s

    salmon-motherboard-78006

    2 weeks ago
    Hi, I’m creating a bucket with Pulumi but can’t make the object access private only (for all future objects in the bucket)…
    s3.Bucket(f"{stack}-data-lake",
                                 bucket=f"{stack}-data-lake",
                                 acl="private",
                                 versioning=s3.BucketVersioningArgs(
                                     enabled=True,
                                 ),
                                 server_side_encryption_configuration=s3.BucketServerSideEncryptionConfigurationArgs(
                                     rule=s3.BucketServerSideEncryptionConfigurationRuleArgs(
                                         apply_server_side_encryption_by_default=s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs(
                                             kms_master_key_id=s3_kms_key.arn,
                                             sse_algorithm="aws:kms",
                                         ),
                                     ),
                                 ))
    What am I missing?
    ahhh I think
    s3.AccessPoint
    will do it
    b

    bored-oyster-3147

    2 weeks ago
    I think you may also want to look at the “s3.BucketPublicAccessBlock” resource https://www.pulumi.com/registry/packages/aws/api-docs/s3/bucketpublicaccessblock/