BucketAccessControl

class aws_cdk.aws_s3.BucketAccessControl(value)

Bases: enum.Enum

Default bucket access control types.

See

https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html

Attributes

AUTHENTICATED_READ

Owner gets FULL_CONTROL.

The AuthenticatedUsers group gets READ access.

AWS_EXEC_READ

Owner gets FULL_CONTROL.

Amazon EC2 gets READ access to GET an Amazon Machine Image (AMI) bundle from Amazon S3.

BUCKET_OWNER_FULL_CONTROL

Both the object owner and the bucket owner get FULL_CONTROL over the object.

If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.

BUCKET_OWNER_READ

Object owner gets FULL_CONTROL.

Bucket owner gets READ access. If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.

LOG_DELIVERY_WRITE

The LogDelivery group gets WRITE and READ_ACP permissions on the bucket.

See

https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html

PRIVATE

Owner gets FULL_CONTROL.

No one else has access rights.

PUBLIC_READ

Owner gets FULL_CONTROL.

The AllUsers group gets READ access.

PUBLIC_READ_WRITE

Owner gets FULL_CONTROL.

The AllUsers group gets READ and WRITE access. Granting this on a bucket is generally not recommended.