BucketConfig Type
High-level S3 Bucket builder following AWS security best practices. **Default Security Settings:** - BlockPublicAccess = BLOCK_ALL (prevents public access) - ServerSideEncryption = SSE-KMS with AWS managed key (aws/s3) - Versioning = disabled (opt-in via versioned operation) - EnforceSSL = true (requires HTTPS for all requests) **Rationale:** These defaults follow AWS Well-Architected Framework security pillar: - Encryption at rest protects data from unauthorized access - Blocking public access prevents accidental data exposure - SSL/TLS enforcement protects data in transit - KMS provides audit trails and key rotation capabilities **Escape Hatch:** Access the underlying CDK Bucket via the `Bucket` property on the returned resource for advanced scenarios not covered by this builder.
Record fields
| Record Field | Description |
Full Usage:
AutoDeleteObjects
Field type: bool option
|
|
|
|
Full Usage:
BucketName
Field type: string
|
|
Full Usage:
ConstructId
Field type: string option
|
|
|
|
|
|
|
|
Full Usage:
EnforceSSL
Field type: bool option
|
|
|
|
|
|
|
|
|
|
Full Usage:
ServerAccessLogsPrefix
Field type: string option
|
|
Full Usage:
Versioned
Field type: bool option
|
|
Full Usage:
WebsiteErrorDocument
Field type: string option
|
|
Full Usage:
WebsiteIndexDocument
Field type: string option
|
|
FsCDK