Skip to content

Put Bucket Replication

s3_put_bucket_replication R Documentation

This operation is not supported by directory buckets

Description

This operation is not supported by directory buckets.

Creates a replication configuration or replaces an existing one. For more information, see Replication in the Amazon S3 User Guide.

Specify the replication configuration in the request body. In the replication configuration, you provide the name of the destination bucket or buckets where you want Amazon S3 to replicate objects, the IAM role that Amazon S3 can assume to replicate objects on your behalf, and other relevant information. You can invoke this request for a specific Amazon Web Services Region by using the aws:RequestedRegion condition key.

A replication configuration must include at least one rule, and can contain a maximum of 1,000. Each rule identifies a subset of objects to replicate by filtering the objects in the source bucket. To choose additional subsets of objects to replicate, add a rule for each subset.

To specify a subset of the objects in the source bucket to apply a replication rule to, add the Filter element as a child of the Rule element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add the Filter element in the configuration, you must also add the following elements: DeleteMarkerReplication, Status, and Priority.

If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility.

For information about enabling versioning on a bucket, see Using Versioning.

Handling Replication of Encrypted Objects

By default, Amazon S3 doesn't replicate objects that are stored at rest using server-side encryption with KMS keys. To replicate Amazon Web Services KMS-encrypted objects, add the following: SourceSelectionCriteria, SseKmsEncryptedObjects, Status, EncryptionConfiguration, and ReplicaKmsKeyID. For information about replication configuration, see Replicating Objects Created with SSE Using KMS keys.

For information on put_bucket_replication errors, see List of replication-related error codes

Permissions

To create a put_bucket_replication request, you must have s3:PutReplicationConfiguration permissions for the bucket.

By default, a resource owner, in this case the Amazon Web Services account that created the bucket, can perform this operation. The resource owner can also grant others permissions to perform the operation. For more information about permissions, see Specifying Permissions in a Policy and Managing Access Permissions to Your Amazon S3 Resources.

To perform this operation, the user or role performing the action must have the iam:PassRole permission.

The following operations are related to put_bucket_replication:

  • get_bucket_replication

  • delete_bucket_replication

Usage

s3_put_bucket_replication(Bucket, ContentMD5, ChecksumAlgorithm,
  ReplicationConfiguration, Token, ExpectedBucketOwner)

Arguments

Bucket

[required] The name of the bucket

ContentMD5

The base64-encoded 128-bit MD5 digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit. For more information, see RFC 1864.

For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.

ChecksumAlgorithm

Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code ⁠400 Bad Request⁠. For more information, see Checking object integrity in the Amazon S3 User Guide.

If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm parameter.

ReplicationConfiguration

[required]

Token

A token to allow Object Lock to be enabled for an existing bucket.

ExpectedBucketOwner

The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code ⁠403 Forbidden⁠ (access denied).

Value

An empty list.

Request syntax

svc$put_bucket_replication(
  Bucket = "string",
  ContentMD5 = "string",
  ChecksumAlgorithm = "CRC32"|"CRC32C"|"SHA1"|"SHA256",
  ReplicationConfiguration = list(
    Role = "string",
    Rules = list(
      list(
        ID = "string",
        Priority = 123,
        Prefix = "string",
        Filter = list(
          Prefix = "string",
          Tag = list(
            Key = "string",
            Value = "string"
          ),
          And = list(
            Prefix = "string",
            Tags = list(
              list(
                Key = "string",
                Value = "string"
              )
            )
          )
        ),
        Status = "Enabled"|"Disabled",
        SourceSelectionCriteria = list(
          SseKmsEncryptedObjects = list(
            Status = "Enabled"|"Disabled"
          ),
          ReplicaModifications = list(
            Status = "Enabled"|"Disabled"
          )
        ),
        ExistingObjectReplication = list(
          Status = "Enabled"|"Disabled"
        ),
        Destination = list(
          Bucket = "string",
          Account = "string",
          StorageClass = "STANDARD"|"REDUCED_REDUNDANCY"|"STANDARD_IA"|"ONEZONE_IA"|"INTELLIGENT_TIERING"|"GLACIER"|"DEEP_ARCHIVE"|"OUTPOSTS"|"GLACIER_IR"|"SNOW"|"EXPRESS_ONEZONE",
          AccessControlTranslation = list(
            Owner = "Destination"
          ),
          EncryptionConfiguration = list(
            ReplicaKmsKeyID = "string"
          ),
          ReplicationTime = list(
            Status = "Enabled"|"Disabled",
            Time = list(
              Minutes = 123
            )
          ),
          Metrics = list(
            Status = "Enabled"|"Disabled",
            EventThreshold = list(
              Minutes = 123
            )
          )
        ),
        DeleteMarkerReplication = list(
          Status = "Enabled"|"Disabled"
        )
      )
    )
  ),
  Token = "string",
  ExpectedBucketOwner = "string"
)

Examples

## Not run: 
# The following example sets replication configuration on a bucket.
svc$put_bucket_replication(
  Bucket = "examplebucket",
  ReplicationConfiguration = list(
    Role = "arn:aws:iam::123456789012:role/examplerole",
    Rules = list(
      list(
        Destination = list(
          Bucket = "arn:aws:s3:::destinationbucket",
          StorageClass = "STANDARD"
        ),
        Prefix = "",
        Status = "Enabled"
      )
    )
  )
)

## End(Not run)