S3Control / Client / put_bucket_replication

put_bucket_replication#

S3Control.Client.put_bucket_replication(**kwargs)#

Note

This action creates an Amazon S3 on Outposts bucket’s replication configuration. To create an S3 bucket’s replication configuration, see PutBucketReplication in the Amazon S3 API Reference.

Creates a replication configuration or replaces an existing one. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide.

Note

It can take a while to propagate PUT or DELETE requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that’s returned by a GET request soon after a PUT or DELETE request might return a more recent result than what’s on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.

Specify the replication configuration in the request body. In the replication configuration, you provide the following information:

  • The name of the destination bucket or buckets where you want S3 on Outposts to replicate objects

  • The Identity and Access Management (IAM) role that S3 on Outposts can assume to replicate objects on your behalf

  • Other relevant information, such as replication rules

A replication configuration must include at least one rule and can contain a maximum of 100. Each rule identifies a subset of objects to replicate by filtering the objects in the source Outposts bucket. To choose additional subsets of objects to replicate, add a rule for each subset.

To specify a subset of the objects in the source Outposts bucket to apply a replication rule to, add the Filter element as a child of the Rule element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add the Filter element in the configuration, you must also add the following elements: DeleteMarkerReplication, Status, and Priority.

Using PutBucketReplication on Outposts requires that both the source and destination buckets must have versioning enabled. For information about enabling versioning on a bucket, see Managing S3 Versioning for your S3 on Outposts bucket.

For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide.

Handling Replication of Encrypted Objects

Outposts buckets are encrypted at all times. All the objects in the source Outposts bucket are encrypted and can be replicated. Also, all the replicas in the destination Outposts bucket are encrypted with the same encryption key as the objects in the source Outposts bucket.

Permissions

To create a PutBucketReplication request, you must have s3-outposts:PutReplicationConfiguration permissions for the bucket. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts buckets.

Note

To perform this operation, the user or role must also have the iam:CreateRole and iam:PassRole permissions. For more information, see Granting a user permissions to pass a role to an Amazon Web Services service.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following operations are related to PutBucketReplication:

See also: AWS API Documentation

Request Syntax

response = client.put_bucket_replication(
    AccountId='string',
    Bucket='string',
    ReplicationConfiguration={
        'Role': 'string',
        'Rules': [
            {
                'ID': 'string',
                'Priority': 123,
                'Prefix': 'string',
                'Filter': {
                    'Prefix': 'string',
                    'Tag': {
                        'Key': 'string',
                        'Value': 'string'
                    },
                    'And': {
                        'Prefix': 'string',
                        'Tags': [
                            {
                                'Key': 'string',
                                'Value': 'string'
                            },
                        ]
                    }
                },
                'Status': 'Enabled'|'Disabled',
                'SourceSelectionCriteria': {
                    'SseKmsEncryptedObjects': {
                        'Status': 'Enabled'|'Disabled'
                    },
                    'ReplicaModifications': {
                        'Status': 'Enabled'|'Disabled'
                    }
                },
                'ExistingObjectReplication': {
                    'Status': 'Enabled'|'Disabled'
                },
                'Destination': {
                    'Account': 'string',
                    'Bucket': 'string',
                    'ReplicationTime': {
                        'Status': 'Enabled'|'Disabled',
                        'Time': {
                            'Minutes': 123
                        }
                    },
                    'AccessControlTranslation': {
                        'Owner': 'Destination'
                    },
                    'EncryptionConfiguration': {
                        'ReplicaKmsKeyID': 'string'
                    },
                    'Metrics': {
                        'Status': 'Enabled'|'Disabled',
                        'EventThreshold': {
                            'Minutes': 123
                        }
                    },
                    'StorageClass': 'STANDARD'|'REDUCED_REDUNDANCY'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'GLACIER'|'DEEP_ARCHIVE'|'OUTPOSTS'|'GLACIER_IR'
                },
                'DeleteMarkerReplication': {
                    'Status': 'Enabled'|'Disabled'
                },
                'Bucket': 'string'
            },
        ]
    }
)
Parameters:
  • AccountId (string) –

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) –

    [REQUIRED]

    Specifies the S3 on Outposts bucket to set the configuration for.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.

  • ReplicationConfiguration (dict) –

    [REQUIRED]

    • Role (string) – [REQUIRED]

      The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that S3 on Outposts assumes when replicating objects. For information about S3 replication on Outposts configuration, see Setting up replication in the Amazon S3 User Guide.

    • Rules (list) – [REQUIRED]

      A container for one or more replication rules. A replication configuration must have at least one rule and can contain an array of 100 rules at the most.

      • (dict) –

        Specifies which S3 on Outposts objects to replicate and where to store the replicas.

        • ID (string) –

          A unique identifier for the rule. The maximum value is 255 characters.

        • Priority (integer) –

          The priority indicates which rule has precedence whenever two or more replication rules conflict. S3 on Outposts attempts to replicate objects according to all replication rules. However, if there are two or more rules with the same destination Outposts bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.

          For more information, see Creating replication rules on Outposts in the Amazon S3 User Guide.

        • Prefix (string) –

          An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in an Outposts bucket, specify an empty string.

          Warning

          When you’re using XML requests, you must replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. For more information, see XML-related object key constraints in the Amazon S3 User Guide.

        • Filter (dict) –

          A filter that identifies the subset of objects to which the replication rule applies. A Filter element must specify exactly one Prefix, Tag, or And child element.

          • Prefix (string) –

            An object key name prefix that identifies the subset of objects that the rule applies to.

            Warning

            When you’re using XML requests, you must replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. For more information, see XML-related object key constraints in the Amazon S3 User Guide.

          • Tag (dict) –

            A container for a key-value name pair.

            • Key (string) – [REQUIRED]

              Key of the tag

            • Value (string) – [REQUIRED]

              Value of the tag

          • And (dict) –

            A container for specifying rule filters. The filters determine the subset of objects that the rule applies to. This element is required only if you specify more than one filter. For example:

            • If you specify both a Prefix and a Tag filter, wrap these filters in an And element.

            • If you specify a filter based on multiple tags, wrap the Tag elements in an And element.

            • Prefix (string) –

              An object key name prefix that identifies the subset of objects that the rule applies to.

            • Tags (list) –

              An array of tags that contain key and value pairs.

              • (dict) –

                A container for a key-value name pair.

                • Key (string) – [REQUIRED]

                  Key of the tag

                • Value (string) – [REQUIRED]

                  Value of the tag

        • Status (string) – [REQUIRED]

          Specifies whether the rule is enabled.

        • SourceSelectionCriteria (dict) –

          A container that describes additional filters for identifying the source Outposts objects that you want to replicate. You can choose to enable or disable the replication of these objects.

          • SseKmsEncryptedObjects (dict) –

            A filter that you can use to select Amazon S3 objects that are encrypted with server-side encryption by using Key Management Service (KMS) keys. If you include SourceSelectionCriteria in the replication configuration, this element is required.

            Note

            This is not supported by Amazon S3 on Outposts buckets.

            • Status (string) – [REQUIRED]

              Specifies whether Amazon S3 replicates objects that are created with server-side encryption by using an KMS key stored in Key Management Service.

          • ReplicaModifications (dict) –

            A filter that you can use to specify whether replica modification sync is enabled. S3 on Outposts replica modification sync can help you keep object metadata synchronized between replicas and source objects. By default, S3 on Outposts replicates metadata from the source objects to the replicas only. When replica modification sync is enabled, S3 on Outposts replicates metadata changes made to the replica copies back to the source object, making the replication bidirectional.

            To replicate object metadata modifications on replicas, you can specify this element and set the Status of this element to Enabled.

            Note

            You must enable replica modification sync on the source and destination buckets to replicate replica metadata changes between the source and the replicas.

            • Status (string) – [REQUIRED]

              Specifies whether S3 on Outposts replicates modifications to object metadata on replicas.

        • ExistingObjectReplication (dict) –

          An optional configuration to replicate existing source bucket objects.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • Status (string) – [REQUIRED]

            Specifies whether Amazon S3 replicates existing source bucket objects.

        • Destination (dict) – [REQUIRED]

          A container for information about the replication destination and its configurations.

          • Account (string) –

            The destination bucket owner’s account ID.

          • Bucket (string) – [REQUIRED]

            The Amazon Resource Name (ARN) of the access point for the destination bucket where you want S3 on Outposts to store the replication results.

          • ReplicationTime (dict) –

            A container that specifies S3 Replication Time Control (S3 RTC) settings, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.

            Note

            This is not supported by Amazon S3 on Outposts buckets.

            • Status (string) – [REQUIRED]

              Specifies whether S3 Replication Time Control (S3 RTC) is enabled.

            • Time (dict) – [REQUIRED]

              A container that specifies the time by which replication should be complete for all objects and operations on objects.

              • Minutes (integer) –

                Contains an integer that specifies the time period in minutes.

                Valid value: 15

          • AccessControlTranslation (dict) –

            Specify this property only in a cross-account scenario (where the source and destination bucket owners are not the same), and you want to change replica ownership to the Amazon Web Services account that owns the destination bucket. If this property is not specified in the replication configuration, the replicas are owned by same Amazon Web Services account that owns the source object.

            Note

            This is not supported by Amazon S3 on Outposts buckets.

            • Owner (string) – [REQUIRED]

              Specifies the replica ownership.

          • EncryptionConfiguration (dict) –

            A container that provides information about encryption. If SourceSelectionCriteria is specified, you must specify this element.

            Note

            This is not supported by Amazon S3 on Outposts buckets.

            • ReplicaKmsKeyID (string) –

              Specifies the ID of the customer managed KMS key that’s stored in Key Management Service (KMS) for the destination bucket. This ID is either the Amazon Resource Name (ARN) for the KMS key or the alias ARN for the KMS key. Amazon S3 uses this KMS key to encrypt replica objects. Amazon S3 supports only symmetric encryption KMS keys. For more information, see Symmetric encryption KMS keys in the Amazon Web Services Key Management Service Developer Guide.

          • Metrics (dict) –

            A container that specifies replication metrics-related settings.

            • Status (string) – [REQUIRED]

              Specifies whether replication metrics are enabled.

            • EventThreshold (dict) –

              A container that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event.

              Note

              This is not supported by Amazon S3 on Outposts buckets.

              • Minutes (integer) –

                Contains an integer that specifies the time period in minutes.

                Valid value: 15

          • StorageClass (string) –

            The storage class to use when replicating objects. All objects stored on S3 on Outposts are stored in the OUTPOSTS storage class. S3 on Outposts uses the OUTPOSTS storage class to create the object replicas.

            Note

            Values other than OUTPOSTS are not supported by Amazon S3 on Outposts.

        • DeleteMarkerReplication (dict) –

          Specifies whether S3 on Outposts replicates delete markers. If you specify a Filter element in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication element’s Status child element must be set to Disabled, because S3 on Outposts doesn’t support replicating delete markers for tag-based rules.

          For more information about delete marker replication, see How delete operations affect replication in the Amazon S3 User Guide.

          • Status (string) – [REQUIRED]

            Indicates whether to replicate delete markers.

        • Bucket (string) – [REQUIRED]

          The Amazon Resource Name (ARN) of the access point for the source Outposts bucket that you want S3 on Outposts to replicate the objects from.

Returns:

None