--- layout: "aws" page_title: "AWS: aws_s3_bucket" sidebar_current: "docs-aws-resource-s3-bucket" description: |- Provides a S3 bucket resource. --- # aws\_s3\_bucket Provides a S3 bucket resource. ## Example Usage ### Private Bucket w/ Tags ``` resource "aws_s3_bucket" "b" { bucket = "my_tf_test_bucket" acl = "private" tags { Name = "My bucket" Environment = "Dev" } } ``` ### Static Website Hosting ``` resource "aws_s3_bucket" "b" { bucket = "s3-website-test.hashicorp.com" acl = "public-read" policy = "${file("policy.json")}" website { index_document = "index.html" error_document = "error.html" routing_rules = < **NOTE:** You cannot use `acceleration_status` in `cn-north-1` or `us-gov-west-1` The `website` object supports the following: * `index_document` - (Required, unless using `redirect_all_requests_to`) Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders. * `error_document` - (Optional) An absolute path to the document to return in case of a 4XX error. * `redirect_all_requests_to` - (Optional) A hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (`http://` or `https://`) to use when redirecting requests. The default is the protocol that is used in the original request. * `routing_rules` - (Optional) A json array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html) describing redirect behavior and when redirects are applied. The `CORS` object supports the following: * `allowed_headers` (Optional) Specifies which headers are allowed. * `allowed_methods` (Required) Specifies which methods are allowed. Can be `GET`, `PUT`, `POST`, `DELETE` or `HEAD`. * `allowed_origins` (Required) Specifies which origins are allowed. * `expose_headers` (Optional) Specifies expose header in the response. * `max_age_seconds` (Optional) Specifies time in seconds that browser can cache the response for a preflight request. The `versioning` object supports the following: * `enabled` - (Optional) Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket. The `logging` object supports the following: * `target_bucket` - (Required) The name of the bucket that will receive the log objects. * `target_prefix` - (Optional) To specify a key prefix for log objects. The 'lifecycle_rule' object supports the following: * `id` - (Optional) Unique identifier for the rule. * `prefix` - (Required) Object key prefix identifying one or more objects to which the rule applies. * `enabled` - (Required) Specifies lifecycle rule status. * `abort_incomplete_multipart_upload_days` (Optional) Specifies the number of days after initiating a multipart upload when the multipart upload must be completed. * `expiration` - (Optional) Specifies a period in the object's expire (documented below). * `transition` - (Optional) Specifies a period in the object's transitions (documented below). * `noncurrent_version_expiration` - (Optional) Specifies when noncurrent object versions expire (documented below). * `noncurrent_version_transition` - (Optional) Specifies when noncurrent object versions transitions (documented below). At least one of `expiration`, `transition`, `noncurrent_version_expiration`, `noncurrent_version_transition` must be specified. The `expiration` object supports the following * `date` (Optional) Specifies the date after which you want the corresponding action to take effect. * `days` (Optional) Specifies the number of days after object creation when the specific rule action takes effect. * `expired_object_delete_marker` (Optional) On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. The `transition` object supports the following * `date` (Optional) Specifies the date after which you want the corresponding action to take effect. * `days` (Optional) Specifies the number of days after object creation when the specific rule action takes effect. * `storage_class` (Required) Specifies the Amazon S3 storage class to which you want the object to transition. Can be `STANDARD_IA` or `GLACIER`. The `noncurrent_version_expiration` object supports the following * `days` (Required) Specifies the number of days an object is noncurrent object versions expire. The `noncurrent_version_transition` object supports the following * `days` (Required) Specifies the number of days an object is noncurrent object versions expire. * `storage_class` (Required) Specifies the Amazon S3 storage class to which you want the noncurrent versions object to transition. Can be `STANDARD_IA` or `GLACIER`. The `replication_configuration` object supports the following: * `role` - (Required) The ARN of the IAM role for Amazon S3 to assume when replicating the objects. * `rules` - (Required) Specifies the rules managing the replication (documented below). The `rules` object supports the following: * `id` - (Optional) Unique identifier for the rule. * `destination` - (Required) Specifies the destination for the rule (documented below). * `prefix` - (Required) Object keyname prefix identifying one or more objects to which the rule applies. Set as an empty string to replicate the whole bucket. * `status` - (Required) The status of the rule. Either `Enabled` or `Disabled`. The rule is ignored if status is not Enabled. The `destination` object supports the following: * `bucket` - (Required) The ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule. * `storage_class` - (Optional) The class of storage used to store the object. ## Attributes Reference The following attributes are exported: * `id` - The name of the bucket. * `arn` - The ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`. * `hosted_zone_id` - The [Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region. * `region` - The AWS region this bucket resides in. * `website_endpoint` - The website endpoint, if the bucket is configured with a website. If not, this will be an empty string. * `website_domain` - The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. ## Import S3 bucket can be imported using the `bucket`, e.g. ``` $ terraform import aws_s3_bucket.bucket bucket-name ```