Optional Readonly accessBucketAccessControl.PRIVATE
Optional Readonly autoWhether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.
Requires the removalPolicy to be set to RemovalPolicy.DESTROY.
Warning if you have deployed a bucket with autoDeleteObjects: true,
switching this to false in a CDK version before 1.126.0 will lead to
all objects in the bucket being deleted. Be sure to update your bucket resources
by deploying with CDK version 1.126.0 or later before switching this value to false.
false
Optional Readonly blockThe block public access configuration of this bucket.
https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html
- CloudFormation defaults will apply. New buckets and objects don't allow public access, but users can modify bucket policies or object permissions to allow public access
Optional Readonly bucketWhether Amazon S3 should use its own intermediary key to generate data keys.
Only relevant when using KMS for encryption.
Only relevant, when Encryption is set to BucketEncryption.KMS or BucketEncryption.KMS_MANAGED.
- false
Optional Readonly bucketPhysical name of this bucket.
- Assigned by CloudFormation (recommended).
Optional Readonly corsThe CORS configuration of this bucket.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html
- No CORS configuration.
Optional Readonly encryptionThe kind of server-side encryption to apply to this bucket.
If you choose KMS, you can specify a KMS key via encryptionKey. If
encryption key is not specified, a key will automatically be created.
KMS if encryptionKey is specified, or UNENCRYPTED otherwise.
But if UNENCRYPTED is specified, the bucket will be encrypted as S3_MANAGED automatically.Optional Readonly encryptionExternal KMS key to use for bucket encryption.
The encryption property must be either not specified or set to KMS or DSSE.
An error will be emitted if encryption is set to UNENCRYPTED or S3_MANAGED.
encryption is set to KMS and this property is undefined,
a new KMS key will be created and associated with this bucket.Optional Readonly enforceSSLEnforces SSL for requests. S3.5 of the AWS Foundational Security Best Practices Regarding S3.
Optional Readonly eventWhether this bucket should send notifications to Amazon EventBridge or not.
false
Optional Readonly intelligentInteligent Tiering Configurations
https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering.html
No Intelligent Tiiering Configurations.
Optional Readonly inventoriesThe inventory configuration of the bucket.
https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html
- No inventory configuration
Optional Readonly lifecycleRules that define how Amazon S3 manages objects during their lifetime.
- No lifecycle rules.
Optional Readonly metricsThe metrics configuration of this bucket.
- No metrics configuration.
Optional Readonly minimumTLSVersionEnforces minimum TLS version for requests.
Requires enforceSSL to be enabled.
No minimum TLS version is enforced.
Optional Readonly notificationsThe role to be used by the notifications handler
- a new role will be created.
Optional Readonly objectThe default retention mode and rules for S3 Object Lock.
Default retention can be configured after a bucket is created if the bucket already has object lock enabled. Enabling object lock for existing buckets is not supported.
no default retention period
Optional Readonly objectEnable object lock on the bucket.
Enabling object lock for existing buckets is not supported. Object lock must be enabled when the bucket is created.
false, unless objectLockDefaultRetention is set (then, true)
Optional Readonly objectThe objectOwnership of the bucket.
https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html
- No ObjectOwnership configuration, uploading account will own the object.
Optional Readonly publicGrants public read access to all objects in the bucket.
Similar to calling bucket.grantPublicAccess()
false
Optional Readonly serverDestination bucket for the server access logs.
- If "serverAccessLogsPrefix" undefined - access logs disabled, otherwise - log to current bucket.
Optional Readonly serverOptional log file prefix to use for the bucket's access logs. If defined without "serverAccessLogsBucket", enables access logs to current bucket with this prefix.
- No log file prefix
Optional Readonly targetOptional key format for log objects.
- the default key format is: [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]
Optional Readonly transferWhether this bucket should have transfer acceleration turned on or not.
false
Optional Readonly versionedWhether this bucket should have versioning turned on or not.
false (unless object lock is enabled, then true)
Optional Readonly websiteThe name of the error document (e.g. "404.html") for the website.
websiteIndexDocument must also be set if this is set.
- No error document.
Optional Readonly websiteThe name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket.
- No index document.
Optional Readonly websiteSpecifies the redirect behavior of all requests to a website endpoint of a bucket.
If you specify this property, you can't specify "websiteIndexDocument", "websiteErrorDocument" nor , "websiteRoutingRules".
- No redirection.
Optional Readonly websiteRules that define when a redirect is applied and the redirect behavior
- No redirection rules.
Specifies a canned ACL that grants predefined permissions to the bucket.