Class: AWSCDK::S3Express::CfnDirectoryBucket::ServerSideEncryptionRuleProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
s3_express/cfn_directory_bucket.rb

Overview

Specifies the default server-side encryption configuration.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(bucket_key_enabled: nil, server_side_encryption_by_default: nil) ⇒ ServerSideEncryptionRuleProperty

Returns a new instance of ServerSideEncryptionRuleProperty.

Parameters:



1166
1167
1168
1169
1170
1171
# File 's3_express/cfn_directory_bucket.rb', line 1166

def initialize(bucket_key_enabled: nil, server_side_encryption_by_default: nil)
  @bucket_key_enabled = bucket_key_enabled
  Jsii::Type.check_type(@bucket_key_enabled, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "bucketKeyEnabled") unless @bucket_key_enabled.nil?
  @server_side_encryption_by_default = server_side_encryption_by_default.is_a?(Hash) ? ::AWSCDK::S3Express::CfnDirectoryBucket::ServerSideEncryptionByDefaultProperty.new(**server_side_encryption_by_default.transform_keys(&:to_sym)) : server_side_encryption_by_default
  Jsii::Type.check_type(@server_side_encryption_by_default, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zM2V4cHJlc3MuQ2ZuRGlyZWN0b3J5QnVja2V0LlNlcnZlclNpZGVFbmNyeXB0aW9uQnlEZWZhdWx0UHJvcGVydHkifV19fQ==")), "serverSideEncryptionByDefault") unless @server_side_encryption_by_default.nil?
end

Instance Attribute Details

#bucket_key_enabledBoolean, ... (readonly)

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket.

S3 Bucket Keys are always enabled for GET and PUT operations on a directory bucket and can’t be disabled. It's only allowed to set the BucketKeyEnabled element to true .

S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject , UploadPartCopy , the Copy operation in Batch Operations , or the import jobs . In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object.

For more information, see Amazon S3 Bucket Keys in the Amazon S3 User Guide .



1183
1184
1185
# File 's3_express/cfn_directory_bucket.rb', line 1183

def bucket_key_enabled
  @bucket_key_enabled
end

#server_side_encryption_by_defaultAWSCDK::IResolvable, ... (readonly)

Specifies the default server-side encryption to apply to new objects in the bucket.

If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.



1190
1191
1192
# File 's3_express/cfn_directory_bucket.rb', line 1190

def server_side_encryption_by_default
  @server_side_encryption_by_default
end

Class Method Details

.jsii_propertiesObject



1192
1193
1194
1195
1196
1197
# File 's3_express/cfn_directory_bucket.rb', line 1192

def self.jsii_properties
  {
    :bucket_key_enabled => "bucketKeyEnabled",
    :server_side_encryption_by_default => "serverSideEncryptionByDefault",
  }
end

Instance Method Details

#to_jsiiObject



1199
1200
1201
1202
1203
1204
1205
1206
# File 's3_express/cfn_directory_bucket.rb', line 1199

def to_jsii
  result = {}
  result.merge!({
    "bucketKeyEnabled" => @bucket_key_enabled,
    "serverSideEncryptionByDefault" => @server_side_encryption_by_default,
  })
  result.compact
end