New in version 2.0.
Manage s3 bucket lifecycle rules in AWS
- boto
- python >= 2.6
- python-dateutil
parameter | required | default | choices | comments |
---|---|---|---|---|
aws_access_key |
no | AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used. aliases: ec2_access_key, access_key | ||
aws_secret_key |
no | AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used. aliases: ec2_secret_key, secret_key | ||
ec2_url |
no | Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used. | ||
expiration_date |
no | Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. | ||
expiration_days |
no | Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer. | ||
name |
yes | Name of the s3 bucket | ||
prefix |
no | Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket. | ||
profile (added in 1.6) |
no | uses a boto profile. Only works with boto >= 2.24.0 | ||
region |
no | The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region aliases: aws_region, ec2_region | ||
rule_id |
no | Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided. | ||
security_token (added in 1.6) |
no | AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used. aliases: access_token | ||
state |
no | present |
|
Create or remove the lifecycle rule |
status |
no | enabled |
|
If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied. |
storage_class |
no | glacier |
|
The storage class to transition to. Currently there is only one valid value - 'glacier'. |
transition_date |
no | Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required. | ||
transition_days |
no | Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required. | ||
validate_certs (added in 1.5) |
no | yes |
|
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0. |
# Note: These examples do not set authentication details, see the AWS Guide for details. # Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days - s3_lifecycle: name: mybucket expiration_days: 30 prefix: /logs/ status: enabled state: present # Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days - s3_lifecycle: name: mybucket transition_days: 7 expiration_days: 90 prefix: /logs/ status: enabled state: present # Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. Note that midnight GMT must be specified. # Be sure to quote your date strings - s3_lifecycle: name: mybucket transition_date: "2020-12-30T00:00:00.000Z" expiration_date: "2030-12-30T00:00:00.000Z" prefix: /logs/ status: enabled state: present # Disable the rule created above - s3_lifecycle: name: mybucket prefix: /logs/ status: disabled state: present # Delete the lifecycle rule created above - s3_lifecycle: name: mybucket prefix: /logs/ state: absent
Note
If specifying expiration time as days then transition time must also be specified in days
Note
If specifying expiration time as a date then transition time must also be specified as a date
Note
If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence AWS_URL
or EC2_URL
, AWS_ACCESS_KEY_ID
or AWS_ACCESS_KEY
or EC2_ACCESS_KEY
, AWS_SECRET_ACCESS_KEY
or AWS_SECRET_KEY
or EC2_SECRET_KEY
, AWS_SECURITY_TOKEN
or EC2_SECURITY_TOKEN
, AWS_REGION
or EC2_REGION
Note
Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See http://boto.readthedocs.org/en/latest/boto_config_tut.html
Note
AWS_REGION
or EC2_REGION
can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
For more information on what this means please read Extras Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.