S3Control / Client / put_bucket_replication
put_bucket_replication#
- S3Control.Client.put_bucket_replication(**kwargs)#
Note
This action creates an Amazon S3 on Outposts bucket’s replication configuration. To create an S3 bucket’s replication configuration, see PutBucketReplication in the Amazon S3 API Reference.
Creates a replication configuration or replaces an existing one. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide.
Note
It can take a while to propagate
PUT
orDELETE
requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that’s returned by aGET
request soon after aPUT
orDELETE
request might return a more recent result than what’s on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.Specify the replication configuration in the request body. In the replication configuration, you provide the following information:
The name of the destination bucket or buckets where you want S3 on Outposts to replicate objects
The Identity and Access Management (IAM) role that S3 on Outposts can assume to replicate objects on your behalf
Other relevant information, such as replication rules
A replication configuration must include at least one rule and can contain a maximum of 100. Each rule identifies a subset of objects to replicate by filtering the objects in the source Outposts bucket. To choose additional subsets of objects to replicate, add a rule for each subset.
To specify a subset of the objects in the source Outposts bucket to apply a replication rule to, add the
Filter
element as a child of theRule
element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add theFilter
element in the configuration, you must also add the following elements:DeleteMarkerReplication
,Status
, andPriority
.Using
PutBucketReplication
on Outposts requires that both the source and destination buckets must have versioning enabled. For information about enabling versioning on a bucket, see Managing S3 Versioning for your S3 on Outposts bucket.For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide.
Handling Replication of Encrypted Objects
Outposts buckets are encrypted at all times. All the objects in the source Outposts bucket are encrypted and can be replicated. Also, all the replicas in the destination Outposts bucket are encrypted with the same encryption key as the objects in the source Outposts bucket.
Permissions
To create a
PutBucketReplication
request, you must haves3-outposts:PutReplicationConfiguration
permissions for the bucket. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts buckets.Note
To perform this operation, the user or role must also have the
iam:CreateRole
andiam:PassRole
permissions. For more information, see Granting a user permissions to pass a role to an Amazon Web Services service.All Amazon S3 on Outposts REST API requests for this action require an additional parameter of
x-amz-outpost-id
to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead ofs3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and thex-amz-outpost-id
derived by using the access point ARN, see the Examples section.The following operations are related to
PutBucketReplication
:See also: AWS API Documentation
Request Syntax
response = client.put_bucket_replication( AccountId='string', Bucket='string', ReplicationConfiguration={ 'Role': 'string', 'Rules': [ { 'ID': 'string', 'Priority': 123, 'Prefix': 'string', 'Filter': { 'Prefix': 'string', 'Tag': { 'Key': 'string', 'Value': 'string' }, 'And': { 'Prefix': 'string', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] } }, 'Status': 'Enabled'|'Disabled', 'SourceSelectionCriteria': { 'SseKmsEncryptedObjects': { 'Status': 'Enabled'|'Disabled' }, 'ReplicaModifications': { 'Status': 'Enabled'|'Disabled' } }, 'ExistingObjectReplication': { 'Status': 'Enabled'|'Disabled' }, 'Destination': { 'Account': 'string', 'Bucket': 'string', 'ReplicationTime': { 'Status': 'Enabled'|'Disabled', 'Time': { 'Minutes': 123 } }, 'AccessControlTranslation': { 'Owner': 'Destination' }, 'EncryptionConfiguration': { 'ReplicaKmsKeyID': 'string' }, 'Metrics': { 'Status': 'Enabled'|'Disabled', 'EventThreshold': { 'Minutes': 123 } }, 'StorageClass': 'STANDARD'|'REDUCED_REDUNDANCY'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'GLACIER'|'DEEP_ARCHIVE'|'OUTPOSTS'|'GLACIER_IR' }, 'DeleteMarkerReplication': { 'Status': 'Enabled'|'Disabled' }, 'Bucket': 'string' }, ] } )
- Parameters:
AccountId (string) –
[REQUIRED]
The Amazon Web Services account ID of the Outposts bucket.
Bucket (string) –
[REQUIRED]
Specifies the S3 on Outposts bucket to set the configuration for.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format
arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucketreports
through Outpostmy-outpost
owned by account123456789012
in Regionus-west-2
, use the URL encoding ofarn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.ReplicationConfiguration (dict) –
[REQUIRED]
Role (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that S3 on Outposts assumes when replicating objects. For information about S3 replication on Outposts configuration, see Setting up replication in the Amazon S3 User Guide.
Rules (list) – [REQUIRED]
A container for one or more replication rules. A replication configuration must have at least one rule and can contain an array of 100 rules at the most.
(dict) –
Specifies which S3 on Outposts objects to replicate and where to store the replicas.
ID (string) –
A unique identifier for the rule. The maximum value is 255 characters.
Priority (integer) –
The priority indicates which rule has precedence whenever two or more replication rules conflict. S3 on Outposts attempts to replicate objects according to all replication rules. However, if there are two or more rules with the same destination Outposts bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.
For more information, see Creating replication rules on Outposts in the Amazon S3 User Guide.
Prefix (string) –
An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in an Outposts bucket, specify an empty string.
Warning
When you’re using XML requests, you must replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. For more information, see XML-related object key constraints in the Amazon S3 User Guide.
Filter (dict) –
A filter that identifies the subset of objects to which the replication rule applies. A
Filter
element must specify exactly onePrefix
,Tag
, orAnd
child element.Prefix (string) –
An object key name prefix that identifies the subset of objects that the rule applies to.
Warning
When you’re using XML requests, you must replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. For more information, see XML-related object key constraints in the Amazon S3 User Guide.
Tag (dict) –
A container for a key-value name pair.
Key (string) – [REQUIRED]
Key of the tag
Value (string) – [REQUIRED]
Value of the tag
And (dict) –
A container for specifying rule filters. The filters determine the subset of objects that the rule applies to. This element is required only if you specify more than one filter. For example:
If you specify both a
Prefix
and aTag
filter, wrap these filters in anAnd
element.If you specify a filter based on multiple tags, wrap the
Tag
elements in anAnd
element.
Prefix (string) –
An object key name prefix that identifies the subset of objects that the rule applies to.
Tags (list) –
An array of tags that contain key and value pairs.
(dict) –
A container for a key-value name pair.
Key (string) – [REQUIRED]
Key of the tag
Value (string) – [REQUIRED]
Value of the tag
Status (string) – [REQUIRED]
Specifies whether the rule is enabled.
SourceSelectionCriteria (dict) –
A container that describes additional filters for identifying the source Outposts objects that you want to replicate. You can choose to enable or disable the replication of these objects.
SseKmsEncryptedObjects (dict) –
A filter that you can use to select Amazon S3 objects that are encrypted with server-side encryption by using Key Management Service (KMS) keys. If you include
SourceSelectionCriteria
in the replication configuration, this element is required.Note
This is not supported by Amazon S3 on Outposts buckets.
Status (string) – [REQUIRED]
Specifies whether Amazon S3 replicates objects that are created with server-side encryption by using an KMS key stored in Key Management Service.
ReplicaModifications (dict) –
A filter that you can use to specify whether replica modification sync is enabled. S3 on Outposts replica modification sync can help you keep object metadata synchronized between replicas and source objects. By default, S3 on Outposts replicates metadata from the source objects to the replicas only. When replica modification sync is enabled, S3 on Outposts replicates metadata changes made to the replica copies back to the source object, making the replication bidirectional.
To replicate object metadata modifications on replicas, you can specify this element and set the
Status
of this element toEnabled
.Note
You must enable replica modification sync on the source and destination buckets to replicate replica metadata changes between the source and the replicas.
Status (string) – [REQUIRED]
Specifies whether S3 on Outposts replicates modifications to object metadata on replicas.
ExistingObjectReplication (dict) –
An optional configuration to replicate existing source bucket objects.
Note
This is not supported by Amazon S3 on Outposts buckets.
Status (string) – [REQUIRED]
Specifies whether Amazon S3 replicates existing source bucket objects.
Destination (dict) – [REQUIRED]
A container for information about the replication destination and its configurations.
Account (string) –
The destination bucket owner’s account ID.
Bucket (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the access point for the destination bucket where you want S3 on Outposts to store the replication results.
ReplicationTime (dict) –
A container that specifies S3 Replication Time Control (S3 RTC) settings, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a
Metrics
block.Note
This is not supported by Amazon S3 on Outposts buckets.
Status (string) – [REQUIRED]
Specifies whether S3 Replication Time Control (S3 RTC) is enabled.
Time (dict) – [REQUIRED]
A container that specifies the time by which replication should be complete for all objects and operations on objects.
Minutes (integer) –
Contains an integer that specifies the time period in minutes.
Valid value: 15
AccessControlTranslation (dict) –
Specify this property only in a cross-account scenario (where the source and destination bucket owners are not the same), and you want to change replica ownership to the Amazon Web Services account that owns the destination bucket. If this property is not specified in the replication configuration, the replicas are owned by same Amazon Web Services account that owns the source object.
Note
This is not supported by Amazon S3 on Outposts buckets.
Owner (string) – [REQUIRED]
Specifies the replica ownership.
EncryptionConfiguration (dict) –
A container that provides information about encryption. If
SourceSelectionCriteria
is specified, you must specify this element.Note
This is not supported by Amazon S3 on Outposts buckets.
ReplicaKmsKeyID (string) –
Specifies the ID of the customer managed KMS key that’s stored in Key Management Service (KMS) for the destination bucket. This ID is either the Amazon Resource Name (ARN) for the KMS key or the alias ARN for the KMS key. Amazon S3 uses this KMS key to encrypt replica objects. Amazon S3 supports only symmetric encryption KMS keys. For more information, see Symmetric encryption KMS keys in the Amazon Web Services Key Management Service Developer Guide.
Metrics (dict) –
A container that specifies replication metrics-related settings.
Status (string) – [REQUIRED]
Specifies whether replication metrics are enabled.
EventThreshold (dict) –
A container that specifies the time threshold for emitting the
s3:Replication:OperationMissedThreshold
event.Note
This is not supported by Amazon S3 on Outposts buckets.
Minutes (integer) –
Contains an integer that specifies the time period in minutes.
Valid value: 15
StorageClass (string) –
The storage class to use when replicating objects. All objects stored on S3 on Outposts are stored in the
OUTPOSTS
storage class. S3 on Outposts uses theOUTPOSTS
storage class to create the object replicas.Note
Values other than
OUTPOSTS
are not supported by Amazon S3 on Outposts.
DeleteMarkerReplication (dict) –
Specifies whether S3 on Outposts replicates delete markers. If you specify a
Filter
element in your replication configuration, you must also include aDeleteMarkerReplication
element. If yourFilter
includes aTag
element, theDeleteMarkerReplication
element’sStatus
child element must be set toDisabled
, because S3 on Outposts doesn’t support replicating delete markers for tag-based rules.For more information about delete marker replication, see How delete operations affect replication in the Amazon S3 User Guide.
Status (string) – [REQUIRED]
Indicates whether to replicate delete markers.
Bucket (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the access point for the source Outposts bucket that you want S3 on Outposts to replicate the objects from.
- Returns:
None