-
Notifications
You must be signed in to change notification settings - Fork 17
/
awss3_BucketAccessControl.go
77 lines (73 loc) · 2.89 KB
/
awss3_BucketAccessControl.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
package awss3
// Default bucket access control types.
//
// Example:
// websiteBucket := s3.NewBucket(this, jsii.String("WebsiteBucket"), &bucketProps{
// websiteIndexDocument: jsii.String("index.html"),
// publicReadAccess: jsii.Boolean(true),
// })
//
// s3deploy.NewBucketDeployment(this, jsii.String("DeployWebsite"), &bucketDeploymentProps{
// sources: []iSource{
// s3deploy.source.asset(jsii.String("./website-dist")),
// },
// destinationBucket: websiteBucket,
// destinationKeyPrefix: jsii.String("web/static"),
// // optional prefix in destination bucket
// metadata: &userDefinedObjectMetadata{
// a: jsii.String("1"),
// b: jsii.String("2"),
// },
// // user-defined metadata
//
// // system-defined metadata
// contentType: jsii.String("text/html"),
// contentLanguage: jsii.String("en"),
// storageClass: s3deploy.storageClass_INTELLIGENT_TIERING,
// serverSideEncryption: s3deploy.serverSideEncryption_AES_256,
// cacheControl: []cacheControl{
// s3deploy.*cacheControl.setPublic(),
// s3deploy.*cacheControl.maxAge(awscdk.Duration.hours(jsii.Number(1))),
// },
// accessControl: s3.bucketAccessControl_BUCKET_OWNER_FULL_CONTROL,
// })
//
// See: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
//
type BucketAccessControl string
const (
// Owner gets FULL_CONTROL.
//
// No one else has access rights.
BucketAccessControl_PRIVATE BucketAccessControl = "PRIVATE"
// Owner gets FULL_CONTROL.
//
// The AllUsers group gets READ access.
BucketAccessControl_PUBLIC_READ BucketAccessControl = "PUBLIC_READ"
// Owner gets FULL_CONTROL.
//
// The AllUsers group gets READ and WRITE access.
// Granting this on a bucket is generally not recommended.
BucketAccessControl_PUBLIC_READ_WRITE BucketAccessControl = "PUBLIC_READ_WRITE"
// Owner gets FULL_CONTROL.
//
// The AuthenticatedUsers group gets READ access.
BucketAccessControl_AUTHENTICATED_READ BucketAccessControl = "AUTHENTICATED_READ"
// The LogDelivery group gets WRITE and READ_ACP permissions on the bucket.
// See: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html
//
BucketAccessControl_LOG_DELIVERY_WRITE BucketAccessControl = "LOG_DELIVERY_WRITE"
// Object owner gets FULL_CONTROL.
//
// Bucket owner gets READ access.
// If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
BucketAccessControl_BUCKET_OWNER_READ BucketAccessControl = "BUCKET_OWNER_READ"
// Both the object owner and the bucket owner get FULL_CONTROL over the object.
//
// If you specify this canned ACL when creating a bucket, Amazon S3 ignores it.
BucketAccessControl_BUCKET_OWNER_FULL_CONTROL BucketAccessControl = "BUCKET_OWNER_FULL_CONTROL"
// Owner gets FULL_CONTROL.
//
// Amazon EC2 gets READ access to GET an Amazon Machine Image (AMI) bundle from Amazon S3.
BucketAccessControl_AWS_EXEC_READ BucketAccessControl = "AWS_EXEC_READ"
)