AmazonApplyS3BucketPolicyParameters Object

Description

Parameters for the Amazon Apply S3 Bucket Policy action.

Properties

applyMethod

Method with which to apply the policy to the bucket.

Type: string

Valid Values:

  • always-overwrite

  • apply-if-not-set

Required: Yes

bucketIdentificationMethod

Method of identifying the S3 bucket.

Type: string

Valid Values:

  • all-buckets

  • by-bucket-name

  • by-resource-tag

Required: Yes

bucketNameComparison

Comparison to use when identifying buckets by name. Required when bucketIdentificationMethod is by-bucket-name.

Type: BucketNameComparison object.

Required: Conditional

credentialIds

Registered credentials to use with the action. One and only one credential must be specified.

Type: Array of string

Required: Yes

customPolicy

Policy document text to apply to the bucket. Required when policyType is custom.

Type: string

Required: Conditional

isTest

Indicates whether Test Mode should be applied to the object.

Type: boolean

Required: Yes

policyType

Type of policy to apply on the bucket.

Type: string

Valid Values:

  • custom

  • enforce-aes256-encryption

Required: Yes

regionNames

Regions to use with the action. One and only one region must be specified.

Type: Array of string

Required: Yes

resourceTagComparison

Comparison to use when identifying buckets by resource tag. Required when bucketIdentificationMethod is by-resource-tag.

Type: ResourceTagComparison object.

Required: Conditional

Sample JSON

{
    "credentialIds": [
        "cred-00000001"
    ],
    "regionNames": [
        "us-east-1"
    ],
    "bucketIdentificationMethod": "by-bucket-name",
    "bucketNameComparison": {
        "compareType": "starts-with",
        "bucketName": "prod-"
    },
    "applyMethod": "always-overwrite",
    "policyType": "enforce-aes256-encryption",
    "isTest": false
}

Last updated