ObjectOwnership
- class aws_cdk.aws_s3.ObjectOwnership(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)
Bases:
Enum
The ObjectOwnership of the bucket.
- See:
https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html
- ExampleMetadata:
infused
Example:
access_logs_bucket = s3.Bucket(self, "AccessLogsBucket", object_ownership=s3.ObjectOwnership.BUCKET_OWNER_ENFORCED ) access_logs_bucket.add_to_resource_policy( iam.PolicyStatement( actions=["s3:*"], resources=[access_logs_bucket.bucket_arn, access_logs_bucket.arn_for_objects("*")], principals=[iam.AnyPrincipal()] )) bucket = s3.Bucket(self, "MyBucket", server_access_logs_bucket=access_logs_bucket, server_access_logs_prefix="logs" )
Attributes
- BUCKET_OWNER_ENFORCED
ACLs are disabled, and the bucket owner automatically owns and has full control over every object in the bucket.
ACLs no longer affect permissions to data in the S3 bucket. The bucket uses policies to define access control.
- BUCKET_OWNER_PREFERRED
The bucket owner will own the object if the object is uploaded with the bucket-owner-full-control canned ACL.
Without this setting and canned ACL, the object is uploaded and remains owned by the uploading account.
- OBJECT_WRITER
The uploading account will own the object.