-
Notifications
You must be signed in to change notification settings - Fork 17
/
awss3_BucketAccessControl.go
67 lines (63 loc) · 2.31 KB
/
awss3_BucketAccessControl.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
package awss3
// Default bucket access control types.
//
// Example:
// bucket := s3.NewBucket(this, jsii.String("MyBucket"))
//
// iot.NewTopicRule(this, jsii.String("TopicRule"), &topicRuleProps{
// sql: iot.iotSql.fromStringAsVer20160323(jsii.String("SELECT * FROM 'device/+/data'")),
// actions: []iAction{
// actions.NewS3PutObjectAction(bucket, &s3PutObjectActionProps{
// accessControl: s3.bucketAccessControl_PUBLIC_READ,
// }),
// },
// })
//
// See: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
//
// Experimental.
type BucketAccessControl string
const (
// Owner gets FULL_CONTROL.
//
// No one else has access rights.
// Experimental.
BucketAccessControl_PRIVATE BucketAccessControl = "PRIVATE"
// Owner gets FULL_CONTROL.
//
// The AllUsers group gets READ access.
// Experimental.
BucketAccessControl_PUBLIC_READ BucketAccessControl = "PUBLIC_READ"
// Owner gets FULL_CONTROL.
//
// The AllUsers group gets READ and WRITE access.
// Granting this on a bucket is generally not recommended.
// Experimental.
BucketAccessControl_PUBLIC_READ_WRITE BucketAccessControl = "PUBLIC_READ_WRITE"
// Owner gets FULL_CONTROL.
//
// The AuthenticatedUsers group gets READ access.
// Experimental.
BucketAccessControl_AUTHENTICATED_READ BucketAccessControl = "AUTHENTICATED_READ"
// The LogDelivery group gets WRITE and READ_ACP permissions on the bucket.
// See: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html
//
// Experimental.
BucketAccessControl_LOG_DELIVERY_WRITE BucketAccessControl = "LOG_DELIVERY_WRITE"
// Object owner gets FULL_CONTROL.
//
// Bucket owner gets READ access.
// If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
// Experimental.
BucketAccessControl_BUCKET_OWNER_READ BucketAccessControl = "BUCKET_OWNER_READ"
// Both the object owner and the bucket owner get FULL_CONTROL over the object.
//
// If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
// Experimental.
BucketAccessControl_BUCKET_OWNER_FULL_CONTROL BucketAccessControl = "BUCKET_OWNER_FULL_CONTROL"
// Owner gets FULL_CONTROL.
//
// Amazon EC2 gets READ access to GET an Amazon Machine Image (AMI) bundle from Amazon S3.
// Experimental.
BucketAccessControl_AWS_EXEC_READ BucketAccessControl = "AWS_EXEC_READ"
)