https://pulumi.com logo
Powered by
#aws
Title
# aws
b

bored-table-20691

02/01/2022, 12:01 AM
In looking at the S3 console and docs, it seems that there’s a way to define a lifecycle policy that deletes all non-current versions of an object older than N day, but keeping at least K non-current versions. I can’t seem to find a way to do this in Pulumi though - am I missing something?
Looks like there is a Terraform issue open for it: https://github.com/hashicorp/terraform-provider-aws/issues/22561
l

little-cartoon-10569

02/01/2022, 8:04 PM
Doesn't look like the cloud control API has it yet, I can't see it in AWS Native.
b

bored-table-20691

02/01/2022, 8:06 PM
That one doesn’t even have a way to control the current version vs non-current version at all.
l

little-cartoon-10569

02/01/2022, 8:09 PM
If you want versioning, just set the 
versioning
property to 
true
on the bucket. Then you can use 
lifecycleRules
to control the lifecycle. https://www.pulumi.com/registry/packages/aws/api-docs/s3/bucket/#versioning_nodejs https://www.pulumi.com/registry/packages/aws/api-docs/s3/bucket/#lifecyclerules_nodejs
b

bored-table-20691

02/01/2022, 8:11 PM
@little-cartoon-10569 I don’t think this resolves the original question. We have versioning enabled on the bucket (using Pulumi) and lifecycle rules (using Pulumi), but it looks like this specific capability (of being able to control the expiration date of non-current objects and set a minimum number of non-current versions to keep) is available in either Terraform or Pulumi. I can express this lifecycle policy in the AWS console (or API), just not in IAC at the moment.
l

little-cartoon-10569

02/01/2022, 8:11 PM
This is my default setup:
Copy code
lifecycleRules: [{
        enabled: true,
        noncurrentVersionExpiration: {
          days: 364,
        },
        noncurrentVersionTransitions: [
        {
          days: 29,
          storageClass: "GLACIER"
        }
      ]
      }
Ah, I missed that a minimum number of versions was required. Sorry.
b

bored-table-20691

02/01/2022, 8:12 PM
All good 🙂 We have a similar policy to yours:
Copy code
&s3.BucketLifecycleRuleArgs{
				Enabled: pulumi.Bool(true),
				Id:      pulumi.String("audit"),
				Prefix:  pulumi.String(fmt.Sprintf("%s/", tenant.TENANT_AUDIT_LOGS_PREFIX)),
				NoncurrentVersionExpiration: &s3.BucketLifecycleRuleNoncurrentVersionExpirationArgs{
					Days: <http://pulumi.Int|pulumi.Int>(1),
				},
			},
I just want to say “delete all non-current versions after a day, but keep 1 non-current version around”.
I’ll wait for the Terraform PR to be merged and will then open a ticket on 
pulumi-aws
to get it there - appreciate the notes!
l

little-cartoon-10569

02/01/2022, 8:17 PM
If it's important in the short term, it should be feasible to use the AWS SDK to update the lifecycle rules after the Pulumi program finishes..
b

bored-table-20691

02/01/2022, 8:18 PM
I can handle it for now, so it’s OK. The main issue with that approach is that I now need to have something else besides Pulumi (or use the automation API), which I’m trying to avoid. But it’s a good suggestion overall, so thank you.
5 Views
Powered by