Interface ICfnBucketPolicyProps
Properties for defining a CfnBucketPolicy
.
Namespace: Amazon.CDK.AWS.S3
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ICfnBucketPolicyProps
Syntax (vb)
Public Interface ICfnBucketPolicyProps
Remarks
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3-bucketpolicy.html
ExampleMetadata: infused
Examples
var bucketName = "amzn-s3-demo-bucket";
var accessLogsBucket = new Bucket(this, "AccessLogsBucket", new BucketProps {
ObjectOwnership = ObjectOwnership.BUCKET_OWNER_ENFORCED,
BucketName = bucketName
});
// Creating a bucket policy using L1
var bucketPolicy = new CfnBucketPolicy(this, "BucketPolicy", new CfnBucketPolicyProps {
Bucket = bucketName,
PolicyDocument = new Dictionary<string, object> {
{ "Statement", new [] { new Struct {
Action = "s3:*",
Effect = "Deny",
Principal = new Struct {
AWS = "*"
},
Resource = new [] { accessLogsBucket.BucketArn, $"{accessLogsBucket.bucketArn}/*" }
} } },
{ "Version", "2012-10-17" }
}
});
// 'serverAccessLogsBucket' will create a new L2 bucket policy
// to allow log delivery and overwrite the L1 bucket policy.
var bucket = new Bucket(this, "MyBucket", new BucketProps {
ServerAccessLogsBucket = accessLogsBucket,
ServerAccessLogsPrefix = "logs"
});
Synopsis
Properties
Bucket | The name of the Amazon S3 bucket to which the policy applies. |
PolicyDocument | A policy document containing permissions to add to the specified bucket. |
Properties
Bucket
The name of the Amazon S3 bucket to which the policy applies.
string Bucket { get; }
Property Value
System.String
Remarks
PolicyDocument
A policy document containing permissions to add to the specified bucket.
object PolicyDocument { get; }
Property Value
System.Object
Remarks
In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy PolicyDocument resource description in this guide and Access Policy Language Overview in the Amazon S3 User Guide .