S3DockerfileData

class aws_cdk.aws_imagebuilder_alpha.S3DockerfileData(bucket, key)

Bases: DockerfileData

(experimental) Helper class for S3-based dockerfile data references, containing additional permission grant methods on the S3 object.

Stability:

experimental

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_imagebuilder_alpha as imagebuilder_alpha
import aws_cdk as cdk
from aws_cdk import aws_iam as iam
from aws_cdk.interfaces import aws_kms as interfaces_aws_kms

# docker_image: cdk.DockerImage
# grantable: iam.IGrantable
# key_ref: interfaces_aws_kms.IKeyRef
# local_bundling: cdk.ILocalBundling

s3_dockerfile_data = imagebuilder_alpha.S3DockerfileData.from_asset(self, "MyS3DockerfileData", "path",
    asset_hash="assetHash",
    asset_hash_type=cdk.AssetHashType.SOURCE,
    bundling=cdk.BundlingOptions(
        image=docker_image,

        # the properties below are optional
        bundling_file_access=cdk.BundlingFileAccess.VOLUME_COPY,
        command=["command"],
        entrypoint=["entrypoint"],
        environment={
            "environment_key": "environment"
        },
        local=local_bundling,
        network="network",
        output_type=cdk.BundlingOutput.ARCHIVED,
        platform="platform",
        security_opt="securityOpt",
        user="user",
        volumes=[cdk.DockerVolume(
            container_path="containerPath",
            host_path="hostPath",

            # the properties below are optional
            consistency=cdk.DockerVolumeConsistency.CONSISTENT
        )],
        volumes_from=["volumesFrom"],
        working_directory="workingDirectory"
    ),
    deploy_time=False,
    display_name="displayName",
    exclude=["exclude"],
    follow_symlinks=cdk.SymlinkFollowMode.NEVER,
    ignore_mode=cdk.IgnoreMode.GLOB,
    readers=[grantable],
    source_kMSKey=key_ref
)

Parameters:

• bucket (IBucket)

• key (str)

Stability:

experimental

Methods

grant_put(grantee)

(experimental) Grant put permissions to the given grantee for the dockerfile data in S3.

Parameters:

grantee (IGrantable) – The principal.

Stability:

experimental

Return type:

Grant

grant_read(grantee)

(experimental) Grant read permissions to the given grantee for the dockerfile data in S3.

Parameters:

grantee (IGrantable) – The principal.

Stability:

experimental

Return type:

Grant

render()

(experimental) The rendered Dockerfile S3 URL, for use in CloudFormation.

Stability:

experimental

Return type:

DockerfileTemplateConfig

Static Methods

classmethod from_asset(scope, id, path, *, deploy_time=None, display_name=None, readers=None, source_kms_key=None, asset_hash=None, asset_hash_type=None, bundling=None, exclude=None, follow_symlinks=None, ignore_mode=None)

(experimental) Uploads dockerfile data from a local file to S3 to use as the dockerfile data.

Parameters:

• scope (Construct) – The construct scope.

• id (str) – Identifier of the construct.

• path (str) – The local path to the dockerfile data file.

• deploy_time (Optional[bool]) – Whether or not the asset needs to exist beyond deployment time; i.e. are copied over to a different location and not needed afterwards. Setting this property to true has an impact on the lifecycle of the asset, because we will assume that it is safe to delete after the CloudFormation deployment succeeds. For example, Lambda Function assets are copied over to Lambda during deployment. Therefore, it is not necessary to store the asset in S3, so we consider those deployTime assets. Default: false

• display_name (Optional[str]) – A display name for this asset. If supplied, the display name will be used in locations where the asset identifier is printed, like in the CLI progress information. If the same asset is added multiple times, the display name of the first occurrence is used. The default is the construct path of the Asset construct, with respect to the enclosing stack. If the asset is produced by a construct helper function (such as lambda.Code.fromAsset()), this will look like MyFunction/Code. We use the stack-relative construct path so that in the common case where you have multiple stacks with the same asset, we won’t show something like /MyBetaStack/MyFunction/Code when you are actually deploying to production. Default: - Stack-relative construct path

• readers (Optional[Sequence[IGrantable]]) – A list of principals that should be able to read this asset from S3. You can use asset.grantRead(principal) to grant read permissions later. Default: - No principals that can read file asset.

• source_kms_key (Optional[IKeyRef]) – The ARN of the KMS key used to encrypt the handler code. Default: - the default server-side encryption with Amazon S3 managed keys(SSE-S3) key will be used.

• asset_hash (Optional[str]) – Specify a custom hash for this asset. If assetHashType is set it must be set to AssetHashType.CUSTOM. For consistency, this custom hash will be SHA256 hashed and encoded as hex. The resulting hash will be the asset hash. NOTE: the hash is used in order to identify a specific revision of the asset, and used for optimizing and caching deployment activities related to this asset such as packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will need to make sure it is updated every time the asset changes, or otherwise it is possible that some deployments will not be invalidated. Default: - based on assetHashType

• asset_hash_type (Optional[AssetHashType]) – Specifies the type of hash to calculate for this asset. If assetHash is configured, this option must be undefined or AssetHashType.CUSTOM. Default: - the default is AssetHashType.SOURCE, but if assetHash is explicitly specified this value defaults to AssetHashType.CUSTOM.

• bundling (Union[BundlingOptions, Dict[str, Any], None]) – Bundle the asset by executing a command in a Docker container or a custom bundling provider. The asset path will be mounted at /asset-input. The Docker container is responsible for putting content at /asset-output. The content at /asset-output will be zipped and used as the final asset. Default: - uploaded as-is to S3 if the asset is a regular file or a .zip file, archived into a .zip file and uploaded to S3 otherwise

• exclude (Optional[Sequence[str]]) – File paths matching the patterns will be excluded. See ignoreMode to set the matching behavior. Has no effect on Assets bundled using the bundling property. Default: - nothing is excluded

• follow_symlinks (Optional[SymlinkFollowMode]) – A strategy for how to handle symlinks. Default: SymlinkFollowMode.NEVER

• ignore_mode (Optional[IgnoreMode]) – The ignore behavior to use for exclude patterns. Default: IgnoreMode.GLOB

Stability:

experimental

Return type:

S3DockerfileData

classmethod from_inline(data)

(experimental) Uses an inline string as the dockerfile data.

Parameters:

data (str) – An inline string representing the dockerfile data.

Stability:

experimental

Return type:

DockerfileData

classmethod from_s3(bucket, key)

(experimental) References dockerfile data from a pre-existing S3 object.

Parameters:

• bucket (IBucket) – The S3 bucket where the dockerfile data is stored.

• key (str) – The S3 key of the dockerfile data file.

Stability:

experimental

Return type:

S3DockerfileData