AWS Cloud Control v1.26.0, Mar 12 25

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

aws-native.s3express.getDirectoryBucket

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

Using getDirectoryBucket

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

TypeScript
Python
Go
C#
Java
YAML

function getDirectoryBucket(args: GetDirectoryBucketArgs, opts?: InvokeOptions): Promise<GetDirectoryBucketResult>
function getDirectoryBucketOutput(args: GetDirectoryBucketOutputArgs, opts?: InvokeOptions): Output<GetDirectoryBucketResult>

def get_directory_bucket(bucket_name: Optional[str] = None,
                         opts: Optional[InvokeOptions] = None) -> GetDirectoryBucketResult
def get_directory_bucket_output(bucket_name: Optional[pulumi.Input[str]] = None,
                         opts: Optional[InvokeOptions] = None) -> Output[GetDirectoryBucketResult]

func LookupDirectoryBucket(ctx *Context, args *LookupDirectoryBucketArgs, opts ...InvokeOption) (*LookupDirectoryBucketResult, error)
func LookupDirectoryBucketOutput(ctx *Context, args *LookupDirectoryBucketOutputArgs, opts ...InvokeOption) LookupDirectoryBucketResultOutput

> Note: This function is named LookupDirectoryBucket in the Go SDK.

public static class GetDirectoryBucket 
{
    public static Task<GetDirectoryBucketResult> InvokeAsync(GetDirectoryBucketArgs args, InvokeOptions? opts = null)
    public static Output<GetDirectoryBucketResult> Invoke(GetDirectoryBucketInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetDirectoryBucketResult> getDirectoryBucket(GetDirectoryBucketArgs args, InvokeOptions options)
public static Output<GetDirectoryBucketResult> getDirectoryBucket(GetDirectoryBucketArgs args, InvokeOptions options)

fn::invoke:
  function: aws-native:s3express:getDirectoryBucket
  arguments:
    # arguments dictionary

The following arguments are supported:

BucketName string: Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone or Local Zone. The bucket name must also follow the format 'bucket_base_name--zone_id--x-s3'. The zone_id can be the ID of an Availability Zone or a Local Zone. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.

BucketName string: Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone or Local Zone. The bucket name must also follow the format 'bucket_base_name--zone_id--x-s3'. The zone_id can be the ID of an Availability Zone or a Local Zone. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.

bucketName String: Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone or Local Zone. The bucket name must also follow the format 'bucket_base_name--zone_id--x-s3'. The zone_id can be the ID of an Availability Zone or a Local Zone. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.

bucketName string: Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone or Local Zone. The bucket name must also follow the format 'bucket_base_name--zone_id--x-s3'. The zone_id can be the ID of an Availability Zone or a Local Zone. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.

bucket_name str: Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone or Local Zone. The bucket name must also follow the format 'bucket_base_name--zone_id--x-s3'. The zone_id can be the ID of an Availability Zone or a Local Zone. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.

bucketName String: Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone or Local Zone. The bucket name must also follow the format 'bucket_base_name--zone_id--x-s3'. The zone_id can be the ID of an Availability Zone or a Local Zone. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.

getDirectoryBucket Result

The following output properties are available:

Arn string: Returns the Amazon Resource Name (ARN) of the specified bucket.
AvailabilityZoneName string: Returns the code for the Availability Zone or Local Zone where the directory bucket was created. An example for the code of an Availability Zone is 'us-east-1f'.
BucketEncryption Pulumi.AwsNative.S3Express.Outputs.DirectoryBucketBucketEncryption: Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see Setting and monitoring default encryption for directory buckets in the Amazon S3 User Guide .
LifecycleConfiguration Pulumi.AwsNative.S3Express.Outputs.DirectoryBucketLifecycleConfiguration: Lifecycle rules that define how Amazon S3 Express manages objects during their lifetime.

Arn string: Returns the Amazon Resource Name (ARN) of the specified bucket.
AvailabilityZoneName string: Returns the code for the Availability Zone or Local Zone where the directory bucket was created. An example for the code of an Availability Zone is 'us-east-1f'.
BucketEncryption DirectoryBucketBucketEncryption: Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see Setting and monitoring default encryption for directory buckets in the Amazon S3 User Guide .
LifecycleConfiguration DirectoryBucketLifecycleConfiguration: Lifecycle rules that define how Amazon S3 Express manages objects during their lifetime.

arn String: Returns the Amazon Resource Name (ARN) of the specified bucket.
availabilityZoneName String: Returns the code for the Availability Zone or Local Zone where the directory bucket was created. An example for the code of an Availability Zone is 'us-east-1f'.
bucketEncryption DirectoryBucketBucketEncryption: Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see Setting and monitoring default encryption for directory buckets in the Amazon S3 User Guide .
lifecycleConfiguration DirectoryBucketLifecycleConfiguration: Lifecycle rules that define how Amazon S3 Express manages objects during their lifetime.

arn string: Returns the Amazon Resource Name (ARN) of the specified bucket.
availabilityZoneName string: Returns the code for the Availability Zone or Local Zone where the directory bucket was created. An example for the code of an Availability Zone is 'us-east-1f'.
bucketEncryption DirectoryBucketBucketEncryption: Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see Setting and monitoring default encryption for directory buckets in the Amazon S3 User Guide .
lifecycleConfiguration DirectoryBucketLifecycleConfiguration: Lifecycle rules that define how Amazon S3 Express manages objects during their lifetime.

arn str: Returns the Amazon Resource Name (ARN) of the specified bucket.
availability_zone_name str: Returns the code for the Availability Zone or Local Zone where the directory bucket was created. An example for the code of an Availability Zone is 'us-east-1f'.
bucket_encryption DirectoryBucketBucketEncryption: Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see Setting and monitoring default encryption for directory buckets in the Amazon S3 User Guide .
lifecycle_configuration DirectoryBucketLifecycleConfiguration: Lifecycle rules that define how Amazon S3 Express manages objects during their lifetime.

arn String: Returns the Amazon Resource Name (ARN) of the specified bucket.
availabilityZoneName String: Returns the code for the Availability Zone or Local Zone where the directory bucket was created. An example for the code of an Availability Zone is 'us-east-1f'.
bucketEncryption Property Map: Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see Setting and monitoring default encryption for directory buckets in the Amazon S3 User Guide .
lifecycleConfiguration Property Map: Lifecycle rules that define how Amazon S3 Express manages objects during their lifetime.

Supporting Types

DirectoryBucketAbortIncompleteMultipartUpload

DaysAfterInitiation int: Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.

DaysAfterInitiation int: Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.

daysAfterInitiation Integer: Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.

daysAfterInitiation number: Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.

days_after_initiation int: Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.

daysAfterInitiation Number: Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.

DirectoryBucketBucketEncryption

ServerSideEncryptionConfiguration List<Pulumi.AwsNative.S3Express.Inputs.DirectoryBucketServerSideEncryptionRule>: Specifies the default server-side-encryption configuration.

ServerSideEncryptionConfiguration []DirectoryBucketServerSideEncryptionRule: Specifies the default server-side-encryption configuration.

serverSideEncryptionConfiguration List<DirectoryBucketServerSideEncryptionRule>: Specifies the default server-side-encryption configuration.

serverSideEncryptionConfiguration DirectoryBucketServerSideEncryptionRule[]: Specifies the default server-side-encryption configuration.

server_side_encryption_configuration Sequence[DirectoryBucketServerSideEncryptionRule]: Specifies the default server-side-encryption configuration.

serverSideEncryptionConfiguration List<Property Map>: Specifies the default server-side-encryption configuration.

DirectoryBucketLifecycleConfiguration

Rules List<Pulumi.AwsNative.S3Express.Inputs.DirectoryBucketRule>: A lifecycle rule for individual objects in an Amazon S3 Express bucket.

Rules []DirectoryBucketRule: A lifecycle rule for individual objects in an Amazon S3 Express bucket.

rules List<DirectoryBucketRule>: A lifecycle rule for individual objects in an Amazon S3 Express bucket.

rules DirectoryBucketRule[]: A lifecycle rule for individual objects in an Amazon S3 Express bucket.

rules Sequence[DirectoryBucketRule]: A lifecycle rule for individual objects in an Amazon S3 Express bucket.

rules List<Property Map>: A lifecycle rule for individual objects in an Amazon S3 Express bucket.

DirectoryBucketRule

Status Pulumi.AwsNative.S3Express.DirectoryBucketRuleStatus: If Enabled , the rule is currently being applied. If Disabled , the rule is not currently being applied.
AbortIncompleteMultipartUpload Pulumi.AwsNative.S3Express.Inputs.DirectoryBucketAbortIncompleteMultipartUpload: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
ExpirationInDays int: Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
Id string: Unique identifier for the rule. The value can't be longer than 255 characters.
ObjectSizeGreaterThan string: Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
ObjectSizeLessThan string: Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
Prefix string: Object key prefix that identifies one or more objects to which this rule applies.
Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints .

Status DirectoryBucketRuleStatus: If Enabled , the rule is currently being applied. If Disabled , the rule is not currently being applied.
AbortIncompleteMultipartUpload DirectoryBucketAbortIncompleteMultipartUpload: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
ExpirationInDays int: Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
Id string: Unique identifier for the rule. The value can't be longer than 255 characters.
ObjectSizeGreaterThan string: Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
ObjectSizeLessThan string: Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
Prefix string: Object key prefix that identifies one or more objects to which this rule applies.
Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints .

status DirectoryBucketRuleStatus: If Enabled , the rule is currently being applied. If Disabled , the rule is not currently being applied.
abortIncompleteMultipartUpload DirectoryBucketAbortIncompleteMultipartUpload: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
expirationInDays Integer: Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
id String: Unique identifier for the rule. The value can't be longer than 255 characters.
objectSizeGreaterThan String: Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
objectSizeLessThan String: Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
prefix String: Object key prefix that identifies one or more objects to which this rule applies.
Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints .

status DirectoryBucketRuleStatus: If Enabled , the rule is currently being applied. If Disabled , the rule is not currently being applied.
abortIncompleteMultipartUpload DirectoryBucketAbortIncompleteMultipartUpload: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
expirationInDays number: Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
id string: Unique identifier for the rule. The value can't be longer than 255 characters.
objectSizeGreaterThan string: Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
objectSizeLessThan string: Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
prefix string: Object key prefix that identifies one or more objects to which this rule applies.
Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints .

status DirectoryBucketRuleStatus: If Enabled , the rule is currently being applied. If Disabled , the rule is not currently being applied.
abort_incomplete_multipart_upload DirectoryBucketAbortIncompleteMultipartUpload: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
expiration_in_days int: Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
id str: Unique identifier for the rule. The value can't be longer than 255 characters.
object_size_greater_than str: Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
object_size_less_than str: Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
prefix str: Object key prefix that identifies one or more objects to which this rule applies.
Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints .

status "Enabled" | "Disabled": If Enabled , the rule is currently being applied. If Disabled , the rule is not currently being applied.
abortIncompleteMultipartUpload Property Map: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
expirationInDays Number: Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
id String: Unique identifier for the rule. The value can't be longer than 255 characters.
objectSizeGreaterThan String: Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
objectSizeLessThan String: Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see Lifecycle configuration using size-based rules in the Amazon S3 User Guide .
prefix String: Object key prefix that identifies one or more objects to which this rule applies.
Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints .

DirectoryBucketRuleStatus

DirectoryBucketServerSideEncryptionByDefault

SseAlgorithm Pulumi.AwsNative.S3Express.DirectoryBucketServerSideEncryptionByDefaultSseAlgorithm: Server-side encryption algorithm to use for the default encryption.
For directory buckets, there are only two supported values for server-side encryption: AES256 and aws:kms .
KmsMasterKeyId string: AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key

SseAlgorithm DirectoryBucketServerSideEncryptionByDefaultSseAlgorithm: Server-side encryption algorithm to use for the default encryption.
For directory buckets, there are only two supported values for server-side encryption: AES256 and aws:kms .
KmsMasterKeyId string: AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key

sseAlgorithm DirectoryBucketServerSideEncryptionByDefaultSseAlgorithm: Server-side encryption algorithm to use for the default encryption.
For directory buckets, there are only two supported values for server-side encryption: AES256 and aws:kms .
kmsMasterKeyId String: AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key

sseAlgorithm DirectoryBucketServerSideEncryptionByDefaultSseAlgorithm: Server-side encryption algorithm to use for the default encryption.
For directory buckets, there are only two supported values for server-side encryption: AES256 and aws:kms .
kmsMasterKeyId string: AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key

sse_algorithm DirectoryBucketServerSideEncryptionByDefaultSseAlgorithm: Server-side encryption algorithm to use for the default encryption.
For directory buckets, there are only two supported values for server-side encryption: AES256 and aws:kms .
kms_master_key_id str: AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key

sseAlgorithm "aws:kms" | "AES256": Server-side encryption algorithm to use for the default encryption.
For directory buckets, there are only two supported values for server-side encryption: AES256 and aws:kms .
kmsMasterKeyId String: AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key

DirectoryBucketServerSideEncryptionByDefaultSseAlgorithm

DirectoryBucketServerSideEncryptionRule

BucketKeyEnabled bool: Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true.
ServerSideEncryptionByDefault Pulumi.AwsNative.S3Express.Inputs.DirectoryBucketServerSideEncryptionByDefault: Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

BucketKeyEnabled bool: Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true.
ServerSideEncryptionByDefault DirectoryBucketServerSideEncryptionByDefault: Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

bucketKeyEnabled Boolean: Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true.
serverSideEncryptionByDefault DirectoryBucketServerSideEncryptionByDefault: Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

bucketKeyEnabled boolean: Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true.
serverSideEncryptionByDefault DirectoryBucketServerSideEncryptionByDefault: Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

bucket_key_enabled bool: Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true.
server_side_encryption_by_default DirectoryBucketServerSideEncryptionByDefault: Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

bucketKeyEnabled Boolean: Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true.
serverSideEncryptionByDefault Property Map: Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.s3express.getDirectoryBucket

On this page

On this page

Using getDirectoryBucket

getDirectoryBucket Result

Supporting Types

DirectoryBucketAbortIncompleteMultipartUpload

DirectoryBucketBucketEncryption

DirectoryBucketLifecycleConfiguration

DirectoryBucketRule

DirectoryBucketRuleStatus

DirectoryBucketServerSideEncryptionByDefault

DirectoryBucketServerSideEncryptionByDefaultSseAlgorithm

DirectoryBucketServerSideEncryptionRule

Package Details

On this page

On this page