Skip to content

Resource: awsS3ControlObjectLambdaAccessPoint

Provides a resource to manage an S3 Object Lambda Access Point. An Object Lambda access point is associated with exactly one standard access point and thus one Amazon S3 bucket.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsS3BucketExample = new aws.s3Bucket.S3Bucket(this, "example", {
  bucket: "example",
});
const awsS3AccessPointExample = new aws.s3AccessPoint.S3AccessPoint(
  this,
  "example_1",
  {
    bucket: awsS3BucketExample.id,
    name: "example",
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsS3AccessPointExample.overrideLogicalId("example");
const awsS3ControlObjectLambdaAccessPointExample =
  new aws.s3ControlObjectLambdaAccessPoint.S3ControlObjectLambdaAccessPoint(
    this,
    "example_2",
    {
      configuration: {
        supportingAccessPoint: awsS3AccessPointExample.arn,
        transformationConfiguration: [
          {
            actions: ["GetObject"],
            contentTransformation: {
              awsLambda: {
                functionArn: "${aws_lambda_function.example.arn}",
              },
            },
          },
        ],
      },
      name: "example",
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsS3ControlObjectLambdaAccessPointExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

  • accountId - (Optional) The AWS account ID for the owner of the bucket for which you want to create an Object Lambda Access Point. Defaults to automatically determined account ID of the Terraform AWS provider.
  • configuration - (Required) A configuration block containing details about the Object Lambda Access Point. See Configuration below for more details.
  • name - (Required) The name for this Object Lambda Access Point.

Configuration

The configuration block supports the following:

  • allowedFeatures - (Optional) Allowed features. Valid values: getObjectRange, getObjectPartNumber.
  • cloudWatchMetricsEnabled - (Optional) Whether or not the CloudWatch metrics configuration is enabled.
  • supportingAccessPoint - (Required) Standard access point associated with the Object Lambda Access Point.
  • transformationConfiguration - (Required) List of transformation configurations for the Object Lambda Access Point. See Transformation Configuration below for more details.

Transformation Configuration

The transformationConfiguration block supports the following:

  • actions - (Required) The actions of an Object Lambda Access Point configuration. Valid values: getObject.
  • contentTransformation - (Required) The content transformation of an Object Lambda Access Point configuration. See Content Transformation below for more details.

Content Transformation

The contentTransformation block supports the following:

  • awsLambda - (Required) Configuration for an AWS Lambda function. See AWS Lambda below for more details.

AWS Lambda

The awsLambda block supports the following:

  • functionArn - (Required) The Amazon Resource Name (ARN) of the AWS Lambda function.
  • functionPayload - (Optional) Additional JSON that provides supplemental data to the Lambda function used to transform objects.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - Amazon Resource Name (ARN) of the Object Lambda Access Point.
  • id - The AWS account ID and access point name separated by a colon (:).

Import

Object Lambda Access Points can be imported using the accountId and name, separated by a colon (:), e.g.

$ terraform import aws_s3control_object_lambda_access_point.example 123456789012:example