Skip to content

Resource: awsS3ControlStorageLensConfiguration

Provides a resource to manage an S3 Storage Lens configuration.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsCallerIdentityCurrent =
  new aws.dataAwsCallerIdentity.DataAwsCallerIdentity(this, "current", {});
new aws.s3ControlStorageLensConfiguration.S3ControlStorageLensConfiguration(
  this,
  "example",
  {
    configId: "example-1",
    storageLensConfiguration: {
      accountLevel: {
        activityMetrics: {
          enabled: true,
        },
        bucketLevel: {
          activityMetrics: {
            enabled: true,
          },
        },
      },
      dataExport: {
        cloudWatchMetrics: {
          enabled: true,
        },
        s3BucketDestination: {
          accountId: dataAwsCallerIdentityCurrent.accountId,
          arn: "${aws_s3_bucket.target.arn}",
          encryption: {
            sseS3: [{}],
          },
          format: "CSV",
          outputSchemaVersion: "V_1",
        },
      },
      enabled: true,
      exclude: {
        buckets: ["${aws_s3_bucket.b1.arn}", "${aws_s3_bucket.b2.arn}"],
        regions: ["us-east-2"],
      },
    },
  }
);

Argument Reference

The following arguments are supported:

  • accountId - (Optional) The AWS account ID for the S3 Storage Lens configuration. Defaults to automatically determined account ID of the Terraform AWS provider.
  • configId - (Required) The ID of the S3 Storage Lens configuration.
  • storageLensConfiguration - (Required) The S3 Storage Lens configuration. See Storage Lens Configuration below for more details.
  • tags - (Optional) Key-value map of resource tags. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Storage Lens Configuration

The storageLensConfiguration block supports the following:

  • accountLevel (Required) The account-level configurations of the S3 Storage Lens configuration. See Account Level below for more details.
  • awsOrg (Optional) The Amazon Web Services organization for the S3 Storage Lens configuration. See AWS Org below for more details.
  • dataExport (Optional) Properties of S3 Storage Lens metrics export including the destination, schema and format. See Data Export below for more details.
  • enabled (Required) Whether the S3 Storage Lens configuration is enabled.
  • exclude (Optional) What is excluded in this configuration. Conflicts with include. See Exclude below for more details.
  • include (Optional) What is included in this configuration. Conflicts with exclude. See Include below for more details.

Account Level

The accountLevel block supports the following:

  • activityMetrics (Optional) S3 Storage Lens activity metrics. See Activity Metrics below for more details.
  • advancedCostOptimizationMetrics (Optional) Advanced cost-optimization metrics for S3 Storage Lens. See Advanced Cost-Optimization Metrics below for more details.
  • advancedDataProtectionMetrics (Optional) Advanced data-protection metrics for S3 Storage Lens. See Advanced Data-Protection Metrics below for more details.
  • bucketLevel (Required) S3 Storage Lens bucket-level configuration. See Bucket Level below for more details.
  • detailedStatusCodeMetrics (Optional) Detailed status code metrics for S3 Storage Lens. See Detailed Status Code Metrics below for more details.

Activity Metrics

The activityMetrics block supports the following:

  • enabled (Optional) Whether the activity metrics are enabled.

Advanced Cost-Optimization Metrics

The advancedCostOptimizationMetrics block supports the following:

  • enabled (Optional) Whether advanced cost-optimization metrics are enabled.

Advanced Data-Protection Metrics

The advancedDataProtectionMetrics block supports the following:

  • enabled (Optional) Whether advanced data-protection metrics are enabled.

Detailed Status Code Metrics

The detailedStatusCodeMetrics block supports the following:

  • enabled (Optional) Whether detailed status code metrics are enabled.

Bucket Level

The bucketLevel block supports the following:

  • activityMetrics (Optional) S3 Storage Lens activity metrics. See Activity Metrics above for more details.
  • advancedCostOptimizationMetrics (Optional) Advanced cost-optimization metrics for S3 Storage Lens. See Advanced Cost-Optimization Metrics above for more details.
  • advancedDataProtectionMetrics (Optional) Advanced data-protection metrics for S3 Storage Lens. See Advanced Data-Protection Metrics above for more details.
  • detailedStatusCodeMetrics (Optional) Detailed status code metrics for S3 Storage Lens. See Detailed Status Code Metrics above for more details.
  • prefixLevel (Optional) Prefix-level metrics for S3 Storage Lens. See Prefix Level below for more details.

Prefix Level

The prefixLevel block supports the following:

Prefix Level Storage Metrics

The storageMetrics block supports the following:

  • enabled (Optional) Whether prefix-level storage metrics are enabled.
  • selectionCriteria (Optional) Selection criteria. See Selection Criteria below for more details.

Selection Criteria

The selectionCriteria block supports the following:

  • delimiter (Optional) The delimiter of the selection criteria being used.
  • maxDepth (Optional) The max depth of the selection criteria.
  • minStorageBytesPercentage (Optional) The minimum number of storage bytes percentage whose metrics will be selected.

AWS Org

The awsOrg block supports the following:

  • arn (Required) The Amazon Resource Name (ARN) of the Amazon Web Services organization.

Data Export

The dataExport block supports the following:

  • cloudWatchMetrics (Optional) Amazon CloudWatch publishing for S3 Storage Lens metrics. See Cloud Watch Metrics below for more details.
  • s3BucketDestination (Optional) The bucket where the S3 Storage Lens metrics export will be located. See S3 Bucket Destination below for more details.

Cloud Watch Metrics

The cloudWatchMetrics block supports the following:

  • enabled (Required) Whether CloudWatch publishing for S3 Storage Lens metrics is enabled.

S3 Bucket Destination

The s3BucketDestination block supports the following:

  • accountId (Required) The account ID of the owner of the S3 Storage Lens metrics export bucket.
  • arn (Required) The Amazon Resource Name (ARN) of the bucket.
  • encryption (Optional) Encryption of the metrics exports in this bucket. See Encryption below for more details.
  • format (Required) The export format. Valid values: csv, parquet.
  • outputSchemaVersion (Required) The schema version of the export file. Valid values: V_1.
  • prefix (Optional) The prefix of the destination bucket where the metrics export will be delivered.

Encryption

The encryption block supports the following:

  • sseKms (Optional) SSE-KMS encryption. See SSE KMS below for more details.
  • sseS3 (Optional) SSE-S3 encryption. An empty configuration block {} should be used.

SSE KMS

The sseKms block supports the following:

  • keyId (Required) KMS key ARN.

Exclude

The exclude block supports the following:

  • buckets (Optional) List of S3 bucket ARNs.
  • regions (Optional) List of AWS Regions.

Include

The include block supports the following:

  • buckets (Optional) List of S3 bucket ARNs.
  • regions (Optional) List of AWS Regions.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - Amazon Resource Name (ARN) of the S3 Storage Lens configuration.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Import

S3 Storage Lens configurations can be imported using the accountId and configId, separated by a colon (:), e.g.

$ terraform import aws_s3control_storage_lens_configuration.example 123456789012:example-1