location_object_storages

Creates, updates, deletes or gets a location_object_storage resource or lists location_object_storages in a region

Overview

Name	`location_object_storages`
Type	Resource
Description	Resource Type definition for AWS::DataSync::LocationObjectStorage.
Id	`awscc.datasync.location_object_storages`

Fields

Name	Datatype	Description
`access_key`	`string`	Optional. The access key is used if credentials are required to access the self-managed object storage server.
`agent_arns`	`array`	Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.
`bucket_name`	`string`	The name of the bucket on the self-managed object storage server.
`secret_key`	`string`	Optional. The secret key is used if credentials are required to access the self-managed object storage server.
`server_certificate`	`string`	X.509 PEM content containing a certificate authority or chain to trust.
`server_hostname`	`string`	The name of the self-managed object storage server. This value is the IP address or Domain Name Service (DNS) name of the object storage server.
`server_port`	`integer`	The port that your self-managed server accepts inbound network traffic on.
`server_protocol`	`string`	The protocol that the object storage server uses to communicate.
`subdirectory`	`string`	The subdirectory in the self-managed object storage server that is used to read data from.
▶`tags`	`array`	An array of key-value pairs to apply to this resource.
`location_arn`	`string`	The Amazon Resource Name (ARN) of the location that is created.
`location_uri`	`string`	The URL of the object storage location that was described.
▶`cmk_secret_config`	`object`	Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
▶`custom_secret_config`	`object`	Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
▶`managed_secret_config`	`object`	Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager.
`region`	`string`	AWS region.

For more information, see AWS::DataSync::LocationObjectStorage.

Methods

Name	Accessible by	Required Params
`create_resource`	`INSERT`	`region`
`delete_resource`	`DELETE`	`data__Identifier, region`
`update_resource`	`UPDATE`	`data__Identifier, data__PatchDocument, region`
`list_resources`	`SELECT`	`region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` examples

Gets all properties from an individual location_object_storage.

SELECT
region,
access_key,
agent_arns,
bucket_name,
secret_key,
server_certificate,
server_hostname,
server_port,
server_protocol,
subdirectory,
tags,
location_arn,
location_uri,
cmk_secret_config,
custom_secret_config,
managed_secret_config
FROM awscc.datasync.location_object_storages
WHERE region = 'us-east-1' AND data__Identifier = '<LocationArn>';

`INSERT` example

Use the following StackQL query and manifest file to create a new location_object_storage resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO awscc.datasync.location_object_storages (
 AccessKey,
 AgentArns,
 BucketName,
 SecretKey,
 ServerCertificate,
 ServerHostname,
 ServerPort,
 ServerProtocol,
 Subdirectory,
 Tags,
 CmkSecretConfig,
 CustomSecretConfig,
 region
)
SELECT 
'{{ AccessKey }}',
 '{{ AgentArns }}',
 '{{ BucketName }}',
 '{{ SecretKey }}',
 '{{ ServerCertificate }}',
 '{{ ServerHostname }}',
 '{{ ServerPort }}',
 '{{ ServerProtocol }}',
 '{{ Subdirectory }}',
 '{{ Tags }}',
 '{{ CmkSecretConfig }}',
 '{{ CustomSecretConfig }}',
'{{ region }}';

/*+ create */
INSERT INTO awscc.datasync.location_object_storages (
 AccessKey,
 AgentArns,
 BucketName,
 SecretKey,
 ServerCertificate,
 ServerHostname,
 ServerPort,
 ServerProtocol,
 Subdirectory,
 Tags,
 CmkSecretConfig,
 CustomSecretConfig,
 region
)
SELECT 
 '{{ AccessKey }}',
 '{{ AgentArns }}',
 '{{ BucketName }}',
 '{{ SecretKey }}',
 '{{ ServerCertificate }}',
 '{{ ServerHostname }}',
 '{{ ServerPort }}',
 '{{ ServerProtocol }}',
 '{{ Subdirectory }}',
 '{{ Tags }}',
 '{{ CmkSecretConfig }}',
 '{{ CustomSecretConfig }}',
 '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: location_object_storage
    props:
      - name: AccessKey
        value: '{{ AccessKey }}'
      - name: AgentArns
        value:
          - '{{ AgentArns[0] }}'
      - name: BucketName
        value: '{{ BucketName }}'
      - name: SecretKey
        value: '{{ SecretKey }}'
      - name: ServerCertificate
        value: '{{ ServerCertificate }}'
      - name: ServerHostname
        value: '{{ ServerHostname }}'
      - name: ServerPort
        value: '{{ ServerPort }}'
      - name: ServerProtocol
        value: '{{ ServerProtocol }}'
      - name: Subdirectory
        value: '{{ Subdirectory }}'
      - name: Tags
        value:
          - Key: '{{ Key }}'
            Value: '{{ Value }}'
      - name: CmkSecretConfig
        value:
          SecretArn: '{{ SecretArn }}'
          KmsKeyArn: '{{ KmsKeyArn }}'
      - name: CustomSecretConfig
        value:
          SecretArn: '{{ SecretArn }}'
          SecretAccessRoleArn: '{{ SecretAccessRoleArn }}'

`DELETE` example

/*+ delete */
DELETE FROM awscc.datasync.location_object_storages
WHERE data__Identifier = '<LocationArn>'
AND region = 'us-east-1';

Permissions

To operate on the location_object_storages resource, the following permissions are required:

Create

datasync:CreateLocationObjectStorage,
datasync:DescribeLocationObjectStorage,
datasync:ListTagsForResource,
datasync:TagResource,
secretsmanager:CreateSecret,
secretsmanager:PutSecretValue,
secretsmanager:DeleteSecret,
iam:CreateServiceLinkedRole,
iam:PassRole,
kms:Encrypt,
kms:Decrypt,
kms:GenerateDataKey

Read

datasync:DescribeLocationObjectStorage,
datasync:ListTagsForResource

Update

datasync:DescribeLocationObjectStorage,
datasync:ListTagsForResource,
datasync:TagResource,
datasync:UntagResource,
datasync:UpdateLocationObjectStorage,
secretsmanager:UpdateSecret,
secretsmanager:DeleteSecret,
secretsmanager:PutSecretValue,
secretsmanager:CreateSecret,
iam:CreateServiceLinkedRole,
iam:PassRole,
kms:Encrypt,
kms:Decrypt,
kms:GenerateDataKey

Delete

datasync:DeleteLocation,
secretsmanager:DeleteSecret

List

datasync:ListLocations

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

DELETE example​

Permissions​

Create​

Read​

Update​

Delete​

List​