interface BucketProps

Language	Type name
.NET	Amazon.CDK.AWS.S3.BucketProps
Java	software.amazon.awscdk.services.s3.BucketProps
Python	aws_cdk.aws_s3.BucketProps
TypeScript (source)	@aws-cdk/aws-s3 » BucketProps

Example

const sourceBucket = new s3.Bucket(this, 'MyBucket', {
  versioned: true, // a Bucket used as a source in CodePipeline must be versioned
});

const pipeline = new codepipeline.Pipeline(this, 'MyPipeline');
const sourceOutput = new codepipeline.Artifact();
const sourceAction = new codepipeline_actions.S3SourceAction({
  actionName: 'S3Source',
  bucket: sourceBucket,
  bucketKey: 'path/to/file.zip',
  output: sourceOutput,
});
pipeline.addStage({
  stageName: 'Source',
  actions: [sourceAction],
});

Properties

Name	Type	Description
accessControl?	BucketAccessControl	Specifies a canned ACL that grants predefined permissions to the bucket.
autoDeleteObjects?	boolean	Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.
blockPublicAccess?	BlockPublicAccess	The block public access configuration of this bucket.
bucketKeyEnabled?	boolean	Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket.
bucketName?	string	Physical name of this bucket.
cors?	CorsRule[]	The CORS configuration of this bucket.
encryption?	BucketEncryption	The kind of server-side encryption to apply to this bucket.
encryptionKey?	IKey	External KMS key to use for bucket encryption.
enforceSSL?	boolean	Enforces SSL for requests.
eventBridgeEnabled?	boolean	Whether this bucket should send notifications to Amazon EventBridge or not.
intelligentTieringConfigurations?	IntelligentTieringConfiguration[]	Inteligent Tiering Configurations.
inventories?	Inventory[]	The inventory configuration of the bucket.
lifecycleRules?	LifecycleRule[]	Rules that define how Amazon S3 manages objects during their lifetime.
metrics?	BucketMetrics[]	The metrics configuration of this bucket.
notificationsHandlerRole?	IRole	The role to be used by the notifications handler.
objectOwnership?	ObjectOwnership	The objectOwnership of the bucket.
publicReadAccess?	boolean	Grants public read access to all objects in the bucket.
removalPolicy?	RemovalPolicy	Policy to apply when the bucket is removed from this stack.
serverAccessLogsBucket?	IBucket	Destination bucket for the server access logs.
serverAccessLogsPrefix?	string	Optional log file prefix to use for the bucket's access logs.
transferAcceleration?	boolean	Whether this bucket should have transfer acceleration turned on or not.
versioned?	boolean	Whether this bucket should have versioning turned on or not.
websiteErrorDocument?	string	The name of the error document (e.g. "404.html") for the website. websiteIndexDocument must also be set if this is set.
websiteIndexDocument?	string	The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket.
websiteRedirect?	RedirectTarget	Specifies the redirect behavior of all requests to a website endpoint of a bucket.
websiteRoutingRules?	RoutingRule[]	Rules that define when a redirect is applied and the redirect behavior.

---

accessControl?

Type: BucketAccessControl (optional, default: BucketAccessControl.PRIVATE)

Specifies a canned ACL that grants predefined permissions to the bucket.

---

autoDeleteObjects?

Type: boolean (optional, default: false)

Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.

Requires the removalPolicy to be set to RemovalPolicy.DESTROY.

Warning if you have deployed a bucket with autoDeleteObjects: true, switching this to false in a CDK version before 1.126.0 will lead to all objects in the bucket being deleted. Be sure to update your bucket resources by deploying with CDK version 1.126.0 or later before switching this value to false.

---

blockPublicAccess?

Type: BlockPublicAccess (optional, default: CloudFormation defaults will apply. New buckets and objects don't allow public access, but users can modify bucket policies or object permissions to allow public access)

The block public access configuration of this bucket.

See also: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html

---

bucketKeyEnabled?

Type: boolean (optional, default: false)

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket.

Only relevant, when Encryption is set to {@link BucketEncryption.KMS}

---

bucketName?

Type: string (optional, default: Assigned by CloudFormation (recommended).)

Physical name of this bucket.

---

cors?

Type: CorsRule[] (optional, default: No CORS configuration.)

The CORS configuration of this bucket.

See also: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html

---

encryption?

Type: BucketEncryption (optional, default: Kms if encryptionKey is specified, or Unencrypted otherwise.)

The kind of server-side encryption to apply to this bucket.

If you choose KMS, you can specify a KMS key via encryptionKey. If encryption key is not specified, a key will automatically be created.

---

encryptionKey?

Type: IKey (optional, default: If encryption is set to "Kms" and this property is undefined, a new KMS key will be created and associated with this bucket.)

External KMS key to use for bucket encryption.

The 'encryption' property must be either not specified or set to "Kms". An error will be emitted if encryption is set to "Unencrypted" or "Managed".

---

enforceSSL?

Type: boolean (optional, default: false)

Enforces SSL for requests.

S3.5 of the AWS Foundational Security Best Practices Regarding S3.

See also: https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-ssl-requests-only.html

---

eventBridgeEnabled?

Type: boolean (optional, default: false)

Whether this bucket should send notifications to Amazon EventBridge or not.

---

intelligentTieringConfigurations?

Type: IntelligentTieringConfiguration[] (optional, default: No Intelligent Tiiering Configurations.)

Inteligent Tiering Configurations.

See also: https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering.html

---

inventories?

Type: Inventory[] (optional, default: No inventory configuration)

The inventory configuration of the bucket.

See also: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html

---

lifecycleRules?

Type: LifecycleRule[] (optional, default: No lifecycle rules.)

Rules that define how Amazon S3 manages objects during their lifetime.

---

metrics?

Type: BucketMetrics[] (optional, default: No metrics configuration.)

The metrics configuration of this bucket.

See also: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-metricsconfiguration.html

---

notificationsHandlerRole?

Type: IRole (optional, default: a new role will be created.)

The role to be used by the notifications handler.

---

objectOwnership?

Type: ObjectOwnership (optional, default: No ObjectOwnership configuration, uploading account will own the object.)

The objectOwnership of the bucket.

See also: https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html

---

publicReadAccess?

Type: boolean (optional, default: false)

Grants public read access to all objects in the bucket.

Similar to calling bucket.grantPublicAccess()

---

removalPolicy?

Type: RemovalPolicy (optional, default: The bucket will be orphaned.)

Policy to apply when the bucket is removed from this stack.

---

serverAccessLogsBucket?

Type: IBucket (optional, default: If "serverAccessLogsPrefix" undefined - access logs disabled, otherwise - log to current bucket.)

Destination bucket for the server access logs.

---

serverAccessLogsPrefix?

Type: string (optional, default: No log file prefix)

Optional log file prefix to use for the bucket's access logs.

If defined without "serverAccessLogsBucket", enables access logs to current bucket with this prefix.

---

transferAcceleration?

Type: boolean (optional, default: false)

Whether this bucket should have transfer acceleration turned on or not.

---

versioned?

Type: boolean (optional, default: false)

Whether this bucket should have versioning turned on or not.

---

websiteErrorDocument?

Type: string (optional, default: No error document.)

The name of the error document (e.g. "404.html") for the website. websiteIndexDocument must also be set if this is set.

---

websiteIndexDocument?

Type: string (optional, default: No index document.)

The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket.

---

websiteRedirect?

Type: RedirectTarget (optional, default: No redirection.)

Specifies the redirect behavior of all requests to a website endpoint of a bucket.

If you specify this property, you can't specify "websiteIndexDocument", "websiteErrorDocument" nor , "websiteRoutingRules".

---

websiteRoutingRules?

Type: RoutingRule[] (optional, default: No redirection rules.)

Rules that define when a redirect is applied and the redirect behavior.