Hierarchy

  • Omit<BucketProps, "removalPolicy">
  • AppIdentity
    • GuS3BucketProps

Properties

accessControl?: BucketAccessControl

Specifies a canned ACL that grants predefined permissions to the bucket.

Default

BucketAccessControl.PRIVATE

app: string
autoDeleteObjects?: boolean

Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.

Requires the removalPolicy to be set to RemovalPolicy.DESTROY.

Warning if you have deployed a bucket with autoDeleteObjects: true, switching this to false in a CDK version before 1.126.0 will lead to all objects in the bucket being deleted. Be sure to update your bucket resources by deploying with CDK version 1.126.0 or later before switching this value to false.

Default

false

blockPublicAccess?: BlockPublicAccess

The block public access configuration of this bucket.

See

https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html

Default

  • CloudFormation defaults will apply. New buckets and objects don't allow public access, but users can modify bucket policies or object permissions to allow public access
bucketKeyEnabled?: boolean

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket.

Only relevant, when Encryption is set to BucketEncryption.KMS

Default

  • false
bucketName?: string

Physical name of this bucket.

Default

  • Assigned by CloudFormation (recommended).
cors?: CorsRule[]

The CORS configuration of this bucket.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html

Default

  • No CORS configuration.
encryption?: BucketEncryption

The kind of server-side encryption to apply to this bucket.

If you choose KMS, you can specify a KMS key via encryptionKey. If encryption key is not specified, a key will automatically be created.

Default

  • Kms if encryptionKey is specified, or Unencrypted otherwise.
encryptionKey?: IKey

External KMS key to use for bucket encryption.

The 'encryption' property must be either not specified or set to "Kms". An error will be emitted if encryption is set to "Unencrypted" or "Managed".

Default

  • If encryption is set to "Kms" and this property is undefined, a new KMS key will be created and associated with this bucket.
enforceSSL?: boolean

Enforces SSL for requests. S3.5 of the AWS Foundational Security Best Practices Regarding S3.

See

https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-ssl-requests-only.html

Default

false

eventBridgeEnabled?: boolean

Whether this bucket should send notifications to Amazon EventBridge or not.

Default

false

intelligentTieringConfigurations?: IntelligentTieringConfiguration[]

Inteligent Tiering Configurations

See

https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering.html

Default

No Intelligent Tiiering Configurations.

inventories?: Inventory[]

The inventory configuration of the bucket.

See

https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html

Default

  • No inventory configuration
lifecycleRules?: LifecycleRule[]

Rules that define how Amazon S3 manages objects during their lifetime.

Default

  • No lifecycle rules.
metrics?: BucketMetrics[]

The metrics configuration of this bucket.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-metricsconfiguration.html

Default

  • No metrics configuration.
notificationsHandlerRole?: IRole

The role to be used by the notifications handler

Default

  • a new role will be created.
objectOwnership?: ObjectOwnership

The objectOwnership of the bucket.

See

https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html

Default

  • No ObjectOwnership configuration, uploading account will own the object.
publicReadAccess?: boolean

Grants public read access to all objects in the bucket. Similar to calling bucket.grantPublicAccess()

Default

false

serverAccessLogsBucket?: IBucket

Destination bucket for the server access logs.

Default

  • If "serverAccessLogsPrefix" undefined - access logs disabled, otherwise - log to current bucket.
serverAccessLogsPrefix?: string

Optional log file prefix to use for the bucket's access logs. If defined without "serverAccessLogsBucket", enables access logs to current bucket with this prefix.

Default

  • No log file prefix
transferAcceleration?: boolean

Whether this bucket should have transfer acceleration turned on or not.

Default

false

versioned?: boolean

Whether this bucket should have versioning turned on or not.

Default

false

websiteErrorDocument?: string

The name of the error document (e.g. "404.html") for the website. websiteIndexDocument must also be set if this is set.

Default

  • No error document.
websiteIndexDocument?: string

The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket.

Default

  • No index document.
websiteRedirect?: RedirectTarget

Specifies the redirect behavior of all requests to a website endpoint of a bucket.

If you specify this property, you can't specify "websiteIndexDocument", "websiteErrorDocument" nor , "websiteRoutingRules".

Default

  • No redirection.
websiteRoutingRules?: RoutingRule[]

Rules that define when a redirect is applied and the redirect behavior

Default

  • No redirection rules.

Generated using TypeDoc