Package software.amazon.awscdk.services.s3

Class IBucket.Jsii$Proxy

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.s3.IBucket.Jsii$Proxy
All Implemented Interfaces:
IEnvironmentAware, IEnvironmentAware.Jsii$Default, IBucketRef, IBucketRef.Jsii$Default, IResource, IResource.Jsii$Default, IBucket, IBucket.Jsii$Default, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IConstruct.Jsii$Default, software.constructs.IDependable, software.constructs.IDependable.Jsii$Default
Enclosing interface:
IBucket
@Internal public static final class IBucket.Jsii$Proxy extends software.amazon.jsii.JsiiObject implements IBucket.Jsii$Default
A proxy class which represents a concrete javascript instance of this type.

  • Constructor Details

    • Jsii$Proxy

      protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

  • Method Details

    • addReplicationPolicy

      @Stability(Stable) public final void addReplicationPolicy(@NotNull String roleArn, @Nullable Boolean accessControlTransition)
      Function to add required permissions to the destination bucket for cross account replication.

      These permissions will be added as a resource based policy on the bucket.

      Specified by:
      addReplicationPolicy in interface IBucket
      Specified by:
      addReplicationPolicy in interface IBucket.Jsii$Default
      Parameters:
      roleArn - This parameter is required.
      accessControlTransition -
      See Also:

    • addReplicationPolicy

      @Stability(Stable) public final void addReplicationPolicy(@NotNull String roleArn)
      Function to add required permissions to the destination bucket for cross account replication.

      These permissions will be added as a resource based policy on the bucket.

      Specified by:
      addReplicationPolicy in interface IBucket
      Specified by:
      addReplicationPolicy in interface IBucket.Jsii$Default
      Parameters:
      roleArn - This parameter is required.
      See Also:

    • grantDelete

      @Stability(Stable) @NotNull public final Grant grantDelete(@NotNull IGrantable identity)
      Grants s3:DeleteObject* permission to an IAM principal for objects in this bucket.

      Specified by:
      grantDelete in interface IBucket
      Specified by:
      grantDelete in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.

    • grantPut

      @Stability(Stable) @NotNull public final Grant grantPut(@NotNull IGrantable identity)
      Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Specified by:
      grantPut in interface IBucket
      Specified by:
      grantPut in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.

    • grantPutAcl

      @Stability(Stable) @NotNull public final Grant grantPutAcl(@NotNull IGrantable identity)
      Grant the given IAM identity permissions to modify the ACLs of objects in the given Bucket.

      If your application has the '@aws-cdk/aws-s3:grantWriteWithoutAcl' feature flag set, calling grantWrite or grantReadWrite no longer grants permissions to modify the ACLs of the objects; in this case, if you need to modify object ACLs, call this method explicitly.

      Specified by:
      grantPutAcl in interface IBucket
      Specified by:
      grantPutAcl in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.

    • grantRead

      @Stability(Stable) @NotNull public final Grant grantRead(@NotNull IGrantable identity)
      Grant read permissions for this bucket and it's contents to an IAM principal (Role/Group/User).

      If encryption is used, permission to use the key to decrypt the contents of the bucket will also be granted to the same principal.

      Specified by:
      grantRead in interface IBucket
      Specified by:
      grantRead in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.

    • grantReadWrite

      @Stability(Stable) @NotNull public final Grant grantReadWrite(@NotNull IGrantable identity)
      Grants read/write permissions for this bucket and it's contents to an IAM principal (Role/Group/User).

      If an encryption key is used, permission to use the key for encrypt/decrypt will also be granted.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantReadWrite in interface IBucket
      Specified by:
      grantReadWrite in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.

    • grantWrite

      @Stability(Stable) @NotNull public final Grant grantWrite(@NotNull IGrantable identity, @Nullable Object objectsKeyPattern)
      Grant write permissions to this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantWrite in interface IBucket
      Specified by:
      grantWrite in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').

    • grantWrite

      @Stability(Stable) @NotNull public final Grant grantWrite(@NotNull IGrantable identity)
      Grant write permissions to this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantWrite in interface IBucket
      Specified by:
      grantWrite in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.

    • onCloudTrailEvent

      @Stability(Stable) @NotNull public final Rule onCloudTrailEvent(@NotNull String id)
      Defines a CloudWatch event that triggers when something happens to this bucket.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailEvent in interface IBucket
      Specified by:
      onCloudTrailEvent in interface IBucket.Jsii$Default
      Parameters:
      id - The id of the rule. This parameter is required.

    • onCloudTrailPutObject

      @Stability(Stable) @NotNull public final Rule onCloudTrailPutObject(@NotNull String id)
      Defines an AWS CloudWatch event that triggers when an object is uploaded to the specified paths (keys) in this bucket using the PutObject API call.

      Note that some tools like aws s3 cp will automatically use either PutObject or the multipart upload API depending on the file size, so using onCloudTrailWriteObject may be preferable.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailPutObject in interface IBucket
      Specified by:
      onCloudTrailPutObject in interface IBucket.Jsii$Default
      Parameters:
      id - The id of the rule. This parameter is required.

    • onCloudTrailWriteObject

      @Stability(Stable) @NotNull public final Rule onCloudTrailWriteObject(@NotNull String id)
      Defines an AWS CloudWatch event that triggers when an object at the specified paths (keys) in this bucket are written to.

      This includes the events PutObject, CopyObject, and CompleteMultipartUpload.

      Note that some tools like aws s3 cp will automatically use either PutObject or the multipart upload API depending on the file size, so using this method may be preferable to onCloudTrailPutObject.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailWriteObject in interface IBucket
      Specified by:
      onCloudTrailWriteObject in interface IBucket.Jsii$Default
      Parameters:
      id - The id of the rule. This parameter is required.

    • s3UrlForObject

      @Stability(Stable) @NotNull public final String s3UrlForObject()
      The S3 URL of an S3 object.

      For example:

      • s3://onlybucket
      • s3://bucket/key

      Specified by:
      s3UrlForObject in interface IBucket
      Specified by:
      s3UrlForObject in interface IBucket.Jsii$Default
      Returns:
      an ObjectS3Url token

    • transferAccelerationUrlForObject

      @Stability(Stable) @NotNull public final String transferAccelerationUrlForObject(@Nullable String key)
      The https Transfer Acceleration URL of an S3 object.

      Specify dualStack: true at the options for dual-stack endpoint (connect to the bucket over IPv6). For example:

      • https://bucket.s3-accelerate.amazonaws.com
      • https://bucket.s3-accelerate.amazonaws.com/key

      Specified by:
      transferAccelerationUrlForObject in interface IBucket
      Specified by:
      transferAccelerationUrlForObject in interface IBucket.Jsii$Default
      Parameters:
      key - The S3 key of the object.
      Returns:
      an TransferAccelerationUrl token

    • transferAccelerationUrlForObject

      @Stability(Stable) @NotNull public final String transferAccelerationUrlForObject()
      The https Transfer Acceleration URL of an S3 object.

      Specify dualStack: true at the options for dual-stack endpoint (connect to the bucket over IPv6). For example:

      • https://bucket.s3-accelerate.amazonaws.com
      • https://bucket.s3-accelerate.amazonaws.com/key

      Specified by:
      transferAccelerationUrlForObject in interface IBucket
      Specified by:
      transferAccelerationUrlForObject in interface IBucket.Jsii$Default
      Returns:
      an TransferAccelerationUrl token

    • urlForObject

      @Stability(Stable) @NotNull public final String urlForObject()
      The https URL of an S3 object. For example:.

      • https://s3.us-west-1.amazonaws.com/onlybucket
      • https://s3.us-west-1.amazonaws.com/bucket/key
      • https://s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/china-bucket/mykey

      Specified by:
      urlForObject in interface IBucket
      Specified by:
      urlForObject in interface IBucket.Jsii$Default
      Returns:
      an ObjectS3Url token

    • virtualHostedUrlForObject

      @Stability(Stable) @NotNull public final String virtualHostedUrlForObject(@Nullable String key)
      The virtual hosted-style URL of an S3 object. Specify regional: false at the options for non-regional URL. For example:.

      • https://only-bucket.s3.us-west-1.amazonaws.com
      • https://bucket.s3.us-west-1.amazonaws.com/key
      • https://bucket.s3.amazonaws.com/key
      • https://china-bucket---s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/mykey

      Specified by:
      virtualHostedUrlForObject in interface IBucket
      Specified by:
      virtualHostedUrlForObject in interface IBucket.Jsii$Default
      Parameters:
      key - The S3 key of the object.
      Returns:
      an ObjectS3Url token

    • virtualHostedUrlForObject

      @Stability(Stable) @NotNull public final String virtualHostedUrlForObject()
      The virtual hosted-style URL of an S3 object. Specify regional: false at the options for non-regional URL. For example:.

      • https://only-bucket.s3.us-west-1.amazonaws.com
      • https://bucket.s3.us-west-1.amazonaws.com/key
      • https://bucket.s3.amazonaws.com/key
      • https://china-bucket---s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/mykey

      Specified by:
      virtualHostedUrlForObject in interface IBucket
      Specified by:
      virtualHostedUrlForObject in interface IBucket.Jsii$Default
      Returns:
      an ObjectS3Url token