sst 2.8.8 → 2.8.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -149,9 +149,8 @@ export interface BucketProps {
149
149
  name?: string;
150
150
  /**
151
151
  * The CORS configuration of this bucket.
152
- *
152
+ * @default true
153
153
  * @example
154
- *
155
154
  * ```js
156
155
  * new Bucket(stack, "Bucket", {
157
156
  * cors: true,
@@ -170,6 +169,17 @@ export interface BucketProps {
170
169
  * ```
171
170
  */
172
171
  cors?: boolean | BucketCorsRule[];
172
+ /**
173
+ * Block public access to this bucket.
174
+ * @default false
175
+ * @example
176
+ * ```js
177
+ * new Bucket(stack, "Bucket", {
178
+ * blockPublicAccess: true,
179
+ * });
180
+ * ```
181
+ */
182
+ blockPublicAccess?: boolean;
173
183
  /**
174
184
  * The default function props to be applied to all the Lambda functions in the API. The `environment`, `permissions` and `layers` properties will be merged with per route definitions if they are defined.
175
185
  *
@@ -347,5 +357,6 @@ export declare class Bucket extends Construct implements SSTConstruct {
347
357
  private addTopicNotification;
348
358
  private addFunctionNotification;
349
359
  private buildCorsConfig;
360
+ private buildBlockPublicAccessConfig;
350
361
  }
351
362
  export {};
@@ -4,7 +4,7 @@ import { Topic } from "./Topic.js";
4
4
  import { getFunctionRef, isCDKConstruct } from "./Construct.js";
5
5
  import { Function as Fn, } from "./Function.js";
6
6
  import { toCdkDuration } from "./util/duration.js";
7
- import { Bucket as CDKBucket, EventType, HttpMethods, } from "aws-cdk-lib/aws-s3";
7
+ import { Bucket as CDKBucket, BlockPublicAccess, EventType, HttpMethods, } from "aws-cdk-lib/aws-s3";
8
8
  import { LambdaDestination, SnsDestination, SqsDestination, } from "aws-cdk-lib/aws-s3-notifications";
9
9
  /////////////////////
10
10
  // Construct
@@ -171,7 +171,7 @@ export class Bucket extends Construct {
171
171
  };
172
172
  }
173
173
  createBucket() {
174
- const { name, cors, cdk } = this.props;
174
+ const { name, cors, blockPublicAccess, cdk } = this.props;
175
175
  if (isCDKConstruct(cdk?.bucket)) {
176
176
  if (cors !== undefined) {
177
177
  throw new Error(`Cannot configure the "cors" when "cdk.bucket" is a construct`);
@@ -182,6 +182,7 @@ export class Bucket extends Construct {
182
182
  this.cdk.bucket = new CDKBucket(this, "Bucket", {
183
183
  bucketName: name,
184
184
  cors: this.buildCorsConfig(cors),
185
+ blockPublicAccess: this.buildBlockPublicAccessConfig(blockPublicAccess),
185
186
  ...cdk?.bucket,
186
187
  });
187
188
  }
@@ -281,10 +282,10 @@ export class Bucket extends Construct {
281
282
  fn.bind(this.bindingForAllNotifications);
282
283
  }
283
284
  buildCorsConfig(cors) {
284
- if (cors === undefined || cors === false) {
285
+ if (cors === false) {
285
286
  return;
286
287
  }
287
- if (cors === true) {
288
+ if (cors === undefined || cors === true) {
288
289
  return [
289
290
  {
290
291
  allowedHeaders: ["*"],
@@ -308,4 +309,14 @@ export class Bucket extends Construct {
308
309
  maxAge: e.maxAge && toCdkDuration(e.maxAge).toSeconds(),
309
310
  }));
310
311
  }
312
+ buildBlockPublicAccessConfig(config) {
313
+ return config === true
314
+ ? BlockPublicAccess.BLOCK_ALL
315
+ : new BlockPublicAccess({
316
+ blockPublicAcls: false,
317
+ blockPublicPolicy: false,
318
+ ignorePublicAcls: false,
319
+ restrictPublicBuckets: false,
320
+ });
321
+ }
311
322
  }
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "sideEffects": false,
3
3
  "name": "sst",
4
- "version": "2.8.8",
4
+ "version": "2.8.9",
5
5
  "bin": {
6
6
  "sst": "cli/sst.js"
7
7
  },