googleStorageDefaultObjectAcl
Authoritatively manages the default object ACLs for a Google Cloud Storage bucket without managing the bucket itself.
-> Note that for each object, its creator will have the "owner"
role in addition to the default ACL that has been defined.
For more information see the official documentation and API.
-> Want fine-grained control over default object ACLs? Use googleStorageDefaultObjectAccessControl
to control individual role entity pairs.
Example Usage
Example creating a default object ACL on a bucket with one owner, and one reader.
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleStorageBucketImageStore = new google.storageBucket.StorageBucket(
this,
"image-store",
{
location: "EU",
name: "image-store-bucket",
}
);
new google.storageDefaultObjectAcl.StorageDefaultObjectAcl(
this,
"image-store-default-acl",
{
bucket: googleStorageBucketImageStore.name,
role_entity: ["OWNER:user-my.email@gmail.com", "READER:group-mygroup"],
}
);
Argument Reference
bucket
- (Required) The name of the bucket it applies to.
roleEntity
- (Optional) List of role/entity pairs in the formrole:entity
. See GCS Object ACL documentation for more details. Omitting the field is the same as providing an empty list.
Attributes Reference
Only the arguments listed above are exposed as attributes.
Import
This resource does not support import.