1. Packages
  2. AWS
  3. API Docs
  4. s3
  5. ObjectCopy
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

aws.s3.ObjectCopy

Explore with Pulumi AI

aws logo
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Provides a resource for copying an S3 object.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const test = new aws.s3.ObjectCopy("test", {
        bucket: "destination_bucket",
        key: "destination_key",
        source: "source_bucket/source_key",
        grants: [{
            uri: "http://acs.amazonaws.com/groups/global/AllUsers",
            type: "Group",
            permissions: ["READ"],
        }],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    test = aws.s3.ObjectCopy("test",
        bucket="destination_bucket",
        key="destination_key",
        source="source_bucket/source_key",
        grants=[{
            "uri": "http://acs.amazonaws.com/groups/global/AllUsers",
            "type": "Group",
            "permissions": ["READ"],
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := s3.NewObjectCopy(ctx, "test", &s3.ObjectCopyArgs{
    			Bucket: pulumi.String("destination_bucket"),
    			Key:    pulumi.String("destination_key"),
    			Source: pulumi.String("source_bucket/source_key"),
    			Grants: s3.ObjectCopyGrantArray{
    				&s3.ObjectCopyGrantArgs{
    					Uri:  pulumi.String("http://acs.amazonaws.com/groups/global/AllUsers"),
    					Type: pulumi.String("Group"),
    					Permissions: pulumi.StringArray{
    						pulumi.String("READ"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Aws.S3.ObjectCopy("test", new()
        {
            Bucket = "destination_bucket",
            Key = "destination_key",
            Source = "source_bucket/source_key",
            Grants = new[]
            {
                new Aws.S3.Inputs.ObjectCopyGrantArgs
                {
                    Uri = "http://acs.amazonaws.com/groups/global/AllUsers",
                    Type = "Group",
                    Permissions = new[]
                    {
                        "READ",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.s3.ObjectCopy;
    import com.pulumi.aws.s3.ObjectCopyArgs;
    import com.pulumi.aws.s3.inputs.ObjectCopyGrantArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new ObjectCopy("test", ObjectCopyArgs.builder()
                .bucket("destination_bucket")
                .key("destination_key")
                .source("source_bucket/source_key")
                .grants(ObjectCopyGrantArgs.builder()
                    .uri("http://acs.amazonaws.com/groups/global/AllUsers")
                    .type("Group")
                    .permissions("READ")
                    .build())
                .build());
    
        }
    }
    
    resources:
      test:
        type: aws:s3:ObjectCopy
        properties:
          bucket: destination_bucket
          key: destination_key
          source: source_bucket/source_key
          grants:
            - uri: http://acs.amazonaws.com/groups/global/AllUsers
              type: Group
              permissions:
                - READ
    

    Create ObjectCopy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ObjectCopy(name: string, args: ObjectCopyArgs, opts?: CustomResourceOptions);
    @overload
    def ObjectCopy(resource_name: str,
                   args: ObjectCopyArgs,
                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def ObjectCopy(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   key: Optional[str] = None,
                   bucket: Optional[str] = None,
                   source: Optional[str] = None,
                   expires: Optional[str] = None,
                   content_encoding: Optional[str] = None,
                   force_destroy: Optional[bool] = None,
                   grants: Optional[Sequence[ObjectCopyGrantArgs]] = None,
                   content_language: Optional[str] = None,
                   content_type: Optional[str] = None,
                   copy_if_match: Optional[str] = None,
                   copy_if_modified_since: Optional[str] = None,
                   copy_if_none_match: Optional[str] = None,
                   copy_if_unmodified_since: Optional[str] = None,
                   customer_algorithm: Optional[str] = None,
                   customer_key: Optional[str] = None,
                   customer_key_md5: Optional[str] = None,
                   expected_bucket_owner: Optional[str] = None,
                   expected_source_bucket_owner: Optional[str] = None,
                   acl: Optional[str] = None,
                   content_disposition: Optional[str] = None,
                   cache_control: Optional[str] = None,
                   checksum_algorithm: Optional[str] = None,
                   kms_encryption_context: Optional[str] = None,
                   kms_key_id: Optional[str] = None,
                   metadata: Optional[Mapping[str, str]] = None,
                   metadata_directive: Optional[str] = None,
                   object_lock_legal_hold_status: Optional[str] = None,
                   object_lock_mode: Optional[str] = None,
                   object_lock_retain_until_date: Optional[str] = None,
                   request_payer: Optional[str] = None,
                   server_side_encryption: Optional[str] = None,
                   bucket_key_enabled: Optional[bool] = None,
                   source_customer_algorithm: Optional[str] = None,
                   source_customer_key: Optional[str] = None,
                   source_customer_key_md5: Optional[str] = None,
                   storage_class: Optional[str] = None,
                   tagging_directive: Optional[str] = None,
                   tags: Optional[Mapping[str, str]] = None,
                   website_redirect: Optional[str] = None)
    func NewObjectCopy(ctx *Context, name string, args ObjectCopyArgs, opts ...ResourceOption) (*ObjectCopy, error)
    public ObjectCopy(string name, ObjectCopyArgs args, CustomResourceOptions? opts = null)
    public ObjectCopy(String name, ObjectCopyArgs args)
    public ObjectCopy(String name, ObjectCopyArgs args, CustomResourceOptions options)
    
    type: aws:s3:ObjectCopy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ObjectCopyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ObjectCopyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ObjectCopyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ObjectCopyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ObjectCopyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var objectCopyResource = new Aws.S3.ObjectCopy("objectCopyResource", new()
    {
        Key = "string",
        Bucket = "string",
        Source = "string",
        Expires = "string",
        ContentEncoding = "string",
        ForceDestroy = false,
        Grants = new[]
        {
            new Aws.S3.Inputs.ObjectCopyGrantArgs
            {
                Permissions = new[]
                {
                    "string",
                },
                Type = "string",
                Email = "string",
                Id = "string",
                Uri = "string",
            },
        },
        ContentLanguage = "string",
        ContentType = "string",
        CopyIfMatch = "string",
        CopyIfModifiedSince = "string",
        CopyIfNoneMatch = "string",
        CopyIfUnmodifiedSince = "string",
        CustomerAlgorithm = "string",
        CustomerKey = "string",
        CustomerKeyMd5 = "string",
        ExpectedBucketOwner = "string",
        ExpectedSourceBucketOwner = "string",
        Acl = "string",
        ContentDisposition = "string",
        CacheControl = "string",
        ChecksumAlgorithm = "string",
        KmsEncryptionContext = "string",
        KmsKeyId = "string",
        Metadata = 
        {
            { "string", "string" },
        },
        MetadataDirective = "string",
        ObjectLockLegalHoldStatus = "string",
        ObjectLockMode = "string",
        ObjectLockRetainUntilDate = "string",
        RequestPayer = "string",
        ServerSideEncryption = "string",
        BucketKeyEnabled = false,
        SourceCustomerAlgorithm = "string",
        SourceCustomerKey = "string",
        SourceCustomerKeyMd5 = "string",
        StorageClass = "string",
        TaggingDirective = "string",
        Tags = 
        {
            { "string", "string" },
        },
        WebsiteRedirect = "string",
    });
    
    example, err := s3.NewObjectCopy(ctx, "objectCopyResource", &s3.ObjectCopyArgs{
    	Key:             pulumi.String("string"),
    	Bucket:          pulumi.String("string"),
    	Source:          pulumi.String("string"),
    	Expires:         pulumi.String("string"),
    	ContentEncoding: pulumi.String("string"),
    	ForceDestroy:    pulumi.Bool(false),
    	Grants: s3.ObjectCopyGrantArray{
    		&s3.ObjectCopyGrantArgs{
    			Permissions: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Type:  pulumi.String("string"),
    			Email: pulumi.String("string"),
    			Id:    pulumi.String("string"),
    			Uri:   pulumi.String("string"),
    		},
    	},
    	ContentLanguage:           pulumi.String("string"),
    	ContentType:               pulumi.String("string"),
    	CopyIfMatch:               pulumi.String("string"),
    	CopyIfModifiedSince:       pulumi.String("string"),
    	CopyIfNoneMatch:           pulumi.String("string"),
    	CopyIfUnmodifiedSince:     pulumi.String("string"),
    	CustomerAlgorithm:         pulumi.String("string"),
    	CustomerKey:               pulumi.String("string"),
    	CustomerKeyMd5:            pulumi.String("string"),
    	ExpectedBucketOwner:       pulumi.String("string"),
    	ExpectedSourceBucketOwner: pulumi.String("string"),
    	Acl:                       pulumi.String("string"),
    	ContentDisposition:        pulumi.String("string"),
    	CacheControl:              pulumi.String("string"),
    	ChecksumAlgorithm:         pulumi.String("string"),
    	KmsEncryptionContext:      pulumi.String("string"),
    	KmsKeyId:                  pulumi.String("string"),
    	Metadata: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	MetadataDirective:         pulumi.String("string"),
    	ObjectLockLegalHoldStatus: pulumi.String("string"),
    	ObjectLockMode:            pulumi.String("string"),
    	ObjectLockRetainUntilDate: pulumi.String("string"),
    	RequestPayer:              pulumi.String("string"),
    	ServerSideEncryption:      pulumi.String("string"),
    	BucketKeyEnabled:          pulumi.Bool(false),
    	SourceCustomerAlgorithm:   pulumi.String("string"),
    	SourceCustomerKey:         pulumi.String("string"),
    	SourceCustomerKeyMd5:      pulumi.String("string"),
    	StorageClass:              pulumi.String("string"),
    	TaggingDirective:          pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	WebsiteRedirect: pulumi.String("string"),
    })
    
    var objectCopyResource = new ObjectCopy("objectCopyResource", ObjectCopyArgs.builder()
        .key("string")
        .bucket("string")
        .source("string")
        .expires("string")
        .contentEncoding("string")
        .forceDestroy(false)
        .grants(ObjectCopyGrantArgs.builder()
            .permissions("string")
            .type("string")
            .email("string")
            .id("string")
            .uri("string")
            .build())
        .contentLanguage("string")
        .contentType("string")
        .copyIfMatch("string")
        .copyIfModifiedSince("string")
        .copyIfNoneMatch("string")
        .copyIfUnmodifiedSince("string")
        .customerAlgorithm("string")
        .customerKey("string")
        .customerKeyMd5("string")
        .expectedBucketOwner("string")
        .expectedSourceBucketOwner("string")
        .acl("string")
        .contentDisposition("string")
        .cacheControl("string")
        .checksumAlgorithm("string")
        .kmsEncryptionContext("string")
        .kmsKeyId("string")
        .metadata(Map.of("string", "string"))
        .metadataDirective("string")
        .objectLockLegalHoldStatus("string")
        .objectLockMode("string")
        .objectLockRetainUntilDate("string")
        .requestPayer("string")
        .serverSideEncryption("string")
        .bucketKeyEnabled(false)
        .sourceCustomerAlgorithm("string")
        .sourceCustomerKey("string")
        .sourceCustomerKeyMd5("string")
        .storageClass("string")
        .taggingDirective("string")
        .tags(Map.of("string", "string"))
        .websiteRedirect("string")
        .build());
    
    object_copy_resource = aws.s3.ObjectCopy("objectCopyResource",
        key="string",
        bucket="string",
        source="string",
        expires="string",
        content_encoding="string",
        force_destroy=False,
        grants=[{
            "permissions": ["string"],
            "type": "string",
            "email": "string",
            "id": "string",
            "uri": "string",
        }],
        content_language="string",
        content_type="string",
        copy_if_match="string",
        copy_if_modified_since="string",
        copy_if_none_match="string",
        copy_if_unmodified_since="string",
        customer_algorithm="string",
        customer_key="string",
        customer_key_md5="string",
        expected_bucket_owner="string",
        expected_source_bucket_owner="string",
        acl="string",
        content_disposition="string",
        cache_control="string",
        checksum_algorithm="string",
        kms_encryption_context="string",
        kms_key_id="string",
        metadata={
            "string": "string",
        },
        metadata_directive="string",
        object_lock_legal_hold_status="string",
        object_lock_mode="string",
        object_lock_retain_until_date="string",
        request_payer="string",
        server_side_encryption="string",
        bucket_key_enabled=False,
        source_customer_algorithm="string",
        source_customer_key="string",
        source_customer_key_md5="string",
        storage_class="string",
        tagging_directive="string",
        tags={
            "string": "string",
        },
        website_redirect="string")
    
    const objectCopyResource = new aws.s3.ObjectCopy("objectCopyResource", {
        key: "string",
        bucket: "string",
        source: "string",
        expires: "string",
        contentEncoding: "string",
        forceDestroy: false,
        grants: [{
            permissions: ["string"],
            type: "string",
            email: "string",
            id: "string",
            uri: "string",
        }],
        contentLanguage: "string",
        contentType: "string",
        copyIfMatch: "string",
        copyIfModifiedSince: "string",
        copyIfNoneMatch: "string",
        copyIfUnmodifiedSince: "string",
        customerAlgorithm: "string",
        customerKey: "string",
        customerKeyMd5: "string",
        expectedBucketOwner: "string",
        expectedSourceBucketOwner: "string",
        acl: "string",
        contentDisposition: "string",
        cacheControl: "string",
        checksumAlgorithm: "string",
        kmsEncryptionContext: "string",
        kmsKeyId: "string",
        metadata: {
            string: "string",
        },
        metadataDirective: "string",
        objectLockLegalHoldStatus: "string",
        objectLockMode: "string",
        objectLockRetainUntilDate: "string",
        requestPayer: "string",
        serverSideEncryption: "string",
        bucketKeyEnabled: false,
        sourceCustomerAlgorithm: "string",
        sourceCustomerKey: "string",
        sourceCustomerKeyMd5: "string",
        storageClass: "string",
        taggingDirective: "string",
        tags: {
            string: "string",
        },
        websiteRedirect: "string",
    });
    
    type: aws:s3:ObjectCopy
    properties:
        acl: string
        bucket: string
        bucketKeyEnabled: false
        cacheControl: string
        checksumAlgorithm: string
        contentDisposition: string
        contentEncoding: string
        contentLanguage: string
        contentType: string
        copyIfMatch: string
        copyIfModifiedSince: string
        copyIfNoneMatch: string
        copyIfUnmodifiedSince: string
        customerAlgorithm: string
        customerKey: string
        customerKeyMd5: string
        expectedBucketOwner: string
        expectedSourceBucketOwner: string
        expires: string
        forceDestroy: false
        grants:
            - email: string
              id: string
              permissions:
                - string
              type: string
              uri: string
        key: string
        kmsEncryptionContext: string
        kmsKeyId: string
        metadata:
            string: string
        metadataDirective: string
        objectLockLegalHoldStatus: string
        objectLockMode: string
        objectLockRetainUntilDate: string
        requestPayer: string
        serverSideEncryption: string
        source: string
        sourceCustomerAlgorithm: string
        sourceCustomerKey: string
        sourceCustomerKeyMd5: string
        storageClass: string
        taggingDirective: string
        tags:
            string: string
        websiteRedirect: string
    

    ObjectCopy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The ObjectCopy resource accepts the following input properties:

    Bucket string
    Name of the bucket to put the file in.
    Key string
    Name of the object once it is in the bucket.
    Source string

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    Acl string
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    BucketKeyEnabled bool
    CacheControl string
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    ChecksumAlgorithm string
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    ContentDisposition string
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    ContentEncoding string
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    ContentLanguage string
    Language the content is in e.g., en-US or en-GB.
    ContentType string
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    CopyIfMatch string
    Copies the object if its entity tag (ETag) matches the specified tag.
    CopyIfModifiedSince string
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    CopyIfNoneMatch string
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    CopyIfUnmodifiedSince string
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    CustomerAlgorithm string
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    CustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    CustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    ExpectedBucketOwner string
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    ExpectedSourceBucketOwner string
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    Expires string
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    ForceDestroy bool
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    Grants List<ObjectCopyGrant>
    Configuration block for header grants. Documented below. Conflicts with acl.
    KmsEncryptionContext string
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    KmsKeyId string
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    Metadata Dictionary<string, string>
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    MetadataDirective string
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    ObjectLockLegalHoldStatus string
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    ObjectLockMode string
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    ObjectLockRetainUntilDate string
    Date and time, in RFC3339 format, when this object's object lock will expire.
    RequestPayer string
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    ServerSideEncryption string
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    SourceCustomerAlgorithm string
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    SourceCustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    SourceCustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    StorageClass string
    Specifies the desired storage class for the object. Defaults to STANDARD.
    TaggingDirective string
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    Tags Dictionary<string, string>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    WebsiteRedirect string
    Specifies a target URL for website redirect.
    Bucket string
    Name of the bucket to put the file in.
    Key string
    Name of the object once it is in the bucket.
    Source string

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    Acl string
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    BucketKeyEnabled bool
    CacheControl string
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    ChecksumAlgorithm string
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    ContentDisposition string
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    ContentEncoding string
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    ContentLanguage string
    Language the content is in e.g., en-US or en-GB.
    ContentType string
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    CopyIfMatch string
    Copies the object if its entity tag (ETag) matches the specified tag.
    CopyIfModifiedSince string
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    CopyIfNoneMatch string
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    CopyIfUnmodifiedSince string
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    CustomerAlgorithm string
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    CustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    CustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    ExpectedBucketOwner string
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    ExpectedSourceBucketOwner string
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    Expires string
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    ForceDestroy bool
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    Grants []ObjectCopyGrantArgs
    Configuration block for header grants. Documented below. Conflicts with acl.
    KmsEncryptionContext string
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    KmsKeyId string
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    Metadata map[string]string
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    MetadataDirective string
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    ObjectLockLegalHoldStatus string
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    ObjectLockMode string
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    ObjectLockRetainUntilDate string
    Date and time, in RFC3339 format, when this object's object lock will expire.
    RequestPayer string
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    ServerSideEncryption string
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    SourceCustomerAlgorithm string
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    SourceCustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    SourceCustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    StorageClass string
    Specifies the desired storage class for the object. Defaults to STANDARD.
    TaggingDirective string
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    Tags map[string]string
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    WebsiteRedirect string
    Specifies a target URL for website redirect.
    bucket String
    Name of the bucket to put the file in.
    key String
    Name of the object once it is in the bucket.
    source String

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    acl String
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    bucketKeyEnabled Boolean
    cacheControl String
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksumAlgorithm String
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    contentDisposition String
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    contentEncoding String
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    contentLanguage String
    Language the content is in e.g., en-US or en-GB.
    contentType String
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copyIfMatch String
    Copies the object if its entity tag (ETag) matches the specified tag.
    copyIfModifiedSince String
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copyIfNoneMatch String
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copyIfUnmodifiedSince String
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customerAlgorithm String
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    expectedBucketOwner String
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expectedSourceBucketOwner String
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expires String
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    forceDestroy Boolean
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants List<ObjectCopyGrant>
    Configuration block for header grants. Documented below. Conflicts with acl.
    kmsEncryptionContext String
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kmsKeyId String
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    metadata Map<String,String>
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadataDirective String
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    objectLockLegalHoldStatus String
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    objectLockMode String
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    objectLockRetainUntilDate String
    Date and time, in RFC3339 format, when this object's object lock will expire.
    requestPayer String
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    serverSideEncryption String
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    sourceCustomerAlgorithm String
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    sourceCustomerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    sourceCustomerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    storageClass String
    Specifies the desired storage class for the object. Defaults to STANDARD.
    taggingDirective String
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags Map<String,String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    websiteRedirect String
    Specifies a target URL for website redirect.
    bucket string
    Name of the bucket to put the file in.
    key string
    Name of the object once it is in the bucket.
    source string

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    acl string
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    bucketKeyEnabled boolean
    cacheControl string
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksumAlgorithm string
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    contentDisposition string
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    contentEncoding string
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    contentLanguage string
    Language the content is in e.g., en-US or en-GB.
    contentType string
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copyIfMatch string
    Copies the object if its entity tag (ETag) matches the specified tag.
    copyIfModifiedSince string
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copyIfNoneMatch string
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copyIfUnmodifiedSince string
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customerAlgorithm string
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    expectedBucketOwner string
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expectedSourceBucketOwner string
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expires string
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    forceDestroy boolean
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants ObjectCopyGrant[]
    Configuration block for header grants. Documented below. Conflicts with acl.
    kmsEncryptionContext string
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kmsKeyId string
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    metadata {[key: string]: string}
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadataDirective string
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    objectLockLegalHoldStatus string
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    objectLockMode string
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    objectLockRetainUntilDate string
    Date and time, in RFC3339 format, when this object's object lock will expire.
    requestPayer string
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    serverSideEncryption string
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    sourceCustomerAlgorithm string
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    sourceCustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    sourceCustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    storageClass string
    Specifies the desired storage class for the object. Defaults to STANDARD.
    taggingDirective string
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags {[key: string]: string}
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    websiteRedirect string
    Specifies a target URL for website redirect.
    bucket str
    Name of the bucket to put the file in.
    key str
    Name of the object once it is in the bucket.
    source str

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    acl str
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    bucket_key_enabled bool
    cache_control str
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksum_algorithm str
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    content_disposition str
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    content_encoding str
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    content_language str
    Language the content is in e.g., en-US or en-GB.
    content_type str
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copy_if_match str
    Copies the object if its entity tag (ETag) matches the specified tag.
    copy_if_modified_since str
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copy_if_none_match str
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copy_if_unmodified_since str
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customer_algorithm str
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customer_key str
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customer_key_md5 str
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    expected_bucket_owner str
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expected_source_bucket_owner str
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expires str
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    force_destroy bool
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants Sequence[ObjectCopyGrantArgs]
    Configuration block for header grants. Documented below. Conflicts with acl.
    kms_encryption_context str
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kms_key_id str
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    metadata Mapping[str, str]
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadata_directive str
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    object_lock_legal_hold_status str
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    object_lock_mode str
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    object_lock_retain_until_date str
    Date and time, in RFC3339 format, when this object's object lock will expire.
    request_payer str
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    server_side_encryption str
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    source_customer_algorithm str
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    source_customer_key str
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    source_customer_key_md5 str
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    storage_class str
    Specifies the desired storage class for the object. Defaults to STANDARD.
    tagging_directive str
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags Mapping[str, str]
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    website_redirect str
    Specifies a target URL for website redirect.
    bucket String
    Name of the bucket to put the file in.
    key String
    Name of the object once it is in the bucket.
    source String

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    acl String
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    bucketKeyEnabled Boolean
    cacheControl String
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksumAlgorithm String
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    contentDisposition String
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    contentEncoding String
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    contentLanguage String
    Language the content is in e.g., en-US or en-GB.
    contentType String
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copyIfMatch String
    Copies the object if its entity tag (ETag) matches the specified tag.
    copyIfModifiedSince String
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copyIfNoneMatch String
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copyIfUnmodifiedSince String
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customerAlgorithm String
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    expectedBucketOwner String
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expectedSourceBucketOwner String
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expires String
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    forceDestroy Boolean
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants List<Property Map>
    Configuration block for header grants. Documented below. Conflicts with acl.
    kmsEncryptionContext String
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kmsKeyId String
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    metadata Map<String>
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadataDirective String
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    objectLockLegalHoldStatus String
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    objectLockMode String
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    objectLockRetainUntilDate String
    Date and time, in RFC3339 format, when this object's object lock will expire.
    requestPayer String
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    serverSideEncryption String
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    sourceCustomerAlgorithm String
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    sourceCustomerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    sourceCustomerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    storageClass String
    Specifies the desired storage class for the object. Defaults to STANDARD.
    taggingDirective String
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags Map<String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    websiteRedirect String
    Specifies a target URL for website redirect.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ObjectCopy resource produces the following output properties:

    Arn string
    ARN of the object.
    ChecksumCrc32 string
    The base64-encoded, 32-bit CRC32 checksum of the object.
    ChecksumCrc32c string
    The base64-encoded, 32-bit CRC32C checksum of the object.
    ChecksumSha1 string
    The base64-encoded, 160-bit SHA-1 digest of the object.
    ChecksumSha256 string
    The base64-encoded, 256-bit SHA-256 digest of the object.
    Etag string
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    Expiration string
    If the object expiration is configured, this attribute will be set.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastModified string
    Returns the date that the object was last modified, in RFC3339 format.
    RequestCharged bool
    If present, indicates that the requester was successfully charged for the request.
    SourceVersionId string
    Version of the copied object in the source bucket.
    TagsAll Dictionary<string, string>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    VersionId string
    Version ID of the newly created copy.
    Arn string
    ARN of the object.
    ChecksumCrc32 string
    The base64-encoded, 32-bit CRC32 checksum of the object.
    ChecksumCrc32c string
    The base64-encoded, 32-bit CRC32C checksum of the object.
    ChecksumSha1 string
    The base64-encoded, 160-bit SHA-1 digest of the object.
    ChecksumSha256 string
    The base64-encoded, 256-bit SHA-256 digest of the object.
    Etag string
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    Expiration string
    If the object expiration is configured, this attribute will be set.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastModified string
    Returns the date that the object was last modified, in RFC3339 format.
    RequestCharged bool
    If present, indicates that the requester was successfully charged for the request.
    SourceVersionId string
    Version of the copied object in the source bucket.
    TagsAll map[string]string
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    VersionId string
    Version ID of the newly created copy.
    arn String
    ARN of the object.
    checksumCrc32 String
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksumCrc32c String
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksumSha1 String
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksumSha256 String
    The base64-encoded, 256-bit SHA-256 digest of the object.
    etag String
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expiration String
    If the object expiration is configured, this attribute will be set.
    id String
    The provider-assigned unique ID for this managed resource.
    lastModified String
    Returns the date that the object was last modified, in RFC3339 format.
    requestCharged Boolean
    If present, indicates that the requester was successfully charged for the request.
    sourceVersionId String
    Version of the copied object in the source bucket.
    tagsAll Map<String,String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    versionId String
    Version ID of the newly created copy.
    arn string
    ARN of the object.
    checksumCrc32 string
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksumCrc32c string
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksumSha1 string
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksumSha256 string
    The base64-encoded, 256-bit SHA-256 digest of the object.
    etag string
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expiration string
    If the object expiration is configured, this attribute will be set.
    id string
    The provider-assigned unique ID for this managed resource.
    lastModified string
    Returns the date that the object was last modified, in RFC3339 format.
    requestCharged boolean
    If present, indicates that the requester was successfully charged for the request.
    sourceVersionId string
    Version of the copied object in the source bucket.
    tagsAll {[key: string]: string}
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    versionId string
    Version ID of the newly created copy.
    arn str
    ARN of the object.
    checksum_crc32 str
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksum_crc32c str
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksum_sha1 str
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksum_sha256 str
    The base64-encoded, 256-bit SHA-256 digest of the object.
    etag str
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expiration str
    If the object expiration is configured, this attribute will be set.
    id str
    The provider-assigned unique ID for this managed resource.
    last_modified str
    Returns the date that the object was last modified, in RFC3339 format.
    request_charged bool
    If present, indicates that the requester was successfully charged for the request.
    source_version_id str
    Version of the copied object in the source bucket.
    tags_all Mapping[str, str]
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    version_id str
    Version ID of the newly created copy.
    arn String
    ARN of the object.
    checksumCrc32 String
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksumCrc32c String
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksumSha1 String
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksumSha256 String
    The base64-encoded, 256-bit SHA-256 digest of the object.
    etag String
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expiration String
    If the object expiration is configured, this attribute will be set.
    id String
    The provider-assigned unique ID for this managed resource.
    lastModified String
    Returns the date that the object was last modified, in RFC3339 format.
    requestCharged Boolean
    If present, indicates that the requester was successfully charged for the request.
    sourceVersionId String
    Version of the copied object in the source bucket.
    tagsAll Map<String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    versionId String
    Version ID of the newly created copy.

    Look up Existing ObjectCopy Resource

    Get an existing ObjectCopy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ObjectCopyState, opts?: CustomResourceOptions): ObjectCopy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            acl: Optional[str] = None,
            arn: Optional[str] = None,
            bucket: Optional[str] = None,
            bucket_key_enabled: Optional[bool] = None,
            cache_control: Optional[str] = None,
            checksum_algorithm: Optional[str] = None,
            checksum_crc32: Optional[str] = None,
            checksum_crc32c: Optional[str] = None,
            checksum_sha1: Optional[str] = None,
            checksum_sha256: Optional[str] = None,
            content_disposition: Optional[str] = None,
            content_encoding: Optional[str] = None,
            content_language: Optional[str] = None,
            content_type: Optional[str] = None,
            copy_if_match: Optional[str] = None,
            copy_if_modified_since: Optional[str] = None,
            copy_if_none_match: Optional[str] = None,
            copy_if_unmodified_since: Optional[str] = None,
            customer_algorithm: Optional[str] = None,
            customer_key: Optional[str] = None,
            customer_key_md5: Optional[str] = None,
            etag: Optional[str] = None,
            expected_bucket_owner: Optional[str] = None,
            expected_source_bucket_owner: Optional[str] = None,
            expiration: Optional[str] = None,
            expires: Optional[str] = None,
            force_destroy: Optional[bool] = None,
            grants: Optional[Sequence[ObjectCopyGrantArgs]] = None,
            key: Optional[str] = None,
            kms_encryption_context: Optional[str] = None,
            kms_key_id: Optional[str] = None,
            last_modified: Optional[str] = None,
            metadata: Optional[Mapping[str, str]] = None,
            metadata_directive: Optional[str] = None,
            object_lock_legal_hold_status: Optional[str] = None,
            object_lock_mode: Optional[str] = None,
            object_lock_retain_until_date: Optional[str] = None,
            request_charged: Optional[bool] = None,
            request_payer: Optional[str] = None,
            server_side_encryption: Optional[str] = None,
            source: Optional[str] = None,
            source_customer_algorithm: Optional[str] = None,
            source_customer_key: Optional[str] = None,
            source_customer_key_md5: Optional[str] = None,
            source_version_id: Optional[str] = None,
            storage_class: Optional[str] = None,
            tagging_directive: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            version_id: Optional[str] = None,
            website_redirect: Optional[str] = None) -> ObjectCopy
    func GetObjectCopy(ctx *Context, name string, id IDInput, state *ObjectCopyState, opts ...ResourceOption) (*ObjectCopy, error)
    public static ObjectCopy Get(string name, Input<string> id, ObjectCopyState? state, CustomResourceOptions? opts = null)
    public static ObjectCopy get(String name, Output<String> id, ObjectCopyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Acl string
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    Arn string
    ARN of the object.
    Bucket string
    Name of the bucket to put the file in.
    BucketKeyEnabled bool
    CacheControl string
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    ChecksumAlgorithm string
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    ChecksumCrc32 string
    The base64-encoded, 32-bit CRC32 checksum of the object.
    ChecksumCrc32c string
    The base64-encoded, 32-bit CRC32C checksum of the object.
    ChecksumSha1 string
    The base64-encoded, 160-bit SHA-1 digest of the object.
    ChecksumSha256 string
    The base64-encoded, 256-bit SHA-256 digest of the object.
    ContentDisposition string
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    ContentEncoding string
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    ContentLanguage string
    Language the content is in e.g., en-US or en-GB.
    ContentType string
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    CopyIfMatch string
    Copies the object if its entity tag (ETag) matches the specified tag.
    CopyIfModifiedSince string
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    CopyIfNoneMatch string
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    CopyIfUnmodifiedSince string
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    CustomerAlgorithm string
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    CustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    CustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    Etag string
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    ExpectedBucketOwner string
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    ExpectedSourceBucketOwner string
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    Expiration string
    If the object expiration is configured, this attribute will be set.
    Expires string
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    ForceDestroy bool
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    Grants List<ObjectCopyGrant>
    Configuration block for header grants. Documented below. Conflicts with acl.
    Key string
    Name of the object once it is in the bucket.
    KmsEncryptionContext string
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    KmsKeyId string
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    LastModified string
    Returns the date that the object was last modified, in RFC3339 format.
    Metadata Dictionary<string, string>
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    MetadataDirective string
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    ObjectLockLegalHoldStatus string
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    ObjectLockMode string
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    ObjectLockRetainUntilDate string
    Date and time, in RFC3339 format, when this object's object lock will expire.
    RequestCharged bool
    If present, indicates that the requester was successfully charged for the request.
    RequestPayer string
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    ServerSideEncryption string
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    Source string

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    SourceCustomerAlgorithm string
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    SourceCustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    SourceCustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    SourceVersionId string
    Version of the copied object in the source bucket.
    StorageClass string
    Specifies the desired storage class for the object. Defaults to STANDARD.
    TaggingDirective string
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    Tags Dictionary<string, string>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    VersionId string
    Version ID of the newly created copy.
    WebsiteRedirect string
    Specifies a target URL for website redirect.
    Acl string
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    Arn string
    ARN of the object.
    Bucket string
    Name of the bucket to put the file in.
    BucketKeyEnabled bool
    CacheControl string
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    ChecksumAlgorithm string
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    ChecksumCrc32 string
    The base64-encoded, 32-bit CRC32 checksum of the object.
    ChecksumCrc32c string
    The base64-encoded, 32-bit CRC32C checksum of the object.
    ChecksumSha1 string
    The base64-encoded, 160-bit SHA-1 digest of the object.
    ChecksumSha256 string
    The base64-encoded, 256-bit SHA-256 digest of the object.
    ContentDisposition string
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    ContentEncoding string
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    ContentLanguage string
    Language the content is in e.g., en-US or en-GB.
    ContentType string
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    CopyIfMatch string
    Copies the object if its entity tag (ETag) matches the specified tag.
    CopyIfModifiedSince string
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    CopyIfNoneMatch string
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    CopyIfUnmodifiedSince string
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    CustomerAlgorithm string
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    CustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    CustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    Etag string
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    ExpectedBucketOwner string
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    ExpectedSourceBucketOwner string
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    Expiration string
    If the object expiration is configured, this attribute will be set.
    Expires string
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    ForceDestroy bool
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    Grants []ObjectCopyGrantArgs
    Configuration block for header grants. Documented below. Conflicts with acl.
    Key string
    Name of the object once it is in the bucket.
    KmsEncryptionContext string
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    KmsKeyId string
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    LastModified string
    Returns the date that the object was last modified, in RFC3339 format.
    Metadata map[string]string
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    MetadataDirective string
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    ObjectLockLegalHoldStatus string
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    ObjectLockMode string
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    ObjectLockRetainUntilDate string
    Date and time, in RFC3339 format, when this object's object lock will expire.
    RequestCharged bool
    If present, indicates that the requester was successfully charged for the request.
    RequestPayer string
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    ServerSideEncryption string
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    Source string

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    SourceCustomerAlgorithm string
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    SourceCustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    SourceCustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    SourceVersionId string
    Version of the copied object in the source bucket.
    StorageClass string
    Specifies the desired storage class for the object. Defaults to STANDARD.
    TaggingDirective string
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    Tags map[string]string
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    VersionId string
    Version ID of the newly created copy.
    WebsiteRedirect string
    Specifies a target URL for website redirect.
    acl String
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    arn String
    ARN of the object.
    bucket String
    Name of the bucket to put the file in.
    bucketKeyEnabled Boolean
    cacheControl String
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksumAlgorithm String
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    checksumCrc32 String
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksumCrc32c String
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksumSha1 String
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksumSha256 String
    The base64-encoded, 256-bit SHA-256 digest of the object.
    contentDisposition String
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    contentEncoding String
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    contentLanguage String
    Language the content is in e.g., en-US or en-GB.
    contentType String
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copyIfMatch String
    Copies the object if its entity tag (ETag) matches the specified tag.
    copyIfModifiedSince String
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copyIfNoneMatch String
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copyIfUnmodifiedSince String
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customerAlgorithm String
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    etag String
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expectedBucketOwner String
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expectedSourceBucketOwner String
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expiration String
    If the object expiration is configured, this attribute will be set.
    expires String
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    forceDestroy Boolean
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants List<ObjectCopyGrant>
    Configuration block for header grants. Documented below. Conflicts with acl.
    key String
    Name of the object once it is in the bucket.
    kmsEncryptionContext String
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kmsKeyId String
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    lastModified String
    Returns the date that the object was last modified, in RFC3339 format.
    metadata Map<String,String>
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadataDirective String
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    objectLockLegalHoldStatus String
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    objectLockMode String
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    objectLockRetainUntilDate String
    Date and time, in RFC3339 format, when this object's object lock will expire.
    requestCharged Boolean
    If present, indicates that the requester was successfully charged for the request.
    requestPayer String
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    serverSideEncryption String
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    source String

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    sourceCustomerAlgorithm String
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    sourceCustomerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    sourceCustomerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    sourceVersionId String
    Version of the copied object in the source bucket.
    storageClass String
    Specifies the desired storage class for the object. Defaults to STANDARD.
    taggingDirective String
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags Map<String,String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    versionId String
    Version ID of the newly created copy.
    websiteRedirect String
    Specifies a target URL for website redirect.
    acl string
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    arn string
    ARN of the object.
    bucket string
    Name of the bucket to put the file in.
    bucketKeyEnabled boolean
    cacheControl string
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksumAlgorithm string
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    checksumCrc32 string
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksumCrc32c string
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksumSha1 string
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksumSha256 string
    The base64-encoded, 256-bit SHA-256 digest of the object.
    contentDisposition string
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    contentEncoding string
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    contentLanguage string
    Language the content is in e.g., en-US or en-GB.
    contentType string
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copyIfMatch string
    Copies the object if its entity tag (ETag) matches the specified tag.
    copyIfModifiedSince string
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copyIfNoneMatch string
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copyIfUnmodifiedSince string
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customerAlgorithm string
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    etag string
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expectedBucketOwner string
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expectedSourceBucketOwner string
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expiration string
    If the object expiration is configured, this attribute will be set.
    expires string
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    forceDestroy boolean
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants ObjectCopyGrant[]
    Configuration block for header grants. Documented below. Conflicts with acl.
    key string
    Name of the object once it is in the bucket.
    kmsEncryptionContext string
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kmsKeyId string
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    lastModified string
    Returns the date that the object was last modified, in RFC3339 format.
    metadata {[key: string]: string}
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadataDirective string
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    objectLockLegalHoldStatus string
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    objectLockMode string
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    objectLockRetainUntilDate string
    Date and time, in RFC3339 format, when this object's object lock will expire.
    requestCharged boolean
    If present, indicates that the requester was successfully charged for the request.
    requestPayer string
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    serverSideEncryption string
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    source string

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    sourceCustomerAlgorithm string
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    sourceCustomerKey string
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    sourceCustomerKeyMd5 string
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    sourceVersionId string
    Version of the copied object in the source bucket.
    storageClass string
    Specifies the desired storage class for the object. Defaults to STANDARD.
    taggingDirective string
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags {[key: string]: string}
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    versionId string
    Version ID of the newly created copy.
    websiteRedirect string
    Specifies a target URL for website redirect.
    acl str
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    arn str
    ARN of the object.
    bucket str
    Name of the bucket to put the file in.
    bucket_key_enabled bool
    cache_control str
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksum_algorithm str
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    checksum_crc32 str
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksum_crc32c str
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksum_sha1 str
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksum_sha256 str
    The base64-encoded, 256-bit SHA-256 digest of the object.
    content_disposition str
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    content_encoding str
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    content_language str
    Language the content is in e.g., en-US or en-GB.
    content_type str
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copy_if_match str
    Copies the object if its entity tag (ETag) matches the specified tag.
    copy_if_modified_since str
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copy_if_none_match str
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copy_if_unmodified_since str
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customer_algorithm str
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customer_key str
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customer_key_md5 str
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    etag str
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expected_bucket_owner str
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expected_source_bucket_owner str
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expiration str
    If the object expiration is configured, this attribute will be set.
    expires str
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    force_destroy bool
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants Sequence[ObjectCopyGrantArgs]
    Configuration block for header grants. Documented below. Conflicts with acl.
    key str
    Name of the object once it is in the bucket.
    kms_encryption_context str
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kms_key_id str
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    last_modified str
    Returns the date that the object was last modified, in RFC3339 format.
    metadata Mapping[str, str]
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadata_directive str
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    object_lock_legal_hold_status str
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    object_lock_mode str
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    object_lock_retain_until_date str
    Date and time, in RFC3339 format, when this object's object lock will expire.
    request_charged bool
    If present, indicates that the requester was successfully charged for the request.
    request_payer str
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    server_side_encryption str
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    source str

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    source_customer_algorithm str
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    source_customer_key str
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    source_customer_key_md5 str
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    source_version_id str
    Version of the copied object in the source bucket.
    storage_class str
    Specifies the desired storage class for the object. Defaults to STANDARD.
    tagging_directive str
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags Mapping[str, str]
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    version_id str
    Version ID of the newly created copy.
    website_redirect str
    Specifies a target URL for website redirect.
    acl String
    Canned ACL to apply. Valid values are private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, and bucket-owner-full-control. Conflicts with grant.
    arn String
    ARN of the object.
    bucket String
    Name of the bucket to put the file in.
    bucketKeyEnabled Boolean
    cacheControl String
    Specifies caching behavior along the request/reply chain Read w3c cache_control for further details.
    checksumAlgorithm String
    Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the kms:Decrypt action. Valid values: CRC32, CRC32C, SHA1, SHA256.
    checksumCrc32 String
    The base64-encoded, 32-bit CRC32 checksum of the object.
    checksumCrc32c String
    The base64-encoded, 32-bit CRC32C checksum of the object.
    checksumSha1 String
    The base64-encoded, 160-bit SHA-1 digest of the object.
    checksumSha256 String
    The base64-encoded, 256-bit SHA-256 digest of the object.
    contentDisposition String
    Specifies presentational information for the object. Read w3c content_disposition for further information.
    contentEncoding String
    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read w3c content encoding for further information.
    contentLanguage String
    Language the content is in e.g., en-US or en-GB.
    contentType String
    Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.
    copyIfMatch String
    Copies the object if its entity tag (ETag) matches the specified tag.
    copyIfModifiedSince String
    Copies the object if it has been modified since the specified time, in RFC3339 format.
    copyIfNoneMatch String
    Copies the object if its entity tag (ETag) is different than the specified ETag.
    copyIfUnmodifiedSince String
    Copies the object if it hasn't been modified since the specified time, in RFC3339 format.
    customerAlgorithm String
    Specifies the algorithm to use to when encrypting the object (for example, AES256).
    customerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.
    customerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    etag String
    ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on Common Response Headers.
    expectedBucketOwner String
    Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expectedSourceBucketOwner String
    Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
    expiration String
    If the object expiration is configured, this attribute will be set.
    expires String
    Date and time at which the object is no longer cacheable, in RFC3339 format.
    forceDestroy Boolean
    Allow the object to be deleted by removing any legal hold on any object version. Default is false. This value should be set to true only if the bucket has S3 object lock enabled.
    grants List<Property Map>
    Configuration block for header grants. Documented below. Conflicts with acl.
    key String
    Name of the object once it is in the bucket.
    kmsEncryptionContext String
    Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.
    kmsKeyId String
    Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws.kms.Key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn
    lastModified String
    Returns the date that the object was last modified, in RFC3339 format.
    metadata Map<String>
    Map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API).
    metadataDirective String
    Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are COPY and REPLACE.
    objectLockLegalHoldStatus String
    The legal hold status that you want to apply to the specified object. Valid values are ON and OFF.
    objectLockMode String
    Object lock retention mode that you want to apply to this object. Valid values are GOVERNANCE and COMPLIANCE.
    objectLockRetainUntilDate String
    Date and time, in RFC3339 format, when this object's object lock will expire.
    requestCharged Boolean
    If present, indicates that the requester was successfully charged for the request.
    requestPayer String
    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is requester.
    serverSideEncryption String
    Specifies server-side encryption of the object in S3. Valid values are AES256 and aws:kms.
    source String

    Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, testbucket/test1.json. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json.

    The following arguments are optional:

    sourceCustomerAlgorithm String
    Specifies the algorithm to use when decrypting the source object (for example, AES256).
    sourceCustomerKey String
    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.
    sourceCustomerKeyMd5 String
    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.
    sourceVersionId String
    Version of the copied object in the source bucket.
    storageClass String
    Specifies the desired storage class for the object. Defaults to STANDARD.
    taggingDirective String
    Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are COPY and REPLACE.
    tags Map<String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    versionId String
    Version ID of the newly created copy.
    websiteRedirect String
    Specifies a target URL for website redirect.

    Supporting Types

    ObjectCopyGrant, ObjectCopyGrantArgs

    Permissions List<string>
    List of permissions to grant to grantee. Valid values are READ, READ_ACP, WRITE_ACP, FULL_CONTROL.
    Type string

    Type of grantee. Valid values are CanonicalUser, Group, and AmazonCustomerByEmail.

    This configuration block has the following optional arguments (one of the three is required):

    Email string
    Email address of the grantee. Used only when type is AmazonCustomerByEmail.
    Id string
    Canonical user ID of the grantee. Used only when type is CanonicalUser.
    Uri string
    URI of the grantee group. Used only when type is Group.
    Permissions []string
    List of permissions to grant to grantee. Valid values are READ, READ_ACP, WRITE_ACP, FULL_CONTROL.
    Type string

    Type of grantee. Valid values are CanonicalUser, Group, and AmazonCustomerByEmail.

    This configuration block has the following optional arguments (one of the three is required):

    Email string
    Email address of the grantee. Used only when type is AmazonCustomerByEmail.
    Id string
    Canonical user ID of the grantee. Used only when type is CanonicalUser.
    Uri string
    URI of the grantee group. Used only when type is Group.
    permissions List<String>
    List of permissions to grant to grantee. Valid values are READ, READ_ACP, WRITE_ACP, FULL_CONTROL.
    type String

    Type of grantee. Valid values are CanonicalUser, Group, and AmazonCustomerByEmail.

    This configuration block has the following optional arguments (one of the three is required):

    email String
    Email address of the grantee. Used only when type is AmazonCustomerByEmail.
    id String
    Canonical user ID of the grantee. Used only when type is CanonicalUser.
    uri String
    URI of the grantee group. Used only when type is Group.
    permissions string[]
    List of permissions to grant to grantee. Valid values are READ, READ_ACP, WRITE_ACP, FULL_CONTROL.
    type string

    Type of grantee. Valid values are CanonicalUser, Group, and AmazonCustomerByEmail.

    This configuration block has the following optional arguments (one of the three is required):

    email string
    Email address of the grantee. Used only when type is AmazonCustomerByEmail.
    id string
    Canonical user ID of the grantee. Used only when type is CanonicalUser.
    uri string
    URI of the grantee group. Used only when type is Group.
    permissions Sequence[str]
    List of permissions to grant to grantee. Valid values are READ, READ_ACP, WRITE_ACP, FULL_CONTROL.
    type str

    Type of grantee. Valid values are CanonicalUser, Group, and AmazonCustomerByEmail.

    This configuration block has the following optional arguments (one of the three is required):

    email str
    Email address of the grantee. Used only when type is AmazonCustomerByEmail.
    id str
    Canonical user ID of the grantee. Used only when type is CanonicalUser.
    uri str
    URI of the grantee group. Used only when type is Group.
    permissions List<String>
    List of permissions to grant to grantee. Valid values are READ, READ_ACP, WRITE_ACP, FULL_CONTROL.
    type String

    Type of grantee. Valid values are CanonicalUser, Group, and AmazonCustomerByEmail.

    This configuration block has the following optional arguments (one of the three is required):

    email String
    Email address of the grantee. Used only when type is AmazonCustomerByEmail.
    id String
    Canonical user ID of the grantee. Used only when type is CanonicalUser.
    uri String
    URI of the grantee group. Used only when type is Group.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi