Readonly
customCustom policy overrides configuration.
Use this configuration to provide JSON string policy file for bucket resource policy. Bucket resource policy will be over written by content of this file, so when using these option policy files must contain complete policy document. When customPolicyOverrides.s3Policy defined importedBucket.applyAcceleratorManagedBucketPolicy can not be set to true also s3ResourcePolicyAttachments property can not be defined.
Use the following configuration to apply custom bucket resource policy overrides through policy JSON file.
customPolicyOverrides:
s3Policy: path/to/policy.json
undefined
Optional
Readonly
deploymentTo control target environments (AWS Account and Region) for the given accessLogBucket
setting, you may optionally specify deployment targets.
Leaving deploymentTargets
undefined will apply useCMK
setting to all accounts and enabled regions.
Readonly
enableFlag indicating S3 access logging bucket is enable by solution.
When this property is undefined solution will create S3 access log bucket. You can use deploymentTargets
to control target accounts and regions for the given accessLogBucket
configuration.
In the solution, this property will be ignored and S3 Access log buckets will be created for the installer bucket,
pipeline bucket, solution deployed CentralLogs bucket, and solution deployed Assets bucket, since these buckets always have server access logging enabled.
Readonly
importedImported bucket configuration.
Use this configuration when accelerator will import existing AccessLogs bucket.
Use the following configuration to imported AccessLogs bucket, manage bucket resource policy through solution.
importedBucket:
name: existing-access-log-bucket
applyAcceleratorManagedBucketPolicy: true
undefined
Readonly
lifecycleDeclaration of (S3 Bucket) Lifecycle rules.
Readonly
s3JSON policy files.
Policy statements from these files will be added to the bucket resource policy. This property can not be used when customPolicyOverrides.s3Policy property has value.
Note: When Block Public Access is enabled for S3 on the AWS account, you can't specify a policy that would make the S3 Bucket public.
Generated using TypeDoc
GlobalConfig / LoggingConfig / AccessLogBucketConfig
Description
Accelerator global S3 access logging configuration
Example