Class Bucket.Builder
- All Implemented Interfaces:
software.amazon.jsii.Builder<Bucket>
- Enclosing class:
Bucket
Bucket
.-
Method Summary
Modifier and TypeMethodDescriptionaccessControl
(BucketAccessControl accessControl) Specifies a canned ACL that grants predefined permissions to the bucket.autoDeleteObjects
(Boolean autoDeleteObjects) Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.blockPublicAccess
(BlockPublicAccess blockPublicAccess) The block public access configuration of this bucket.bucketKeyEnabled
(Boolean bucketKeyEnabled) Whether Amazon S3 should use its own intermediary key to generate data keys.bucketName
(String bucketName) Physical name of this bucket.build()
The CORS configuration of this bucket.static Bucket.Builder
encryption
(BucketEncryption encryption) The kind of server-side encryption to apply to this bucket.encryptionKey
(IKey encryptionKey) External KMS key to use for bucket encryption.enforceSsl
(Boolean enforceSsl) Enforces SSL for requests.eventBridgeEnabled
(Boolean eventBridgeEnabled) Whether this bucket should send notifications to Amazon EventBridge or not.intelligentTieringConfigurations
(List<? extends IntelligentTieringConfiguration> intelligentTieringConfigurations) Inteligent Tiering Configurations.inventories
(List<? extends Inventory> inventories) The inventory configuration of the bucket.lifecycleRules
(List<? extends LifecycleRule> lifecycleRules) Rules that define how Amazon S3 manages objects during their lifetime.metrics
(List<? extends BucketMetrics> metrics) The metrics configuration of this bucket.minimumTlsVersion
(Number minimumTlsVersion) Enforces minimum TLS version for requests.notificationsHandlerRole
(IRole notificationsHandlerRole) The role to be used by the notifications handler.notificationsSkipDestinationValidation
(Boolean notificationsSkipDestinationValidation) Skips notification validation of Amazon SQS, Amazon SNS, and Lambda destinations.objectLockDefaultRetention
(ObjectLockRetention objectLockDefaultRetention) The default retention mode and rules for S3 Object Lock.objectLockEnabled
(Boolean objectLockEnabled) Enable object lock on the bucket.objectOwnership
(ObjectOwnership objectOwnership) The objectOwnership of the bucket.publicReadAccess
(Boolean publicReadAccess) Grants public read access to all objects in the bucket.removalPolicy
(RemovalPolicy removalPolicy) Policy to apply when the bucket is removed from this stack.serverAccessLogsBucket
(IBucket serverAccessLogsBucket) Destination bucket for the server access logs.serverAccessLogsPrefix
(String serverAccessLogsPrefix) Optional log file prefix to use for the bucket's access logs.targetObjectKeyFormat
(TargetObjectKeyFormat targetObjectKeyFormat) Optional key format for log objects.transferAcceleration
(Boolean transferAcceleration) Whether this bucket should have transfer acceleration turned on or not.transitionDefaultMinimumObjectSize
(TransitionDefaultMinimumObjectSize transitionDefaultMinimumObjectSize) Indicates which default minimum object size behavior is applied to the lifecycle configuration.Whether this bucket should have versioning turned on or not.websiteErrorDocument
(String websiteErrorDocument) The name of the error document (e.g.websiteIndexDocument
(String websiteIndexDocument) The name of the index document (e.g.websiteRedirect
(RedirectTarget websiteRedirect) Specifies the redirect behavior of all requests to a website endpoint of a bucket.websiteRoutingRules
(List<? extends RoutingRule> websiteRoutingRules) Rules that define when a redirect is applied and the redirect behavior.
-
Method Details
-
create
@Stability(Stable) public static Bucket.Builder create(software.constructs.Construct scope, String id) - Parameters:
scope
- This parameter is required.id
- This parameter is required.- Returns:
- a new instance of
Bucket.Builder
.
-
accessControl
Specifies a canned ACL that grants predefined permissions to the bucket.Default: BucketAccessControl.PRIVATE
- Parameters:
accessControl
- Specifies a canned ACL that grants predefined permissions to the bucket. This parameter is required.- Returns:
this
-
autoDeleteObjects
Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.Requires the
removalPolicy
to be set toRemovalPolicy.DESTROY
.Warning if you have deployed a bucket with
autoDeleteObjects: true
, switching this tofalse
in a CDK version before1.126.0
will lead to all objects in the bucket being deleted. Be sure to update your bucket resources by deploying with CDK version1.126.0
or later before switching this value tofalse
.Setting
autoDeleteObjects
to true on a bucket will adds3:PutBucketPolicy
to the bucket policy. This is because during bucket deletion, the custom resource provider needs to update the bucket policy by adding a deny policy fors3:PutObject
to prevent race conditions with external bucket writers.Default: false
- Parameters:
autoDeleteObjects
- Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted. This parameter is required.- Returns:
this
-
blockPublicAccess
The block public access configuration of this bucket.Default: - CloudFormation defaults will apply. New buckets and objects don't allow public access, but users can modify bucket policies or object permissions to allow public access
- Parameters:
blockPublicAccess
- The block public access configuration of this bucket. This parameter is required.- Returns:
this
- See Also:
-
bucketKeyEnabled
Whether Amazon S3 should use its own intermediary key to generate data keys.Only relevant when using KMS for encryption.
- If not enabled, every object GET and PUT will cause an API call to KMS (with the attendant cost implications of that).
- If enabled, S3 will use its own time-limited key instead.
Only relevant, when Encryption is not set to
BucketEncryption.UNENCRYPTED
.Default: - false
- Parameters:
bucketKeyEnabled
- Whether Amazon S3 should use its own intermediary key to generate data keys. This parameter is required.- Returns:
this
-
bucketName
Physical name of this bucket.Default: - Assigned by CloudFormation (recommended).
- Parameters:
bucketName
- Physical name of this bucket. This parameter is required.- Returns:
this
-
cors
The CORS configuration of this bucket.Default: - No CORS configuration.
- Parameters:
cors
- The CORS configuration of this bucket. This parameter is required.- Returns:
this
- See Also:
-
encryption
The kind of server-side encryption to apply to this bucket.If you choose KMS, you can specify a KMS key via
encryptionKey
. If encryption key is not specified, a key will automatically be created.Default: - `KMS` if `encryptionKey` is specified, or `UNENCRYPTED` otherwise. But if `UNENCRYPTED` is specified, the bucket will be encrypted as `S3_MANAGED` automatically.
- Parameters:
encryption
- The kind of server-side encryption to apply to this bucket. This parameter is required.- Returns:
this
-
encryptionKey
External KMS key to use for bucket encryption.The
encryption
property must be either not specified or set toKMS
orDSSE
. An error will be emitted ifencryption
is set toUNENCRYPTED
orS3_MANAGED
.Default: - If `encryption` is set to `KMS` and this property is undefined, a new KMS key will be created and associated with this bucket.
- Parameters:
encryptionKey
- External KMS key to use for bucket encryption. This parameter is required.- Returns:
this
-
enforceSsl
Enforces SSL for requests.S3.5 of the AWS Foundational Security Best Practices Regarding S3.
Default: false
- Parameters:
enforceSsl
- Enforces SSL for requests. This parameter is required.- Returns:
this
- See Also:
-
eventBridgeEnabled
Whether this bucket should send notifications to Amazon EventBridge or not.Default: false
- Parameters:
eventBridgeEnabled
- Whether this bucket should send notifications to Amazon EventBridge or not. This parameter is required.- Returns:
this
-
intelligentTieringConfigurations
@Stability(Stable) public Bucket.Builder intelligentTieringConfigurations(List<? extends IntelligentTieringConfiguration> intelligentTieringConfigurations) Inteligent Tiering Configurations.Default: No Intelligent Tiiering Configurations.
- Parameters:
intelligentTieringConfigurations
- Inteligent Tiering Configurations. This parameter is required.- Returns:
this
- See Also:
-
inventories
The inventory configuration of the bucket.Default: - No inventory configuration
- Parameters:
inventories
- The inventory configuration of the bucket. This parameter is required.- Returns:
this
- See Also:
-
lifecycleRules
@Stability(Stable) public Bucket.Builder lifecycleRules(List<? extends LifecycleRule> lifecycleRules) Rules that define how Amazon S3 manages objects during their lifetime.Default: - No lifecycle rules.
- Parameters:
lifecycleRules
- Rules that define how Amazon S3 manages objects during their lifetime. This parameter is required.- Returns:
this
-
metrics
The metrics configuration of this bucket.Default: - No metrics configuration.
- Parameters:
metrics
- The metrics configuration of this bucket. This parameter is required.- Returns:
this
- See Also:
-
minimumTlsVersion
Enforces minimum TLS version for requests.Requires
enforceSSL
to be enabled.Default: No minimum TLS version is enforced.
- Parameters:
minimumTlsVersion
- Enforces minimum TLS version for requests. This parameter is required.- Returns:
this
- See Also:
-
notificationsHandlerRole
The role to be used by the notifications handler.Default: - a new role will be created.
- Parameters:
notificationsHandlerRole
- The role to be used by the notifications handler. This parameter is required.- Returns:
this
-
notificationsSkipDestinationValidation
@Stability(Stable) public Bucket.Builder notificationsSkipDestinationValidation(Boolean notificationsSkipDestinationValidation) Skips notification validation of Amazon SQS, Amazon SNS, and Lambda destinations.Default: false
- Parameters:
notificationsSkipDestinationValidation
- Skips notification validation of Amazon SQS, Amazon SNS, and Lambda destinations. This parameter is required.- Returns:
this
-
objectLockDefaultRetention
@Stability(Stable) public Bucket.Builder objectLockDefaultRetention(ObjectLockRetention objectLockDefaultRetention) The default retention mode and rules for S3 Object Lock.Default retention can be configured after a bucket is created if the bucket already has object lock enabled. Enabling object lock for existing buckets is not supported.
Default: no default retention period
- Parameters:
objectLockDefaultRetention
- The default retention mode and rules for S3 Object Lock. This parameter is required.- Returns:
this
- See Also:
-
objectLockEnabled
Enable object lock on the bucket.Enabling object lock for existing buckets is not supported. Object lock must be enabled when the bucket is created.
Default: false, unless objectLockDefaultRetention is set (then, true)
- Parameters:
objectLockEnabled
- Enable object lock on the bucket. This parameter is required.- Returns:
this
- See Also:
-
objectOwnership
The objectOwnership of the bucket.Default: - No ObjectOwnership configuration. By default, Amazon S3 sets Object Ownership to `Bucket owner enforced`. This means ACLs are disabled and the bucket owner will own every object.
- Parameters:
objectOwnership
- The objectOwnership of the bucket. This parameter is required.- Returns:
this
- See Also:
-
publicReadAccess
Grants public read access to all objects in the bucket.Similar to calling
bucket.grantPublicAccess()
Default: false
- Parameters:
publicReadAccess
- Grants public read access to all objects in the bucket. This parameter is required.- Returns:
this
-
removalPolicy
Policy to apply when the bucket is removed from this stack.Default: - The bucket will be orphaned.
- Parameters:
removalPolicy
- Policy to apply when the bucket is removed from this stack. This parameter is required.- Returns:
this
-
serverAccessLogsBucket
Destination bucket for the server access logs.Default: - If "serverAccessLogsPrefix" undefined - access logs disabled, otherwise - log to current bucket.
- Parameters:
serverAccessLogsBucket
- Destination bucket for the server access logs. This parameter is required.- Returns:
this
-
serverAccessLogsPrefix
Optional log file prefix to use for the bucket's access logs.If defined without "serverAccessLogsBucket", enables access logs to current bucket with this prefix.
Default: - No log file prefix
- Parameters:
serverAccessLogsPrefix
- Optional log file prefix to use for the bucket's access logs. This parameter is required.- Returns:
this
-
targetObjectKeyFormat
@Stability(Stable) public Bucket.Builder targetObjectKeyFormat(TargetObjectKeyFormat targetObjectKeyFormat) Optional key format for log objects.Default: - the default key format is: [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]
- Parameters:
targetObjectKeyFormat
- Optional key format for log objects. This parameter is required.- Returns:
this
-
transferAcceleration
Whether this bucket should have transfer acceleration turned on or not.Default: false
- Parameters:
transferAcceleration
- Whether this bucket should have transfer acceleration turned on or not. This parameter is required.- Returns:
this
-
transitionDefaultMinimumObjectSize
@Stability(Stable) public Bucket.Builder transitionDefaultMinimumObjectSize(TransitionDefaultMinimumObjectSize transitionDefaultMinimumObjectSize) Indicates which default minimum object size behavior is applied to the lifecycle configuration.To customize the minimum object size for any transition you can add a filter that specifies a custom
objectSizeGreaterThan
orobjectSizeLessThan
forlifecycleRules
property. Custom filters always take precedence over the default transition behavior.Default: - TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS before September 2024, otherwise TransitionDefaultMinimumObjectSize.ALL_STORAGE_CLASSES_128_K.
- Parameters:
transitionDefaultMinimumObjectSize
- Indicates which default minimum object size behavior is applied to the lifecycle configuration. This parameter is required.- Returns:
this
-
versioned
Whether this bucket should have versioning turned on or not.Default: false (unless object lock is enabled, then true)
- Parameters:
versioned
- Whether this bucket should have versioning turned on or not. This parameter is required.- Returns:
this
-
websiteErrorDocument
The name of the error document (e.g. "404.html") for the website.websiteIndexDocument
must also be set if this is set.Default: - No error document.
- Parameters:
websiteErrorDocument
- The name of the error document (e.g. "404.html") for the website.websiteIndexDocument
must also be set if this is set. This parameter is required.- Returns:
this
-
websiteIndexDocument
The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket.Default: - No index document.
- Parameters:
websiteIndexDocument
- The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket. This parameter is required.- Returns:
this
-
websiteRedirect
Specifies the redirect behavior of all requests to a website endpoint of a bucket.If you specify this property, you can't specify "websiteIndexDocument", "websiteErrorDocument" nor , "websiteRoutingRules".
Default: - No redirection.
- Parameters:
websiteRedirect
- Specifies the redirect behavior of all requests to a website endpoint of a bucket. This parameter is required.- Returns:
this
-
websiteRoutingRules
@Stability(Stable) public Bucket.Builder websiteRoutingRules(List<? extends RoutingRule> websiteRoutingRules) Rules that define when a redirect is applied and the redirect behavior.Default: - No redirection rules.
- Parameters:
websiteRoutingRules
- Rules that define when a redirect is applied and the redirect behavior. This parameter is required.- Returns:
this
-
build
-