Aws-cdk: [aws-s3] Bucket OwnershipControls Support

Created on 19 Nov 2020  路  6Comments  路  Source: aws/aws-cdk

Support new Bucket Ownership Controls to ensure bucket owner owns all objects in the bucket

Use Case

https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-object-ownership.html

Ensure proper object ownership after cross account writes

Proposed Solution

cdk.Bucket to support passing ownershipControls to CfnBucket

Other

  • [ ] :wave: I may be able to implement this feature request
  • [ ] :warning: This feature might incur a breaking change

This is a :rocket: Feature Request

@aws-cdaws-s3 efforsmall feature-request good first issue in-progress p2
Source
picture relm-haven

Most helpful comment

I'm not sure of the use case but I'd vote to retain the array to allow for such use cases now or in the future when those uses cases might reveal themselves:

new s3.Bucket(stack, 'MyBucket', {
    objectOwnership: [s3.ObjectOwnership.RULE_BUCKET_OWNER_PREFERRED]
});
picture cynicaljoy on 1 Dec 2020
👍2

All 6 comments

@relm-haven Can I take this up?

saudkhanzada picture saudkhanzada on 1 Dec 2020

@saudkhanzada please do!

relm-haven picture relm-haven on 1 Dec 2020

Please suggest between these two approaches:

  1. Nested as followed by the API
      new s3.Bucket(stack, 'MyBucket', {
      ownershipControls: {
        rules: [{
          objectOwnership: s3.ObjectOwnership.BUCKET_OWNER_PREFERRED,
        }],
      },
    });
  1. Flat props and then Bucket class will internally transform this to the object required by CfnBucket.
    new s3.Bucket(stack, 'MyBucket', {
      objectOwnership: s3.ObjectOwnership.BUCKET_OWNER_PREFERRED,
    });

Personally, I am going for the second one as recommended by the design guide.

saudkhanzada picture saudkhanzada on 1 Dec 2020

Approach 2 looks cleaner to me

I know CloudFormation supports a list of rules but what is the use case for more than one rule?

relm-haven picture relm-haven on 1 Dec 2020
👍1

I'm not sure of the use case but I'd vote to retain the array to allow for such use cases now or in the future when those uses cases might reveal themselves:

new s3.Bucket(stack, 'MyBucket', {
    objectOwnership: [s3.ObjectOwnership.RULE_BUCKET_OWNER_PREFERRED]
});
cynicaljoy picture cynicaljoy on 1 Dec 2020
👍2

鈿狅笍COMMENT VISIBILITY WARNING鈿狅笍

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

github-actions[bot] picture github-actions[bot] on 10 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

v-do picture v-do  路  3Comments
eladb picture eladb  路  3Comments
mirazmamun picture mirazmamun  路  3Comments
slipdexic picture slipdexic  路  3Comments
NukaCody picture NukaCody  路  3Comments