Secure S3 Bucket construct used in Enterprise DAPL
Project description
DAPL Secure Bucket Construcs
This Secure Bucket construcs extends the S3 Bucket construct. When using this construct, you will create a S3 bucket with default security best practises enabled. These are:
- Block public access
- Enabled versioning
- Enable enforce SSL to connect to bucket
- Enabled Bucket access logging
- Encryption of the bucket with a customer managed KMS key with enabled key rotation and trusted account identities and admins.
- Lifecycle management on objects, move items to Infrequently Access after one month
These best practises are enforced. When creating a SecureBucket with for example versioning disabled, it will be overwritten to enabled.
Usage
install package
npm install @dapl_secure_bucket
Import the secure bucket construct in your code.
// Import necessary packages
import { Stack, StackProps } from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { SecureBucket } from 'dapl-secure-bucket';
export class SecureBucketStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
new SecureBucket(this, 'myEnterpriseLevelSecureBucket',{});
}
}
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dapl-secure-bucket-0.0.2.tar.gz
(36.7 kB
view hashes)
Built Distribution
Close
Hashes for dapl_secure_bucket-0.0.2-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f272bdc9e9b928671f09c37369fceaf34965473ac38dd12630bdf06331ac8e18 |
|
| MD5 | 95a821ff1c61094c5d7208300c084633 |
|
| BLAKE2b-256 | dc03c8b52620da28fd34519b6814f9970801135ff36eec066a6de25092d64588 |
