diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index f908d6e..c202636 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -111,35 +111,6 @@ jobs:
run: cd .repo && npx projen package:js
- name: Collect js Artifact
run: mv .repo/dist dist
- package-java:
- needs: build
- runs-on: ubuntu-latest
- permissions: {}
- if: "! needs.build.outputs.self_mutation_happened"
- steps:
- - uses: actions/setup-java@v3
- with:
- distribution: temurin
- java-version: 11.x
- - uses: actions/setup-node@v4
- with:
- node-version: 20.11.0
- - name: Download build artifacts
- uses: actions/download-artifact@v4
- with:
- name: build-artifact
- path: dist
- - name: Restore build artifact permissions
- run: cd dist && setfacl --restore=permissions-backup.acl
- continue-on-error: true
- - name: Prepare Repository
- run: mv dist .repo
- - name: Install Dependencies
- run: cd .repo && yarn install --check-files --frozen-lockfile
- - name: Create java artifact
- run: cd .repo && npx projen package:java
- - name: Collect java Artifact
- run: mv .repo/dist dist
package-python:
needs: build
runs-on: ubuntu-latest
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index bde085a..8458a2c 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -119,46 +119,6 @@ jobs:
NPM_CONFIG_PROVENANCE: "true"
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npx -p publib@latest publib-npm
- release_maven:
- name: Publish to Maven Central
- needs: release
- runs-on: ubuntu-latest
- permissions:
- contents: read
- if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
- steps:
- - uses: actions/setup-java@v3
- with:
- distribution: temurin
- java-version: 11.x
- - uses: actions/setup-node@v4
- with:
- node-version: 20.11.0
- - name: Download build artifacts
- uses: actions/download-artifact@v4
- with:
- name: build-artifact
- path: dist
- - name: Restore build artifact permissions
- run: cd dist && setfacl --restore=permissions-backup.acl
- continue-on-error: true
- - name: Prepare Repository
- run: mv dist .repo
- - name: Install Dependencies
- run: cd .repo && yarn install --check-files --frozen-lockfile
- - name: Create java artifact
- run: cd .repo && npx projen package:java
- - name: Collect java Artifact
- run: mv .repo/dist dist
- - name: Release
- env:
- MAVEN_ENDPOINT: https://s01.oss.sonatype.org
- MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
- MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }}
- MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }}
- MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
- MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }}
- run: npx -p publib@latest publib-maven
release_pypi:
name: Publish to PyPI
needs: release
diff --git a/.mergify.yml b/.mergify.yml
index f87dd04..b4e099d 100644
--- a/.mergify.yml
+++ b/.mergify.yml
@@ -8,7 +8,6 @@ queue_rules:
- -label~=(do-not-merge)
- status-success=build
- status-success=package-js
- - status-success=package-java
- status-success=package-python
- status-success=package-dotnet
pull_request_rules:
@@ -27,6 +26,5 @@ pull_request_rules:
- -label~=(do-not-merge)
- status-success=build
- status-success=package-js
- - status-success=package-java
- status-success=package-python
- status-success=package-dotnet
diff --git a/.projen/deps.json b/.projen/deps.json
index b2be73b..583569c 100644
--- a/.projen/deps.json
+++ b/.projen/deps.json
@@ -86,8 +86,8 @@
"type": "build"
},
{
- "name": "@gammarer/aws-secure-bucket",
- "version": "~1.1.0",
+ "name": "@gammarers/aws-secure-bucket",
+ "version": "~1.3.1",
"type": "peer"
},
{
@@ -101,8 +101,8 @@
"type": "peer"
},
{
- "name": "@gammarer/aws-secure-bucket",
- "version": "~1.1.0",
+ "name": "@gammarers/aws-secure-bucket",
+ "version": "~1.3.1",
"type": "runtime"
}
],
diff --git a/.projen/tasks.json b/.projen/tasks.json
index e4712f1..24249d6 100644
--- a/.projen/tasks.json
+++ b/.projen/tasks.json
@@ -165,9 +165,6 @@
{
"spawn": "package:js"
},
- {
- "spawn": "package:java"
- },
{
"spawn": "package:python"
},
@@ -185,15 +182,6 @@
}
]
},
- "package:java": {
- "name": "package:java",
- "description": "Create java language bindings",
- "steps": [
- {
- "exec": "jsii-pacmak -v --target java"
- }
- ]
- },
"package:js": {
"name": "package:js",
"description": "Create js language bindings",
@@ -306,7 +294,7 @@
"exec": "yarn install --check-files"
},
{
- "exec": "yarn upgrade @types/jest @types/node @typescript-eslint/eslint-plugin @typescript-eslint/parser eslint-import-resolver-typescript eslint-plugin-import eslint jest jest-junit jsii-diff jsii-docgen jsii-pacmak jsii-rosetta jsii projen standard-version ts-jest ts-node typescript @gammarer/aws-secure-bucket aws-cdk-lib constructs"
+ "exec": "yarn upgrade @types/jest @types/node @typescript-eslint/eslint-plugin @typescript-eslint/parser eslint-import-resolver-typescript eslint-plugin-import eslint jest jest-junit jsii-diff jsii-docgen jsii-pacmak jsii-rosetta jsii projen standard-version ts-jest ts-node typescript @gammarers/aws-secure-bucket aws-cdk-lib constructs"
},
{
"exec": "npx projen"
diff --git a/.projenrc.ts b/.projenrc.ts
index 0739aed..c56058c 100644
--- a/.projenrc.ts
+++ b/.projenrc.ts
@@ -7,18 +7,18 @@ const project = new awscdk.AwsCdkConstructLibrary({
typescriptVersion: '5.2.x',
jsiiVersion: '5.2.x',
defaultReleaseBranch: 'main',
- name: '@gammarer/aws-secure-vpc-bucket',
+ name: '@gammarers/aws-secure-vpc-bucket',
description: 'Access from specific VPC Endpoint only Bucket',
keywords: ['aws', 'cdk', 'aws-cdk', 's3', 'bucket', 'vpc', 'endpoint', 'vpce'],
projenrcTs: true,
- repositoryUrl: 'https://github.com/gammarer/aws-secure-vpc-bucket.git',
+ repositoryUrl: 'https://github.com/gammarers/aws-secure-vpc-bucket.git',
majorVersion: 1,
npmAccess: javascript.NpmAccess.PUBLIC,
deps: [
- '@gammarer/aws-secure-bucket@~1.1.0',
+ '@gammarers/aws-secure-bucket@~1.3.1',
],
peerDeps: [
- '@gammarer/aws-secure-bucket@~1.1.0',
+ '@gammarers/aws-secure-bucket@~1.3.1',
],
minNodeVersion: '18.0.0',
workflowNodeVersion: '20.11.0',
@@ -33,18 +33,12 @@ const project = new awscdk.AwsCdkConstructLibrary({
allowedUsernames: ['yicr'],
},
publishToPypi: {
- distName: 'gammarer.aws-secure-vpc-bucket',
- module: 'gammarer.aws_secure_vpc_bucket',
- },
- publishToMaven: {
- mavenGroupId: 'com.gammarer',
- javaPackage: 'com.gammarer.cdk.aws.secure_vpc_bucket',
- mavenArtifactId: 'aws-secure-vpc-bucket',
- mavenEndpoint: 'https://s01.oss.sonatype.org',
+ distName: 'gammarers.aws-secure-vpc-bucket',
+ module: 'gammarers.aws_secure_vpc_bucket',
},
publishToNuget: {
- dotNetNamespace: 'Gammarer.CDK.AWS',
- packageId: 'Gammarer.CDK.AWS.SecureVpcBucket',
+ dotNetNamespace: 'Gammarers.CDK.AWS',
+ packageId: 'Gammarers.CDK.AWS.SecureVpcBucket',
},
});
project.synth();
\ No newline at end of file
diff --git a/API.md b/API.md
index f896f4d..142ab80 100644
--- a/API.md
+++ b/API.md
@@ -2,39 +2,39 @@
## Constructs
-### SecureVpcBucket
+### SecureVpcBucket
-#### Initializers
+#### Initializers
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
new SecureVpcBucket(scope: Construct, id: string, props: SecureVpcBucketProps)
```
| **Name** | **Type** | **Description** |
| --- | --- | --- |
-| scope | constructs.Construct | *No description.* |
-| id | string | *No description.* |
-| props | SecureVpcBucketProps | *No description.* |
+| scope | constructs.Construct | *No description.* |
+| id | string | *No description.* |
+| props | SecureVpcBucketProps | *No description.* |
---
-##### `scope`Required
+##### `scope`Required
- *Type:* constructs.Construct
---
-##### `id`Required
+##### `id`Required
- *Type:* string
---
-##### `props`Required
+##### `props`Required
-- *Type:* SecureVpcBucketProps
+- *Type:* SecureVpcBucketProps
---
@@ -42,36 +42,36 @@ new SecureVpcBucket(scope: Construct, id: string, props: SecureVpcBucketProps)
| **Name** | **Description** |
| --- | --- |
-| toString | Returns a string representation of this construct. |
-| applyRemovalPolicy | Apply the given removal policy to this resource. |
-| addEventNotification | Adds a bucket notification event destination. |
-| addObjectCreatedNotification | Subscribes a destination to receive notifications when an object is created in the bucket. |
-| addObjectRemovedNotification | Subscribes a destination to receive notifications when an object is removed from the bucket. |
-| addToResourcePolicy | Adds a statement to the resource policy for a principal (i.e. account/role/service) to perform actions on this bucket and/or its contents. Use `bucketArn` and `arnForObjects(keys)` to obtain ARNs for this bucket or objects. |
-| arnForObjects | Returns an ARN that represents all objects within the bucket that match the key pattern specified. |
-| enableEventBridgeNotification | Enables event bridge notification, causing all events below to be sent to EventBridge:. |
-| grantDelete | Grants s3:DeleteObject* permission to an IAM principal for objects in this bucket. |
-| grantPublicAccess | Allows unrestricted access to objects from this bucket. |
-| grantPut | Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal. |
-| grantPutAcl | Grant the given IAM identity permissions to modify the ACLs of objects in the given Bucket. |
-| grantRead | Grant read permissions for this bucket and it's contents to an IAM principal (Role/Group/User). |
-| grantReadWrite | Grants read/write permissions for this bucket and it's contents to an IAM principal (Role/Group/User). |
-| grantWrite | Grant write permissions to this bucket to an IAM principal. |
-| onCloudTrailEvent | Define a CloudWatch event that triggers when something happens to this repository. |
-| onCloudTrailPutObject | Defines an AWS CloudWatch event that triggers when an object is uploaded to the specified paths (keys) in this bucket using the PutObject API call. |
-| onCloudTrailWriteObject | Defines an AWS CloudWatch event that triggers when an object at the specified paths (keys) in this bucket are written to. |
-| s3UrlForObject | The S3 URL of an S3 object. For example:. |
-| transferAccelerationUrlForObject | The https Transfer Acceleration URL of an S3 object. |
-| urlForObject | The https URL of an S3 object. Specify `regional: false` at the options for non-regional URLs. For example:. |
-| virtualHostedUrlForObject | The virtual hosted-style URL of an S3 object. Specify `regional: false` at the options for non-regional URL. For example:. |
-| addCorsRule | Adds a cross-origin access configuration for objects in an Amazon S3 bucket. |
-| addInventory | Add an inventory configuration. |
-| addLifecycleRule | Add a lifecycle rule to the bucket. |
-| addMetric | Adds a metrics configuration for the CloudWatch request metrics from the bucket. |
-
----
-
-##### `toString`
+| toString | Returns a string representation of this construct. |
+| applyRemovalPolicy | Apply the given removal policy to this resource. |
+| addEventNotification | Adds a bucket notification event destination. |
+| addObjectCreatedNotification | Subscribes a destination to receive notifications when an object is created in the bucket. |
+| addObjectRemovedNotification | Subscribes a destination to receive notifications when an object is removed from the bucket. |
+| addToResourcePolicy | Adds a statement to the resource policy for a principal (i.e. account/role/service) to perform actions on this bucket and/or its contents. Use `bucketArn` and `arnForObjects(keys)` to obtain ARNs for this bucket or objects. |
+| arnForObjects | Returns an ARN that represents all objects within the bucket that match the key pattern specified. |
+| enableEventBridgeNotification | Enables event bridge notification, causing all events below to be sent to EventBridge:. |
+| grantDelete | Grants s3:DeleteObject* permission to an IAM principal for objects in this bucket. |
+| grantPublicAccess | Allows unrestricted access to objects from this bucket. |
+| grantPut | Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal. |
+| grantPutAcl | Grant the given IAM identity permissions to modify the ACLs of objects in the given Bucket. |
+| grantRead | Grant read permissions for this bucket and it's contents to an IAM principal (Role/Group/User). |
+| grantReadWrite | Grants read/write permissions for this bucket and it's contents to an IAM principal (Role/Group/User). |
+| grantWrite | Grant write permissions to this bucket to an IAM principal. |
+| onCloudTrailEvent | Define a CloudWatch event that triggers when something happens to this repository. |
+| onCloudTrailPutObject | Defines an AWS CloudWatch event that triggers when an object is uploaded to the specified paths (keys) in this bucket using the PutObject API call. |
+| onCloudTrailWriteObject | Defines an AWS CloudWatch event that triggers when an object at the specified paths (keys) in this bucket are written to. |
+| s3UrlForObject | The S3 URL of an S3 object. For example:. |
+| transferAccelerationUrlForObject | The https Transfer Acceleration URL of an S3 object. |
+| urlForObject | The https URL of an S3 object. Specify `regional: false` at the options for non-regional URLs. For example:. |
+| virtualHostedUrlForObject | The virtual hosted-style URL of an S3 object. Specify `regional: false` at the options for non-regional URL. For example:. |
+| addCorsRule | Adds a cross-origin access configuration for objects in an Amazon S3 bucket. |
+| addInventory | Add an inventory configuration. |
+| addLifecycleRule | Add a lifecycle rule to the bucket. |
+| addMetric | Adds a metrics configuration for the CloudWatch request metrics from the bucket. |
+
+---
+
+##### `toString`
```typescript
public toString(): string
@@ -79,7 +79,7 @@ public toString(): string
Returns a string representation of this construct.
-##### `applyRemovalPolicy`
+##### `applyRemovalPolicy`
```typescript
public applyRemovalPolicy(policy: RemovalPolicy): void
@@ -95,13 +95,13 @@ to be replaced.
The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
-###### `policy`Required
+###### `policy`Required
- *Type:* aws-cdk-lib.RemovalPolicy
---
-##### `addEventNotification`
+##### `addEventNotification`
```typescript
public addEventNotification(event: EventType, dest: IBucketNotificationDestination, filters: NotificationKeyFilter): void
@@ -120,7 +120,7 @@ Adds a bucket notification event destination.
```
-###### `event`Required
+###### `event`Required
- *Type:* aws-cdk-lib.aws_s3.EventType
@@ -128,7 +128,7 @@ The event to trigger the notification.
---
-###### `dest`Required
+###### `dest`Required
- *Type:* aws-cdk-lib.aws_s3.IBucketNotificationDestination
@@ -136,7 +136,7 @@ The notification destination (Lambda, SNS Topic or SQS Queue).
---
-###### `filters`Required
+###### `filters`Required
- *Type:* aws-cdk-lib.aws_s3.NotificationKeyFilter
@@ -148,7 +148,7 @@ for details about allowed filter rules.
---
-##### `addObjectCreatedNotification`
+##### `addObjectCreatedNotification`
```typescript
public addObjectCreatedNotification(dest: IBucketNotificationDestination, filters: NotificationKeyFilter): void
@@ -159,7 +159,7 @@ Subscribes a destination to receive notifications when an object is created in t
This is identical to calling
`onEvent(EventType.OBJECT_CREATED)`.
-###### `dest`Required
+###### `dest`Required
- *Type:* aws-cdk-lib.aws_s3.IBucketNotificationDestination
@@ -167,7 +167,7 @@ The notification destination (see onEvent).
---
-###### `filters`Required
+###### `filters`Required
- *Type:* aws-cdk-lib.aws_s3.NotificationKeyFilter
@@ -175,7 +175,7 @@ Filters (see onEvent).
---
-##### `addObjectRemovedNotification`
+##### `addObjectRemovedNotification`
```typescript
public addObjectRemovedNotification(dest: IBucketNotificationDestination, filters: NotificationKeyFilter): void
@@ -186,7 +186,7 @@ Subscribes a destination to receive notifications when an object is removed from
This is identical to calling
`onEvent(EventType.OBJECT_REMOVED)`.
-###### `dest`Required
+###### `dest`Required
- *Type:* aws-cdk-lib.aws_s3.IBucketNotificationDestination
@@ -194,7 +194,7 @@ The notification destination (see onEvent).
---
-###### `filters`Required
+###### `filters`Required
- *Type:* aws-cdk-lib.aws_s3.NotificationKeyFilter
@@ -202,7 +202,7 @@ Filters (see onEvent).
---
-##### `addToResourcePolicy`
+##### `addToResourcePolicy`
```typescript
public addToResourcePolicy(permission: PolicyStatement): AddToResourcePolicyResult
@@ -216,7 +216,7 @@ it's not possible to tell whether the bucket already has a policy
attached, let alone to re-use that policy to add more statements to it.
So it's safest to do nothing in these cases.
-###### `permission`Required
+###### `permission`Required
- *Type:* aws-cdk-lib.aws_iam.PolicyStatement
@@ -224,7 +224,7 @@ the policy statement to be added to the bucket's policy.
---
-##### `arnForObjects`
+##### `arnForObjects`
```typescript
public arnForObjects(keyPattern: string): string
@@ -238,13 +238,13 @@ If you need to specify a keyPattern with multiple components, concatenate them i
arnForObjects(`home/${team}/${user}/*`)
-###### `keyPattern`Required
+###### `keyPattern`Required
- *Type:* string
---
-##### `enableEventBridgeNotification`
+##### `enableEventBridgeNotification`
```typescript
public enableEventBridgeNotification(): void
@@ -263,7 +263,7 @@ Object Deleted (DeleteObject)
- Object Tags Added
- Object Tags Deleted
-##### `grantDelete`
+##### `grantDelete`
```typescript
public grantDelete(identity: IGrantable, objectsKeyPattern?: any): Grant
@@ -271,7 +271,7 @@ public grantDelete(identity: IGrantable, objectsKeyPattern?: any): Grant
Grants s3:DeleteObject* permission to an IAM principal for objects in this bucket.
-###### `identity`Required
+###### `identity`Required
- *Type:* aws-cdk-lib.aws_iam.IGrantable
@@ -279,7 +279,7 @@ The principal.
---
-###### `objectsKeyPattern`Optional
+###### `objectsKeyPattern`Optional
- *Type:* any
@@ -287,7 +287,7 @@ Restrict the permission to a certain key pattern (default '*').
---
-##### `grantPublicAccess`
+##### `grantPublicAccess`
```typescript
public grantPublicAccess(allowedActions: string, keyPrefix?: string): Grant
@@ -314,7 +314,7 @@ Note that if this `IBucket` refers to an existing bucket, possibly not
managed by CloudFormation, this method will have no effect, since it's
impossible to modify the policy of an existing bucket.
-###### `allowedActions`Required
+###### `allowedActions`Required
- *Type:* string
@@ -324,7 +324,7 @@ Default is "s3:GetObject".
---
-###### `keyPrefix`Optional
+###### `keyPrefix`Optional
- *Type:* string
@@ -332,7 +332,7 @@ the prefix of S3 object keys (e.g. `home/*`). Default is "*".
---
-##### `grantPut`
+##### `grantPut`
```typescript
public grantPut(identity: IGrantable, objectsKeyPattern?: any): Grant
@@ -343,7 +343,7 @@ Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM princip
If encryption is used, permission to use the key to encrypt the contents
of written files will also be granted to the same principal.
-###### `identity`Required
+###### `identity`Required
- *Type:* aws-cdk-lib.aws_iam.IGrantable
@@ -351,7 +351,7 @@ The principal.
---
-###### `objectsKeyPattern`Optional
+###### `objectsKeyPattern`Optional
- *Type:* any
@@ -359,7 +359,7 @@ Restrict the permission to a certain key pattern (default '*').
---
-##### `grantPutAcl`
+##### `grantPutAcl`
```typescript
public grantPutAcl(identity: IGrantable, objectsKeyPattern?: string): Grant
@@ -371,19 +371,19 @@ If your application has the '@aws-cdk/aws-s3:grantWriteWithoutAcl' feature flag
calling `grantWrite` or `grantReadWrite` no longer grants permissions to modify the ACLs of the objects;
in this case, if you need to modify object ACLs, call this method explicitly.
-###### `identity`Required
+###### `identity`Required
- *Type:* aws-cdk-lib.aws_iam.IGrantable
---
-###### `objectsKeyPattern`Optional
+###### `objectsKeyPattern`Optional
- *Type:* string
---
-##### `grantRead`
+##### `grantRead`
```typescript
public grantRead(identity: IGrantable, objectsKeyPattern?: any): Grant
@@ -394,7 +394,7 @@ Grant read permissions for this bucket and it's contents to an IAM principal (Ro
If encryption is used, permission to use the key to decrypt the contents
of the bucket will also be granted to the same principal.
-###### `identity`Required
+###### `identity`Required
- *Type:* aws-cdk-lib.aws_iam.IGrantable
@@ -402,7 +402,7 @@ The principal.
---
-###### `objectsKeyPattern`Optional
+###### `objectsKeyPattern`Optional
- *Type:* any
@@ -410,7 +410,7 @@ Restrict the permission to a certain key pattern (default '*').
---
-##### `grantReadWrite`
+##### `grantReadWrite`
```typescript
public grantReadWrite(identity: IGrantable, objectsKeyPattern?: any): Grant
@@ -429,19 +429,19 @@ in the `context` key of your cdk.json file.
If you've already updated, but still need the principal to have permissions to modify the ACLs,
use the `grantPutAcl` method.
-###### `identity`Required
+###### `identity`Required
- *Type:* aws-cdk-lib.aws_iam.IGrantable
---
-###### `objectsKeyPattern`Optional
+###### `objectsKeyPattern`Optional
- *Type:* any
---
-##### `grantWrite`
+##### `grantWrite`
```typescript
public grantWrite(identity: IGrantable, objectsKeyPattern?: any, allowedActionPatterns?: string[]): Grant
@@ -460,25 +460,25 @@ in the `context` key of your cdk.json file.
If you've already updated, but still need the principal to have permissions to modify the ACLs,
use the `grantPutAcl` method.
-###### `identity`Required
+###### `identity`Required
- *Type:* aws-cdk-lib.aws_iam.IGrantable
---
-###### `objectsKeyPattern`Optional
+###### `objectsKeyPattern`Optional
- *Type:* any
---
-###### `allowedActionPatterns`Optional
+###### `allowedActionPatterns`Optional
- *Type:* string[]
---
-##### `onCloudTrailEvent`
+##### `onCloudTrailEvent`
```typescript
public onCloudTrailEvent(id: string, options?: OnCloudTrailBucketEventOptions): Rule
@@ -489,7 +489,7 @@ Define a CloudWatch event that triggers when something happens to this repositor
Requires that there exists at least one CloudTrail Trail in your account
that captures the event. This method will not create the Trail.
-###### `id`Required
+###### `id`Required
- *Type:* string
@@ -497,7 +497,7 @@ The id of the rule.
---
-###### `options`Optional
+###### `options`Optional
- *Type:* aws-cdk-lib.aws_s3.OnCloudTrailBucketEventOptions
@@ -505,7 +505,7 @@ Options for adding the rule.
---
-##### `onCloudTrailPutObject`
+##### `onCloudTrailPutObject`
```typescript
public onCloudTrailPutObject(id: string, options?: OnCloudTrailBucketEventOptions): Rule
@@ -520,7 +520,7 @@ so using `onCloudTrailWriteObject` may be preferable.
Requires that there exists at least one CloudTrail Trail in your account
that captures the event. This method will not create the Trail.
-###### `id`Required
+###### `id`Required
- *Type:* string
@@ -528,7 +528,7 @@ The id of the rule.
---
-###### `options`Optional
+###### `options`Optional
- *Type:* aws-cdk-lib.aws_s3.OnCloudTrailBucketEventOptions
@@ -536,7 +536,7 @@ Options for adding the rule.
---
-##### `onCloudTrailWriteObject`
+##### `onCloudTrailWriteObject`
```typescript
public onCloudTrailWriteObject(id: string, options?: OnCloudTrailBucketEventOptions): Rule
@@ -554,7 +554,7 @@ so using this method may be preferable to `onCloudTrailPutObject`.
Requires that there exists at least one CloudTrail Trail in your account
that captures the event. This method will not create the Trail.
-###### `id`Required
+###### `id`Required
- *Type:* string
@@ -562,7 +562,7 @@ The id of the rule.
---
-###### `options`Optional
+###### `options`Optional
- *Type:* aws-cdk-lib.aws_s3.OnCloudTrailBucketEventOptions
@@ -570,7 +570,7 @@ Options for adding the rule.
---
-##### `s3UrlForObject`
+##### `s3UrlForObject`
```typescript
public s3UrlForObject(key?: string): string
@@ -581,7 +581,7 @@ The S3 URL of an S3 object. For example:.
`s3://onlybucket`
- `s3://bucket/key`
-###### `key`Optional
+###### `key`Optional
- *Type:* string
@@ -592,7 +592,7 @@ bucket is returned.
---
-##### `transferAccelerationUrlForObject`
+##### `transferAccelerationUrlForObject`
```typescript
public transferAccelerationUrlForObject(key?: string, options?: TransferAccelerationUrlOptions): string
@@ -606,7 +606,7 @@ for dual-stack endpoint (connect to the bucket over IPv6). For example:
- `https://bucket.s3-accelerate.amazonaws.com`
- `https://bucket.s3-accelerate.amazonaws.com/key`
-###### `key`Optional
+###### `key`Optional
- *Type:* string
@@ -617,7 +617,7 @@ bucket is returned.
---
-###### `options`Optional
+###### `options`Optional
- *Type:* aws-cdk-lib.aws_s3.TransferAccelerationUrlOptions
@@ -625,7 +625,7 @@ Options for generating URL.
---
-##### `urlForObject`
+##### `urlForObject`
```typescript
public urlForObject(key?: string): string
@@ -637,7 +637,7 @@ The https URL of an S3 object. Specify `regional: false` at the options for non-
- `https://s3.us-west-1.amazonaws.com/bucket/key`
- `https://s3.cn-north-1.amazonaws.com.cn/china-bucket/mykey`
-###### `key`Optional
+###### `key`Optional
- *Type:* string
@@ -648,7 +648,7 @@ bucket is returned.
---
-##### `virtualHostedUrlForObject`
+##### `virtualHostedUrlForObject`
```typescript
public virtualHostedUrlForObject(key?: string, options?: VirtualHostedStyleUrlOptions): string
@@ -661,7 +661,7 @@ The virtual hosted-style URL of an S3 object. Specify `regional: false` at the o
- `https://bucket.s3.amazonaws.com/key`
- `https://china-bucket.s3.cn-north-1.amazonaws.com.cn/mykey`
-###### `key`Optional
+###### `key`Optional
- *Type:* string
@@ -672,7 +672,7 @@ bucket is returned.
---
-###### `options`Optional
+###### `options`Optional
- *Type:* aws-cdk-lib.aws_s3.VirtualHostedStyleUrlOptions
@@ -680,7 +680,7 @@ Options for generating URL.
---
-##### `addCorsRule`
+##### `addCorsRule`
```typescript
public addCorsRule(rule: CorsRule): void
@@ -688,7 +688,7 @@ public addCorsRule(rule: CorsRule): void
Adds a cross-origin access configuration for objects in an Amazon S3 bucket.
-###### `rule`Required
+###### `rule`Required
- *Type:* aws-cdk-lib.aws_s3.CorsRule
@@ -696,7 +696,7 @@ The CORS configuration rule to add.
---
-##### `addInventory`
+##### `addInventory`
```typescript
public addInventory(inventory: Inventory): void
@@ -704,7 +704,7 @@ public addInventory(inventory: Inventory): void
Add an inventory configuration.
-###### `inventory`Required
+###### `inventory`Required
- *Type:* aws-cdk-lib.aws_s3.Inventory
@@ -712,7 +712,7 @@ configuration to add.
---
-##### `addLifecycleRule`
+##### `addLifecycleRule`
```typescript
public addLifecycleRule(rule: LifecycleRule): void
@@ -720,7 +720,7 @@ public addLifecycleRule(rule: LifecycleRule): void
Add a lifecycle rule to the bucket.
-###### `rule`Required
+###### `rule`Required
- *Type:* aws-cdk-lib.aws_s3.LifecycleRule
@@ -728,7 +728,7 @@ The rule to add.
---
-##### `addMetric`
+##### `addMetric`
```typescript
public addMetric(metric: BucketMetrics): void
@@ -736,7 +736,7 @@ public addMetric(metric: BucketMetrics): void
Adds a metrics configuration for the CloudWatch request metrics from the bucket.
-###### `metric`Required
+###### `metric`Required
- *Type:* aws-cdk-lib.aws_s3.BucketMetrics
@@ -748,28 +748,28 @@ The metric configuration to add.
| **Name** | **Description** |
| --- | --- |
-| isConstruct | Checks if `x` is a construct. |
-| isOwnedResource | Returns true if the construct was created by CDK, and false otherwise. |
-| isResource | Check whether the given construct is a Resource. |
-| fromBucketArn | *No description.* |
-| fromBucketAttributes | Creates a Bucket construct that represents an external bucket. |
-| fromBucketName | *No description.* |
-| fromCfnBucket | Create a mutable `IBucket` based on a low-level `CfnBucket`. |
-| validateBucketName | Thrown an exception if the given bucket name is not valid. |
+| isConstruct | Checks if `x` is a construct. |
+| isOwnedResource | Returns true if the construct was created by CDK, and false otherwise. |
+| isResource | Check whether the given construct is a Resource. |
+| fromBucketArn | *No description.* |
+| fromBucketAttributes | Creates a Bucket construct that represents an external bucket. |
+| fromBucketName | *No description.* |
+| fromCfnBucket | Create a mutable `IBucket` based on a low-level `CfnBucket`. |
+| validateBucketName | Thrown an exception if the given bucket name is not valid. |
---
-##### ~~`isConstruct`~~
+##### ~~`isConstruct`~~
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.isConstruct(x: any)
```
Checks if `x` is a construct.
-###### `x`Required
+###### `x`Required
- *Type:* any
@@ -777,75 +777,75 @@ Any object.
---
-##### `isOwnedResource`
+##### `isOwnedResource`
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.isOwnedResource(construct: IConstruct)
```
Returns true if the construct was created by CDK, and false otherwise.
-###### `construct`Required
+###### `construct`Required
- *Type:* constructs.IConstruct
---
-##### `isResource`
+##### `isResource`
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.isResource(construct: IConstruct)
```
Check whether the given construct is a Resource.
-###### `construct`Required
+###### `construct`Required
- *Type:* constructs.IConstruct
---
-##### `fromBucketArn`
+##### `fromBucketArn`
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.fromBucketArn(scope: Construct, id: string, bucketArn: string)
```
-###### `scope`Required
+###### `scope`Required
- *Type:* constructs.Construct
---
-###### `id`Required
+###### `id`Required
- *Type:* string
---
-###### `bucketArn`Required
+###### `bucketArn`Required
- *Type:* string
---
-##### `fromBucketAttributes`
+##### `fromBucketAttributes`
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.fromBucketAttributes(scope: Construct, id: string, attrs: BucketAttributes)
```
Creates a Bucket construct that represents an external bucket.
-###### `scope`Required
+###### `scope`Required
- *Type:* constructs.Construct
@@ -853,7 +853,7 @@ The parent creating construct (usually `this`).
---
-###### `id`Required
+###### `id`Required
- *Type:* string
@@ -861,7 +861,7 @@ The construct's name.
---
-###### `attrs`Required
+###### `attrs`Required
- *Type:* aws-cdk-lib.aws_s3.BucketAttributes
@@ -872,59 +872,59 @@ Can be obtained from a call to
---
-##### `fromBucketName`
+##### `fromBucketName`
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.fromBucketName(scope: Construct, id: string, bucketName: string)
```
-###### `scope`Required
+###### `scope`Required
- *Type:* constructs.Construct
---
-###### `id`Required
+###### `id`Required
- *Type:* string
---
-###### `bucketName`Required
+###### `bucketName`Required
- *Type:* string
---
-##### `fromCfnBucket`
+##### `fromCfnBucket`
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.fromCfnBucket(cfnBucket: CfnBucket)
```
Create a mutable `IBucket` based on a low-level `CfnBucket`.
-###### `cfnBucket`Required
+###### `cfnBucket`Required
- *Type:* aws-cdk-lib.aws_s3.CfnBucket
---
-##### `validateBucketName`
+##### `validateBucketName`
```typescript
-import { SecureVpcBucket } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucket } from '@gammarers/aws-secure-vpc-bucket'
SecureVpcBucket.validateBucketName(physicalName: string)
```
Thrown an exception if the given bucket name is not valid.
-###### `physicalName`Required
+###### `physicalName`Required
- *Type:* string
@@ -936,23 +936,23 @@ name of the bucket.
| **Name** | **Type** | **Description** |
| --- | --- | --- |
-| node | constructs.Node | The tree node. |
-| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. |
-| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. |
-| bucketArn | string | The ARN of the bucket. |
-| bucketDomainName | string | The IPv4 DNS name of the specified bucket. |
-| bucketDualStackDomainName | string | The IPv6 DNS name of the specified bucket. |
-| bucketName | string | The name of the bucket. |
-| bucketRegionalDomainName | string | The regional domain name of the specified bucket. |
-| bucketWebsiteDomainName | string | The Domain name of the static website. |
-| bucketWebsiteUrl | string | The URL of the static website. |
-| encryptionKey | aws-cdk-lib.aws_kms.IKey | Optional KMS encryption key associated with this bucket. |
-| isWebsite | boolean | If this bucket has been configured for static website hosting. |
-| policy | aws-cdk-lib.aws_s3.BucketPolicy | The resource policy associated with this bucket. |
+| node | constructs.Node | The tree node. |
+| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. |
+| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. |
+| bucketArn | string | The ARN of the bucket. |
+| bucketDomainName | string | The IPv4 DNS name of the specified bucket. |
+| bucketDualStackDomainName | string | The IPv6 DNS name of the specified bucket. |
+| bucketName | string | The name of the bucket. |
+| bucketRegionalDomainName | string | The regional domain name of the specified bucket. |
+| bucketWebsiteDomainName | string | The Domain name of the static website. |
+| bucketWebsiteUrl | string | The URL of the static website. |
+| encryptionKey | aws-cdk-lib.aws_kms.IKey | Optional KMS encryption key associated with this bucket. |
+| isWebsite | boolean | If this bucket has been configured for static website hosting. |
+| policy | aws-cdk-lib.aws_s3.BucketPolicy | The resource policy associated with this bucket. |
---
-##### `node`Required
+##### `node`Required
```typescript
public readonly node: Node;
@@ -964,7 +964,7 @@ The tree node.
---
-##### `env`Required
+##### `env`Required
```typescript
public readonly env: ResourceEnvironment;
@@ -983,7 +983,7 @@ that might be different than the stack they were imported into.
---
-##### `stack`Required
+##### `stack`Required
```typescript
public readonly stack: Stack;
@@ -995,7 +995,7 @@ The stack in which this resource is defined.
---
-##### `bucketArn`Required
+##### `bucketArn`Required
```typescript
public readonly bucketArn: string;
@@ -1007,7 +1007,7 @@ The ARN of the bucket.
---
-##### `bucketDomainName`Required
+##### `bucketDomainName`Required
```typescript
public readonly bucketDomainName: string;
@@ -1019,7 +1019,7 @@ The IPv4 DNS name of the specified bucket.
---
-##### `bucketDualStackDomainName`Required
+##### `bucketDualStackDomainName`Required
```typescript
public readonly bucketDualStackDomainName: string;
@@ -1031,7 +1031,7 @@ The IPv6 DNS name of the specified bucket.
---
-##### `bucketName`Required
+##### `bucketName`Required
```typescript
public readonly bucketName: string;
@@ -1043,7 +1043,7 @@ The name of the bucket.
---
-##### `bucketRegionalDomainName`Required
+##### `bucketRegionalDomainName`Required
```typescript
public readonly bucketRegionalDomainName: string;
@@ -1055,7 +1055,7 @@ The regional domain name of the specified bucket.
---
-##### `bucketWebsiteDomainName`Required
+##### `bucketWebsiteDomainName`Required
```typescript
public readonly bucketWebsiteDomainName: string;
@@ -1067,7 +1067,7 @@ The Domain name of the static website.
---
-##### `bucketWebsiteUrl`Required
+##### `bucketWebsiteUrl`Required
```typescript
public readonly bucketWebsiteUrl: string;
@@ -1079,7 +1079,7 @@ The URL of the static website.
---
-##### `encryptionKey`Optional
+##### `encryptionKey`Optional
```typescript
public readonly encryptionKey: IKey;
@@ -1091,7 +1091,7 @@ Optional KMS encryption key associated with this bucket.
---
-##### `isWebsite`Optional
+##### `isWebsite`Optional
```typescript
public readonly isWebsite: boolean;
@@ -1103,7 +1103,7 @@ If this bucket has been configured for static website hosting.
---
-##### `policy`Optional
+##### `policy`Optional
```typescript
public readonly policy: BucketPolicy;
@@ -1121,12 +1121,12 @@ first call to addToResourcePolicy(s).
## Structs
-### SecureVpcBucketProps
+### SecureVpcBucketProps
-#### Initializer
+#### Initializer
```typescript
-import { SecureVpcBucketProps } from '@gammarer/aws-secure-vpc-bucket'
+import { SecureVpcBucketProps } from '@gammarers/aws-secure-vpc-bucket'
const secureVpcBucketProps: SecureVpcBucketProps = { ... }
```
@@ -1135,12 +1135,12 @@ const secureVpcBucketProps: SecureVpcBucketProps = { ... }
| **Name** | **Type** | **Description** |
| --- | --- | --- |
-| vpcEndpointId | string | *No description.* |
-| bucketName | string | *No description.* |
+| vpcEndpointId | string | *No description.* |
+| bucketName | string | *No description.* |
---
-##### `vpcEndpointId`Required
+##### `vpcEndpointId`Required
```typescript
public readonly vpcEndpointId: string;
@@ -1150,7 +1150,7 @@ public readonly vpcEndpointId: string;
---
-##### `bucketName`Optional
+##### `bucketName`Optional
```typescript
public readonly bucketName: string;
diff --git a/README.md b/README.md
index 8fea4c5..3b457ff 100644
--- a/README.md
+++ b/README.md
@@ -1,14 +1,13 @@
# AWS Secure VPC Bucket
-[](https://github.com/gammarer/aws-secure-vpc-bucket/blob/main/LICENSE)
-[](https://www.npmjs.com/package/@gammarer/aws-secure-vpc-bucket)
-[](https://pypi.org/project/gammarer.aws-secure-vpc-bucket/)
-[](https://www.nuget.org/packages/Gammarer.CDK.AWS.SecureVpcBucket/)
-[](https://s01.oss.sonatype.org/content/repositories/releases/com/gammarer/aws-secure-vpc-bucket/)
-[](https://github.com/gammarer/aws-secure-vpc-bucket/actions/workflows/release.yml)
-[](https://github.com/gammarer/aws-secure-vpc-bucket/releases)
+[](https://github.com/gammarers/aws-secure-vpc-bucket/blob/main/LICENSE)
+[](https://www.npmjs.com/package/@gammarers/aws-secure-vpc-bucket)
+[](https://pypi.org/project/gammarers.aws-secure-vpc-bucket/)
+[](https://www.nuget.org/packages/Gammarers.CDK.AWS.SecureVpcBucket/)
+[](https://github.com/gammarers/aws-secure-vpc-bucket/actions/workflows/release.yml)
+[](https://github.com/gammarers/aws-secure-vpc-bucket/releases)
-[](https://constructs.dev/packages/@gammarer/aws-secure-vpc-bucket)
+[](https://constructs.dev/packages/@gammarers/aws-secure-vpc-bucket)
Access from specific VPC Endpoint only Bucket
@@ -17,42 +16,31 @@ Access from specific VPC Endpoint only Bucket
### TypeScript
```shell
-npm install @gammarer/aws-secure-vpc-bucket
+npm install @gammarers/aws-secure-vpc-bucket
# or
-yarn add @gammarer/aws-secure-vpc-bucket
+yarn add @gammarers/aws-secure-vpc-bucket
```
### Python
```shell
-pip install gammarer.aws-secure-vpc-bucket
+pip install gammarers.aws-secure-vpc-bucket
```
### C# / .NET
```shell
-dotnet add package Gammarer.CDK.AWS.SecureVpcBucket
-```
-
-### Java
-
-Add the following to pom.xml:
-
-```xml
-
- com.gammarer
- aws-secure-vpc-bucket
-
+dotnet add package gammarers.CDK.AWS.SecureVpcBucket
```
## Example
```typescript
-import { SecureSpecificVpcOnlyBucket } from '@gammarer/aws-secure-vpc-bucket';
+import { SecureSpecificVpcOnlyBucket } from '@gammarers/aws-secure-vpc-bucket';
new SecureVpcBucket(stack, 'SecureVpcBucket', {
bucketName: 'example-origin-bucket',
- vpcEndpointId: 'vpce-0xxxxxxxxxxxxxxxx', // allready created vpc endpoint id
+ vpcEndpointId: 'vpce-0xxxxxxxxxxxxxxxx', // already created vpc endpoint id
});
```
diff --git a/package.json b/package.json
index 723ecc3..39e7428 100644
--- a/package.json
+++ b/package.json
@@ -1,9 +1,9 @@
{
- "name": "@gammarer/aws-secure-vpc-bucket",
+ "name": "@gammarers/aws-secure-vpc-bucket",
"description": "Access from specific VPC Endpoint only Bucket",
"repository": {
"type": "git",
- "url": "https://github.com/gammarer/aws-secure-vpc-bucket.git"
+ "url": "https://github.com/gammarers/aws-secure-vpc-bucket.git"
},
"scripts": {
"build": "npx projen build",
@@ -18,7 +18,6 @@
"package": "npx projen package",
"package-all": "npx projen package-all",
"package:dotnet": "npx projen package:dotnet",
- "package:java": "npx projen package:java",
"package:js": "npx projen package:js",
"package:python": "npx projen package:python",
"post-compile": "npx projen post-compile",
@@ -61,12 +60,12 @@
"typescript": "5.2.x"
},
"peerDependencies": {
- "@gammarer/aws-secure-bucket": "~1.1.0",
+ "@gammarers/aws-secure-bucket": "~1.3.1",
"aws-cdk-lib": "^2.80.0",
"constructs": "^10.0.5"
},
"dependencies": {
- "@gammarer/aws-secure-bucket": "~1.1.0"
+ "@gammarers/aws-secure-bucket": "~1.3.1"
},
"keywords": [
"aws",
@@ -134,20 +133,13 @@
"jsii": {
"outdir": "dist",
"targets": {
- "java": {
- "package": "com.gammarer.cdk.aws.secure_vpc_bucket",
- "maven": {
- "groupId": "com.gammarer",
- "artifactId": "aws-secure-vpc-bucket"
- }
- },
"python": {
- "distName": "gammarer.aws-secure-vpc-bucket",
- "module": "gammarer.aws_secure_vpc_bucket"
+ "distName": "gammarers.aws-secure-vpc-bucket",
+ "module": "gammarers.aws_secure_vpc_bucket"
},
"dotnet": {
- "namespace": "Gammarer.CDK.AWS",
- "packageId": "Gammarer.CDK.AWS.SecureVpcBucket"
+ "namespace": "Gammarers.CDK.AWS",
+ "packageId": "Gammarers.CDK.AWS.SecureVpcBucket"
}
},
"tsc": {
diff --git a/src/index.ts b/src/index.ts
index dfa8f77..6e87c78 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,4 +1,4 @@
-import { SecureBucket, SecureBucketEncryption } from '@gammarer/aws-secure-bucket';
+import { SecureBucket, SecureBucketEncryption } from '@gammarers/aws-secure-bucket';
import * as cdk from 'aws-cdk-lib';
import * as iam from 'aws-cdk-lib/aws-iam';
import { Construct } from 'constructs';
diff --git a/yarn.lock b/yarn.lock
index a58cb71..f6544c4 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -362,10 +362,10 @@
resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.57.0.tgz#a5417ae8427873f1dd08b70b3574b453e67b5f7f"
integrity sha512-Ys+3g2TaW7gADOJzPt83SJtCDhMjndcDMFVQ/Tj9iA1BfJzFKD9mAUXT3OenpuPHbI6P/myECxRJrofUsDx/5g==
-"@gammarer/aws-secure-bucket@~1.1.0":
- version "1.1.13"
- resolved "https://registry.yarnpkg.com/@gammarer/aws-secure-bucket/-/aws-secure-bucket-1.1.13.tgz#2caf80c8a922354c51053f7a48f73e3e873392a0"
- integrity sha512-NtK8GgEY2mnITw1+Rtgjlm+4eKFKU7a3i/z4qkf9bLiRuD7XirDLGvzAqi4GMKVEYA4jYeSDkSzPkjAkUOsY+w==
+"@gammarers/aws-secure-bucket@~1.3.1":
+ version "1.3.2"
+ resolved "https://registry.yarnpkg.com/@gammarers/aws-secure-bucket/-/aws-secure-bucket-1.3.2.tgz#8ed29da72a06b2a6d053b467a30e458d9f736123"
+ integrity sha512-Mn3I8/FNBetvwcNWArwiPqTdftV0drL+jgRE13Zu9Bz+RFrLpIsi94JkaNB95xOnFdF8rsX5BGw7rVLxq79hfg==
"@humanwhocodes/config-array@^0.11.14":
version "0.11.14"