { "minutes": { "format": "int64", "type": "integer" } }, "type": "object", "additionalProperties": false }, "status": { "type": "string" } }, "type": "object", "additionalProperties": false }, "replicationTime": { "description": "A container specifying S3 Replication Time Control (S3 RTC) related information,\nincluding whether S3 RTC is enabled and the time when all objects and operations\non objects must be replicated. Must be specified together with a Metrics\nblock.", "properties": { "status": { "type": "string" }, "time": { "description": "A container specifying the time value for S3 Replication Time Control (S3\nRTC) and replication metrics EventThreshold.", "properties": { "minutes": { "format": "int64", "type": "integer" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "storageClass": { "type": "string" } }, "type": "object", "additionalProperties": false }, "existingObjectReplication": { "description": "Optional configuration to replicate existing source bucket objects.\n\nThis parameter is no longer supported. To replicate existing objects, see\nReplicating existing objects with S3 Batch Replication (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-batch.html)\nin the Amazon S3 User Guide.", "properties": { "status": { "type": "string" } }, "type": "object", "additionalProperties": false }, "filter": { "description": "A filter that identifies the subset of objects to which the replication rule\napplies. A Filter must specify exactly one Prefix, Tag, or an And child element.", "properties": { "and": { "description": "A container for specifying rule filters. The filters determine the subset\nof objects to which the rule applies. This element is required only if you\nspecify more than one filter.\n\nFor example:\n\n * If you specify both a Prefix and a Tag filter, wrap these filters in\n an And tag.\n\n * If you specify a filter based on multiple tags, wrap the Tag elements\n in an And tag.", "properties": { "prefix": { "type": "string" }, "tags": { "items": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "prefix": { "type": "string" }, "tag": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "id": { "type": "string" }, "prefix": { "type": "string" }, "priority": { "format": "int64", "type": "integer" }, "sourceSelectionCriteria": { "description": "A container that describes additional filters for identifying the source\nobjects that you want to replicate. You can choose to enable or disable the\nreplication of these objects. Currently, Amazon S3 supports only the filter\nthat you can specify for objects created with server-side encryption using\na customer managed key stored in Amazon Web Services Key Management Service\n(SSE-KMS).", "properties": { "replicaModifications": { "description": "A filter that you can specify for selection for modifications on replicas.\nAmazon S3 doesn't replicate replica modifications by default. In the latest\nversion of replication configuration (when Filter is specified), you can\nspecify this element and set the status to Enabled to replicate modifications\non replicas.\n\nIf you don't specify the Filter element, Amazon S3 assumes that the replication\nconfiguration is the earlier version, V1. In the earlier version, this element\nis not allowed.", "properties": { "status": { "type": "string" } }, "type": "object", "additionalProperties": false }, "sseKMSEncryptedObjects": { "description": "A container for filter information for the selection of S3 objects encrypted\nwith Amazon Web Services KMS.", "properties": { "status": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "status": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "requestPayment": { "description": "Container for Payer.", "properties": { "payer": { "type": "string" } }, "type": "object", "additionalProperties": false }, "tagging": { "description": "Container for the TagSet and Tag elements.", "properties": { "tagSet": { "items": { "description": "A container of a key value name pair.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "versioning": { "description": "Container for setting the versioning state.", "properties": { "status": { "type": "string" } }, "type": "object", "additionalProperties": false }, "website": { "description": "Container for the request.", "properties": { "errorDocument": { "description": "The error information.", "properties": { "key": { "type": "string" } }, "type": "object", "additionalProperties": false }, "indexDocument": { "description": "Container for the Suffix element.", "properties": { "suffix": { "type": "string" } }, "type": "object", "additionalProperties": false }, "redirectAllRequestsTo": { "description": "Specifies the redirect behavior of all requests to a website endpoint of\nan Amazon S3 bucket.", "properties": { "hostName": { "type": "string" }, "protocol": { "type": "string" } }, "type": "object", "additionalProperties": false }, "routingRules": { "items": { "description": "Specifies the redirect behavior and when a redirect is applied. For more\ninformation about routing rules, see Configuring advanced conditional redirects\n(https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects)\nin the Amazon S3 User Guide.", "properties": { "condition": { "description": "A container for describing a condition that must be met for the specified\nredirect to apply. For example, 1. If request is for pages in the /docs folder,\nredirect to the /documents folder. 2. If request results in HTTP error 4xx,\nredirect request to another host where you might process the error.", "properties": { "httpErrorCodeReturnedEquals": { "type": "string" }, "keyPrefixEquals": { "type": "string" } }, "type": "object", "additionalProperties": false }, "redirect": { "description": "Specifies how requests are redirected. In the event of an error, you can\nspecify a different error code to return.", "properties": { "hostName": { "type": "string" }, "httpRedirectCode": { "type": "string" }, "protocol": { "type": "string" }, "replaceKeyPrefixWith": { "type": "string" }, "replaceKeyWith": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "status": { "description": "BucketStatus defines the observed state of Bucket", "properties": { "ackResourceMetadata": { "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource", "properties": { "arn": { "description": "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270", "type": "string" }, "ownerAccountID": { "description": "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource.", "type": "string" }, "region": { "description": "Region is the AWS region in which the resource exists or will exist.", "type": "string" } }, "required": [ "ownerAccountID", "region" ], "type": "object", "additionalProperties": false }, "conditions": { "description": "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource", "items": { "description": "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource", "properties": { "lastTransitionTime": { "description": "Last time the condition transitioned from one status to another.", "format": "date-time", "type": "string" }, "message": { "description": "A human readable message indicating details about the transition.", "type": "string" }, "reason": { "description": "The reason for the condition's last transition.", "type": "string" }, "status": { "description": "Status of the condition, one of True, False, Unknown.", "type": "string" }, "type": { "description": "Type is the type of the Condition", "type": "string" } }, "required": [ "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array" }, "location": { "description": "A forward slash followed by the name of the bucket.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object" }