AWS S3 Connector

  • Latest Dynatrace
  • Reference
  • 11-min read

Review the required AWS permissions and condition keys of the AWS S3 Connector actions to ensure that you grant Dynatrace only a minimum set of permissions. For more information, see AWS documentation.

Copy object

Creates a copy of an object that is already stored in Amazon S3.

For more information, see the official documentation of Copy object.

Required AWS permissions:

  • s3:GetObject
  • s3:PutObject

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe name of the destination bucket.required
CopySourcestringSpecifies the source object for the copy operation.required
KeystringThe key of the destination object.required
ExpectedBucketOwnerstringThe account ID of the expected destination bucket owner.optional
ExpectedSourceBucketOwnerstringThe account ID of the expected source bucket owner.optional

Output

Returns fields as described in CopyObjectCommandOutput.

Create bucket

This action creates an Amazon S3 bucket.

For more information, see the official documentation of Create bucket.

Required AWS permission: s3:CreateBucket.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe name of the bucket to create.required
ACLBucketCannedACLThe canned ACL to apply to the bucket.optional

Output

Returns fields as described in CreateBucketCommandOutput.

Delete bucket

Deletes the S3 bucket.

For more information, see the official documentation of Delete bucket.

Required AWS permission: s3:DeleteBucket.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringSpecifies the bucket being deleted.required
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional

Output

Returns fields as described in DeleteBucketCommandOutput.

Delete object

Removes an object from a bucket.

For more information, see the official documentation of Delete object.

Required AWS permission: s3:DeleteObject.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe bucket name of the bucket containing the object.required
KeystringKey name of the object to delete.required
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional
VersionIdstringVersion ID used to reference a specific version of the object.optional

Output

Returns fields as described in DeleteObjectCommandOutput.

Get bucket encryption

Returns the default encryption configuration for an Amazon S3 bucket.

For more information, see the official documentation of Get bucket encryption.

Required AWS permission: s3:GetEncryptionConfiguration.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe name of the bucket from which the server-side encryption configuration is retrieved.required

Output

Returns fields as described in GetBucketEncryptionCommandOutput.

Get bucket logging

This operation is not supported for directory buckets.

For more information, see the official documentation of Get bucket logging.

Required AWS permission: s3:GetBucketLogging.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe bucket name for which to get the logging information.required

Output

Returns fields as described in GetBucketLoggingCommandOutput.

Get object attributes

Retrieves all the metadata from an object without returning the object itself.

For more information, see the official documentation of Get object attributes.

Required AWS permission: s3:GetObjectAttributes.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe name of the bucket that contains the object.required
KeystringThe object key.required
ObjectAttributesObjectAttributes[]Specifies the fields at the root level that you want returned in the response.required
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional
MaxPartsnumberSets the maximum number of parts to return.optional
PartNumberMarkerstringSpecifies the part after which the listing should begin.optional
VersionIdstringThe version ID used to reference a specific version of the object.optional

Output

Returns fields as described in GetObjectAttributesCommandOutput.

Get object

Retrieves an object from Amazon S3.

For more information, see the official documentation of Get object.

Required AWS permission: s3:GetObject.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe bucket name containing the object.required
KeystringKey of the object to get.required
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional
VersionIdstringVersion ID used to reference a specific version of the object.optional

Output

Returns fields as described in GetObjectCommandOutput.

List buckets

This operation is not supported for directory buckets.

For more information, see the official documentation of List buckets.

Required AWS permission: s3:ListAllMyBuckets.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
ContinuationTokenstringContinuationToken indicates to Amazon S3 that the list is being continued on this bucket with a token.optional
MaxBucketsnumberMaximum number of buckets to be returned in response.optional

Output

Returns fields as described in ListBucketsCommandOutput.

List objects v2

Returns some or all (up to 1,000) of the objects in a bucket with each request.

For more information, see the official documentation of List objects v2.

Required AWS permission: s3:ListBucket.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringWhen you use this operation with a directory bucket, you need to use virtual-hosted-style requests in the format bucket-name.s3express-zone-id.region-code.amazonaws.com.required
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional
MaxKeysnumberSets the maximum number of keys returned in the response.optional
PrefixstringLimits the response to keys that begin with the specified prefix.optional
StartAfterstringStartAfter is where you want Amazon S3 to start listing from.optional

Output

Returns fields as described in ListObjectsV2CommandOutput.

Put bucket ACL

This operation is not supported for directory buckets.

For more information, see the official documentation of Put bucket ACL.

Required AWS permission: s3:PutBucketAcl.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe bucket to apply the ACL.required
ACLBucketCannedACLThe canned ACL to apply to the bucket.optional
AccessControlPolicyAccessControlPolicyContains the elements that set the ACL permissions for an object per grantee.optional
ChecksumAlgorithmChecksumAlgorithmIndicates the algorithm used to create the checksum for the request when you use the SDK.optional
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional
GrantFullControlstringAllows grantee to read, write, read ACP, and write ACP permissions on the bucket.optional
GrantReadstringAllows grantee to list the objects in the bucket.optional
GrantReadACPstringAllows grantee to read the bucket ACL.optional
GrantWritestringAllows grantee to create new objects in the bucket.optional
GrantWriteACPstringAllows grantee to write the ACL for the applicable bucket.optional

Output

Returns fields as described in PutBucketAclCommandOutput.

Put bucket encryption

This operation configures default encryption and Amazon S3 Bucket Keys for an existing bucket.

For more information, see the official documentation of Put bucket encryption.

Required AWS permission: s3:PutEncryptionConfiguration.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringSpecifies default encryption for a bucket using server-side encryption with different key options.required
ServerSideEncryptionConfigurationServerSideEncryptionConfigurationSpecifies the default server-side-encryption configuration.required
ChecksumAlgorithmChecksumAlgorithmIndicates the algorithm used to create the checksum for the request when you use the SDK.optional
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional

Output

Returns fields as described in PutBucketEncryptionCommandOutput.

Put bucket logging

This operation is not supported for directory buckets.

For more information, see the official documentation of Put bucket logging.

Required AWS permission: s3:PutBucketLogging.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe bucket name for setting the logging parameters.required
BucketLoggingStatusBucketLoggingStatusContainer for logging status information.required
ChecksumAlgorithmChecksumAlgorithmIndicates the algorithm used to create the checksum for the request when you use the SDK.optional
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional

Output

Returns fields as described in PutBucketLoggingCommandOutput.

Put object

Adds an object to a bucket.

For more information, see the official documentation of Put object.

Required AWS permission: s3:PutObject.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe bucket name to which the PUT action was initiated.required
KeystringObject key for which the PUT action was initiated.required
BodystringThe Body parameter of the request.optional
ACLObjectCannedACLThe canned ACL to be applied to the object.optional
ContentTypestringA standard MIME type describing the format of the contents.optional
ServerSideEncryptionServerSideEncryptionThe server-side encryption algorithm that was used when you store this object in Amazon S3.optional
StorageClassStorageClassThe storage class of the object.optional
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional

Output

Returns fields as described in PutObjectCommandOutput.

Put public access block

This operation is not supported for directory buckets.

For more information, see the official documentation of Put public access block.

Required AWS permission: s3:PutBucketPublicAccessBlock.

Inputs

FieldTypeDescriptionRequired
RegionstringThe region to use.required
BucketstringThe name of the Amazon S3 bucket whose PublicAccessBlock configuration you want to set.required
PublicAccessBlockConfigurationPublicAccessBlockConfigurationThe PublicAccessBlock configuration you want to apply to this Amazon S3 bucket.required
ChecksumAlgorithmChecksumAlgorithmIndicates the algorithm used to create the checksum for the object when you use the SDK.optional
ExpectedBucketOwnerstringThe account ID of the expected bucket owner.optional

Output

Returns fields as described in PutPublicAccessBlockCommandOutput.

Related tags
Software Delivery