JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 135
  • Score
    100M100P100Q87590F
  • License Apache-2.0

An AWS CDK construct that defines an S3 bucket with security-focused defaults. It wraps the standard s3.Bucket and applies settings that follow AWS best practices, so you can create buckets without accidentally leaving them open or unencrypted. You can still override any option or use it as a drop-in replacement where a regular s3.Bucket is expected. For CDK pipeline artifact buckets or CloudFront origins, use the bucketType option so encryption and resource policies are set appropriately.

Package Exports

  • aws-secure-bucket
  • aws-secure-bucket/lib/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (aws-secure-bucket) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

AWS Secure Bucket

GitHub npm version GitHub Workflow Status (branch) GitHub Workflow Status (branch) GitHub release (latest SemVer)

An AWS CDK construct that defines an S3 bucket with security-focused defaults. It wraps the standard s3.Bucket and applies settings that follow AWS best practices, so you can create buckets without accidentally leaving them open or unencrypted. You can still override any option or use it as a drop-in replacement where a regular s3.Bucket is expected. For CDK pipeline artifact buckets or CloudFront origins, use the bucketType option so encryption and resource policies are set appropriately.

Default behavior:

  • Bucket Access Control is Private
  • Public Read Access is false
  • Enforce SSL
  • All Block public access
  • Require encryption
  • Versioned (default: true)
  • Object ownership: BucketOwnerEnforced

Constructor Options

The SecureBucket constructor accepts SecureBucketProps. Since it extends s3.BucketProps, you can also use standard S3 Bucket options such as bucketName and versioned.

SecureBucket-specific options

Property Type Default Description
bucketType SecureBucketType SecureBucketType.DEFAULT_BUCKET The bucket type. Determines encryption and resource policy behavior.

SecureBucketType values:

Constant Use case
SecureBucketType.DEFAULT_BUCKET Default bucket when not using a custom Qualifier
SecureBucketType.DEPLOYMENT_PIPELINE_ARTIFACT_BUCKET CDK pipeline artifact bucket (when using a custom Qualifier)
SecureBucketType.CLOUDFRONT_ORIGIN_BUCKET CloudFront origin bucket

See API.md for the full API reference.

Install

TypeScript

npm:

npm install aws-secure-bucket

yarn:

yarn add aws-secure-bucket

Example

import { SecureBucket } from 'aws-secure-bucket';

const bucket = new SecureBucket(stack, 'SecureBucket', {
  bucketName: 'example-secure-bucket',
});

License

This project is licensed under the Apache-2.0 License.