Initializers
| Name | Type | Description |
|---|---|---|
scope | software.constructs.Construct | No description. |
bucket | java.lang.String | Name of the S3 Bucket. |
key | java.lang.String | Path to the state file inside the S3 Bucket. |
accessKey | java.lang.String | (Optional) AWS access key. |
acl | java.lang.String | (Optional) Canned ACL to be applied to the state file. |
allowedAccountIds | java.util.List< java.lang.String > | (Optional) List of allowed AWS account IDs to prevent potential destruction of a live environment. |
assumeRole | S3BackendAssumeRoleConfig | Assuming an IAM Role can be configured in two ways. |
assumeRolePolicy | java.lang.String | (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. |
assumeRolePolicyArns | java.util.List< java.lang.String > | (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed. |
assumeRoleTags | java.util.Map< java.lang.String, java.lang.String > | (Optional) Map of assume role session tags. |
assumeRoleTransitiveTagKeys | java.util.List< java.lang.String > | (Optional) Set of assume role session tag keys to pass to any subsequent sessions. |
assumeRoleWithWebIdentity | S3BackendAssumeRoleWithWebIdentityConfig | Assume Role With Web Identity Configuration. |
customCaBundle | java.lang.String | (Optional) File containing custom root and intermediate certificates. |
dynamodbEndpoint | java.lang.String | (Optional) Custom endpoint for the AWS DynamoDB API. |
dynamodbTable | java.lang.String | (Optional) Name of DynamoDB Table to use for state locking and consistency. |
ec2MetadataServiceEndpoint | java.lang.String | Optional) Custom endpoint URL for the EC2 Instance Metadata Service (IMDS) API. |
ec2MetadataServiceEndpointMode | java.lang.String | (Optional) Mode to use in communicating with the metadata service. |
encrypt | java.lang.Boolean | (Optional) Enable server side encryption of the state file. |
endpoint | java.lang.String | (Optional) Custom endpoint for the AWS S3 API. |
endpoints | S3BackendEndpointConfig | (Optional) The endpoint configuration block. |
externalId | java.lang.String | (Optional) External identifier to use when assuming the role. |
forbiddenAccountIds | java.util.List< java.lang.String > | (Optional) List of forbidden AWS account IDs to prevent potential destruction of a live environment. |
forcePathStyle | java.lang.Boolean | (Optional) Enable path-style S3 URLs (https://< HOST >/< BUCKET > instead of https://< BUCKET >.< HOST >). |
httpProxy | java.lang.String | (Optional) URL of a proxy to use for HTTP requests when accessing the AWS API. |
httpsProxy | java.lang.String | (Optional) URL of a proxy to use for HTTPS requests when accessing the AWS API. |
iamEndpoint | java.lang.String | (Optional) Custom endpoint for the AWS Identity and Access Management (IAM) API. |
insecure | java.lang.Boolean | Optional) Whether to explicitly allow the backend to perform “insecure” SSL requests. |
kmsKeyId | java.lang.String | (Optional) Amazon Resource Name (ARN) of a Key Management Service (KMS) Key to use for encrypting the state. |
maxRetries | java.lang.Number | (Optional) The maximum number of times an AWS API request is retried on retryable failure. |
noProxy | java.lang.String | (Optional) Comma-separated list of hosts that should not use HTTP or HTTPS proxies. |
profile | java.lang.String | (Optional) Name of AWS profile in AWS shared credentials file (e.g. ~/.aws/credentials) or AWS shared configuration file (e.g. ~/.aws/config) to use for credentials and/or configuration. This can also be sourced from the AWS_PROFILE environment variable. |
region | java.lang.String | AWS Region of the S3 Bucket and DynamoDB Table (if used). |
retryMode | java.lang.String | (Optional) Specifies how retries are attempted. |
roleArn | java.lang.String | (Optional) Amazon Resource Name (ARN) of the IAM Role to assume. |
secretKey | java.lang.String | (Optional) AWS secret access key. |
sessionName | java.lang.String | (Optional) Session name to use when assuming the role. |
sharedConfigFiles | java.util.List< java.lang.String > | (Optional) List of paths to AWS shared configuration files. |
sharedCredentialsFile | java.lang.String | (Optional) Path to the AWS shared credentials file. |
sharedCredentialsFiles | java.util.List< java.lang.String > | (Optional) List of paths to AWS shared credentials files. |
skipCredentialsValidation | java.lang.Boolean | (Optional) Skip credentials validation via the STS API. |
skipMetadataApiCheck | java.lang.Boolean | (Optional) Skip usage of EC2 Metadata API. |
skipRegionValidation | java.lang.Boolean | (Optional) Skip validation of provided region name. |
skipRequestingAccountId | java.lang.Boolean | (Optional) Whether to skip requesting the account ID. |
skipS3Checksum | java.lang.Boolean | (Optional) Do not include checksum when uploading S3 Objects. |
sseCustomerKey | java.lang.String | (Optional) The key to use for encrypting state with Server-Side Encryption with Customer-Provided Keys (SSE-C). |
stsEndpoint | java.lang.String | (Optional) Custom endpoint for the AWS Security Token Service (STS) API. |
stsRegion | java.lang.String | (Optional) AWS region for STS. |
token | java.lang.String | (Optional) Multi-Factor Authentication (MFA) token. |
useLegacyWorkflow | java.lang.Boolean | (Optional) Use the legacy authentication workflow, preferring environment variables over backend configuration. |
usePathStyle | java.lang.Boolean | (Optional) Enable path-style S3 URLs (https://< HOST >/< BUCKET > instead of https://< BUCKET >.< HOST >). |
workspaceKeyPrefix | java.lang.String | (Optional) Prefix applied to the state path inside the bucket. |
scopeRequired
- Type: software.constructs.Construct
bucketRequired
- Type: java.lang.String
keyRequired
- Type: java.lang.String
accessKeyOptional
- Type: java.lang.String
aclOptional
- Type: java.lang.String
allowedAccountIdsOptional
- Type: java.util.List< java.lang.String >
assumeRoleOptional
Assuming an IAM Role can be configured in two ways.
The preferred way is to use the argument assume_role, the other, which is deprecated, is with arguments at the top level.
assumeRolePolicy
assumeRolePolicy- Deprecated: Use assumeRole.policy instead.
- Type: java.lang.String
assumeRolePolicyArns
assumeRolePolicyArns- Deprecated: Use assumeRole.policyArns instead.
- Type: java.util.List< java.lang.String >
assumeRoleTags
assumeRoleTags- Deprecated: Use assumeRole.tags instead.
- Type: java.util.Map< java.lang.String, java.lang.String >
assumeRoleTransitiveTagKeys
assumeRoleTransitiveTagKeys- Deprecated: Use assumeRole.transitiveTagKeys instead.
- Type: java.util.List< java.lang.String >
assumeRoleWithWebIdentityOptional
Assume Role With Web Identity Configuration.
customCaBundleOptional
- Type: java.lang.String
dynamodbEndpoint
dynamodbEndpoint- Deprecated: Use endpoints.dynamodb instead
- Type: java.lang.String
dynamodbTableOptional
- Type: java.lang.String
ec2MetadataServiceEndpointOptional
- Type: java.lang.String
ec2MetadataServiceEndpointModeOptional
- Type: java.lang.String
encryptOptional
- Type: java.lang.Boolean
endpoint
endpoint- Deprecated: Use endpoints.s3 instead
- Type: java.lang.String
endpointsOptional
- Type: S3BackendEndpointConfig
externalId
externalId- Deprecated: Use assume_role.external_id instead.
- Type: java.lang.String
forbiddenAccountIdsOptional
- Type: java.util.List< java.lang.String >
forcePathStyle
forcePathStyle- Deprecated: Use usePathStyle instead
- Type: java.lang.Boolean
httpProxyOptional
- Type: java.lang.String
httpsProxyOptional
- Type: java.lang.String
iamEndpoint
iamEndpoint- Deprecated: Use endpoints.iam instead
- Type: java.lang.String
insecureOptional
- Type: java.lang.Boolean
kmsKeyIdOptional
- Type: java.lang.String
maxRetriesOptional
- Type: java.lang.Number
noProxyOptional
- Type: java.lang.String
- A domain name
- An IP address
- A CIDR address
- An asterisk (*), to indicate that no proxying should be performed Domain name and IP address values can also include a port number. Can also be set using the NO_PROXY or no_proxy environment variables.
profileOptional
- Type: java.lang.String
regionOptional
- Type: java.lang.String
retryModeOptional
- Type: java.lang.String
roleArn
roleArn- Deprecated: Use assumeRole.roleArn instead.
- Type: java.lang.String
secretKeyOptional
- Type: java.lang.String
sessionName
sessionName- Deprecated: Use assumeRole.sessionName instead.
- Type: java.lang.String
sharedConfigFilesOptional
- Type: java.util.List< java.lang.String >
sharedCredentialsFileOptional
- Type: java.lang.String
sharedCredentialsFilesOptional
- Type: java.util.List< java.lang.String >
skipCredentialsValidationOptional
- Type: java.lang.Boolean
skipMetadataApiCheckOptional
- Type: java.lang.Boolean
skipRegionValidationOptional
- Type: java.lang.Boolean
skipRequestingAccountIdOptional
- Type: java.lang.Boolean
skipS3ChecksumOptional
- Type: java.lang.Boolean
sseCustomerKeyOptional
- Type: java.lang.String
stsEndpoint
stsEndpoint- Deprecated: Use endpoints.sts instead
- Type: java.lang.String
stsRegionOptional
- Type: java.lang.String
tokenOptional
- Type: java.lang.String
useLegacyWorkflowOptional
- Type: java.lang.Boolean
usePathStyleOptional
- Type: java.lang.Boolean
workspaceKeyPrefixOptional
- Type: java.lang.String
Methods
| Name | Description |
|---|---|
toString | Returns a string representation of this construct. |
addOverride | No description. |
overrideLogicalId | Overrides the auto-generated logical ID with a specific ID. |
resetOverrideLogicalId | Resets a previously passed logical Id to use the auto-generated logical id again. |
toHclTerraform | No description. |
toMetadata | No description. |
toTerraform | Adds this resource to the terraform JSON output. |
getRemoteStateDataSource | Creates a TerraformRemoteState resource that accesses this backend. |
toString
addOverride
pathRequired
- Type: java.lang.String
valueRequired
- Type: java.lang.Object
overrideLogicalId
newLogicalIdRequired
- Type: java.lang.String
resetOverrideLogicalId
toHclTerraform
toMetadata
toTerraform
getRemoteStateDataSource
scopeRequired
- Type: software.constructs.Construct
nameRequired
- Type: java.lang.String
_fromStackRequired
- Type: java.lang.String
Static Functions
| Name | Description |
|---|---|
isConstruct | Checks if x is a construct. |
isTerraformElement | No description. |
isBackend | No description. |
isConstruct
x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: java.lang.Object
isTerraformElement
xRequired
- Type: java.lang.Object
isBackend
xRequired
- Type: java.lang.Object
Properties
| Name | Type | Description |
|---|---|---|
node | software.constructs.Node | The tree node. |
cdktfStack | TerraformStack | No description. |
fqn | java.lang.String | No description. |
friendlyUniqueId | java.lang.String | No description. |
nodeRequired
- Type: software.constructs.Node
cdktfStackRequired
- Type: TerraformStack
fqnRequired
- Type: java.lang.String
friendlyUniqueIdRequired
- Type: java.lang.String