Skip to content

Data Source: awsS3BucketObject

\~> NOTE: The awsS3BucketObject data source is DEPRECATED and will be removed in a future version! Use awsS3Object instead, where new features and fixes will be added.

The S3 object data source allows access to the metadata and optionally (see below) content of an object stored inside S3 bucket.

\~> Note: The content of an object (body field) is available only for objects which have a human-readable contentType (text/* and application/json). This is to prevent printing unsafe characters and potentially downloading large amount of data which would be thrown away in favour of metadata.

Example Usage

The following example retrieves a text object (which must have a contentType value starting with text/) and uses it as the userData for an EC2 instance:

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsS3BucketObjectBootstrapScript =
  new aws.dataAwsS3BucketObject.DataAwsS3BucketObject(
    this,
    "bootstrap_script",
    {
      bucket: "ourcorp-deploy-config",
      key: "ec2-bootstrap-script.sh",
    }
  );
new aws.instance.Instance(this, "example", {
  ami: "ami-2757f631",
  instanceType: "t2.micro",
  userData: dataAwsS3BucketObjectBootstrapScript.body,
});

The following, more-complex example retrieves only the metadata for a zip file stored in S3, which is then used to pass the most recent versionId to AWS Lambda for use as a function implementation. More information about Lambda functions is available in the documentation for awsLambdaFunction.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsS3BucketObjectLambda =
  new aws.dataAwsS3BucketObject.DataAwsS3BucketObject(this, "lambda", {
    bucket: "ourcorp-lambda-functions",
    key: "hello-world.zip",
  });
new aws.lambdaFunction.LambdaFunction(this, "test_lambda", {
  functionName: "lambda_function_name",
  handler: "exports.test",
  role: "${aws_iam_role.iam_for_lambda.arn}",
  s3Bucket: dataAwsS3BucketObjectLambda.id,
  s3Key: dataAwsS3BucketObjectLambda.key,
  s3ObjectVersion: dataAwsS3BucketObjectLambda.versionId,
});

Argument Reference

The following arguments are supported:

  • bucket - (Required) Name of the bucket to read the object from. Alternatively, an S3 access point ARN can be specified
  • key - (Required) Full path to the object inside the bucket
  • versionId - (Optional) Specific version ID of the object returned (defaults to latest version)

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • body - Object data (see limitations above to understand cases in which this field is actually available)
  • bucketKeyEnabled - (Optional) Whether or not to use Amazon S3 Bucket Keys for SSE-KMS.
  • cacheControl - Caching behavior along the request/reply chain.
  • contentDisposition - Presentational information for the object.
  • contentEncoding - What content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.
  • contentLanguage - Language the content is in.
  • contentLength - Size of the body in bytes.
  • contentType - Standard MIME type describing the format of the object data.
  • etag - ETag generated for the object (an MD5 sum of the object content in case it's not encrypted)
  • expiration - If the object expiration is configured (see object lifecycle management), the field includes this header. It includes the expiry-date and rule-id key value pairs providing object expiration information. The value of the rule-id is URL encoded.
  • expires - Date and time at which the object is no longer cacheable.
  • lastModified - Last modified date of the object in RFC1123 format (e.g., mon,02Jan200615:04:05Mst)
  • metadata - Map of metadata stored with the object in S3
  • objectLockLegalHoldStatus - Indicates whether this object has an active legal hold. This field is only returned if you have permission to view an object's legal hold status.
  • objectLockMode - Object lock retention mode currently in place for this object.
  • objectLockRetainUntilDate - The date and time when this object's object lock will expire.
  • serverSideEncryption - If the object is stored using server-side encryption (KMS or Amazon S3-managed encryption key), this field includes the chosen encryption and algorithm used.
  • sseKmsKeyId - If present, specifies the ID of the Key Management Service (KMS) master encryption key that was used for the object.
  • storageClass - Storage class information of the object. Available for all objects except for standard storage class objects.
  • versionId - Latest version ID of the object returned.
  • websiteRedirectLocation - If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.
  • tags - Map of tags assigned to the object.

-> Note: Terraform ignores all leading /s in the object's key and treats multiple /s in the rest of the object's key as a single /, so values of /indexHtml and indexHtml correspond to the same S3 object as do first//second///third// and first/second/third/.