Package software.amazon.awscdk.services.s3

Class CfnAccessGrantsLocation

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.s3.CfnAccessGrantsLocation
All Implemented Interfaces:
IInspectable, ITaggableV2, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.98.0 (build 00b106d)", date="2024-05-02T15:58:32.786Z") @Stability(Stable) public class CfnAccessGrantsLocation extends CfnResource implements IInspectable, ITaggableV2
The AWS::S3::AccessGrantsLocation resource creates the S3 data location that you would like to register in your S3 Access Grants instance.

Your S3 data must be in the same Region as your S3 Access Grants instance. The location can be one of the following:

  • The default S3 location s3://
  • A bucket - S3://<bucket-name>
  • A bucket and prefix - S3://<bucket-name>/<prefix>

When you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering. Give S3 Access Grants permission to assume this role using a policy . S3 Access Grants assumes this role to manage access to the location and to vend temporary credentials to grantees or client applications.

  • Permissions - You must have the s3:CreateAccessGrantsLocation permission to use this resource.
  • Additional Permissions - You must also have the following permission for the specified IAM role: iam:PassRole

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.s3.*;
 CfnAccessGrantsLocation cfnAccessGrantsLocation = CfnAccessGrantsLocation.Builder.create(this, "MyCfnAccessGrantsLocation")
         .iamRoleArn("iamRoleArn")
         .locationScope("locationScope")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();

See Also:

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnAccessGrantsLocation

      protected CfnAccessGrantsLocation(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnAccessGrantsLocation

      protected CfnAccessGrantsLocation(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnAccessGrantsLocation

      @Stability(Stable) public CfnAccessGrantsLocation(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable CfnAccessGrantsLocationProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties.

    • CfnAccessGrantsLocation

      @Stability(Stable) public CfnAccessGrantsLocation(@NotNull software.constructs.Construct scope, @NotNull String id)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrAccessGrantsLocationArn

      @Stability(Stable) @NotNull public String getAttrAccessGrantsLocationArn()
      The ARN of the location you are registering.

    • getAttrAccessGrantsLocationId

      @Stability(Stable) @NotNull public String getAttrAccessGrantsLocationId()
      The ID of the registered location to which you are granting access.

      S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.

    • getCdkTagManager

      @Stability(Stable) @NotNull public TagManager getCdkTagManager()
      Tag Manager which manages the tags for this resource.
      Specified by:
      getCdkTagManager in interface ITaggableV2

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getIamRoleArn

      @Stability(Stable) @Nullable public String getIamRoleArn()
      The Amazon Resource Name (ARN) of the IAM role for the registered location.

    • setIamRoleArn

      @Stability(Stable) public void setIamRoleArn(@Nullable String value)
      The Amazon Resource Name (ARN) of the IAM role for the registered location.

    • getLocationScope

      @Stability(Stable) @Nullable public String getLocationScope()
      The S3 URI path to the location that you are registering.

    • setLocationScope

      @Stability(Stable) public void setLocationScope(@Nullable String value)
      The S3 URI path to the location that you are registering.

    • getTags

      @Stability(Stable) @Nullable public List<CfnTag> getTags()
      The AWS resource tags that you are adding to the S3 Access Grants location.

    • setTags

      @Stability(Stable) public void setTags(@Nullable List<CfnTag> value)
      The AWS resource tags that you are adding to the S3 Access Grants location.