S3BackendConfig (com.hashicorp:cdktf 0.15.0-pre.56 API)

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Subinterfaces:

DataTerraformRemoteStateS3Config

All Known Implementing Classes:

DataTerraformRemoteStateS3Config.Jsii$Proxy, S3BackendConfig.Jsii$Proxy
```
@Generated(value="jsii-pacmak/1.73.0 (build 6faeda3)",
           date="2023-01-13T13:26:44.071Z")
 @Stability(value=Experimental)
public interface S3BackendConfig
extends software.amazon.jsii.JsiiSerializable
```
(experimental) Stores the state as a given key in a given bucket on Amazon S3.
This backend also supports state locking and consistency checking via Dynamo DB, which can be enabled by setting the dynamodb_table field to an existing DynamoDB table name. A single DynamoDB table can be used to lock multiple remote state files. Terraform generates key names that include the values of the bucket and key variables.
Warning! It is highly recommended that you enable Bucket Versioning on the S3 bucket to allow for state recovery in the case of accidental deletions and human error.
Read more about this backend in the Terraform docs: https://www.terraform.io/language/settings/backends/s3

Nested Class Summary

Nested Classes
Modifier and Type	Interface and Description
`static class`	`S3BackendConfig.Builder` A builder for `S3BackendConfig`
`static class`	`S3BackendConfig.Jsii$Proxy` An implementation for `S3BackendConfig`

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Default Methods
Modifier and Type	Method and Description
`static S3BackendConfig.Builder`	`builder()`
`default String`	`getAccessKey()` (experimental) (Optional) AWS access key.
`default String`	`getAcl()` (experimental) (Optional) Canned ACL to be applied to the state file.
`default String`	`getAssumeRolePolicy()` (experimental) (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
`default List<String>`	`getAssumeRolePolicyArns()` (experimental) (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.
`default Map<String,String>`	`getAssumeRoleTags()` (experimental) (Optional) Map of assume role session tags.
`default List<String>`	`getAssumeRoleTransitiveTagKeys()` (experimental) (Optional) Set of assume role session tag keys to pass to any subsequent sessions.
`String`	`getBucket()` (experimental) Name of the S3 Bucket.
`default String`	`getDynamodbEndpoint()` (experimental) (Optional) Custom endpoint for the AWS DynamoDB API.
`default String`	`getDynamodbTable()` (experimental) (Optional) Name of DynamoDB Table to use for state locking and consistency.
`default Boolean`	`getEncrypt()` (experimental) (Optional) Enable server side encryption of the state file.
`default String`	`getEndpoint()` (experimental) (Optional) Custom endpoint for the AWS S3 API.
`default String`	`getExternalId()` (experimental) (Optional) External identifier to use when assuming the role.
`default Boolean`	`getForcePathStyle()` (experimental) (Optional) Enable path-style S3 URLs (https:/// instead of https://.).
`default String`	`getIamEndpoint()` (experimental) (Optional) Custom endpoint for the AWS Identity and Access Management (IAM) API.
`String`	`getKey()` (experimental) Path to the state file inside the S3 Bucket.
`default String`	`getKmsKeyId()` (experimental) (Optional) Amazon Resource Name (ARN) of a Key Management Service (KMS) Key to use for encrypting the state.
`default Number`	`getMaxRetries()` (experimental) (Optional) The maximum number of times an AWS API request is retried on retryable failure.
`default String`	`getProfile()` (experimental) (Optional) Name of AWS profile in AWS shared credentials file (e.g.
`default String`	`getRegion()` (experimental) AWS Region of the S3 Bucket and DynamoDB Table (if used).
`default String`	`getRoleArn()` (experimental) (Optional) Amazon Resource Name (ARN) of the IAM Role to assume.
`default String`	`getSecretKey()` (experimental) (Optional) AWS secret access key.
`default String`	`getSessionName()` (experimental) (Optional) Session name to use when assuming the role.
`default String`	`getSharedCredentialsFile()` (experimental) (Optional) Path to the AWS shared credentials file.
`default Boolean`	`getSkipCredentialsValidation()` (experimental) (Optional) Skip credentials validation via the STS API.
`default Boolean`	`getSkipMetadataApiCheck()` (experimental) (Optional) Skip usage of EC2 Metadata API.
`default Boolean`	`getSkipRegionValidation()` (experimental) (Optional) Skip validation of provided region name.
`default String`	`getSseCustomerKey()` (experimental) (Optional) The key to use for encrypting state with Server-Side Encryption with Customer-Provided Keys (SSE-C).
`default String`	`getStsEndpoint()` (experimental) (Optional) Custom endpoint for the AWS Security Token Service (STS) API.
`default String`	`getToken()` (experimental) (Optional) Multi-Factor Authentication (MFA) token.
`default String`	`getWorkspaceKeyPrefix()` (experimental) (Optional) Prefix applied to the state path inside the bucket.

Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson

- Method Detail
  - getBucket
```
@Stability(value=Experimental)
 @NotNull
String getBucket()
```
    (experimental) Name of the S3 Bucket.
  - getKey
```
@Stability(value=Experimental)
 @NotNull
String getKey()
```
    (experimental) Path to the state file inside the S3 Bucket.
    When using a non-default workspace, the state path will be /workspace_key_prefix/workspace_name/key
  - getAccessKey
```
@Stability(value=Experimental)
 @Nullable
default String getAccessKey()
```
    (experimental) (Optional) AWS access key.
    If configured, must also configure secret_key. This can also be sourced from the AWS_ACCESS_KEY_ID environment variable, AWS shared credentials file (e.g. ~/.aws/credentials), or AWS shared configuration file (e.g. ~/.aws/config).
  - getAcl
```
@Stability(value=Experimental)
 @Nullable
default String getAcl()
```
    (experimental) (Optional) Canned ACL to be applied to the state file.
  - getAssumeRolePolicy
```
@Stability(value=Experimental)
 @Nullable
default String getAssumeRolePolicy()
```
    (experimental) (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
  - getAssumeRolePolicyArns
```
@Stability(value=Experimental)
 @Nullable
default List<String> getAssumeRolePolicyArns()
```
    (experimental) (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.
  - getAssumeRoleTags
```
@Stability(value=Experimental)
 @Nullable
default Map<String,String> getAssumeRoleTags()
```
    (experimental) (Optional) Map of assume role session tags.
  - getAssumeRoleTransitiveTagKeys
```
@Stability(value=Experimental)
 @Nullable
default List<String> getAssumeRoleTransitiveTagKeys()
```
    (experimental) (Optional) Set of assume role session tag keys to pass to any subsequent sessions.
  - getDynamodbEndpoint
```
@Stability(value=Experimental)
 @Nullable
default String getDynamodbEndpoint()
```
    (experimental) (Optional) Custom endpoint for the AWS DynamoDB API.
    This can also be sourced from the AWS_DYNAMODB_ENDPOINT environment variable.
  - getDynamodbTable
```
@Stability(value=Experimental)
 @Nullable
default String getDynamodbTable()
```
    (experimental) (Optional) Name of DynamoDB Table to use for state locking and consistency.
    The table must have a partition key named LockID with type of String. If not configured, state locking will be disabled.
  - getEncrypt
```
@Stability(value=Experimental)
 @Nullable
default Boolean getEncrypt()
```
    (experimental) (Optional) Enable server side encryption of the state file.
  - getEndpoint
```
@Stability(value=Experimental)
 @Nullable
default String getEndpoint()
```
    (experimental) (Optional) Custom endpoint for the AWS S3 API.
    This can also be sourced from the AWS_S3_ENDPOINT environment variable.
  - getExternalId
```
@Stability(value=Experimental)
 @Nullable
default String getExternalId()
```
    (experimental) (Optional) External identifier to use when assuming the role.
  - getForcePathStyle
```
@Stability(value=Experimental)
 @Nullable
default Boolean getForcePathStyle()
```
    (experimental) (Optional) Enable path-style S3 URLs (https:/// instead of https://.).
  - getIamEndpoint
```
@Stability(value=Experimental)
 @Nullable
default String getIamEndpoint()
```
    (experimental) (Optional) Custom endpoint for the AWS Identity and Access Management (IAM) API.
    This can also be sourced from the AWS_IAM_ENDPOINT environment variable.
  - getKmsKeyId
```
@Stability(value=Experimental)
 @Nullable
default String getKmsKeyId()
```
    (experimental) (Optional) Amazon Resource Name (ARN) of a Key Management Service (KMS) Key to use for encrypting the state.
    Note that if this value is specified, Terraform will need kms:Encrypt, kms:Decrypt and kms:GenerateDataKey permissions on this KMS key.
  - getMaxRetries
```
@Stability(value=Experimental)
 @Nullable
default Number getMaxRetries()
```
    (experimental) (Optional) The maximum number of times an AWS API request is retried on retryable failure.
    Defaults to 5.
  - getProfile
```
@Stability(value=Experimental)
 @Nullable
default String getProfile()
```
    (experimental) (Optional) Name of AWS profile in AWS shared credentials file (e.g. ~/.aws/credentials) or AWS shared configuration file (e.g. ~/.aws/config) to use for credentials and/or configuration. This can also be sourced from the AWS_PROFILE environment variable.
  - getRegion
```
@Stability(value=Experimental)
 @Nullable
default String getRegion()
```
    (experimental) AWS Region of the S3 Bucket and DynamoDB Table (if used).
    This can also be sourced from the AWS_DEFAULT_REGION and AWS_REGION environment variables.
  - getRoleArn
```
@Stability(value=Experimental)
 @Nullable
default String getRoleArn()
```
    (experimental) (Optional) Amazon Resource Name (ARN) of the IAM Role to assume.
  - getSecretKey
```
@Stability(value=Experimental)
 @Nullable
default String getSecretKey()
```
    (experimental) (Optional) AWS secret access key.
    If configured, must also configure access_key. This can also be sourced from the AWS_SECRET_ACCESS_KEY environment variable, AWS shared credentials file (e.g. ~/.aws/credentials), or AWS shared configuration file (e.g. ~/.aws/config)
  - getSessionName
```
@Stability(value=Experimental)
 @Nullable
default String getSessionName()
```
    (experimental) (Optional) Session name to use when assuming the role.
  - getSharedCredentialsFile
```
@Stability(value=Experimental)
 @Nullable
default String getSharedCredentialsFile()
```
    (experimental) (Optional) Path to the AWS shared credentials file.
    Defaults to ~/.aws/credentials.
  - getSkipCredentialsValidation
```
@Stability(value=Experimental)
 @Nullable
default Boolean getSkipCredentialsValidation()
```
    (experimental) (Optional) Skip credentials validation via the STS API.
  - getSkipMetadataApiCheck
```
@Stability(value=Experimental)
 @Nullable
default Boolean getSkipMetadataApiCheck()
```
    (experimental) (Optional) Skip usage of EC2 Metadata API.
  - getSkipRegionValidation
```
@Stability(value=Experimental)
 @Nullable
default Boolean getSkipRegionValidation()
```
    (experimental) (Optional) Skip validation of provided region name.
  - getSseCustomerKey
```
@Stability(value=Experimental)
 @Nullable
default String getSseCustomerKey()
```
    (experimental) (Optional) The key to use for encrypting state with Server-Side Encryption with Customer-Provided Keys (SSE-C).
    This is the base64-encoded value of the key, which must decode to 256 bits. This can also be sourced from the AWS_SSE_CUSTOMER_KEY environment variable, which is recommended due to the sensitivity of the value. Setting it inside a terraform file will cause it to be persisted to disk in terraform.tfstate.
  - getStsEndpoint
```
@Stability(value=Experimental)
 @Nullable
default String getStsEndpoint()
```
    (experimental) (Optional) Custom endpoint for the AWS Security Token Service (STS) API.
    This can also be sourced from the AWS_STS_ENDPOINT environment variable.
  - getToken
```
@Stability(value=Experimental)
 @Nullable
default String getToken()
```
    (experimental) (Optional) Multi-Factor Authentication (MFA) token.
    This can also be sourced from the AWS_SESSION_TOKEN environment variable.
  - getWorkspaceKeyPrefix
```
@Stability(value=Experimental)
 @Nullable
default String getWorkspaceKeyPrefix()
```
    (experimental) (Optional) Prefix applied to the state path inside the bucket.
    This is only relevant when using a non-default workspace. Defaults to env:
  - builder
```
@Stability(value=Experimental)
static S3BackendConfig.Builder builder()
```
    Returns:
    
    a S3BackendConfig.Builder of S3BackendConfig

Interface S3BackendConfig

Nested Class Summary

Method Summary

Methods inherited from interface software.amazon.jsii.JsiiSerializable

Method Detail

getBucket

getKey

getAccessKey

getAcl

getAssumeRolePolicy

getAssumeRolePolicyArns

getAssumeRoleTags

getAssumeRoleTransitiveTagKeys

getDynamodbEndpoint

getDynamodbTable

getEncrypt

getEndpoint

getExternalId

getForcePathStyle

getIamEndpoint

getKmsKeyId

getMaxRetries

getProfile

getRegion

getRoleArn

getSecretKey

getSessionName

getSharedCredentialsFile

getSkipCredentialsValidation

getSkipMetadataApiCheck

getSkipRegionValidation

getSseCustomerKey

getStsEndpoint

getToken

getWorkspaceKeyPrefix

builder