Package com.hashicorp.cdktf

Class S3BackendConfig.Jsii$Proxy

java.lang.Object
software.amazon.jsii.JsiiObject
com.hashicorp.cdktf.S3BackendConfig.Jsii$Proxy
All Implemented Interfaces:
S3BackendConfig, software.amazon.jsii.JsiiSerializable
Enclosing interface:
S3BackendConfig
@Stability(Experimental) @Internal public static final class S3BackendConfig.Jsii$Proxy extends software.amazon.jsii.JsiiObject implements S3BackendConfig
An implementation for S3BackendConfig

  • Constructor Details

    • Jsii$Proxy

      protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)
      Constructor that initializes the object based on values retrieved from the JsiiObject.
      Parameters:
      objRef - Reference to the JSII managed object.

    • Jsii$Proxy

      protected Jsii$Proxy(S3BackendConfig.Builder builder)
      Constructor that initializes the object based on literal property values passed by the S3BackendConfig.Builder.

  • Method Details

    • getBucket

      public final String getBucket()
      Description copied from interface: S3BackendConfig
      (experimental) Name of the S3 Bucket.
      Specified by:
      getBucket in interface S3BackendConfig

    • getKey

      public final String getKey()
      Description copied from interface: S3BackendConfig
      (experimental) Path to the state file inside the S3 Bucket.

      When using a non-default workspace, the state path will be /workspace_key_prefix/workspace_name/key

      Specified by:
      getKey in interface S3BackendConfig

    • getAccessKey

      public final String getAccessKey()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) AWS access key.

      If configured, must also configure secret_key. This can also be sourced from the AWS_ACCESS_KEY_ID environment variable, AWS shared credentials file (e.g. ~/.aws/credentials), or AWS shared configuration file (e.g. ~/.aws/config).

      Specified by:
      getAccessKey in interface S3BackendConfig

    • getAcl

      public final String getAcl()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Canned ACL to be applied to the state file.
      Specified by:
      getAcl in interface S3BackendConfig

    • getAllowedAccountIds

      public final String getAllowedAccountIds()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) List of allowed AWS account IDs to prevent potential destruction of a live environment.

      Conflicts with forbidden_account_ids.

      Specified by:
      getAllowedAccountIds in interface S3BackendConfig

    • getAssumeRole

      public final S3BackendAssumeRoleConfig getAssumeRole()
      Description copied from interface: S3BackendConfig
      (experimental) Assuming an IAM Role can be configured in two ways.

      The preferred way is to use the argument assume_role, the other, which is deprecated, is with arguments at the top level.

      Specified by:
      getAssumeRole in interface S3BackendConfig

    • getAssumeRolePolicy

      public final String getAssumeRolePolicy()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.

      Specified by:
      getAssumeRolePolicy in interface S3BackendConfig

    • getAssumeRolePolicyArns

      public final List<String> getAssumeRolePolicyArns()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.

      Specified by:
      getAssumeRolePolicyArns in interface S3BackendConfig

    • getAssumeRoleTags

      public final Map<String,String> getAssumeRoleTags()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Map of assume role session tags.

      Specified by:
      getAssumeRoleTags in interface S3BackendConfig

    • getAssumeRoleTransitiveTagKeys

      public final List<String> getAssumeRoleTransitiveTagKeys()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Set of assume role session tag keys to pass to any subsequent sessions.

      Specified by:
      getAssumeRoleTransitiveTagKeys in interface S3BackendConfig

    • getAssumeRoleWithWebIdentity

      public final S3BackendAssumeRoleWithWebIdentityConfig getAssumeRoleWithWebIdentity()
      Description copied from interface: S3BackendConfig
      (experimental) Assume Role With Web Identity Configuration.
      Specified by:
      getAssumeRoleWithWebIdentity in interface S3BackendConfig

    • getCustomCaBundle

      public final String getCustomCaBundle()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) File containing custom root and intermediate certificates.

      Can also be set using the AWS_CA_BUNDLE environment variable. Setting ca_bundle in the shared config file is not supported.

      Specified by:
      getCustomCaBundle in interface S3BackendConfig

    • getDynamodbEndpoint

      public final String getDynamodbEndpoint()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Custom endpoint for the AWS DynamoDB API.

      This can also be sourced from the AWS_DYNAMODB_ENDPOINT environment variable.

      Specified by:
      getDynamodbEndpoint in interface S3BackendConfig

    • getDynamodbTable

      public final String getDynamodbTable()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Name of DynamoDB Table to use for state locking and consistency.

      The table must have a partition key named LockID with type of String. If not configured, state locking will be disabled.

      Specified by:
      getDynamodbTable in interface S3BackendConfig

    • getEc2MetadataServiceEndpoint

      public final String getEc2MetadataServiceEndpoint()
      Description copied from interface: S3BackendConfig
      (experimental) Optional) Custom endpoint URL for the EC2 Instance Metadata Service (IMDS) API.

      Can also be set with the AWS_EC2_METADATA_SERVICE_ENDPOINT environment variable.

      Specified by:
      getEc2MetadataServiceEndpoint in interface S3BackendConfig

    • getEc2MetadataServiceEndpointMode

      public final String getEc2MetadataServiceEndpointMode()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Mode to use in communicating with the metadata service.

      Valid values are IPv4 and IPv6. Can also be set with the AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE environment variable.

      Specified by:
      getEc2MetadataServiceEndpointMode in interface S3BackendConfig

    • getEncrypt

      public final Boolean getEncrypt()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Enable server side encryption of the state file.
      Specified by:
      getEncrypt in interface S3BackendConfig

    • getEndpoint

      public final String getEndpoint()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Custom endpoint for the AWS S3 API.

      This can also be sourced from the AWS_S3_ENDPOINT environment variable.

      Specified by:
      getEndpoint in interface S3BackendConfig

    • getEndpoints

      public final S3BackendEndpointConfig getEndpoints()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) The endpoint configuration block.
      Specified by:
      getEndpoints in interface S3BackendConfig

    • getExternalId

      public final String getExternalId()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) External identifier to use when assuming the role.

      Specified by:
      getExternalId in interface S3BackendConfig

    • getForbiddenAccountIds

      public final String getForbiddenAccountIds()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) List of forbidden AWS account IDs to prevent potential destruction of a live environment.

      Conflicts with allowed_account_ids.

      Specified by:
      getForbiddenAccountIds in interface S3BackendConfig

    • getForcePathStyle

      public final Boolean getForcePathStyle()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Enable path-style S3 URLs (https:/// instead of https://.).

      Specified by:
      getForcePathStyle in interface S3BackendConfig

    • getHttpProxy

      public final String getHttpProxy()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) URL of a proxy to use for HTTP requests when accessing the AWS API.

      Can also be set using the HTTP_PROXY or http_proxy environment variables.

      Specified by:
      getHttpProxy in interface S3BackendConfig

    • getHttpsProxy

      public final String getHttpsProxy()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) URL of a proxy to use for HTTPS requests when accessing the AWS API.

      Can also be set using the HTTPS_PROXY or https_proxy environment variables.

      Specified by:
      getHttpsProxy in interface S3BackendConfig

    • getIamEndpoint

      public final String getIamEndpoint()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Custom endpoint for the AWS Identity and Access Management (IAM) API.

      This can also be sourced from the AWS_IAM_ENDPOINT environment variable.

      Specified by:
      getIamEndpoint in interface S3BackendConfig

    • getInsecure

      public final Boolean getInsecure()
      Description copied from interface: S3BackendConfig
      (experimental) Optional) Whether to explicitly allow the backend to perform "insecure" SSL requests.

      If omitted, the default value is false.

      Specified by:
      getInsecure in interface S3BackendConfig

    • getKmsKeyId

      public final String getKmsKeyId()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Amazon Resource Name (ARN) of a Key Management Service (KMS) Key to use for encrypting the state.

      Note that if this value is specified, Terraform will need kms:Encrypt, kms:Decrypt and kms:GenerateDataKey permissions on this KMS key.

      Specified by:
      getKmsKeyId in interface S3BackendConfig

    • getMaxRetries

      public final Number getMaxRetries()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) The maximum number of times an AWS API request is retried on retryable failure.

      Defaults to 5.

      Specified by:
      getMaxRetries in interface S3BackendConfig

    • getNoProxy

      public final String getNoProxy()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Comma-separated list of hosts that should not use HTTP or HTTPS proxies.

      Each value can be one of:

      • A domain name
      • An IP address
      • A CIDR address
      • An asterisk (*), to indicate that no proxying should be performed Domain name and IP address values can also include a port number. Can also be set using the NO_PROXY or no_proxy environment variables.
      Specified by:
      getNoProxy in interface S3BackendConfig

    • getProfile

      public final String getProfile()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Name of AWS profile in AWS shared credentials file (e.g. ~/.aws/credentials) or AWS shared configuration file (e.g. ~/.aws/config) to use for credentials and/or configuration. This can also be sourced from the AWS_PROFILE environment variable.
      Specified by:
      getProfile in interface S3BackendConfig

    • getRegion

      public final String getRegion()
      Description copied from interface: S3BackendConfig
      (experimental) AWS Region of the S3 Bucket and DynamoDB Table (if used).

      This can also be sourced from the AWS_DEFAULT_REGION and AWS_REGION environment variables.

      Specified by:
      getRegion in interface S3BackendConfig

    • getRetryMode

      public final String getRetryMode()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Specifies how retries are attempted.

      Valid values are standard and adaptive. Can also be configured using the AWS_RETRY_MODE environment variable or the shared config file parameter retry_mode.

      Specified by:
      getRetryMode in interface S3BackendConfig

    • getRoleArn

      public final String getRoleArn()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Amazon Resource Name (ARN) of the IAM Role to assume.

      Specified by:
      getRoleArn in interface S3BackendConfig

    • getSecretKey

      public final String getSecretKey()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) AWS secret access key.

      If configured, must also configure access_key. This can also be sourced from the AWS_SECRET_ACCESS_KEY environment variable, AWS shared credentials file (e.g. ~/.aws/credentials), or AWS shared configuration file (e.g. ~/.aws/config)

      Specified by:
      getSecretKey in interface S3BackendConfig

    • getSessionName

      public final String getSessionName()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Session name to use when assuming the role.

      Specified by:
      getSessionName in interface S3BackendConfig

    • getSharedConfigFiles

      public final List<String> getSharedConfigFiles()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) List of paths to AWS shared configuration files.

      Defaults to ~/.aws/config.

      Specified by:
      getSharedConfigFiles in interface S3BackendConfig

    • getSharedCredentialsFile

      public final String getSharedCredentialsFile()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Path to the AWS shared credentials file.

      Defaults to ~/.aws/credentials.

      Specified by:
      getSharedCredentialsFile in interface S3BackendConfig

    • getSharedCredentialsFiles

      public final List<String> getSharedCredentialsFiles()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) List of paths to AWS shared credentials files.

      Defaults to ~/.aws/credentials.

      Specified by:
      getSharedCredentialsFiles in interface S3BackendConfig

    • getSkipCredentialsValidation

      public final Boolean getSkipCredentialsValidation()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Skip credentials validation via the STS API.
      Specified by:
      getSkipCredentialsValidation in interface S3BackendConfig

    • getSkipMetadataApiCheck

      public final Boolean getSkipMetadataApiCheck()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Skip usage of EC2 Metadata API.
      Specified by:
      getSkipMetadataApiCheck in interface S3BackendConfig

    • getSkipRegionValidation

      public final Boolean getSkipRegionValidation()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Skip validation of provided region name.
      Specified by:
      getSkipRegionValidation in interface S3BackendConfig

    • getSkipRequestingAccountId

      public final Boolean getSkipRequestingAccountId()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Whether to skip requesting the account ID.

      Useful for AWS API implementations that do not have the IAM, STS API, or metadata API.

      Specified by:
      getSkipRequestingAccountId in interface S3BackendConfig

    • getSkipS3Checksum

      public final Boolean getSkipS3Checksum()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Do not include checksum when uploading S3 Objects.

      Useful for some S3-Compatible APIs.

      Specified by:
      getSkipS3Checksum in interface S3BackendConfig

    • getSseCustomerKey

      public final String getSseCustomerKey()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) The key to use for encrypting state with Server-Side Encryption with Customer-Provided Keys (SSE-C).

      This is the base64-encoded value of the key, which must decode to 256 bits. This can also be sourced from the AWS_SSE_CUSTOMER_KEY environment variable, which is recommended due to the sensitivity of the value. Setting it inside a terraform file will cause it to be persisted to disk in terraform.tfstate.

      Specified by:
      getSseCustomerKey in interface S3BackendConfig

    • getStsEndpoint

      public final String getStsEndpoint()
      Description copied from interface: S3BackendConfig
      (deprecated) (Optional) Custom endpoint for the AWS Security Token Service (STS) API.

      This can also be sourced from the AWS_STS_ENDPOINT environment variable.

      Specified by:
      getStsEndpoint in interface S3BackendConfig

    • getStsRegion

      public final String getStsRegion()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) AWS region for STS.

      If unset, AWS will use the same region for STS as other non-STS operations.

      Specified by:
      getStsRegion in interface S3BackendConfig

    • getToken

      public final String getToken()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Multi-Factor Authentication (MFA) token.

      This can also be sourced from the AWS_SESSION_TOKEN environment variable.

      Specified by:
      getToken in interface S3BackendConfig

    • getUseLegacyWorkflow

      public final Boolean getUseLegacyWorkflow()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Use the legacy authentication workflow, preferring environment variables over backend configuration.

      Defaults to true. This behavior does not align with the authentication flow of the AWS CLI or SDK's, and will be removed in the future.

      Specified by:
      getUseLegacyWorkflow in interface S3BackendConfig

    • getUsePathStyle

      public final Boolean getUsePathStyle()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Enable path-style S3 URLs (https:/// instead of https://.).
      Specified by:
      getUsePathStyle in interface S3BackendConfig

    • getWorkspaceKeyPrefix

      public final String getWorkspaceKeyPrefix()
      Description copied from interface: S3BackendConfig
      (experimental) (Optional) Prefix applied to the state path inside the bucket.

      This is only relevant when using a non-default workspace. Defaults to env:

      Specified by:
      getWorkspaceKeyPrefix in interface S3BackendConfig

    • $jsii$toJson

      @Internal public com.fasterxml.jackson.databind.JsonNode $jsii$toJson()
      Specified by:
      $jsii$toJson in interface software.amazon.jsii.JsiiSerializable

    • equals

      public final boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object