2014-07-23 22:38:12 +02:00
---
layout: "aws"
page_title: "AWS: aws_s3_bucket"
sidebar_current: "docs-aws-resource-s3-bucket"
2014-10-22 05:21:56 +02:00
description: |-
Provides a S3 bucket resource.
2014-07-23 22:38:12 +02:00
---
# aws\_s3\_bucket
Provides a S3 bucket resource.
## Example Usage
2015-05-01 15:48:08 +02:00
### Private Bucket w/ Tags
2014-07-23 22:38:12 +02:00
```
resource "aws_s3_bucket" "b" {
bucket = "my_tf_test_bucket"
acl = "private"
2015-04-23 14:25:13 +02:00
tags {
Name = "My bucket"
Environment = "Dev"
}
2014-07-23 22:38:12 +02:00
}
```
2015-05-01 15:48:08 +02:00
### Static Website Hosting
```
resource "aws_s3_bucket" "b" {
bucket = "s3-website-test.hashicorp.com"
acl = "public-read"
2015-06-06 01:20:23 +02:00
policy = "${file("policy.json")}"
2015-05-01 15:48:08 +02:00
website {
index_document = "index.html"
error_document = "error.html"
}
}
```
2015-10-01 18:49:32 +02:00
### Using CORS
```
resource "aws_s3_bucket" "b" {
bucket = "s3-website-test.hashicorp.com"
acl = "public-read"
cors_rule {
allowed_headers = ["*"]
allowed_methods = ["PUT","POST"]
allowed_origins = ["https://s3-website-test.hashicorp.com"]
expose_headers = ["ETag"]
max_age_seconds = 3000
}
}
```
2015-09-06 04:25:24 +02:00
### Using versioning
```
resource "aws_s3_bucket" "b" {
bucket = "my_tf_test_bucket"
acl = "private"
versioning {
enabled = true
}
}
```
2016-01-02 04:45:40 +01:00
### Enable Logging
```
resource "aws_s3_bucket" "log_bucket" {
bucket = "my_tf_log_bucket"
acl = "log-delivery-write"
}
resource "aws_s3_bucket" "b" {
bucket = "my_tf_test_bucket"
acl = "private"
logging {
target_bucket = "${aws_s3_bucket.log_bucket.id}"
target_prefix = "log/"
}
}
```
2014-07-23 22:38:12 +02:00
## Argument Reference
The following arguments are supported:
* `bucket` - (Required) The name of the bucket.
2015-04-25 13:35:53 +02:00
* `acl` - (Optional) The [canned ACL ](http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl ) to apply. Defaults to "private".
2015-06-29 07:42:13 +02:00
* `policy` - (Optional) A valid [bucket policy ](http://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html ) JSON document. Note that if the policy document is not specific enough (but still valid), Terraform may view the policy as constantly changing in a `terraform plan` . In this case, please make sure you use the verbose/specific version of the policy.
2015-04-23 14:25:13 +02:00
* `tags` - (Optional) A mapping of tags to assign to the bucket.
2015-05-21 01:26:44 +02:00
* `force_destroy` - (Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are *not* recoverable.
2015-05-01 15:48:08 +02:00
* `website` - (Optional) A website object (documented below).
2015-10-01 18:49:32 +02:00
* `cors_rule` - (Optional) A rule of [Cross-Origin Resource Sharing ](http://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html ) (documented below).
2015-09-06 04:25:24 +02:00
* `versioning` - (Optional) A state of [versioning ](http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html ) (documented below)
2016-01-02 04:45:40 +01:00
* `logging` - (Optional) A settings of [bucket logging ](http://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html ) (documented below).
2015-05-01 15:48:08 +02:00
2016-01-09 19:06:24 +01:00
The `website` object supports the following:
2015-05-01 15:48:08 +02:00
2015-05-11 16:53:33 +02:00
* `index_document` - (Required, unless using `redirect_all_requests_to` ) Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
2015-05-01 15:48:08 +02:00
* `error_document` - (Optional) An absolute path to the document to return in case of a 4XX error.
2015-05-11 16:53:33 +02:00
* `redirect_all_requests_to` - (Optional) A hostname to redirect all website requests for this bucket to.
2014-07-23 22:38:12 +02:00
2016-01-09 19:06:24 +01:00
The `CORS` object supports the following:
2015-10-01 18:49:32 +02:00
* `allowed_headers` (Optional) Specifies which headers are allowed.
* `allowed_methods` (Required) Specifies which methods are allowed. Can be `GET` , `PUT` , `POST` , `DELETE` or `HEAD` .
* `allowed_origins` (Required) Specifies which origins are allowed.
* `expose_headers` (Optional) Specifies expose header in the response.
* `max_age_seconds` (Optional) Specifies time in seconds that browser can cache the response for a preflight request.
2016-01-09 19:06:24 +01:00
The `versioning` object supports the following:
2015-09-06 04:25:24 +02:00
* `enabled` - (Optional) Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
2016-01-09 19:06:24 +01:00
The `logging` object supports the following:
2016-01-02 04:45:40 +01:00
* `target_bucket` - (Required) The name of the bucket that will receive the log objects.
* `target_prefix` - (Optional) To specify a key prefix for log objects.
2014-07-23 22:38:12 +02:00
## Attributes Reference
The following attributes are exported:
2015-05-01 15:48:08 +02:00
* `id` - The name of the bucket.
2015-10-29 14:33:35 +01:00
* `arn` - The ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`
2015-05-07 18:00:39 +02:00
* `hosted_zone_id` - The [Route 53 Hosted Zone ID ](http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints ) for this bucket's region.
2015-05-07 18:09:19 +02:00
* `region` - The AWS region this bucket resides in.
2015-05-01 15:48:08 +02:00
* `website_endpoint` - The website endpoint, if the bucket is configured with a website. If not, this will be an empty string.
2015-06-03 17:10:17 +02:00
* `website_domain` - The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.