Class BucketAccessControl
Default bucket access control types.
Inheritance
Namespace: Amazon.CDK.AWS.S3
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public sealed class BucketAccessControl : Enum
Syntax (vb)
Public NotInheritable Class BucketAccessControl
Inherits
Enum
Remarks
See: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
ExampleMetadata: infused
Examples
var websiteBucket = new Bucket(this, "WebsiteBucket", new BucketProps {
WebsiteIndexDocument = "index.html",
PublicReadAccess = true
});
new BucketDeployment(this, "DeployWebsite", new BucketDeploymentProps {
Sources = new [] { Source.Asset("./website-dist") },
DestinationBucket = websiteBucket,
DestinationKeyPrefix = "web/static", // optional prefix in destination bucket
Metadata = new Dictionary<string, string> { { "A", "1" }, { "b", "2" } }, // user-defined metadata
// system-defined metadata
ContentType = "text/html",
ContentLanguage = "en",
StorageClass = StorageClass.INTELLIGENT_TIERING,
ServerSideEncryption = ServerSideEncryption.AES_256,
CacheControl = new [] { CacheControl.SetPublic(), CacheControl.MaxAge(Duration.Hours(1)) },
AccessControl = BucketAccessControl.BUCKET_OWNER_FULL_CONTROL
});
Synopsis
Fields
AUTHENTICATED_READ | Owner gets FULL_CONTROL. |
AWS_EXEC_READ | Owner gets FULL_CONTROL. |
BUCKET_OWNER_FULL_CONTROL | Both the object owner and the bucket owner get FULL_CONTROL over the object. |
BUCKET_OWNER_READ | Object owner gets FULL_CONTROL. |
LOG_DELIVERY_WRITE | The LogDelivery group gets WRITE and READ_ACP permissions on the bucket. |
PRIVATE | Owner gets FULL_CONTROL. |
PUBLIC_READ | Owner gets FULL_CONTROL. |
PUBLIC_READ_WRITE | Owner gets FULL_CONTROL. |
value__ |
Fields
AUTHENTICATED_READ
Owner gets FULL_CONTROL.
public const BucketAccessControl AUTHENTICATED_READ
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
The AuthenticatedUsers group gets READ access.
AWS_EXEC_READ
Owner gets FULL_CONTROL.
public const BucketAccessControl AWS_EXEC_READ
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
Amazon EC2 gets READ access to GET an Amazon Machine Image (AMI) bundle from Amazon S3.
BUCKET_OWNER_FULL_CONTROL
Both the object owner and the bucket owner get FULL_CONTROL over the object.
public const BucketAccessControl BUCKET_OWNER_FULL_CONTROL
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
BUCKET_OWNER_READ
Object owner gets FULL_CONTROL.
public const BucketAccessControl BUCKET_OWNER_READ
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
Bucket owner gets READ access. If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
LOG_DELIVERY_WRITE
The LogDelivery group gets WRITE and READ_ACP permissions on the bucket.
public const BucketAccessControl LOG_DELIVERY_WRITE
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
PRIVATE
Owner gets FULL_CONTROL.
public const BucketAccessControl PRIVATE
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
No one else has access rights.
PUBLIC_READ
Owner gets FULL_CONTROL.
public const BucketAccessControl PUBLIC_READ
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
The AllUsers group gets READ access.
PUBLIC_READ_WRITE
Owner gets FULL_CONTROL.
public const BucketAccessControl PUBLIC_READ_WRITE
Field Value
Type | Description |
---|---|
BucketAccessControl |
Remarks
The AllUsers group gets READ and WRITE access. Granting this on a bucket is generally not recommended.
value__
public int value__
Field Value
Type | Description |
---|---|
System.Int32 |