S3
Checks the contents of a S3 bucket for size, age and count.
See Folder for a full description.
Note
This check looks at the contents of an S3 bucket, to verify that an S3 compatible object storage endpoint is functioning correctly use S3 Protocol
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: folder-check
spec:
interval: 30
folder:
- path: s3://some-bucket/folder
name: folder-check-min
description: Checks if there are at least 10 files in the folder
minCount: 10
Field | Description | Scheme | Required |
---|---|---|---|
name |
Name of the check | string | Yes |
path |
A path to a S3 bucket and folder e.g. s3://bucket/folder |
string | Yes |
awsConnection |
AWS Access credentials | AWSConnection | |
* |
All other fields available in the folder check | Folder |
Connecting to AWS
There are 3 options when connecting to AWS:
- An AWS instance profile or pod identity (the default if no
connection
oraccessKey
is specified) -
connection
, this is the recommended method, connections are reusable and secureaws-connection.yamlapiVersion: canaries.flanksource.com/v1 kind: Canary metadata: name: aws-config-rule spec: interval: 30 folder: - path: s3://some-bucket/folder awsConnection: connection: connection://aws/s3 name: folder-check-min minCount: 10 description: Checks if there are at least 10 files in the folder
-
accessKey
andsecretKey
EnvVar with the credentials stored in a secret.``yaml title="aws.yaml" apiVersion: canaries.flanksource.com/v1 kind: Canary metadata: name: s3-bucket spec: interval: 30 folder: - path: s3://some-bucket/folder name: folder-check-min minCount: 10 description: Checks if there are at least 10 files in the folder awsConnection: accessKey: valueFrom: secretKeyRef: name: aws-credentials key: AWS_ACCESS_KEY_ID secretKey: valueFrom: secretKeyRef: name: aws-credentials key: AWS_SECRET_ACCESS_KEY region: us-east-1AWS connection fields | Field | Description | Scheme | Required | | --------------- | ------------------------------------------------------------ | ------------------------------------------------- | -------- | |
connection| Path of existing connection e.g.
connection://aws/instance. Mutually exclusive with
accessKeyand
secretKey| [Connection](../concepts/connections) | | |
accessKey| Mutually exclusive with
connection| [*EnvVar*](../../concepts/authentication/#envvar) | Yes | |
secretKey| Mutually exclusive with
connection| [*EnvVar*](../../concepts/authentication/#envvar) | Yes | |
endpoint| Custom AWS endpoint | *string* | | |
region| AWS region | *string* | | |
skipTLSVerify` | Skip TLS verify when connecting to aws | bool | |