AWS S3 Connector

Latest Dynatrace
Reference
11-min read

Review the required AWS permissions and condition keys of the AWS S3 Connector actions to ensure that you grant Dynatrace only a minimum set of permissions. For more information, see AWS documentation.

Copy object

Creates a copy of an object that is already stored in Amazon S3.

For more information, see the official documentation of Copy object.

Required AWS permissions:

s3:GetObject
s3:PutObject

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The name of the destination bucket.

required

CopySource

string

Specifies the source object for the copy operation.

required

Key

string

The key of the destination object.

required

ExpectedBucketOwner

string

The account ID of the expected destination bucket owner.

optional

ExpectedSourceBucketOwner

string

The account ID of the expected source bucket owner.

optional

Output

Returns fields as described in CopyObjectCommandOutput.

Create bucket

This action creates an Amazon S3 bucket.

For more information, see the official documentation of Create bucket.

Required AWS permission: s3:CreateBucket.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The name of the bucket to create.

required

ACL

BucketCannedACL

The canned ACL to apply to the bucket.

optional

Output

Returns fields as described in CreateBucketCommandOutput.

Delete bucket

Deletes the S3 bucket.

For more information, see the official documentation of Delete bucket.

Required AWS permission: s3:DeleteBucket.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

Specifies the bucket being deleted.

required

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

Output

Returns fields as described in DeleteBucketCommandOutput.

Delete object

Removes an object from a bucket.

For more information, see the official documentation of Delete object.

Required AWS permission: s3:DeleteObject.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The bucket name of the bucket containing the object.

required

Key

string

Key name of the object to delete.

required

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

VersionId

string

Version ID used to reference a specific version of the object.

optional

Output

Returns fields as described in DeleteObjectCommandOutput.

Get bucket encryption

Returns the default encryption configuration for an Amazon S3 bucket.

For more information, see the official documentation of Get bucket encryption.

Required AWS permission: s3:GetEncryptionConfiguration.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The name of the bucket from which the server-side encryption configuration is retrieved.

required

Output

Returns fields as described in GetBucketEncryptionCommandOutput.

Get bucket logging

This operation is not supported for directory buckets.

For more information, see the official documentation of Get bucket logging.

Required AWS permission: s3:GetBucketLogging.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The bucket name for which to get the logging information.

required

Output

Returns fields as described in GetBucketLoggingCommandOutput.

Get object attributes

Retrieves all the metadata from an object without returning the object itself.

For more information, see the official documentation of Get object attributes.

Required AWS permission: s3:GetObjectAttributes.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The name of the bucket that contains the object.

required

Key

string

The object key.

required

ObjectAttributes

ObjectAttributes[]

Specifies the fields at the root level that you want returned in the response.

required

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

MaxParts

number

Sets the maximum number of parts to return.

optional

PartNumberMarker

string

Specifies the part after which the listing should begin.

optional

VersionId

string

The version ID used to reference a specific version of the object.

optional

Output

Returns fields as described in GetObjectAttributesCommandOutput.

Get object

Retrieves an object from Amazon S3.

For more information, see the official documentation of Get object.

Required AWS permission: s3:GetObject.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The bucket name containing the object.

required

Key

string

Key of the object to get.

required

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

VersionId

string

Version ID used to reference a specific version of the object.

optional

Output

Returns fields as described in GetObjectCommandOutput.

List buckets

This operation is not supported for directory buckets.

For more information, see the official documentation of List buckets.

Required AWS permission: s3:ListAllMyBuckets.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

ContinuationToken

string

ContinuationToken indicates to Amazon S3 that the list is being continued on this bucket with a token.

optional

MaxBuckets

number

Maximum number of buckets to be returned in response.

optional

Output

Returns fields as described in ListBucketsCommandOutput.

List objects v2

Returns some or all (up to 1,000) of the objects in a bucket with each request.

For more information, see the official documentation of List objects v2.

Required AWS permission: s3:ListBucket.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

When you use this operation with a directory bucket, you need to use virtual-hosted-style requests in the format bucket-name.s3express-zone-id.region-code.amazonaws.com.

required

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

MaxKeys

number

Sets the maximum number of keys returned in the response.

optional

Prefix

string

Limits the response to keys that begin with the specified prefix.

optional

StartAfter

string

StartAfter is where you want Amazon S3 to start listing from.

optional

Output

Returns fields as described in ListObjectsV2CommandOutput.

Put bucket ACL

This operation is not supported for directory buckets.

For more information, see the official documentation of Put bucket ACL.

Required AWS permission: s3:PutBucketAcl.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The bucket to apply the ACL.

required

ACL

BucketCannedACL

The canned ACL to apply to the bucket.

optional

AccessControlPolicy

AccessControlPolicy

Contains the elements that set the ACL permissions for an object per grantee.

optional

ChecksumAlgorithm

ChecksumAlgorithm

Indicates the algorithm used to create the checksum for the request when you use the SDK.

optional

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

GrantFullControl

string

Allows grantee to read, write, read ACP, and write ACP permissions on the bucket.

optional

GrantRead

string

Allows grantee to list the objects in the bucket.

optional

GrantReadACP

string

Allows grantee to read the bucket ACL.

optional

GrantWrite

string

Allows grantee to create new objects in the bucket.

optional

GrantWriteACP

string

Allows grantee to write the ACL for the applicable bucket.

optional

Output

Returns fields as described in PutBucketAclCommandOutput.

Put bucket encryption

This operation configures default encryption and Amazon S3 Bucket Keys for an existing bucket.

For more information, see the official documentation of Put bucket encryption.

Required AWS permission: s3:PutEncryptionConfiguration.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

Specifies default encryption for a bucket using server-side encryption with different key options.

required

ServerSideEncryptionConfiguration

ServerSideEncryptionConfiguration

Specifies the default server-side-encryption configuration.

required

ChecksumAlgorithm

ChecksumAlgorithm

Indicates the algorithm used to create the checksum for the request when you use the SDK.

optional

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

Output

Returns fields as described in PutBucketEncryptionCommandOutput.

Put bucket logging

This operation is not supported for directory buckets.

For more information, see the official documentation of Put bucket logging.

Required AWS permission: s3:PutBucketLogging.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The bucket name for setting the logging parameters.

required

BucketLoggingStatus

BucketLoggingStatus

Container for logging status information.

required

ChecksumAlgorithm

ChecksumAlgorithm

Indicates the algorithm used to create the checksum for the request when you use the SDK.

optional

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

Output

Returns fields as described in PutBucketLoggingCommandOutput.

Put object

Adds an object to a bucket.

For more information, see the official documentation of Put object.

Required AWS permission: s3:PutObject.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The bucket name to which the PUT action was initiated.

required

Key

string

Object key for which the PUT action was initiated.

required

Body

string

The Body parameter of the request.

optional

ACL

ObjectCannedACL

The canned ACL to be applied to the object.

optional

ContentType

string

A standard MIME type describing the format of the contents.

optional

ServerSideEncryption

ServerSideEncryption

The server-side encryption algorithm that was used when you store this object in Amazon S3.

optional

StorageClass

StorageClass

The storage class of the object.

optional

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

Output

Returns fields as described in PutObjectCommandOutput.

Put public access block

This operation is not supported for directory buckets.

For more information, see the official documentation of Put public access block.

Required AWS permission: s3:PutBucketPublicAccessBlock.

Inputs

Field

Type

Description

Required

Region

string

The region to use.

required

Bucket

string

The name of the Amazon S3 bucket whose PublicAccessBlock configuration you want to set.

required

PublicAccessBlockConfiguration

PublicAccessBlockConfiguration

The PublicAccessBlock configuration you want to apply to this Amazon S3 bucket.

required

ChecksumAlgorithm

ChecksumAlgorithm

Indicates the algorithm used to create the checksum for the object when you use the SDK.

optional

ExpectedBucketOwner

string

The account ID of the expected bucket owner.

optional

Output

Returns fields as described in PutPublicAccessBlockCommandOutput.