Package software.amazon.awscdk.services.s3tables.alpha

Interface ITableBucket

All Superinterfaces:

software.constructs.IConstruct, software.constructs.IDependable, IEnvironmentAware, IResource, software.amazon.jsii.JsiiSerializable

All Known Subinterfaces:

ITableBucket.Jsii$Default

All Known Implementing Classes:

ITableBucket.Jsii$Proxy, TableBucket

@Generated(value="jsii-pacmak/1.120.0 (build 192dc88)",
           date="2025-12-05T22:26:50.347Z")
@Stability(Experimental)
public interface ITableBucket
extends software.amazon.jsii.JsiiSerializable, IResource

(experimental) Interface definition for S3 Table Buckets.

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static interface	ITableBucket.Jsii$Default	Internal default implementation for ITableBucket.
static final class	ITableBucket.Jsii$Proxy	A proxy class which represents a concrete javascript instance of this type.

Method Summary

Modifier and Type	Method	Description
AddToResourcePolicyResult	addToResourcePolicy(PolicyStatement statement)	(experimental) Adds a statement to the resource policy for a principal (i.e.
default String	getAccount()	(experimental) The accountId containing the table bucket.
default IKey	getEncryptionKey()	(experimental) Optional KMS encryption key associated with this table bucket.
default String	getRegion()	(experimental) The region containing the table bucket.
String	getTableBucketArn()	(experimental) The ARN of the table bucket.
String	getTableBucketName()	(experimental) The name of the table bucket.
Grant	grantRead(IGrantable identity, String tableId)	(experimental) Grant read permissions for this table bucket and its tables to an IAM principal (Role/Group/User).
Grant	grantReadWrite(IGrantable identity, String tableId)	(experimental) Grant read and write permissions for this table bucket and its tables to an IAM principal (Role/Group/User).
Grant	grantWrite(IGrantable identity, String tableId)	(experimental) Grant write permissions for this table bucket and its tables to an IAM principal (Role/Group/User).

Methods inherited from interface software.constructs.IConstruct

getNode

Methods inherited from interface software.amazon.awscdk.interfaces.IEnvironmentAware

getEnv

Methods inherited from interface software.amazon.awscdk.IResource

applyRemovalPolicy, getStack

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getTableBucketArn

@Stability(Experimental)
@NotNull
String getTableBucketArn()

(experimental) The ARN of the table bucket.

getTableBucketName

@Stability(Experimental)
@NotNull
String getTableBucketName()

(experimental) The name of the table bucket.

getAccount

@Stability(Experimental)
@Nullable
default String getAccount()

(experimental) The accountId containing the table bucket.

getEncryptionKey

@Stability(Experimental)
@Nullable
default IKey getEncryptionKey()

(experimental) Optional KMS encryption key associated with this table bucket.

getRegion

@Stability(Experimental)
@Nullable
default String getRegion()

(experimental) The region containing the table bucket.

addToResourcePolicy

@Stability(Experimental)
@NotNull
AddToResourcePolicyResult addToResourcePolicy(@NotNull
 PolicyStatement statement)

(experimental) Adds a statement to the resource policy for a principal (i.e. account/role/service) to perform actions on this table bucket and/or its tables.

Note that the policy statement may or may not be added to the policy. For example, when an ITableBucket is created from an existing table bucket, it's not possible to tell whether the bucket already has a policy attached, let alone to re-use that policy to add more statements to it. So it's safest to do nothing in these cases.

Parameters:

statement - the policy statement to be added to the bucket's policy. This parameter is required.

Returns:

metadata about the execution of this method. If the policy was not added, the value of statementAdded will be false. You should always check this value to make sure that the operation was actually carried out. Otherwise, synthesis and deploy will terminate silently, which may be confusing.

grantRead

@Stability(Experimental)
@NotNull
Grant grantRead(@NotNull
 IGrantable identity,
 @NotNull
 String tableId)

(experimental) Grant read permissions for this table bucket and its tables to an IAM principal (Role/Group/User).

If encryption is used, permission to use the key to decrypt the contents of the bucket will also be granted to the same principal.

Parameters:

identity - The principal to allow read permissions to. This parameter is required.

tableId - Allow the permissions to all tables using '*' or to single table by its unique ID. This parameter is required.

grantReadWrite

@Stability(Experimental)
@NotNull
Grant grantReadWrite(@NotNull
 IGrantable identity,
 @NotNull
 String tableId)

(experimental) Grant read and write permissions for this table bucket and its tables to an IAM principal (Role/Group/User).

If encryption is used, permission to use the key to encrypt/decrypt the contents of the bucket will also be granted to the same principal.

Parameters:

identity - The principal to allow read and write permissions to. This parameter is required.

tableId - Allow the permissions to all tables using '*' or to single table by its unique ID. This parameter is required.

grantWrite

@Stability(Experimental)
@NotNull
Grant grantWrite(@NotNull
 IGrantable identity,
 @NotNull
 String tableId)

(experimental) Grant write permissions for this table bucket and its tables to an IAM principal (Role/Group/User).

If encryption is used, permission to use the key to encrypt the contents of the bucket will also be granted to the same principal.

Parameters:

identity - The principal to allow write permissions to. This parameter is required.

tableId - Allow the permissions to all tables using '*' or to single table by its unique ID. This parameter is required.