BucketAccessControl
- class aws_cdk.aws_s3.BucketAccessControl(value)
Bases:
EnumDefault bucket access control types.
- See:
https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
- ExampleMetadata:
infused
Example:
bucket = s3.Bucket(self, "MyBucket") iot.TopicRule(self, "TopicRule", sql=iot.IotSql.from_string_as_ver20160323("SELECT * FROM 'device/+/data'"), actions=[ actions.S3PutObjectAction(bucket, access_control=s3.BucketAccessControl.PUBLIC_READ ) ] )
Attributes
- AUTHENTICATED_READ
Owner gets FULL_CONTROL.
The AuthenticatedUsers group gets READ access.
- AWS_EXEC_READ
Owner gets FULL_CONTROL.
Amazon EC2 gets READ access to GET an Amazon Machine Image (AMI) bundle from Amazon S3.
- BUCKET_OWNER_FULL_CONTROL
Both the object owner and the bucket owner get FULL_CONTROL over the object.
If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
- BUCKET_OWNER_READ
Object owner gets FULL_CONTROL.
Bucket owner gets READ access. If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
- LOG_DELIVERY_WRITE
The LogDelivery group gets WRITE and READ_ACP permissions on the bucket.
- PRIVATE
Owner gets FULL_CONTROL.
No one else has access rights.
- PUBLIC_READ
Owner gets FULL_CONTROL.
The AllUsers group gets READ access.
- PUBLIC_READ_WRITE
Owner gets FULL_CONTROL.
The AllUsers group gets READ and WRITE access. Granting this on a bucket is generally not recommended.