--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.16.2 name: buckets.s3.services.k8s.aws spec: group: s3.services.k8s.aws names: kind: Bucket listKind: BucketList plural: buckets singular: bucket scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: Bucket is the Schema for the Buckets API properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: |- BucketSpec defines the desired state of Bucket. In terms of implementation, a Bucket is a resource. properties: accelerate: description: Container for setting the transfer acceleration state. properties: status: type: string type: object acl: description: |- The canned ACL to apply to the bucket. This functionality is not supported for directory buckets. type: string analytics: items: description: |- Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket. properties: filter: description: |- The filter used to describe a set of objects for analyses. A filter must have exactly one prefix, one tag, or one conjunction (AnalyticsAndOperator). If no filter is provided, all objects will be considered in any analysis. properties: and: description: |- A conjunction (logical AND) of predicates, which is used in evaluating a metrics filter. The operator must have at least two predicates in any combination, and an object must match all of the predicates for the filter to apply. properties: prefix: type: string tags: items: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: array type: object prefix: type: string tag: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: object id: type: string storageClassAnalysis: description: |- Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket. properties: dataExport: description: |- Container for data related to the storage class analysis for an Amazon S3 bucket for export. properties: destination: description: Where to publish the analytics results. properties: s3BucketDestination: description: Contains information about where to publish the analytics results. properties: bucket: type: string bucketAccountID: type: string format: type: string prefix: type: string type: object type: object outputSchemaVersion: type: string type: object type: object type: object type: array cors: description: |- Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon S3 User Guide. properties: corsRules: items: description: Specifies a cross-origin access rule for an Amazon S3 bucket. properties: allowedHeaders: items: type: string type: array allowedMethods: items: type: string type: array allowedOrigins: items: type: string type: array exposeHeaders: items: type: string type: array id: type: string maxAgeSeconds: format: int64 type: integer type: object type: array type: object createBucketConfiguration: description: The configuration information for the bucket. properties: locationConstraint: type: string type: object encryption: description: Specifies the default server-side-encryption configuration. properties: rules: items: description: |- Specifies the default server-side encryption configuration. - General purpose buckets - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. - Directory buckets - When you specify an KMS customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. properties: applyServerSideEncryptionByDefault: description: |- Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html). * General purpose buckets - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an Amazon Web Services KMS key (aws/s3) in your Amazon Web Services account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. * Directory buckets - Your SSE-KMS configuration can only support 1 customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. The Amazon Web Services managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (aws/s3) isn't supported. * Directory buckets - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. properties: kmsMasterKeyID: type: string sseAlgorithm: type: string type: object bucketKeyEnabled: type: boolean type: object type: array type: object grantFullControl: description: |- Allows grantee the read, write, read ACP, and write ACP permissions on the bucket. This functionality is not supported for directory buckets. type: string grantRead: description: |- Allows grantee to list the objects in the bucket. This functionality is not supported for directory buckets. type: string grantReadACP: description: |- Allows grantee to read the bucket ACL. This functionality is not supported for directory buckets. type: string grantWrite: description: |- Allows grantee to create new objects in the bucket. For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects. This functionality is not supported for directory buckets. type: string grantWriteACP: description: |- Allows grantee to write the ACL for the applicable bucket. This functionality is not supported for directory buckets. type: string intelligentTiering: items: description: |- Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket. For information about the S3 Intelligent-Tiering storage class, see Storage class for automatically optimizing frequently and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). properties: filter: description: |- The Filter is used to identify objects that the S3 Intelligent-Tiering configuration applies to. properties: and: description: |- A container for specifying S3 Intelligent-Tiering filters. The filters determine the subset of objects to which the rule applies. properties: prefix: type: string tags: items: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: array type: object prefix: type: string tag: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: object id: type: string status: type: string tierings: items: description: |- The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead. properties: accessTier: type: string days: format: int64 type: integer type: object type: array type: object type: array inventory: items: description: |- Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the Amazon S3 API Reference. properties: destination: description: Specifies the inventory configuration for an Amazon S3 bucket. properties: s3BucketDestination: description: |- Contains the bucket name, file format, bucket owner (optional), and prefix (optional) where inventory results are published. properties: accountID: type: string bucket: type: string encryption: description: |- Contains the type of server-side encryption used to encrypt the inventory results. properties: sseKMS: description: Specifies the use of SSE-KMS to encrypt delivered inventory reports. properties: keyID: type: string type: object type: object format: type: string prefix: type: string type: object type: object filter: description: |- Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria. properties: prefix: type: string type: object id: type: string includedObjectVersions: type: string isEnabled: type: boolean optionalFields: items: type: string type: array schedule: description: Specifies the schedule for generating inventory results. properties: frequency: type: string type: object type: object type: array lifecycle: description: Container for lifecycle rules. You can add as many as 1,000 rules. properties: rules: items: description: |- A lifecycle rule for individual objects in an Amazon S3 bucket. For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) in the Amazon S3 User Guide. properties: abortIncompleteMultipartUpload: description: |- Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) in the Amazon S3 User Guide. properties: daysAfterInitiation: format: int64 type: integer type: object expiration: description: |- Container for the expiration for the lifecycle of the object. For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) in the Amazon S3 User Guide. properties: date: format: date-time type: string days: format: int64 type: integer expiredObjectDeleteMarker: type: boolean type: object filter: description: |- The Filter is used to identify objects that a Lifecycle Rule applies to. A Filter can have exactly one of Prefix, Tag, ObjectSizeGreaterThan, ObjectSizeLessThan, or And specified. If the Filter element is left empty, the Lifecycle Rule applies to all objects in the bucket. properties: and: description: |- This is used in a Lifecycle Rule Filter to apply a logical AND to two or more predicates. The Lifecycle Rule will apply to any object matching all of the predicates configured inside the And operator. properties: objectSizeGreaterThan: format: int64 type: integer objectSizeLessThan: format: int64 type: integer prefix: type: string tags: items: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: array type: object objectSizeGreaterThan: format: int64 type: integer objectSizeLessThan: format: int64 type: integer prefix: type: string tag: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: object id: type: string noncurrentVersionExpiration: description: |- Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime. This parameter applies to general purpose buckets only. It is not supported for directory bucket lifecycle configurations. properties: newerNoncurrentVersions: format: int64 type: integer noncurrentDays: format: int64 type: integer type: object noncurrentVersionTransitions: items: description: |- Container for the transition rule that describes when noncurrent objects transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's lifetime. properties: newerNoncurrentVersions: format: int64 type: integer noncurrentDays: format: int64 type: integer storageClass: type: string type: object type: array prefix: type: string status: type: string transitions: items: description: |- Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see Transitioning Objects Using Amazon S3 Lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the Amazon S3 User Guide. properties: date: format: date-time type: string days: format: int64 type: integer storageClass: type: string type: object type: array type: object type: array type: object logging: description: Container for logging status information. properties: loggingEnabled: description: |- Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For more information, see PUT Bucket logging (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the Amazon S3 API Reference. properties: targetBucket: type: string targetGrants: items: description: |- Container for granting information. Buckets that use the bucket owner enforced setting for Object Ownership don't support target grants. For more information, see Permissions server access log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) in the Amazon S3 User Guide. properties: grantee: description: Container for the person being granted permissions. properties: displayName: type: string emailAddress: type: string id: type: string type_: type: string uRI: type: string type: object permission: type: string type: object type: array targetPrefix: type: string type: object type: object metrics: items: description: |- Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html). properties: filter: description: |- Specifies a metrics configuration filter. The metrics configuration only includes objects that meet the filter's criteria. A filter must be a prefix, an object tag, an access point ARN, or a conjunction (MetricsAndOperator). For more information, see PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html). properties: accessPointARN: type: string and: description: |- A conjunction (logical AND) of predicates, which is used in evaluating a metrics filter. The operator must have at least two predicates, and an object must match all of the predicates in order for the filter to apply. properties: accessPointARN: type: string prefix: type: string tags: items: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: array type: object prefix: type: string tag: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: object id: type: string type: object type: array name: description: |- The name of the bucket to create. General purpose buckets - For information about bucket naming restrictions, see Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the Amazon S3 User Guide. Directory buckets - When you use this operation with a directory bucket, you must use path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name . Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket names must also follow the format bucket-base-name--zone-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the Amazon S3 User Guide type: string x-kubernetes-validations: - message: Value is immutable once set rule: self == oldSelf notification: description: |- A container for specifying the notification configuration of the bucket. If this element is empty, notifications are turned off for the bucket. properties: lambdaFunctionConfigurations: items: description: A container for specifying the configuration for Lambda notifications. properties: events: items: type: string type: array filter: description: |- Specifies object key name filtering rules. For information about key name filtering, see Configuring event notifications using object key name filtering (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the Amazon S3 User Guide. properties: key: description: A container for object key name prefix and suffix filtering rules. properties: filterRules: description: |- A list of containers for the key-value pair that defines the criteria for the filter rule. items: description: |- Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning. properties: name: type: string value: type: string type: object type: array type: object type: object id: description: |- An optional unique identifier for configurations in a notification configuration. If you don't provide one, Amazon S3 will assign an ID. type: string lambdaFunctionARN: type: string type: object type: array queueConfigurations: items: description: |- Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events. properties: events: items: type: string type: array filter: description: |- Specifies object key name filtering rules. For information about key name filtering, see Configuring event notifications using object key name filtering (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the Amazon S3 User Guide. properties: key: description: A container for object key name prefix and suffix filtering rules. properties: filterRules: description: |- A list of containers for the key-value pair that defines the criteria for the filter rule. items: description: |- Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning. properties: name: type: string value: type: string type: object type: array type: object type: object id: description: |- An optional unique identifier for configurations in a notification configuration. If you don't provide one, Amazon S3 will assign an ID. type: string queueARN: type: string type: object type: array topicConfigurations: items: description: |- A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events. properties: events: items: type: string type: array filter: description: |- Specifies object key name filtering rules. For information about key name filtering, see Configuring event notifications using object key name filtering (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the Amazon S3 User Guide. properties: key: description: A container for object key name prefix and suffix filtering rules. properties: filterRules: description: |- A list of containers for the key-value pair that defines the criteria for the filter rule. items: description: |- Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning. properties: name: type: string value: type: string type: object type: array type: object type: object id: description: |- An optional unique identifier for configurations in a notification configuration. If you don't provide one, Amazon S3 will assign an ID. type: string topicARN: type: string type: object type: array type: object objectLockEnabledForBucket: description: |- Specifies whether you want S3 Object Lock to be enabled for the new bucket. This functionality is not supported for directory buckets. type: boolean objectOwnership: type: string ownershipControls: description: |- The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter) that you want to apply to this Amazon S3 bucket. properties: rules: items: description: The container element for an ownership control rule. properties: objectOwnership: description: |- The container element for object ownership for a bucket's ownership controls. BucketOwnerPreferred - Objects uploaded to the bucket change ownership to the bucket owner if the objects are uploaded with the bucket-owner-full-control canned ACL. ObjectWriter - The uploading account will own the object if the object is uploaded with the bucket-owner-full-control canned ACL. BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer affect permissions. The bucket owner automatically owns and has full control over every object in the bucket. The bucket only accepts PUT requests that don't specify an ACL or specify bucket owner full control ACLs (such as the predefined bucket-owner-full-control canned ACL or a custom ACL in XML format that grants the same permissions). By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. We recommend keeping ACLs disabled, except in uncommon use cases where you must control access for each object individually. For more information about S3 Object Ownership, see Controlling ownership of objects and disabling ACLs for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the Amazon S3 User Guide. This functionality is not supported for directory buckets. Directory buckets use the bucket owner enforced setting for S3 Object Ownership. type: string type: object type: array type: object policy: description: |- The bucket policy as a JSON document. For directory buckets, the only IAM action supported in the bucket policy is s3express:CreateSession. type: string publicAccessBlock: description: |- The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the Amazon S3 User Guide. properties: blockPublicACLs: type: boolean blockPublicPolicy: type: boolean ignorePublicACLs: type: boolean restrictPublicBuckets: type: boolean type: object replication: description: |- A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB. properties: role: type: string rules: items: description: Specifies which Amazon S3 objects to replicate and where to store the replicas. properties: deleteMarkerReplication: description: |- Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). For more information about delete marker replication, see Basic Rule Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations). properties: status: type: string type: object destination: description: |- Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC). properties: accessControlTranslation: description: A container for information about access control for replicas. properties: owner: type: string type: object account: type: string bucket: type: string encryptionConfiguration: description: |- Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects. If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. properties: replicaKMSKeyID: type: string type: object metrics: description: |- A container specifying replication metrics-related settings enabling replication metrics and events. properties: eventThreshold: description: |- A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics EventThreshold. properties: minutes: format: int64 type: integer type: object status: type: string type: object replicationTime: description: |- A container specifying S3 Replication Time Control (S3 RTC) related information, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block. properties: status: type: string time: description: |- A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics EventThreshold. properties: minutes: format: int64 type: integer type: object type: object storageClass: type: string type: object existingObjectReplication: description: |- Optional configuration to replicate existing source bucket objects. This parameter is no longer supported. To replicate existing objects, see Replicating existing objects with S3 Batch Replication (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-batch.html) in the Amazon S3 User Guide. properties: status: type: string type: object filter: description: |- A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, Tag, or an And child element. properties: and: description: |- A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example: * If you specify both a Prefix and a Tag filter, wrap these filters in an And tag. * If you specify a filter based on multiple tags, wrap the Tag elements in an And tag. properties: prefix: type: string tags: items: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: array type: object prefix: type: string tag: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: object id: type: string prefix: type: string priority: format: int64 type: integer sourceSelectionCriteria: description: |- A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. Currently, Amazon S3 supports only the filter that you can specify for objects created with server-side encryption using a customer managed key stored in Amazon Web Services Key Management Service (SSE-KMS). properties: replicaModifications: description: |- A filter that you can specify for selection for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when Filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas. If you don't specify the Filter element, Amazon S3 assumes that the replication configuration is the earlier version, V1. In the earlier version, this element is not allowed. properties: status: type: string type: object sseKMSEncryptedObjects: description: |- A container for filter information for the selection of S3 objects encrypted with Amazon Web Services KMS. properties: status: type: string type: object type: object status: type: string type: object type: array type: object requestPayment: description: Container for Payer. properties: payer: type: string type: object tagging: description: Container for the TagSet and Tag elements. properties: tagSet: items: description: A container of a key value name pair. properties: key: type: string value: type: string type: object type: array type: object versioning: description: Container for setting the versioning state. properties: status: type: string type: object website: description: Container for the request. properties: errorDocument: description: The error information. properties: key: type: string type: object indexDocument: description: Container for the Suffix element. properties: suffix: type: string type: object redirectAllRequestsTo: description: |- Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket. properties: hostName: type: string protocol: type: string type: object routingRules: items: description: |- Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see Configuring advanced conditional redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the Amazon S3 User Guide. properties: condition: description: |- A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error. properties: httpErrorCodeReturnedEquals: type: string keyPrefixEquals: type: string type: object redirect: description: |- Specifies how requests are redirected. In the event of an error, you can specify a different error code to return. properties: hostName: type: string httpRedirectCode: type: string protocol: type: string replaceKeyPrefixWith: type: string replaceKeyWith: type: string type: object type: object type: array type: object required: - name type: object status: description: BucketStatus defines the observed state of Bucket properties: ackResourceMetadata: description: |- All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource properties: arn: description: |- ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an "adopted" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. https://github.com/aws/aws-controllers-k8s/issues/270 type: string ownerAccountID: description: |- OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. type: string region: description: Region is the AWS region in which the resource exists or will exist. type: string required: - ownerAccountID - region type: object conditions: description: |- All CRs managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource items: description: |- Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. format: date-time type: string message: description: A human readable message indicating details about the transition. type: string reason: description: The reason for the condition's last transition. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: description: Type is the type of the Condition type: string required: - status - type type: object type: array location: description: A forward slash followed by the name of the bucket. type: string type: object type: object served: true storage: true subresources: status: {}