Class: AWSCDK::S3::BucketProps
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::S3::BucketProps
- Defined in:
- s3/bucket_props.rb
Instance Attribute Summary collapse
-
#abac_status ⇒ Boolean?
readonly
Enables Amazon S3 to evaluate the ABAC policy in the request.
-
#access_control ⇒ AWSCDK::S3::BucketAccessControl?
readonly
Specifies a canned ACL that grants predefined permissions to the bucket.
-
#auto_delete_objects ⇒ Boolean?
readonly
Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.
-
#block_public_access ⇒ AWSCDK::S3::BlockPublicAccess?
readonly
The block public access configuration of this bucket.
-
#blocked_encryption_types ⇒ Array<AWSCDK::S3::BlockedEncryptionType>?
readonly
Encryption types that should be blocked for this bucket.
-
#bucket_key_enabled ⇒ Boolean?
readonly
Whether Amazon S3 should use its own intermediary key to generate data keys.
-
#bucket_name ⇒ String?
readonly
Physical name of this bucket.
-
#bucket_name_prefix ⇒ String?
readonly
A prefix for the bucket name in the account-regional namespace.
-
#bucket_namespace ⇒ AWSCDK::S3::BucketNamespace?
readonly
The namespace for the bucket name.
-
#cors ⇒ Array<AWSCDK::S3::CorsRule>?
readonly
The CORS configuration of this bucket.
-
#encryption ⇒ AWSCDK::S3::BucketEncryption?
readonly
The kind of server-side encryption to apply to this bucket.
-
#encryption_key ⇒ AWSCDK::KMS::IKey?
readonly
External KMS key to use for bucket encryption.
-
#enforce_ssl ⇒ Boolean?
readonly
Enforces SSL for requests.
-
#event_bridge_enabled ⇒ Boolean?
readonly
Whether this bucket should send notifications to Amazon EventBridge or not.
-
#intelligent_tiering_configurations ⇒ Array<AWSCDK::S3::IntelligentTieringConfiguration>?
readonly
Intelligent Tiering Configurations.
-
#inventories ⇒ Array<AWSCDK::S3::Inventory>?
readonly
The inventory configuration of the bucket.
-
#lifecycle_rules ⇒ Array<AWSCDK::S3::LifecycleRule>?
readonly
Rules that define how Amazon S3 manages objects during their lifetime.
-
#metrics ⇒ Array<AWSCDK::S3::BucketMetrics>?
readonly
The metrics configuration of this bucket.
-
#minimum_tls_version ⇒ Numeric?
readonly
Enforces minimum TLS version for requests.
-
#notifications_handler_role ⇒ AWSCDK::IAM::IRole?
readonly
The role to be used by the notifications handler.
-
#notifications_skip_destination_validation ⇒ Boolean?
readonly
Skips notification validation of Amazon SQS, Amazon SNS, and Lambda destinations.
-
#object_lock_default_retention ⇒ AWSCDK::S3::ObjectLockRetention?
readonly
The default retention mode and rules for S3 Object Lock.
-
#object_lock_enabled ⇒ Boolean?
readonly
Enable object lock on the bucket.
-
#object_ownership ⇒ AWSCDK::S3::ObjectOwnership?
readonly
The objectOwnership of the bucket.
-
#public_read_access ⇒ Boolean?
readonly
Grants public read access to all objects in the bucket.
-
#removal_policy ⇒ AWSCDK::RemovalPolicy?
readonly
Policy to apply when the bucket is removed from this stack.
-
#replication_role ⇒ AWSCDK::IAM::IRole?
readonly
The role to be used by the replication.
-
#replication_rules ⇒ Array<AWSCDK::S3::ReplicationRule>?
readonly
A container for one or more replication rules.
-
#server_access_logs_bucket ⇒ AWSCDK::S3::IBucket?
readonly
Destination bucket for the server access logs.
-
#server_access_logs_prefix ⇒ String?
readonly
Optional log file prefix to use for the bucket's access logs.
-
#target_object_key_format ⇒ AWSCDK::S3::TargetObjectKeyFormat?
readonly
Optional key format for log objects.
-
#transfer_acceleration ⇒ Boolean?
readonly
Whether this bucket should have transfer acceleration turned on or not.
-
#transition_default_minimum_object_size ⇒ AWSCDK::S3::TransitionDefaultMinimumObjectSize?
readonly
Indicates which default minimum object size behavior is applied to the lifecycle configuration.
-
#versioned ⇒ Boolean?
readonly
Whether this bucket should have versioning turned on or not.
-
#website_error_document ⇒ String?
readonly
The name of the error document (e.g. "404.html") for the website.
-
#website_index_document ⇒ String?
readonly
The name of the index document (e.g. "index.html") for the website.
-
#website_redirect ⇒ AWSCDK::S3::RedirectTarget?
readonly
Specifies the redirect behavior of all requests to a website endpoint of a bucket.
-
#website_routing_rules ⇒ Array<AWSCDK::S3::RoutingRule>?
readonly
Rules that define when a redirect is applied and the redirect behavior.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(abac_status: nil, access_control: nil, auto_delete_objects: nil, blocked_encryption_types: nil, block_public_access: nil, bucket_key_enabled: nil, bucket_name: nil, bucket_name_prefix: nil, bucket_namespace: nil, cors: nil, encryption: nil, encryption_key: nil, enforce_ssl: nil, event_bridge_enabled: nil, intelligent_tiering_configurations: nil, inventories: nil, lifecycle_rules: nil, metrics: nil, minimum_tls_version: nil, notifications_handler_role: nil, notifications_skip_destination_validation: nil, object_lock_default_retention: nil, object_lock_enabled: nil, object_ownership: nil, public_read_access: nil, removal_policy: nil, replication_role: nil, replication_rules: nil, server_access_logs_bucket: nil, server_access_logs_prefix: nil, target_object_key_format: nil, transfer_acceleration: nil, transition_default_minimum_object_size: nil, versioned: nil, website_error_document: nil, website_index_document: nil, website_redirect: nil, website_routing_rules: nil) ⇒ BucketProps
constructor
A new instance of BucketProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(abac_status: nil, access_control: nil, auto_delete_objects: nil, blocked_encryption_types: nil, block_public_access: nil, bucket_key_enabled: nil, bucket_name: nil, bucket_name_prefix: nil, bucket_namespace: nil, cors: nil, encryption: nil, encryption_key: nil, enforce_ssl: nil, event_bridge_enabled: nil, intelligent_tiering_configurations: nil, inventories: nil, lifecycle_rules: nil, metrics: nil, minimum_tls_version: nil, notifications_handler_role: nil, notifications_skip_destination_validation: nil, object_lock_default_retention: nil, object_lock_enabled: nil, object_ownership: nil, public_read_access: nil, removal_policy: nil, replication_role: nil, replication_rules: nil, server_access_logs_bucket: nil, server_access_logs_prefix: nil, target_object_key_format: nil, transfer_acceleration: nil, transition_default_minimum_object_size: nil, versioned: nil, website_error_document: nil, website_index_document: nil, website_redirect: nil, website_routing_rules: nil) ⇒ BucketProps
Returns a new instance of BucketProps.
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 's3/bucket_props.rb', line 44 def initialize(abac_status: nil, access_control: nil, auto_delete_objects: nil, blocked_encryption_types: nil, block_public_access: nil, bucket_key_enabled: nil, bucket_name: nil, bucket_name_prefix: nil, bucket_namespace: nil, cors: nil, encryption: nil, encryption_key: nil, enforce_ssl: nil, event_bridge_enabled: nil, intelligent_tiering_configurations: nil, inventories: nil, lifecycle_rules: nil, metrics: nil, minimum_tls_version: nil, notifications_handler_role: nil, notifications_skip_destination_validation: nil, object_lock_default_retention: nil, object_lock_enabled: nil, object_ownership: nil, public_read_access: nil, removal_policy: nil, replication_role: nil, replication_rules: nil, server_access_logs_bucket: nil, server_access_logs_prefix: nil, target_object_key_format: nil, transfer_acceleration: nil, transition_default_minimum_object_size: nil, versioned: nil, website_error_document: nil, website_index_document: nil, website_redirect: nil, website_routing_rules: nil) @abac_status = abac_status Jsii::Type.check_type(@abac_status, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "abacStatus") unless @abac_status.nil? @access_control = access_control Jsii::Type.check_type(@access_control, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuQnVja2V0QWNjZXNzQ29udHJvbCJ9")), "accessControl") unless @access_control.nil? @auto_delete_objects = auto_delete_objects Jsii::Type.check_type(@auto_delete_objects, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "autoDeleteObjects") unless @auto_delete_objects.nil? @blocked_encryption_types = blocked_encryption_types Jsii::Type.check_type(@blocked_encryption_types, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5CbG9ja2VkRW5jcnlwdGlvblR5cGUifSwia2luZCI6ImFycmF5In19")), "blockedEncryptionTypes") unless @blocked_encryption_types.nil? @block_public_access = block_public_access Jsii::Type.check_type(@block_public_access, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuQmxvY2tQdWJsaWNBY2Nlc3MifQ==")), "blockPublicAccess") unless @block_public_access.nil? @bucket_key_enabled = bucket_key_enabled Jsii::Type.check_type(@bucket_key_enabled, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "bucketKeyEnabled") unless @bucket_key_enabled.nil? @bucket_name = bucket_name Jsii::Type.check_type(@bucket_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "bucketName") unless @bucket_name.nil? @bucket_name_prefix = bucket_name_prefix Jsii::Type.check_type(@bucket_name_prefix, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "bucketNamePrefix") unless @bucket_name_prefix.nil? @bucket_namespace = bucket_namespace Jsii::Type.check_type(@bucket_namespace, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuQnVja2V0TmFtZXNwYWNlIn0=")), "bucketNamespace") unless @bucket_namespace.nil? @cors = cors.is_a?(Array) ? cors.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::S3::CorsRule.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : cors Jsii::Type.check_type(@cors, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5Db3JzUnVsZSJ9LCJraW5kIjoiYXJyYXkifX0=")), "cors") unless @cors.nil? @encryption = encryption Jsii::Type.check_type(@encryption, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuQnVja2V0RW5jcnlwdGlvbiJ9")), "encryption") unless @encryption.nil? @encryption_key = encryption_key Jsii::Type.check_type(@encryption_key, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfa21zLklLZXkifQ==")), "encryptionKey") unless @encryption_key.nil? @enforce_ssl = enforce_ssl Jsii::Type.check_type(@enforce_ssl, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "enforceSSL") unless @enforce_ssl.nil? @event_bridge_enabled = event_bridge_enabled Jsii::Type.check_type(@event_bridge_enabled, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "eventBridgeEnabled") unless @event_bridge_enabled.nil? @intelligent_tiering_configurations = intelligent_tiering_configurations.is_a?(Array) ? intelligent_tiering_configurations.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::S3::IntelligentTieringConfiguration.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : intelligent_tiering_configurations Jsii::Type.check_type(@intelligent_tiering_configurations, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5JbnRlbGxpZ2VudFRpZXJpbmdDb25maWd1cmF0aW9uIn0sImtpbmQiOiJhcnJheSJ9fQ==")), "intelligentTieringConfigurations") unless @intelligent_tiering_configurations.nil? @inventories = inventories.is_a?(Array) ? inventories.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::S3::Inventory.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : inventories Jsii::Type.check_type(@inventories, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5JbnZlbnRvcnkifSwia2luZCI6ImFycmF5In19")), "inventories") unless @inventories.nil? @lifecycle_rules = lifecycle_rules.is_a?(Array) ? lifecycle_rules.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::S3::LifecycleRule.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : lifecycle_rules Jsii::Type.check_type(@lifecycle_rules, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5MaWZlY3ljbGVSdWxlIn0sImtpbmQiOiJhcnJheSJ9fQ==")), "lifecycleRules") unless @lifecycle_rules.nil? @metrics = metrics.is_a?(Array) ? metrics.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::S3::BucketMetrics.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : metrics Jsii::Type.check_type(@metrics, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5CdWNrZXRNZXRyaWNzIn0sImtpbmQiOiJhcnJheSJ9fQ==")), "metrics") unless @metrics.nil? @minimum_tls_version = minimum_tls_version Jsii::Type.check_type(@minimum_tls_version, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "minimumTLSVersion") unless @minimum_tls_version.nil? @notifications_handler_role = notifications_handler_role Jsii::Type.check_type(@notifications_handler_role, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklSb2xlIn0=")), "notificationsHandlerRole") unless @notifications_handler_role.nil? @notifications_skip_destination_validation = notifications_skip_destination_validation Jsii::Type.check_type(@notifications_skip_destination_validation, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "notificationsSkipDestinationValidation") unless @notifications_skip_destination_validation.nil? @object_lock_default_retention = object_lock_default_retention Jsii::Type.check_type(@object_lock_default_retention, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuT2JqZWN0TG9ja1JldGVudGlvbiJ9")), "objectLockDefaultRetention") unless @object_lock_default_retention.nil? @object_lock_enabled = object_lock_enabled Jsii::Type.check_type(@object_lock_enabled, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "objectLockEnabled") unless @object_lock_enabled.nil? @object_ownership = object_ownership Jsii::Type.check_type(@object_ownership, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuT2JqZWN0T3duZXJzaGlwIn0=")), "objectOwnership") unless @object_ownership.nil? @public_read_access = public_read_access Jsii::Type.check_type(@public_read_access, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "publicReadAccess") unless @public_read_access.nil? @removal_policy = removal_policy Jsii::Type.check_type(@removal_policy, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5SZW1vdmFsUG9saWN5In0=")), "removalPolicy") unless @removal_policy.nil? @replication_role = replication_role Jsii::Type.check_type(@replication_role, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklSb2xlIn0=")), "replicationRole") unless @replication_role.nil? @replication_rules = replication_rules.is_a?(Array) ? replication_rules.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::S3::ReplicationRule.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : replication_rules Jsii::Type.check_type(@replication_rules, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5SZXBsaWNhdGlvblJ1bGUifSwia2luZCI6ImFycmF5In19")), "replicationRules") unless @replication_rules.nil? @server_access_logs_bucket = server_access_logs_bucket Jsii::Type.check_type(@server_access_logs_bucket, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuSUJ1Y2tldCJ9")), "serverAccessLogsBucket") unless @server_access_logs_bucket.nil? @server_access_logs_prefix = server_access_logs_prefix Jsii::Type.check_type(@server_access_logs_prefix, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "serverAccessLogsPrefix") unless @server_access_logs_prefix.nil? @target_object_key_format = target_object_key_format Jsii::Type.check_type(@target_object_key_format, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuVGFyZ2V0T2JqZWN0S2V5Rm9ybWF0In0=")), "targetObjectKeyFormat") unless @target_object_key_format.nil? @transfer_acceleration = transfer_acceleration Jsii::Type.check_type(@transfer_acceleration, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "transferAcceleration") unless @transfer_acceleration.nil? @transition_default_minimum_object_size = transition_default_minimum_object_size Jsii::Type.check_type(@transition_default_minimum_object_size, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuVHJhbnNpdGlvbkRlZmF1bHRNaW5pbXVtT2JqZWN0U2l6ZSJ9")), "transitionDefaultMinimumObjectSize") unless @transition_default_minimum_object_size.nil? @versioned = versioned Jsii::Type.check_type(@versioned, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "versioned") unless @versioned.nil? @website_error_document = website_error_document Jsii::Type.check_type(@website_error_document, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "websiteErrorDocument") unless @website_error_document.nil? @website_index_document = website_index_document Jsii::Type.check_type(@website_index_document, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "websiteIndexDocument") unless @website_index_document.nil? @website_redirect = website_redirect.is_a?(Hash) ? ::AWSCDK::S3::RedirectTarget.new(**website_redirect.transform_keys(&:to_sym)) : website_redirect Jsii::Type.check_type(@website_redirect, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfczMuUmVkaXJlY3RUYXJnZXQifQ==")), "websiteRedirect") unless @website_redirect.nil? @website_routing_rules = website_routing_rules.is_a?(Array) ? website_routing_rules.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::S3::RoutingRule.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : website_routing_rules Jsii::Type.check_type(@website_routing_rules, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zMy5Sb3V0aW5nUnVsZSJ9LCJraW5kIjoiYXJyYXkifX0=")), "websiteRoutingRules") unless @website_routing_rules.nil? end |
Instance Attribute Details
#abac_status ⇒ Boolean? (readonly)
Default: - The ABAC status is not set
Enables Amazon S3 to evaluate the ABAC policy in the request.
Set to true to enable ABAC, false to explicitly disable it.
130 131 132 |
# File 's3/bucket_props.rb', line 130 def abac_status @abac_status end |
#access_control ⇒ AWSCDK::S3::BucketAccessControl? (readonly)
Default: BucketAccessControl.PRIVATE
Specifies a canned ACL that grants predefined permissions to the bucket.
135 136 137 |
# File 's3/bucket_props.rb', line 135 def access_control @access_control end |
#auto_delete_objects ⇒ Boolean? (readonly)
Default: false
Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.
Requires the removal_policy to be set to RemovalPolicy.DESTROY.
Warning if you have deployed a bucket with autoDeleteObjects: true,
switching this to false in a CDK version before 1.126.0 will lead to
all objects in the bucket being deleted. Be sure to update your bucket resources
by deploying with CDK version 1.126.0 or later before switching this value to false.
Setting auto_delete_objects to true on a bucket will add s3:PutBucketPolicy to the
bucket policy. This is because during bucket deletion, the custom resource provider
needs to update the bucket policy by adding a deny policy for s3:PutObject to
prevent race conditions with external bucket writers.
152 153 154 |
# File 's3/bucket_props.rb', line 152 def auto_delete_objects @auto_delete_objects end |
#block_public_access ⇒ AWSCDK::S3::BlockPublicAccess? (readonly)
Default: - CloudFormation defaults will apply. New buckets and objects don't allow public access, but users can modify bucket policies or object permissions to allow public access
The block public access configuration of this bucket.
166 167 168 |
# File 's3/bucket_props.rb', line 166 def block_public_access @block_public_access end |
#blocked_encryption_types ⇒ Array<AWSCDK::S3::BlockedEncryptionType>? (readonly)
Default: - Amazon S3 determines which encryption types to block.
Encryption types that should be blocked for this bucket. Use NONE to allow all encryption types.
At least one BlockedEncryptionType must be given. If NONE is given, it must be
the only BlockedEncryptionType in the list.
160 161 162 |
# File 's3/bucket_props.rb', line 160 def blocked_encryption_types @blocked_encryption_types end |
#bucket_key_enabled ⇒ Boolean? (readonly)
Default: - false
Whether Amazon S3 should use its own intermediary key to generate data keys.
Only relevant when using KMS for encryption.
- If not enabled, every object GET and PUT will cause an API call to KMS (with the attendant cost implications of that).
- If enabled, S3 will use its own time-limited key instead.
Only relevant, when Encryption is not set to BucketEncryption.UNENCRYPTED.
179 180 181 |
# File 's3/bucket_props.rb', line 179 def bucket_key_enabled @bucket_key_enabled end |
#bucket_name ⇒ String? (readonly)
Default: - Assigned by CloudFormation (recommended).
Physical name of this bucket.
Cannot be used together with bucket_name_prefix or bucket_namespace.
186 187 188 |
# File 's3/bucket_props.rb', line 186 def bucket_name @bucket_name end |
#bucket_name_prefix ⇒ String? (readonly)
Default: - No prefix.
A prefix for the bucket name in the account-regional namespace.
Requires bucket_namespace to be set to ACCOUNT_REGIONAL.
Cannot be used together with bucket_name.
CloudFormation appends -<accountId>-<region>-an to form the full name.
For example, my-app becomes my-app-123456789012-us-east-1-an.
Must contain only lowercase letters, numbers, and hyphens. Must start and end with a lowercase letter or number.
200 201 202 |
# File 's3/bucket_props.rb', line 200 def bucket_name_prefix @bucket_name_prefix end |
#bucket_namespace ⇒ AWSCDK::S3::BucketNamespace? (readonly)
Default: - Global namespace.
The namespace for the bucket name.
AWS recommends ACCOUNT_REGIONAL for improved security, as bucket names
are scoped to your account and cannot be claimed by other accounts.
When set to ACCOUNT_REGIONAL, bucket_name_prefix is required.
When set to GLOBAL, it can be used standalone to explicitly specify the default namespace.
211 212 213 |
# File 's3/bucket_props.rb', line 211 def bucket_namespace @bucket_namespace end |
#cors ⇒ Array<AWSCDK::S3::CorsRule>? (readonly)
Default: - No CORS configuration.
The CORS configuration of this bucket.
217 218 219 |
# File 's3/bucket_props.rb', line 217 def cors @cors end |
#encryption ⇒ AWSCDK::S3::BucketEncryption? (readonly)
Default: - KMS if encryptionKey is specified, or S3_MANAGED otherwise.
The kind of server-side encryption to apply to this bucket.
If you choose KMS, you can specify a KMS key via encryption_key. If
encryption key is not specified, a key will automatically be created.
225 226 227 |
# File 's3/bucket_props.rb', line 225 def encryption @encryption end |
#encryption_key ⇒ AWSCDK::KMS::IKey? (readonly)
Default: - If encryption is set to KMS and this property is undefined, a new KMS key will be created and associated with this bucket.
External KMS key to use for bucket encryption.
The encryption property must be either not specified or set to KMS or DSSE.
An error will be emitted if encryption is set to UNENCRYPTED or S3_MANAGED.
233 234 235 |
# File 's3/bucket_props.rb', line 233 def encryption_key @encryption_key end |
#enforce_ssl ⇒ Boolean? (readonly)
Default: false
Enforces SSL for requests.
S3.5 of the AWS Foundational Security Best Practices Regarding S3.
241 242 243 |
# File 's3/bucket_props.rb', line 241 def enforce_ssl @enforce_ssl end |
#event_bridge_enabled ⇒ Boolean? (readonly)
Default: false
Whether this bucket should send notifications to Amazon EventBridge or not.
246 247 248 |
# File 's3/bucket_props.rb', line 246 def event_bridge_enabled @event_bridge_enabled end |
#intelligent_tiering_configurations ⇒ Array<AWSCDK::S3::IntelligentTieringConfiguration>? (readonly)
Default: No Intelligent Tiering Configurations.
Intelligent Tiering Configurations.
252 253 254 |
# File 's3/bucket_props.rb', line 252 def intelligent_tiering_configurations @intelligent_tiering_configurations end |
#inventories ⇒ Array<AWSCDK::S3::Inventory>? (readonly)
Default: - No inventory configuration
The inventory configuration of the bucket.
258 259 260 |
# File 's3/bucket_props.rb', line 258 def inventories @inventories end |
#lifecycle_rules ⇒ Array<AWSCDK::S3::LifecycleRule>? (readonly)
Default: - No lifecycle rules.
Rules that define how Amazon S3 manages objects during their lifetime.
263 264 265 |
# File 's3/bucket_props.rb', line 263 def lifecycle_rules @lifecycle_rules end |
#metrics ⇒ Array<AWSCDK::S3::BucketMetrics>? (readonly)
Default: - No metrics configuration.
The metrics configuration of this bucket.
269 270 271 |
# File 's3/bucket_props.rb', line 269 def metrics @metrics end |
#minimum_tls_version ⇒ Numeric? (readonly)
Default: No minimum TLS version is enforced.
Enforces minimum TLS version for requests.
Requires enforce_ssl to be enabled.
277 278 279 |
# File 's3/bucket_props.rb', line 277 def minimum_tls_version @minimum_tls_version end |
#notifications_handler_role ⇒ AWSCDK::IAM::IRole? (readonly)
Default: - a new role will be created.
The role to be used by the notifications handler.
282 283 284 |
# File 's3/bucket_props.rb', line 282 def notifications_handler_role @notifications_handler_role end |
#notifications_skip_destination_validation ⇒ Boolean? (readonly)
Default: false
Skips notification validation of Amazon SQS, Amazon SNS, and Lambda destinations.
287 288 289 |
# File 's3/bucket_props.rb', line 287 def notifications_skip_destination_validation @notifications_skip_destination_validation end |
#object_lock_default_retention ⇒ AWSCDK::S3::ObjectLockRetention? (readonly)
Default: no default retention period
The default retention mode and rules for S3 Object Lock.
Default retention can be configured after a bucket is created if the bucket already has object lock enabled. Enabling object lock for existing buckets is not supported.
296 297 298 |
# File 's3/bucket_props.rb', line 296 def object_lock_default_retention @object_lock_default_retention end |
#object_lock_enabled ⇒ Boolean? (readonly)
Default: false, unless objectLockDefaultRetention is set (then, true)
Enable object lock on the bucket.
Enabling object lock for existing buckets is not supported. Object lock must be enabled when the bucket is created.
305 306 307 |
# File 's3/bucket_props.rb', line 305 def object_lock_enabled @object_lock_enabled end |
#object_ownership ⇒ AWSCDK::S3::ObjectOwnership? (readonly)
Default: - No ObjectOwnership configuration. By default, Amazon S3 sets Object Ownership to Bucket owner enforced. This means ACLs are disabled and the bucket owner will own every object.
The objectOwnership of the bucket.
311 312 313 |
# File 's3/bucket_props.rb', line 311 def object_ownership @object_ownership end |
#public_read_access ⇒ Boolean? (readonly)
Default: false
Grants public read access to all objects in the bucket.
Similar to calling bucket.grantPublicAccess()
318 319 320 |
# File 's3/bucket_props.rb', line 318 def public_read_access @public_read_access end |
#removal_policy ⇒ AWSCDK::RemovalPolicy? (readonly)
Default: - The bucket will be orphaned.
Policy to apply when the bucket is removed from this stack.
323 324 325 |
# File 's3/bucket_props.rb', line 323 def removal_policy @removal_policy end |
#replication_role ⇒ AWSCDK::IAM::IRole? (readonly)
Default: - a new role will be created.
The role to be used by the replication.
When setting this property, you must also set replication_rules.
330 331 332 |
# File 's3/bucket_props.rb', line 330 def replication_role @replication_role end |
#replication_rules ⇒ Array<AWSCDK::S3::ReplicationRule>? (readonly)
Default: - No replication
A container for one or more replication rules.
335 336 337 |
# File 's3/bucket_props.rb', line 335 def replication_rules @replication_rules end |
#server_access_logs_bucket ⇒ AWSCDK::S3::IBucket? (readonly)
Default: - If "serverAccessLogsPrefix" undefined - access logs disabled, otherwise - log to current bucket.
Destination bucket for the server access logs.
340 341 342 |
# File 's3/bucket_props.rb', line 340 def server_access_logs_bucket @server_access_logs_bucket end |
#server_access_logs_prefix ⇒ String? (readonly)
Default: - No log file prefix
Optional log file prefix to use for the bucket's access logs.
If defined without "serverAccessLogsBucket", enables access logs to current bucket with this prefix.
347 348 349 |
# File 's3/bucket_props.rb', line 347 def server_access_logs_prefix @server_access_logs_prefix end |
#target_object_key_format ⇒ AWSCDK::S3::TargetObjectKeyFormat? (readonly)
Default: - the default key format is: [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]
Optional key format for log objects.
352 353 354 |
# File 's3/bucket_props.rb', line 352 def target_object_key_format @target_object_key_format end |
#transfer_acceleration ⇒ Boolean? (readonly)
Default: false
Whether this bucket should have transfer acceleration turned on or not.
357 358 359 |
# File 's3/bucket_props.rb', line 357 def transfer_acceleration @transfer_acceleration end |
#transition_default_minimum_object_size ⇒ AWSCDK::S3::TransitionDefaultMinimumObjectSize? (readonly)
Default: - TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS before September 2024, otherwise TransitionDefaultMinimumObjectSize.ALL_STORAGE_CLASSES_128_K.
Indicates which default minimum object size behavior is applied to the lifecycle configuration.
To customize the minimum object size for any transition you can add a filter that specifies a custom
object_size_greater_than or object_size_less_than for lifecycle_rules property. Custom filters always
take precedence over the default transition behavior.
366 367 368 |
# File 's3/bucket_props.rb', line 366 def transition_default_minimum_object_size @transition_default_minimum_object_size end |
#versioned ⇒ Boolean? (readonly)
Default: false (unless object lock is enabled, then true)
Whether this bucket should have versioning turned on or not.
371 372 373 |
# File 's3/bucket_props.rb', line 371 def versioned @versioned end |
#website_error_document ⇒ String? (readonly)
Default: - No error document.
The name of the error document (e.g. "404.html") for the website. websiteIndexDocument must also be set if this is set.
376 377 378 |
# File 's3/bucket_props.rb', line 376 def website_error_document @website_error_document end |
#website_index_document ⇒ String? (readonly)
Default: - No index document.
The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket.
381 382 383 |
# File 's3/bucket_props.rb', line 381 def website_index_document @website_index_document end |
#website_redirect ⇒ AWSCDK::S3::RedirectTarget? (readonly)
Default: - No redirection.
Specifies the redirect behavior of all requests to a website endpoint of a bucket.
If you specify this property, you can't specify "websiteIndexDocument", "websiteErrorDocument" nor , "websiteRoutingRules".
388 389 390 |
# File 's3/bucket_props.rb', line 388 def website_redirect @website_redirect end |
#website_routing_rules ⇒ Array<AWSCDK::S3::RoutingRule>? (readonly)
Default: - No redirection rules.
Rules that define when a redirect is applied and the redirect behavior.
393 394 395 |
# File 's3/bucket_props.rb', line 393 def website_routing_rules @website_routing_rules end |
Class Method Details
.jsii_properties ⇒ Object
395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 |
# File 's3/bucket_props.rb', line 395 def self.jsii_properties { :abac_status => "abacStatus", :access_control => "accessControl", :auto_delete_objects => "autoDeleteObjects", :blocked_encryption_types => "blockedEncryptionTypes", :block_public_access => "blockPublicAccess", :bucket_key_enabled => "bucketKeyEnabled", :bucket_name => "bucketName", :bucket_name_prefix => "bucketNamePrefix", :bucket_namespace => "bucketNamespace", :cors => "cors", :encryption => "encryption", :encryption_key => "encryptionKey", :enforce_ssl => "enforceSSL", :event_bridge_enabled => "eventBridgeEnabled", :intelligent_tiering_configurations => "intelligentTieringConfigurations", :inventories => "inventories", :lifecycle_rules => "lifecycleRules", :metrics => "metrics", :minimum_tls_version => "minimumTLSVersion", :notifications_handler_role => "notificationsHandlerRole", :notifications_skip_destination_validation => "notificationsSkipDestinationValidation", :object_lock_default_retention => "objectLockDefaultRetention", :object_lock_enabled => "objectLockEnabled", :object_ownership => "objectOwnership", :public_read_access => "publicReadAccess", :removal_policy => "removalPolicy", :replication_role => "replicationRole", :replication_rules => "replicationRules", :server_access_logs_bucket => "serverAccessLogsBucket", :server_access_logs_prefix => "serverAccessLogsPrefix", :target_object_key_format => "targetObjectKeyFormat", :transfer_acceleration => "transferAcceleration", :transition_default_minimum_object_size => "transitionDefaultMinimumObjectSize", :versioned => "versioned", :website_error_document => "websiteErrorDocument", :website_index_document => "websiteIndexDocument", :website_redirect => "websiteRedirect", :website_routing_rules => "websiteRoutingRules", } end |
Instance Method Details
#to_jsii ⇒ Object
438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 |
# File 's3/bucket_props.rb', line 438 def to_jsii result = {} result.merge!({ "abacStatus" => @abac_status, "accessControl" => @access_control, "autoDeleteObjects" => @auto_delete_objects, "blockedEncryptionTypes" => @blocked_encryption_types, "blockPublicAccess" => @block_public_access, "bucketKeyEnabled" => @bucket_key_enabled, "bucketName" => @bucket_name, "bucketNamePrefix" => @bucket_name_prefix, "bucketNamespace" => @bucket_namespace, "cors" => @cors, "encryption" => @encryption, "encryptionKey" => @encryption_key, "enforceSSL" => @enforce_ssl, "eventBridgeEnabled" => @event_bridge_enabled, "intelligentTieringConfigurations" => @intelligent_tiering_configurations, "inventories" => @inventories, "lifecycleRules" => @lifecycle_rules, "metrics" => @metrics, "minimumTLSVersion" => @minimum_tls_version, "notificationsHandlerRole" => @notifications_handler_role, "notificationsSkipDestinationValidation" => @notifications_skip_destination_validation, "objectLockDefaultRetention" => @object_lock_default_retention, "objectLockEnabled" => @object_lock_enabled, "objectOwnership" => @object_ownership, "publicReadAccess" => @public_read_access, "removalPolicy" => @removal_policy, "replicationRole" => @replication_role, "replicationRules" => @replication_rules, "serverAccessLogsBucket" => @server_access_logs_bucket, "serverAccessLogsPrefix" => @server_access_logs_prefix, "targetObjectKeyFormat" => @target_object_key_format, "transferAcceleration" => @transfer_acceleration, "transitionDefaultMinimumObjectSize" => @transition_default_minimum_object_size, "versioned" => @versioned, "websiteErrorDocument" => @website_error_document, "websiteIndexDocument" => @website_index_document, "websiteRedirect" => @website_redirect, "websiteRoutingRules" => @website_routing_rules, }) result.compact end |