Package software.amazon.awscdk.services.ses

Class CfnReceiptRule.S3ActionProperty.Builder

java.lang.Object
software.amazon.awscdk.services.ses.CfnReceiptRule.S3ActionProperty.Builder
All Implemented Interfaces:
software.amazon.jsii.Builder<CfnReceiptRule.S3ActionProperty>
Enclosing interface:
CfnReceiptRule.S3ActionProperty
@Stability(Stable) public static final class CfnReceiptRule.S3ActionProperty.Builder extends Object implements software.amazon.jsii.Builder<CfnReceiptRule.S3ActionProperty>
A builder for CfnReceiptRule.S3ActionProperty

  • Constructor Details

    • Builder

      public Builder()

  • Method Details

    • bucketName

      @Stability(Stable) public CfnReceiptRule.S3ActionProperty.Builder bucketName(String bucketName)
      Sets the value of CfnReceiptRule.S3ActionProperty.getBucketName()
      Parameters:
      bucketName - The name of the Amazon S3 bucket for incoming email. This parameter is required.
      Returns:
      this

    • iamRoleArn

      @Stability(Stable) public CfnReceiptRule.S3ActionProperty.Builder iamRoleArn(String iamRoleArn)
      Sets the value of CfnReceiptRule.S3ActionProperty.getIamRoleArn()
      Parameters:
      iamRoleArn - The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket, optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS topic. This role should have access to the following APIs:

      • s3:PutObject , kms:Encrypt and kms:GenerateDataKey for the given Amazon S3 bucket.
      • kms:GenerateDataKey for the given AWS KMS customer managed key.
      • sns:Publish for the given Amazon SNS topic.

      If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources (Amazon S3 bucket, AWS KMS customer managed key and Amazon SNS topic). Therefore, setting up individual resource access permissions is not required.

      Returns:
      this

    • kmsKeyArn

      @Stability(Stable) public CfnReceiptRule.S3ActionProperty.Builder kmsKeyArn(String kmsKeyArn)
      Sets the value of CfnReceiptRule.S3ActionProperty.getKmsKeyArn()
      Parameters:
      kmsKeyArn - The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:

      • To use the AWS managed key, provide an ARN in the form of arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be arn:aws:kms:us-west-2:123456789012:alias/aws/ses . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.
      • To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the Amazon SES Developer Guide .

      For more information about key policies, see the AWS KMS Developer Guide . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.

      Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the AWS SDK for Java and AWS SDK for Ruby only. For more information about client-side encryption using AWS KMS managed keys, see the Amazon S3 Developer Guide .

      Returns:
      this

    • objectKeyPrefix

      @Stability(Stable) public CfnReceiptRule.S3ActionProperty.Builder objectKeyPrefix(String objectKeyPrefix)
      Sets the value of CfnReceiptRule.S3ActionProperty.getObjectKeyPrefix()
      Parameters:
      objectKeyPrefix - The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.
      Returns:
      this

    • topicArn

      @Stability(Stable) public CfnReceiptRule.S3ActionProperty.Builder topicArn(String topicArn)
      Sets the value of CfnReceiptRule.S3ActionProperty.getTopicArn()
      Parameters:
      topicArn - The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the ListTopics operation in Amazon SNS.

      For more information about Amazon SNS topics, see the Amazon SNS Developer Guide .

      Returns:
      this

    • build

      @Stability(Stable) public CfnReceiptRule.S3ActionProperty build()
      Builds the configured instance.
      Specified by:
      build in interface software.amazon.jsii.Builder<CfnReceiptRule.S3ActionProperty>
      Returns:
      a new instance of CfnReceiptRule.S3ActionProperty
      Throws:
      NullPointerException - if any required attribute was not provided