Package software.amazon.awscdk.services.s3.deployment

Interface BucketDeploymentProps

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
BucketDeploymentProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.119.0 (build 1634eac)", date="2025-11-13T16:10:13.425Z") @Stability(Stable) public interface BucketDeploymentProps extends software.amazon.jsii.JsiiSerializable
Properties for BucketDeployment.

Example: 

 Bucket destinationBucket;
 BucketDeployment deployment = BucketDeployment.Builder.create(this, "DeployFiles")
         .sources(List.of(Source.asset(join(__dirname, "source-files"))))
         .destinationBucket(destinationBucket)
         .build();
 deployment.handlerRole.addToPolicy(
 PolicyStatement.Builder.create()
         .actions(List.of("kms:Decrypt", "kms:DescribeKey"))
         .effect(Effect.ALLOW)
         .resources(List.of("<encryption key ARN>"))
         .build());

  • Method Details

    • getDestinationBucket

      @Stability(Stable) @NotNull IBucket getDestinationBucket()
      The S3 bucket to sync the contents of the zip file to.

    • getSources

      @Stability(Stable) @NotNull List<ISource> getSources()
      The sources from which to deploy the contents of this bucket.

    • getAccessControl

      @Stability(Stable) @Nullable default BucketAccessControl getAccessControl()
      System-defined x-amz-acl metadata to be set on all objects in the deployment.

      Default: - Not set.

      See Also:

    • getCacheControl

      @Stability(Stable) @Nullable default List<CacheControl> getCacheControl()
      System-defined cache-control metadata to be set on all objects in the deployment.

      Default: - Not set.

      See Also:

    • getContentDisposition

      @Stability(Stable) @Nullable default String getContentDisposition()
      System-defined cache-disposition metadata to be set on all objects in the deployment.

      Default: - Not set.

      See Also:

    • getContentEncoding

      @Stability(Stable) @Nullable default String getContentEncoding()
      System-defined content-encoding metadata to be set on all objects in the deployment.

      Default: - Not set.

      See Also:

    • getContentLanguage

      @Stability(Stable) @Nullable default String getContentLanguage()
      System-defined content-language metadata to be set on all objects in the deployment.

      Default: - Not set.

      See Also:

    • getContentType

      @Stability(Stable) @Nullable default String getContentType()
      System-defined content-type metadata to be set on all objects in the deployment.

      Default: - Not set.

      See Also:

    • getDestinationKeyPrefix

      @Stability(Stable) @Nullable default String getDestinationKeyPrefix()
      Key prefix in the destination bucket. Must be <=104 characters.

      If it's set with prune: true, it will only prune files with the prefix.

      We recommend to always configure the destinationKeyPrefix property. This will prevent the deployment from accidentally deleting data that wasn't uploaded by it.

      Default: "/" (unzip to root of the destination bucket)

    • getDistribution

      @Stability(Stable) @Nullable default IDistributionRef getDistribution()
      The CloudFront distribution using the destination bucket as an origin.

      Files in the distribution's edge caches will be invalidated after files are uploaded to the destination bucket.

      Default: - No invalidation occurs

    • getDistributionPaths

      @Stability(Stable) @Nullable default List<String> getDistributionPaths()
      The file paths to invalidate in the CloudFront distribution.

      Default: - All files under the destination bucket key prefix will be invalidated.

    • getEphemeralStorageSize

      @Stability(Stable) @Nullable default Size getEphemeralStorageSize()
      The size of the AWS Lambda function’s /tmp directory in MiB.

      Default: 512 MiB

    • getExclude

      @Stability(Stable) @Nullable default List<String> getExclude()
      If this is set, matching files or objects will be excluded from the deployment's sync command.

      This can be used to exclude a file from being pruned in the destination bucket.

      If you want to just exclude files from the deployment package (which excludes these files evaluated when invalidating the asset), you should leverage the exclude property of AssetOptions when defining your source.

      Default: - No exclude filters are used

      See Also:

    • getExpires

      @Stability(Stable) @Nullable default Expiration getExpires()
      System-defined expires metadata to be set on all objects in the deployment.

      Default: - The objects in the distribution will not expire.

      See Also:

    • getExtract

      @Stability(Stable) @Nullable default Boolean getExtract()
      If this is set, the zip file will be synced to the destination S3 bucket and extracted.

      If false, the file will remain zipped in the destination bucket.

      Default: true

    • getInclude

      @Stability(Stable) @Nullable default List<String> getInclude()
      If this is set, matching files or objects will be included with the deployment's sync command.

      Since all files from the deployment package are included by default, this property is usually leveraged alongside an exclude filter.

      Default: - No include filters are used and all files are included with the sync command

      See Also:

    • getLogGroup

      @Stability(Stable) @Nullable default ILogGroup getLogGroup()
      The Log Group used for logging of events emitted by the custom resource's lambda function.

      Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.

      Default: - a default log group created by AWS Lambda

    • getLogRetention

      @Stability(Stable) @Nullable default RetentionDays getLogRetention()
      The number of days that the lambda function's log events are kept in CloudWatch Logs.

      This is a legacy API and we strongly recommend you migrate to logGroup if you can. logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.

      Default: logs.RetentionDays.INFINITE

    • getMemoryLimit

      @Stability(Stable) @Nullable default Number getMemoryLimit()
      The amount of memory (in MiB) to allocate to the AWS Lambda function which replicates the files from the CDK bucket to the destination bucket.

      If you are deploying large files, you will need to increase this number accordingly.

      Default: 128

    • getMetadata

      @Stability(Stable) @Nullable default Map<String,String> getMetadata()
      User-defined object metadata to be set on all objects in the deployment.

      Default: - No user metadata is set

      See Also:

    • getOutputObjectKeys

      @Stability(Stable) @Nullable default Boolean getOutputObjectKeys()
      If set to false, the custom resource will not send back the SourceObjectKeys.

      This is useful when you are facing the error Response object is too long

      See https://github.com/aws/aws-cdk/issues/28579

      Default: true

    • getPrune

      @Stability(Stable) @Nullable default Boolean getPrune()
      By default, files in the destination bucket that don't exist in the source will be deleted when the BucketDeployment resource is created or updated.

      If this is set to false, files in the destination bucket that do not exist in the asset, will NOT be deleted during deployment (create/update).

      Default: true

      See Also:

    • getRetainOnDelete

      @Stability(Stable) @Nullable default Boolean getRetainOnDelete()
      If this is set to "false", the destination files will be deleted when the resource is deleted or the destination is updated.

      NOTICE: Configuring this to "false" might have operational implications. Please visit to the package documentation referred below to make sure you fully understand those implications.

      Default: true - when resource is deleted/updated, files are retained

      See Also:

    • getRole

      @Stability(Stable) @Nullable default IRole getRole()
      Execution role associated with this function.

      Default: - A role is automatically created

    • getSecurityGroups

      @Stability(Stable) @Nullable default List<ISecurityGroup> getSecurityGroups()
      The list of security groups to associate with the lambda handlers network interfaces.

      Only used if 'vpc' is supplied.

      Default: undefined - If the function is placed within a VPC and a security group is not specified a dedicated security group will be created for this function.

    • getServerSideEncryption

      @Stability(Stable) @Nullable default ServerSideEncryption getServerSideEncryption()
      System-defined x-amz-server-side-encryption metadata to be set on all objects in the deployment.

      Default: - Server side encryption is not used.

      See Also:

    • getServerSideEncryptionAwsKmsKeyId

      @Stability(Stable) @Nullable default String getServerSideEncryptionAwsKmsKeyId()
      System-defined x-amz-server-side-encryption-aws-kms-key-id metadata to be set on all objects in the deployment.

      Default: - Not set.

      See Also:

    • getServerSideEncryptionCustomerAlgorithm

      @Stability(Stable) @Nullable default String getServerSideEncryptionCustomerAlgorithm()
      System-defined x-amz-server-side-encryption-customer-algorithm metadata to be set on all objects in the deployment.

      Warning: This is not a useful parameter until this bug is fixed: https://github.com/aws/aws-cdk/issues/6080

      Default: - Not set.

      See Also:

    • getSignContent

      @Stability(Stable) @Nullable default Boolean getSignContent()
      If set to true, uploads will precompute the value of x-amz-content-sha256 and include it in the signed S3 request headers.

      Default: - `x-amz-content-sha256` will not be computed

    • getStorageClass

      @Stability(Stable) @Nullable default StorageClass getStorageClass()
      System-defined x-amz-storage-class metadata to be set on all objects in the deployment.

      Default: - Default storage-class for the bucket is used.

      See Also:

    • getUseEfs

      @Stability(Stable) @Nullable default Boolean getUseEfs()
      Mount an EFS file system.

      Enable this if your assets are large and you encounter disk space errors. Enabling this option will require a VPC to be specified.

      Default: - No EFS. Lambda has access only to 512MB of disk space.

    • getVpc

      @Stability(Stable) @Nullable default IVpc getVpc()
      The VPC network to place the deployment lambda handler in.

      This is required if useEfs is set.

      Default: None

    • getVpcSubnets

      @Stability(Stable) @Nullable default SubnetSelection getVpcSubnets()
      Where in the VPC to place the deployment lambda handler.

      Only used if 'vpc' is supplied.

      Default: - the Vpc default strategy if not specified

    • getWaitForDistributionInvalidation

      @Stability(Stable) @Nullable default Boolean getWaitForDistributionInvalidation()
      In case of using a cloudfront distribtuion, if this property is set to false then the custom resource will not wait and verify for Cloudfront invalidation to complete.

      This may speed up deployment and avoid intermittent Cloudfront issues. However, this is risky and not recommended as cache invalidation can silently fail.

      Default: true

      See Also:

    • getWebsiteRedirectLocation

      @Stability(Stable) @Nullable default String getWebsiteRedirectLocation()
      System-defined x-amz-website-redirect-location metadata to be set on all objects in the deployment.

      Default: - No website redirection.

      See Also:

    • builder

      @Stability(Stable) static BucketDeploymentProps.Builder builder()
      Returns:
      a BucketDeploymentProps.Builder of BucketDeploymentProps