Skip to content

Commit

Permalink
chore(s3): documented how the bucket encryption configuration is comp…
Browse files Browse the repository at this point in the history 
…uted (#25079)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
@otaviomacedo
otaviomacedo authored Apr 12, 2023
1 parent c9733a6 commit 0480e47
Showing 1 changed file with 16 additions and 1 deletion.
17 changes: 16 additions & 1 deletion packages/aws-cdk-lib/aws-s3/lib/bucket.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1983,7 +1983,22 @@ export class Bucket extends BucketBase {

/**
* Set up key properties and return the Bucket encryption property from the
* user's configuration.
* user's configuration, according to the following table:
*
* | props.encryption | props.encryptionKey | props.bucketKeyEnabled | bucketEncryption (return value) | encryptionKey (return value) |
* |------------------|---------------------|------------------------|---------------------------------|------------------------------|
* | undefined | undefined | e | undefined | undefined |
* | UNENCRYPTED | undefined | false | undefined | undefined |
* | undefined | k | e | SSE-KMS, bucketKeyEnabled = e | k |
* | KMS | k | e | SSE-KMS, bucketKeyEnabled = e | k |
* | KMS | undefined | e | SSE-KMS, bucketKeyEnabled = e | new key |
* | KMS_MANAGED | undefined | e | SSE-KMS, bucketKeyEnabled = e | undefined |
* | S3_MANAGED | undefined | false | SSE-S3 | undefined |
* | UNENCRYPTED | undefined | true | ERROR! | ERROR! |
* | UNENCRYPTED | k | e | ERROR! | ERROR! |
* | KMS_MANAGED | k | e | ERROR! | ERROR! |
* | S3_MANAGED | undefined | true | ERROR! | ERROR! |
* | S3_MANAGED | k | e | ERROR! | ERROR! |
*/
private parseEncryption(props: BucketProps): {
bucketEncryption?: CfnBucket.BucketEncryptionProperty,
Expand Down

0 comments on commit 0480e47

Please sign in to comment.