Package software.amazon.awscdk.services.s3

Class IBucket.Jsii$Proxy

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.s3.IBucket.Jsii$Proxy
All Implemented Interfaces:
IEnvironmentAware, IEnvironmentAware.Jsii$Default, IBucketRef, IBucketRef.Jsii$Default, IResource, IResource.Jsii$Default, IBucket, IBucket.Jsii$Default, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IConstruct.Jsii$Default, software.constructs.IDependable, software.constructs.IDependable.Jsii$Default
Enclosing interface:
IBucket
@Internal public static final class IBucket.Jsii$Proxy extends software.amazon.jsii.JsiiObject implements IBucket.Jsii$Default
A proxy class which represents a concrete javascript instance of this type.

  • Constructor Details

    • Jsii$Proxy

      protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

  • Method Details

    • getNode

      @Stability(Stable) @NotNull public final software.constructs.Node getNode()
      The tree node.
      Specified by:
      getNode in interface IBucket
      Specified by:
      getNode in interface IBucket.Jsii$Default
      Specified by:
      getNode in interface IBucketRef.Jsii$Default
      Specified by:
      getNode in interface software.constructs.IConstruct
      Specified by:
      getNode in interface software.constructs.IConstruct.Jsii$Default
      Specified by:
      getNode in interface IResource.Jsii$Default

    • getEnv

      @Stability(Stable) @NotNull public final ResourceEnvironment getEnv()
      The environment this resource belongs to.

      For resources that are created and managed in a Stack (those created by creating new class instances like new Role(), new Bucket(), etc.), this is always the same as the environment of the stack they belong to.

      For referenced resources (those obtained from referencing methods like Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be different than the stack they were imported into.

      Specified by:
      getEnv in interface IBucket
      Specified by:
      getEnv in interface IBucket.Jsii$Default
      Specified by:
      getEnv in interface IBucketRef.Jsii$Default
      Specified by:
      getEnv in interface IEnvironmentAware
      Specified by:
      getEnv in interface IEnvironmentAware.Jsii$Default
      Specified by:
      getEnv in interface IResource.Jsii$Default

    • getStack

      @Stability(Stable) @NotNull public final Stack getStack()
      The stack in which this resource is defined.
      Specified by:
      getStack in interface IBucket.Jsii$Default
      Specified by:
      getStack in interface IResource
      Specified by:
      getStack in interface IResource.Jsii$Default

    • getBucketRef

      @Stability(Experimental) @NotNull public final BucketReference getBucketRef()
      (experimental) A reference to a Bucket resource.
      Specified by:
      getBucketRef in interface IBucket.Jsii$Default
      Specified by:
      getBucketRef in interface IBucketRef
      Specified by:
      getBucketRef in interface IBucketRef.Jsii$Default

    • getBucketArn

      @Stability(Stable) @NotNull public final String getBucketArn()
      The ARN of the bucket.
      Specified by:
      getBucketArn in interface IBucket
      Specified by:
      getBucketArn in interface IBucket.Jsii$Default

    • getBucketDomainName

      @Stability(Stable) @NotNull public final String getBucketDomainName()
      The IPv4 DNS name of the specified bucket.
      Specified by:
      getBucketDomainName in interface IBucket
      Specified by:
      getBucketDomainName in interface IBucket.Jsii$Default

    • getBucketDualStackDomainName

      @Stability(Stable) @NotNull public final String getBucketDualStackDomainName()
      The IPv6 DNS name of the specified bucket.
      Specified by:
      getBucketDualStackDomainName in interface IBucket
      Specified by:
      getBucketDualStackDomainName in interface IBucket.Jsii$Default

    • getBucketName

      @Stability(Stable) @NotNull public final String getBucketName()
      The name of the bucket.
      Specified by:
      getBucketName in interface IBucket
      Specified by:
      getBucketName in interface IBucket.Jsii$Default

    • getBucketRegionalDomainName

      @Stability(Stable) @NotNull public final String getBucketRegionalDomainName()
      The regional domain name of the specified bucket.
      Specified by:
      getBucketRegionalDomainName in interface IBucket
      Specified by:
      getBucketRegionalDomainName in interface IBucket.Jsii$Default

    • getBucketWebsiteDomainName

      @Stability(Stable) @NotNull public final String getBucketWebsiteDomainName()
      The Domain name of the static website.
      Specified by:
      getBucketWebsiteDomainName in interface IBucket
      Specified by:
      getBucketWebsiteDomainName in interface IBucket.Jsii$Default

    • getBucketWebsiteUrl

      @Stability(Stable) @NotNull public final String getBucketWebsiteUrl()
      The URL of the static website.
      Specified by:
      getBucketWebsiteUrl in interface IBucket
      Specified by:
      getBucketWebsiteUrl in interface IBucket.Jsii$Default

    • getEncryptionKey

      @Stability(Stable) @Nullable public final IKey getEncryptionKey()
      Optional KMS encryption key associated with this bucket.
      Specified by:
      getEncryptionKey in interface IBucket
      Specified by:
      getEncryptionKey in interface IBucket.Jsii$Default

    • getIsWebsite

      @Stability(Stable) @Nullable public final Boolean getIsWebsite()
      If this bucket has been configured for static website hosting.
      Specified by:
      getIsWebsite in interface IBucket
      Specified by:
      getIsWebsite in interface IBucket.Jsii$Default

    • getPolicy

      @Stability(Stable) @Nullable public final BucketPolicy getPolicy()
      The resource policy associated with this bucket.

      If autoCreatePolicy is true, a BucketPolicy will be created upon the first call to addToResourcePolicy(s).

      Specified by:
      getPolicy in interface IBucket
      Specified by:
      getPolicy in interface IBucket.Jsii$Default

    • setPolicy

      @Stability(Stable) public final void setPolicy(@Nullable BucketPolicy value)
      The resource policy associated with this bucket.

      If autoCreatePolicy is true, a BucketPolicy will be created upon the first call to addToResourcePolicy(s).

      Specified by:
      setPolicy in interface IBucket
      Specified by:
      setPolicy in interface IBucket.Jsii$Default

    • getReplicationRoleArn

      @Stability(Stable) @Nullable public final String getReplicationRoleArn()
      Role used to set up permissions on this bucket for replication.
      Specified by:
      getReplicationRoleArn in interface IBucket
      Specified by:
      getReplicationRoleArn in interface IBucket.Jsii$Default

    • setReplicationRoleArn

      @Stability(Stable) public final void setReplicationRoleArn(@Nullable String value)
      Role used to set up permissions on this bucket for replication.
      Specified by:
      setReplicationRoleArn in interface IBucket
      Specified by:
      setReplicationRoleArn in interface IBucket.Jsii$Default

    • applyRemovalPolicy

      @Stability(Stable) public final void applyRemovalPolicy(@NotNull RemovalPolicy policy)
      Apply the given removal policy to this resource.

      The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

      The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

      Specified by:
      applyRemovalPolicy in interface IBucket.Jsii$Default
      Specified by:
      applyRemovalPolicy in interface IResource
      Specified by:
      applyRemovalPolicy in interface IResource.Jsii$Default
      Parameters:
      policy - This parameter is required.

    • addEventNotification

      @Stability(Stable) public final void addEventNotification(@NotNull EventType event, @NotNull IBucketNotificationDestination dest, @NotNull NotificationKeyFilter... filters)
      Adds a bucket notification event destination.

      Example: 

       Function myLambda;
 Bucket bucket = new Bucket(this, "MyBucket");
 bucket.addEventNotification(EventType.OBJECT_CREATED, new LambdaDestination(myLambda), NotificationKeyFilter.builder().prefix("home/myusername/*").build());

      Specified by:
      addEventNotification in interface IBucket
      Specified by:
      addEventNotification in interface IBucket.Jsii$Default
      Parameters:
      event - The event to trigger the notification. This parameter is required.
      dest - The notification destination (Lambda, SNS Topic or SQS Queue). This parameter is required.
      filters - S3 object key filter rules to determine which objects trigger this event. This parameter is required.
      See Also:

    • addObjectCreatedNotification

      @Stability(Stable) public final void addObjectCreatedNotification(@NotNull IBucketNotificationDestination dest, @NotNull NotificationKeyFilter... filters)
      Subscribes a destination to receive notifications when an object is created in the bucket.

      This is identical to calling onEvent(s3.EventType.OBJECT_CREATED).

      Specified by:
      addObjectCreatedNotification in interface IBucket
      Specified by:
      addObjectCreatedNotification in interface IBucket.Jsii$Default
      Parameters:
      dest - The notification destination (see onEvent). This parameter is required.
      filters - Filters (see onEvent). This parameter is required.

    • addObjectRemovedNotification

      @Stability(Stable) public final void addObjectRemovedNotification(@NotNull IBucketNotificationDestination dest, @NotNull NotificationKeyFilter... filters)
      Subscribes a destination to receive notifications when an object is removed from the bucket.

      This is identical to calling onEvent(EventType.OBJECT_REMOVED).

      Specified by:
      addObjectRemovedNotification in interface IBucket
      Specified by:
      addObjectRemovedNotification in interface IBucket.Jsii$Default
      Parameters:
      dest - The notification destination (see onEvent). This parameter is required.
      filters - Filters (see onEvent). This parameter is required.

    • addReplicationPolicy

      @Stability(Stable) public final void addReplicationPolicy(@NotNull String roleArn, @Nullable Boolean accessControlTransition, @Nullable String account)
      Function to add required permissions to the destination bucket for cross account replication.

      These permissions will be added as a resource based policy on the bucket.

      Specified by:
      addReplicationPolicy in interface IBucket
      Specified by:
      addReplicationPolicy in interface IBucket.Jsii$Default
      Parameters:
      roleArn - This parameter is required.
      accessControlTransition -
      account -
      See Also:

    • addReplicationPolicy

      @Stability(Stable) public final void addReplicationPolicy(@NotNull String roleArn, @Nullable Boolean accessControlTransition)
      Function to add required permissions to the destination bucket for cross account replication.

      These permissions will be added as a resource based policy on the bucket.

      Specified by:
      addReplicationPolicy in interface IBucket
      Parameters:
      roleArn - This parameter is required.
      accessControlTransition -
      See Also:

    • addReplicationPolicy

      @Stability(Stable) public final void addReplicationPolicy(@NotNull String roleArn)
      Function to add required permissions to the destination bucket for cross account replication.

      These permissions will be added as a resource based policy on the bucket.

      Specified by:
      addReplicationPolicy in interface IBucket
      Parameters:
      roleArn - This parameter is required.
      See Also:

    • addToResourcePolicy

      @Stability(Stable) @NotNull public final AddToResourcePolicyResult addToResourcePolicy(@NotNull PolicyStatement permission)
      Adds a statement to the resource policy for a principal (i.e. account/role/service) to perform actions on this bucket and/or its contents. Use bucketArn and arnForObjects(keys) to obtain ARNs for this bucket or objects.

      Note that the policy statement may or may not be added to the policy. For example, when an IBucket is created from an existing bucket, it's not possible to tell whether the bucket already has a policy attached, let alone to re-use that policy to add more statements to it. So it's safest to do nothing in these cases.

      Specified by:
      addToResourcePolicy in interface IBucket
      Specified by:
      addToResourcePolicy in interface IBucket.Jsii$Default
      Parameters:
      permission - the policy statement to be added to the bucket's policy. This parameter is required.
      Returns:
      metadata about the execution of this method. If the policy was not added, the value of statementAdded will be false. You should always check this value to make sure that the operation was actually carried out. Otherwise, synthesis and deploy will terminate silently, which may be confusing.

    • arnForObjects

      @Stability(Stable) @NotNull public final String arnForObjects(@NotNull String keyPattern)
      Returns an ARN that represents all objects within the bucket that match the key pattern specified.

      To represent all keys, specify "*".

      Specified by:
      arnForObjects in interface IBucket
      Specified by:
      arnForObjects in interface IBucket.Jsii$Default
      Parameters:
      keyPattern - This parameter is required.

    • enableEventBridgeNotification

      @Stability(Stable) public final void enableEventBridgeNotification()
      Enables event bridge notification, causing all events below to be sent to EventBridge:.

      • Object Deleted (DeleteObject)
      • Object Deleted (Lifecycle expiration)
      • Object Restore Initiated
      • Object Restore Completed
      • Object Restore Expired
      • Object Storage Class Changed
      • Object Access Tier Changed
      • Object ACL Updated
      • Object Tags Added
      • Object Tags Deleted
      Specified by:
      enableEventBridgeNotification in interface IBucket
      Specified by:
      enableEventBridgeNotification in interface IBucket.Jsii$Default

    • grantDelete

      @Stability(Stable) @NotNull public final Grant grantDelete(@NotNull IGrantable identity, @Nullable Object objectsKeyPattern)
      Grants s3:DeleteObject* permission to an IAM principal for objects in this bucket.

      Specified by:
      grantDelete in interface IBucket
      Specified by:
      grantDelete in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').

    • grantDelete

      @Stability(Stable) @NotNull public final Grant grantDelete(@NotNull IGrantable identity)
      Grants s3:DeleteObject* permission to an IAM principal for objects in this bucket.

      Specified by:
      grantDelete in interface IBucket
      Parameters:
      identity - The principal. This parameter is required.

    • grantPublicAccess

      @Stability(Stable) @NotNull public final Grant grantPublicAccess(@Nullable String keyPrefix, @NotNull String... allowedActions)
      Allows unrestricted access to objects from this bucket.

      IMPORTANT: This permission allows anyone to perform actions on S3 objects in this bucket, which is useful for when you configure your bucket as a website and want everyone to be able to read objects in the bucket without needing to authenticate.

      Without arguments, this method will grant read ("s3:GetObject") access to all objects ("*") in the bucket.

      The method returns the iam.Grant object, which can then be modified as needed. For example, you can add a condition that will restrict access only to an IPv4 range like this: 

       const grant = bucket.grantPublicAccess();
 grant.resourceStatement!.addCondition(‘IpAddress’, { “aws:SourceIp”: “54.240.143.0/24” });

      Specified by:
      grantPublicAccess in interface IBucket
      Specified by:
      grantPublicAccess in interface IBucket.Jsii$Default
      Parameters:
      keyPrefix - the prefix of S3 object keys (e.g. home/*). Default is "*".
      allowedActions - the set of S3 actions to allow. This parameter is required.
      Returns:
      The iam.PolicyStatement object, which can be used to apply e.g. conditions.

    • grantPut

      @Stability(Stable) @NotNull public final Grant grantPut(@NotNull IGrantable identity, @Nullable Object objectsKeyPattern)
      Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Specified by:
      grantPut in interface IBucket
      Specified by:
      grantPut in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').

    • grantPut

      @Stability(Stable) @NotNull public final Grant grantPut(@NotNull IGrantable identity)
      Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Specified by:
      grantPut in interface IBucket
      Parameters:
      identity - The principal. This parameter is required.

    • grantPutAcl

      @Stability(Stable) @NotNull public final Grant grantPutAcl(@NotNull IGrantable identity, @Nullable String objectsKeyPattern)
      Grant the given IAM identity permissions to modify the ACLs of objects in the given Bucket.

      If your application has the '@aws-cdk/aws-s3:grantWriteWithoutAcl' feature flag set, calling grantWrite or grantReadWrite no longer grants permissions to modify the ACLs of the objects; in this case, if you need to modify object ACLs, call this method explicitly.

      Specified by:
      grantPutAcl in interface IBucket
      Specified by:
      grantPutAcl in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').

    • grantPutAcl

      @Stability(Stable) @NotNull public final Grant grantPutAcl(@NotNull IGrantable identity)
      Grant the given IAM identity permissions to modify the ACLs of objects in the given Bucket.

      If your application has the '@aws-cdk/aws-s3:grantWriteWithoutAcl' feature flag set, calling grantWrite or grantReadWrite no longer grants permissions to modify the ACLs of the objects; in this case, if you need to modify object ACLs, call this method explicitly.

      Specified by:
      grantPutAcl in interface IBucket
      Parameters:
      identity - The principal. This parameter is required.

    • grantRead

      @Stability(Stable) @NotNull public final Grant grantRead(@NotNull IGrantable identity, @Nullable Object objectsKeyPattern)
      Grant read permissions for this bucket and it's contents to an IAM principal (Role/Group/User).

      If encryption is used, permission to use the key to decrypt the contents of the bucket will also be granted to the same principal.

      Specified by:
      grantRead in interface IBucket
      Specified by:
      grantRead in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').

    • grantRead

      @Stability(Stable) @NotNull public final Grant grantRead(@NotNull IGrantable identity)
      Grant read permissions for this bucket and it's contents to an IAM principal (Role/Group/User).

      If encryption is used, permission to use the key to decrypt the contents of the bucket will also be granted to the same principal.

      Specified by:
      grantRead in interface IBucket
      Parameters:
      identity - The principal. This parameter is required.

    • grantReadWrite

      @Stability(Stable) @NotNull public final Grant grantReadWrite(@NotNull IGrantable identity, @Nullable Object objectsKeyPattern)
      Grants read/write permissions for this bucket and it's contents to an IAM principal (Role/Group/User).

      If an encryption key is used, permission to use the key for encrypt/decrypt will also be granted.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantReadWrite in interface IBucket
      Specified by:
      grantReadWrite in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').

    • grantReadWrite

      @Stability(Stable) @NotNull public final Grant grantReadWrite(@NotNull IGrantable identity)
      Grants read/write permissions for this bucket and it's contents to an IAM principal (Role/Group/User).

      If an encryption key is used, permission to use the key for encrypt/decrypt will also be granted.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantReadWrite in interface IBucket
      Parameters:
      identity - The principal. This parameter is required.

    • grantReplicationPermission

      @Stability(Stable) @NotNull public final Grant grantReplicationPermission(@NotNull IGrantable identity, @NotNull GrantReplicationPermissionProps props)
      Allows permissions for replication operation to bucket replication role.

      If an encryption key is used, permission to use the key for encrypt/decrypt will also be granted.

      Specified by:
      grantReplicationPermission in interface IBucket
      Specified by:
      grantReplicationPermission in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      props - The properties of the replication source and destination buckets. This parameter is required.
      Returns:
      The iam.Grant object, which represents the grant of permissions.

    • grantWrite

      @Stability(Stable) @NotNull public final Grant grantWrite(@NotNull IGrantable identity, @Nullable Object objectsKeyPattern, @Nullable List<String> allowedActionPatterns)
      Grant write permissions to this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantWrite in interface IBucket
      Specified by:
      grantWrite in interface IBucket.Jsii$Default
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').
      allowedActionPatterns - Restrict the permissions to certain list of action patterns.

    • grantWrite

      @Stability(Stable) @NotNull public final Grant grantWrite(@NotNull IGrantable identity, @Nullable Object objectsKeyPattern)
      Grant write permissions to this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantWrite in interface IBucket
      Parameters:
      identity - The principal. This parameter is required.
      objectsKeyPattern - Restrict the permission to a certain key pattern (default '*').

    • grantWrite

      @Stability(Stable) @NotNull public final Grant grantWrite(@NotNull IGrantable identity)
      Grant write permissions to this bucket to an IAM principal.

      If encryption is used, permission to use the key to encrypt the contents of written files will also be granted to the same principal.

      Before CDK version 1.85.0, this method granted the s3:PutObject* permission that included s3:PutObjectAcl, which could be used to grant read/write object access to IAM principals in other accounts. If you want to get rid of that behavior, update your CDK version to 1.85.0 or later, and make sure the @aws-cdk/aws-s3:grantWriteWithoutAcl feature flag is set to true in the context key of your cdk.json file. If you've already updated, but still need the principal to have permissions to modify the ACLs, use the grantPutAcl method.

      Specified by:
      grantWrite in interface IBucket
      Parameters:
      identity - The principal. This parameter is required.

    • onCloudTrailEvent

      @Stability(Stable) @NotNull public final Rule onCloudTrailEvent(@NotNull String id, @Nullable OnCloudTrailBucketEventOptions options)
      Defines a CloudWatch event that triggers when something happens to this bucket.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailEvent in interface IBucket
      Specified by:
      onCloudTrailEvent in interface IBucket.Jsii$Default
      Parameters:
      id - The id of the rule. This parameter is required.
      options - Options for adding the rule.

    • onCloudTrailEvent

      @Stability(Stable) @NotNull public final Rule onCloudTrailEvent(@NotNull String id)
      Defines a CloudWatch event that triggers when something happens to this bucket.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailEvent in interface IBucket
      Parameters:
      id - The id of the rule. This parameter is required.

    • onCloudTrailPutObject

      @Stability(Stable) @NotNull public final Rule onCloudTrailPutObject(@NotNull String id, @Nullable OnCloudTrailBucketEventOptions options)
      Defines an AWS CloudWatch event that triggers when an object is uploaded to the specified paths (keys) in this bucket using the PutObject API call.

      Note that some tools like aws s3 cp will automatically use either PutObject or the multipart upload API depending on the file size, so using onCloudTrailWriteObject may be preferable.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailPutObject in interface IBucket
      Specified by:
      onCloudTrailPutObject in interface IBucket.Jsii$Default
      Parameters:
      id - The id of the rule. This parameter is required.
      options - Options for adding the rule.

    • onCloudTrailPutObject

      @Stability(Stable) @NotNull public final Rule onCloudTrailPutObject(@NotNull String id)
      Defines an AWS CloudWatch event that triggers when an object is uploaded to the specified paths (keys) in this bucket using the PutObject API call.

      Note that some tools like aws s3 cp will automatically use either PutObject or the multipart upload API depending on the file size, so using onCloudTrailWriteObject may be preferable.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailPutObject in interface IBucket
      Parameters:
      id - The id of the rule. This parameter is required.

    • onCloudTrailWriteObject

      @Stability(Stable) @NotNull public final Rule onCloudTrailWriteObject(@NotNull String id, @Nullable OnCloudTrailBucketEventOptions options)
      Defines an AWS CloudWatch event that triggers when an object at the specified paths (keys) in this bucket are written to.

      This includes the events PutObject, CopyObject, and CompleteMultipartUpload.

      Note that some tools like aws s3 cp will automatically use either PutObject or the multipart upload API depending on the file size, so using this method may be preferable to onCloudTrailPutObject.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailWriteObject in interface IBucket
      Specified by:
      onCloudTrailWriteObject in interface IBucket.Jsii$Default
      Parameters:
      id - The id of the rule. This parameter is required.
      options - Options for adding the rule.

    • onCloudTrailWriteObject

      @Stability(Stable) @NotNull public final Rule onCloudTrailWriteObject(@NotNull String id)
      Defines an AWS CloudWatch event that triggers when an object at the specified paths (keys) in this bucket are written to.

      This includes the events PutObject, CopyObject, and CompleteMultipartUpload.

      Note that some tools like aws s3 cp will automatically use either PutObject or the multipart upload API depending on the file size, so using this method may be preferable to onCloudTrailPutObject.

      Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.

      Specified by:
      onCloudTrailWriteObject in interface IBucket
      Parameters:
      id - The id of the rule. This parameter is required.

    • s3UrlForObject

      @Stability(Stable) @NotNull public final String s3UrlForObject(@Nullable String key)
      The S3 URL of an S3 object.

      For example:

      • s3://onlybucket
      • s3://bucket/key

      Specified by:
      s3UrlForObject in interface IBucket
      Specified by:
      s3UrlForObject in interface IBucket.Jsii$Default
      Parameters:
      key - The S3 key of the object.
      Returns:
      an ObjectS3Url token

    • s3UrlForObject

      @Stability(Stable) @NotNull public final String s3UrlForObject()
      The S3 URL of an S3 object.

      For example:

      • s3://onlybucket
      • s3://bucket/key

      Specified by:
      s3UrlForObject in interface IBucket
      Returns:
      an ObjectS3Url token

    • transferAccelerationUrlForObject

      @Stability(Stable) @NotNull public final String transferAccelerationUrlForObject(@Nullable String key, @Nullable TransferAccelerationUrlOptions options)
      The https Transfer Acceleration URL of an S3 object.

      Specify dualStack: true at the options for dual-stack endpoint (connect to the bucket over IPv6). For example:

      • https://bucket.s3-accelerate.amazonaws.com
      • https://bucket.s3-accelerate.amazonaws.com/key

      Specified by:
      transferAccelerationUrlForObject in interface IBucket
      Specified by:
      transferAccelerationUrlForObject in interface IBucket.Jsii$Default
      Parameters:
      key - The S3 key of the object.
      options - Options for generating URL.
      Returns:
      an TransferAccelerationUrl token

    • transferAccelerationUrlForObject

      @Stability(Stable) @NotNull public final String transferAccelerationUrlForObject(@Nullable String key)
      The https Transfer Acceleration URL of an S3 object.

      Specify dualStack: true at the options for dual-stack endpoint (connect to the bucket over IPv6). For example:

      • https://bucket.s3-accelerate.amazonaws.com
      • https://bucket.s3-accelerate.amazonaws.com/key

      Specified by:
      transferAccelerationUrlForObject in interface IBucket
      Parameters:
      key - The S3 key of the object.
      Returns:
      an TransferAccelerationUrl token

    • transferAccelerationUrlForObject

      @Stability(Stable) @NotNull public final String transferAccelerationUrlForObject()
      The https Transfer Acceleration URL of an S3 object.

      Specify dualStack: true at the options for dual-stack endpoint (connect to the bucket over IPv6). For example:

      • https://bucket.s3-accelerate.amazonaws.com
      • https://bucket.s3-accelerate.amazonaws.com/key

      Specified by:
      transferAccelerationUrlForObject in interface IBucket
      Returns:
      an TransferAccelerationUrl token

    • urlForObject

      @Stability(Stable) @NotNull public final String urlForObject(@Nullable String key)
      The https URL of an S3 object. For example:.

      • https://s3.us-west-1.amazonaws.com/onlybucket
      • https://s3.us-west-1.amazonaws.com/bucket/key
      • https://s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/china-bucket/mykey

      Specified by:
      urlForObject in interface IBucket
      Specified by:
      urlForObject in interface IBucket.Jsii$Default
      Parameters:
      key - The S3 key of the object.
      Returns:
      an ObjectS3Url token

    • urlForObject

      @Stability(Stable) @NotNull public final String urlForObject()
      The https URL of an S3 object. For example:.

      • https://s3.us-west-1.amazonaws.com/onlybucket
      • https://s3.us-west-1.amazonaws.com/bucket/key
      • https://s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/china-bucket/mykey

      Specified by:
      urlForObject in interface IBucket
      Returns:
      an ObjectS3Url token

    • virtualHostedUrlForObject

      @Stability(Stable) @NotNull public final String virtualHostedUrlForObject(@Nullable String key, @Nullable VirtualHostedStyleUrlOptions options)
      The virtual hosted-style URL of an S3 object. Specify regional: false at the options for non-regional URL. For example:.

      • https://only-bucket.s3.us-west-1.amazonaws.com
      • https://bucket.s3.us-west-1.amazonaws.com/key
      • https://bucket.s3.amazonaws.com/key
      • https://china-bucket---s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/mykey

      Specified by:
      virtualHostedUrlForObject in interface IBucket
      Specified by:
      virtualHostedUrlForObject in interface IBucket.Jsii$Default
      Parameters:
      key - The S3 key of the object.
      options - Options for generating URL.
      Returns:
      an ObjectS3Url token

    • virtualHostedUrlForObject

      @Stability(Stable) @NotNull public final String virtualHostedUrlForObject(@Nullable String key)
      The virtual hosted-style URL of an S3 object. Specify regional: false at the options for non-regional URL. For example:.

      • https://only-bucket.s3.us-west-1.amazonaws.com
      • https://bucket.s3.us-west-1.amazonaws.com/key
      • https://bucket.s3.amazonaws.com/key
      • https://china-bucket---s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/mykey

      Specified by:
      virtualHostedUrlForObject in interface IBucket
      Parameters:
      key - The S3 key of the object.
      Returns:
      an ObjectS3Url token

    • virtualHostedUrlForObject

      @Stability(Stable) @NotNull public final String virtualHostedUrlForObject()
      The virtual hosted-style URL of an S3 object. Specify regional: false at the options for non-regional URL. For example:.

      • https://only-bucket.s3.us-west-1.amazonaws.com
      • https://bucket.s3.us-west-1.amazonaws.com/key
      • https://bucket.s3.amazonaws.com/key
      • https://china-bucket---s3---cn-north-1.amazonaws.com.rproxy.govskope.ca.cn/mykey

      Specified by:
      virtualHostedUrlForObject in interface IBucket
      Returns:
      an ObjectS3Url token