bucket_acl#
State module for managing acl policy for S3 bucket.
- async idem_aws.states.aws.s3.bucket_acl.present(hub, ctx, name: str, access_control_policy: AccessControlPolicy, resource_id: str = None) Dict[str, Any] [source]#
Create/Update the ACL policy for S3 bucket.
Amazon S3 access control lists (ACLs) enable you to manage access to bucket and objects. Each bucket and object has an ACL attached to it as a subresource. It defines which AWS accounts or groups are granted access and the type of access. When a request is received against a resource, Amazon S3 checks the corresponding ACL to verify that the requester has the necessary access permissions.
- Parameters:
name (str) – The bucket name on which ACL gets apply.
resource_id (str, Optional) – Name of the S3 bucket.
access_control_policy (dict) –
Contains the elements that set the ACL permissions for an object per grantee.
- Grants (list[dict[str, Any]], Optional):
A list of grants.
- Grantee (dict[str, Any], Optional):
The person being granted permissions.
- DisplayName (str, Optional):
Screen name of the grantee.
- EmailAddress (str, Optional):
Email address of the grantee. Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions: US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
- ID (str, Optional):
The canonical user ID of the grantee.
- Type (str):
Type of grantee
- URI (str, Optional):
URI of the grantee group.
- Permission (str, Optional):
Specifies the permission given to the grantee.
- Owner (dict, Optional):
Container for the bucket owner’s display name and ID.
- DisplayName (str, Optional):
Container for the display name of the owner.
- ID (str, Optional):
Container for the ID of the owner.
- Request Syntax:
[bucket_name]: aws.s3.bucket_acl.present: - name: "string" - resource_id: "string" - access_control_policy: Grants: - Grantee: DisplayName: [string] EmailAddress: [string] ID: [string] Type: [string] URI: [string] Permission: [string] Owner: DisplayName: [string] ID: [string]
- Returns:
dict[str, Any]
Examples
resource_is_present: aws.s3.bucket_acl.present: - name: value - access_control_policy: value
- async idem_aws.states.aws.s3.bucket_acl.absent(hub, ctx, name: str, resource_id: str = None) Dict[str, Any] [source]#
Deletes associated ACL policy for an S3 bucket.
This action cannot be possible as AWS does not provide an API to dissociate the ACL from S3 bucket, The ACL policy will be deleted post the bucket gets deleted.
- Parameters:
- Request Syntax:
[bucket_name]: aws.s3.bucket_acl.absent: - name: "string" - resource_id: "string"
- Returns:
dict[str, Any]
Examples
resource_is_absent: aws.s3.bucket_acl.absent: - name: value - resource_id: value
- async idem_aws.states.aws.s3.bucket_acl.describe(hub, ctx) Dict[str, Dict[str, Any]] [source]#
Gets information about the ACL policy attached to S3 bucket.
Describe the resource in a way that can be recreated/managed with the corresponding “present” function
- Returns:
dict[str, Any]
Examples
$ idem describe aws.s3.bucket_acl