Secure S3 Bucket construct used in Enterprise DAPL
Project description
DAPL Secure Bucket Construcs
This Secure Bucket construcs extends the S3 Bucket construct. When using this construct, you will create a S3 bucket with default security best practises enabled. These are:
- Block public access
- Enabled versioning
- Enable enforce SSL to connect to bucket
- Enabled Bucket access logging
- Encryption of the bucket with a customer managed KMS key with enabled key rotation and trusted account identities and admins.
- Lifecycle management on objects, move items to Infrequently Access after one month
These best practises are enforced. When creating a SecureBucket with for example versioning disabled, it will be overwritten to enabled.
Usage
install package
npm install @dapl_secure_bucket
Import the secure bucket construct in your code.
// Import necessary packages
import { Stack, StackProps } from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { SecureBucket } from 'dapl-secure-bucket';
export class SecureBucketStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
new SecureBucket(this, 'myEnterpriseLevelSecureBucket',{});
}
}
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dapl-secure-bucket-0.0.3.tar.gz
(36.7 kB
view hashes)
Built Distribution
Close
Hashes for dapl_secure_bucket-0.0.3-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d366ed29270a1776cb1f4fe2549508e663404ba4680b18974663b60197eed6e3 |
|
| MD5 | 8296713c052f2d33758028c340d556b0 |
|
| BLAKE2b-256 | 98711e6876b22ec50fa421971c3d36050462d251e26a87c5e2596c8d008821e0 |
