Data Types

AmazonApplyS3BucketPolicyParameters Object

Description

Parameters for the Amazon Apply S3 Bucket Policy action.

Properties

applyMethod

Method with which to apply the policy to the bucket.

Type: string

Valid Values:

  • always-overwrite

  • apply-if-not-set

Required: Yes

bucketIdentificationMethod

Method of identifying the S3 bucket.

Type: string

Valid Values:

  • all-buckets

  • by-bucket-name

  • by-resource-tag

Required: Yes

bucketNameComparison

Comparison to use when identifying buckets by name. Required when bucketIdentificationMethod is by-bucket-name.

Type: BucketNameComparison object.

Required: Conditional

credentialIds

Registered credentials to use with the action. One and only one credential must be specified.

Type: Array of string

Required: Yes

customPolicy

Policy document text to apply to the bucket. Required when policyType is custom.

Type: string

Required: Conditional

isTest

Indicates whether Test Mode should be applied to the object.

Type: boolean

Required: Yes

policyType

Type of policy to apply on the bucket.

Type: string

Valid Values:

  • custom

  • enforce-aes256-encryption

Required: Yes

regionNames

Regions to use with the action. One and only one region must be specified.

Type: Array of string

Required: Yes

resourceTagComparison

Comparison to use when identifying buckets by resource tag. Required when bucketIdentificationMethod is by-resource-tag.

Type: ResourceTagComparison object.

Required: Conditional

Sample JSON

{
"credentialIds": [
"cred-00000001"
],
"regionNames": [
"us-east-1"
],
"bucketIdentificationMethod": "by-bucket-name",
"bucketNameComparison": {
"compareType": "starts-with",
"bucketName": "prod-"
},
"applyMethod": "always-overwrite",
"policyType": "enforce-aes256-encryption",
"isTest": false
}