Skip to main content
← back to extensions

@swamp/aws/s3

v2026.04.23.3

AWS S3 infrastructure models

Repository

https://github.com/systeminit/swamp-extensions

Platforms

linux-x86_64linux-aarch64darwin-x86_64darwin-aarch64

Labels

awss3cloudinfrastructure

Contents

models

Quality score

Verified by Swamp

How well-documented and verifiable this extension is.

100%

Grade A

  • Has README or module doc2/2earned
  • README has a code example1/1earned
  • README is substantive1/1earned
  • Most symbols documented1/1earned
  • No slow types1/1earned
  • Has description1/1earned
  • At least one platform tag (or universal)1/1earned
  • Two or more platform tags (or universal)1/1earned
  • License declared1/1earned
  • Verified public repository2/2earned

Install

$ swamp extension pull @swamp/aws/s3

@swamp/aws/s3/access-grantv2026.04.23.2access_grant.ts

Global Arguments

ArgumentTypeDescription
namestringInstance name for this resource (used as the unique identifier in the factory pattern)
AccessGrantsLocationIdstringThe custom S3 location to be accessed by the grantee
Tags?array
PermissionenumThe level of access to be afforded to the grantee
ApplicationArn?stringThe ARN of the application grantees will use to access the location
S3PrefixType?enumThe type of S3SubPrefix.
GranteeobjectThe principal who will be granted permission to access S3.
AccessGrantsLocationConfiguration?objectThe configuration options of the grant location, which is the S3 path to the data to which you are granting access.
createCreate a S3 AccessGrant
getGet a S3 AccessGrant
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessGrant
updateUpdate a S3 AccessGrant
deleteDelete a S3 AccessGrant
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessGrant
syncSync S3 AccessGrant state from AWS

Resources

state(infinite)— S3 AccessGrant resource state
@swamp/aws/s3/access-grants-instancev2026.04.23.2access_grants_instance.ts

Global Arguments

ArgumentTypeDescription
namestringInstance name for this resource (used as the unique identifier in the factory pattern)
IdentityCenterArn?stringThe Amazon Resource Name (ARN) of the specified AWS Identity Center.
Tags?array
createCreate a S3 AccessGrantsInstance
getGet a S3 AccessGrantsInstance
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessGrantsInstance
updateUpdate a S3 AccessGrantsInstance
deleteDelete a S3 AccessGrantsInstance
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessGrantsInstance
syncSync S3 AccessGrantsInstance state from AWS

Resources

state(infinite)— S3 AccessGrantsInstance resource state
@swamp/aws/s3/access-grants-locationv2026.04.23.2access_grants_location.ts

Global Arguments

ArgumentTypeDescription
namestringInstance name for this resource (used as the unique identifier in the factory pattern)
IamRoleArnstringThe Amazon Resource Name (ARN) of the access grant location's associated IAM role.
LocationScopestringDescriptor for where the location actually points
Tags?array
createCreate a S3 AccessGrantsLocation
getGet a S3 AccessGrantsLocation
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessGrantsLocation
updateUpdate a S3 AccessGrantsLocation
deleteDelete a S3 AccessGrantsLocation
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessGrantsLocation
syncSync S3 AccessGrantsLocation state from AWS

Resources

state(infinite)— S3 AccessGrantsLocation resource state
@swamp/aws/s3/access-pointv2026.04.23.2access_point.ts

Global Arguments

ArgumentTypeDescription
Name?stringThe name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.
BucketstringThe name of the bucket that you want to associate this Access Point with.
BucketAccountId?stringThe AWS account ID associated with the S3 bucket associated with this access point.
VpcConfiguration?objectIf you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).
PublicAccessBlockConfiguration?objectThe PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.
Policy?stringThe Access Point Policy you want to apply to this access point.
Tags?arrayAn arbitrary set of tags (key-value pairs) for this S3 Access Point.
createCreate a S3 AccessPoint
getGet a S3 AccessPoint
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessPoint
updateUpdate a S3 AccessPoint
deleteDelete a S3 AccessPoint
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 AccessPoint
syncSync S3 AccessPoint state from AWS

Resources

state(infinite)— S3 AccessPoint resource state
@swamp/aws/s3/bucketv2026.04.23.2bucket.ts

Global Arguments

ArgumentTypeDescription
AccelerateConfiguration?objectConfigures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*.
AccessControl?enumThis is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [
AnalyticsConfigurations?arraySpecifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
BucketEncryption?objectSpecifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*.
BucketName?stringA name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html)
BucketNamePrefix?string
BucketNamespace?enum
CorsConfiguration?objectDescribes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*.
IntelligentTieringConfigurations?arrayDefines how Amazon S3 handles Intelligent-Tiering storage.
InventoryConfigurations?arraySpecifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.
LifecycleConfiguration?objectSpecifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*.
LoggingConfiguration?objectSettings that define where logs are stored.
MetricsConfigurations?arraySpecifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).
MetadataTableConfiguration?objectThe metadata table configuration of an S3 general purpose bucket.
MetadataConfiguration?objectThe S3 Metadata configuration for a general purpose bucket.
NotificationConfiguration?objectConfiguration that defines how Amazon S3 handles bucket notifications.
ObjectLockConfiguration?objectThis operation is not supported for directory buckets. Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). The DefaultRetention settings require both a mode and a period. The DefaultRetention period can be either Days or Years but you must select on
ObjectLockEnabled?booleanIndicates whether this bucket has an Object Lock configuration enabled. Enable ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket.
OwnershipControls?objectConfiguration that defines how Amazon S3 handles Object Ownership rules.
PublicAccessBlockConfiguration?objectConfiguration that defines how Amazon S3 handles public access.
ReplicationConfiguration?objectConfiguration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the VersioningConfiguration property. Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
Tags?arrayAn arbitrary set of tags (key-value pairs) for this S3 bucket.
AbacStatus?enumThe ABAC status of the general purpose bucket. When ABAC is enabled for the general purpose bucket, you can use tags to manage access to the general purpose buckets as well as for cost tracking purposes. When ABAC is disabled for the general purpose buckets, you can only use tags for cost tracking purposes. For more information, see [Using tags with S3 general purpose buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging.html).
VersioningConfiguration?objectEnables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( PUT or DELETE) on objects in the bucket.
WebsiteConfiguration?objectInformation used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).
createCreate a S3 Bucket
getGet a S3 Bucket
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 Bucket
updateUpdate a S3 Bucket
deleteDelete a S3 Bucket
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 Bucket
syncSync S3 Bucket state from AWS

Resources

state(infinite)— S3 Bucket resource state
@swamp/aws/s3/bucket-policyv2026.04.23.2bucket_policy.ts

Global Arguments

ArgumentTypeDescription
BucketstringThe name of the Amazon S3 bucket to which the policy applies.
PolicyDocumentstringA policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this gu
createCreate a S3 BucketPolicy
getGet a S3 BucketPolicy
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 BucketPolicy
updateUpdate a S3 BucketPolicy
deleteDelete a S3 BucketPolicy
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 BucketPolicy
syncSync S3 BucketPolicy state from AWS

Resources

state(infinite)— S3 BucketPolicy resource state
@swamp/aws/s3/multi-region-access-pointv2026.04.23.2multi_region_access_point.ts

Global Arguments

ArgumentTypeDescription
PublicAccessBlockConfiguration?objectThe PublicAccessBlock configuration that you want to apply to this Multi Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.
RegionsarrayThe list of buckets that you want to associate this Multi Region Access Point with.
Name?stringThe name you want to assign to this Multi Region Access Point.
createCreate a S3 MultiRegionAccessPoint
getGet a S3 MultiRegionAccessPoint
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 MultiRegionAccessPoint
deleteDelete a S3 MultiRegionAccessPoint
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 MultiRegionAccessPoint
syncSync S3 MultiRegionAccessPoint state from AWS

Resources

state(infinite)— S3 MultiRegionAccessPoint resource state
@swamp/aws/s3/multi-region-access-point-policyv2026.04.23.2multi_region_access_point_policy.ts

Global Arguments

ArgumentTypeDescription
MrapNamestringThe name of the Multi Region Access Point to apply policy
PolicystringPolicy document to apply to a Multi Region Access Point
createCreate a S3 MultiRegionAccessPointPolicy
getGet a S3 MultiRegionAccessPointPolicy
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 MultiRegionAccessPointPolicy
updateUpdate a S3 MultiRegionAccessPointPolicy
deleteDelete a S3 MultiRegionAccessPointPolicy
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 MultiRegionAccessPointPolicy
syncSync S3 MultiRegionAccessPointPolicy state from AWS

Resources

state(infinite)— S3 MultiRegionAccessPointPolicy resource state
@swamp/aws/s3/storage-lensv2026.04.23.2storage_lens.ts

Global Arguments

ArgumentTypeDescription
namestringInstance name for this resource (used as the unique identifier in the factory pattern)
StorageLensConfigurationobjectSpecifies the details of Amazon S3 Storage Lens configuration.
Tags?arrayA set of tags (key-value pairs) for this Amazon S3 Storage Lens configuration.
createCreate a S3 StorageLens
getGet a S3 StorageLens
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 StorageLens
updateUpdate a S3 StorageLens
deleteDelete a S3 StorageLens
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 StorageLens
syncSync S3 StorageLens state from AWS

Resources

state(infinite)— S3 StorageLens resource state
@swamp/aws/s3/storage-lens-groupv2026.04.23.2storage_lens_group.ts

Global Arguments

ArgumentTypeDescription
NamestringThe name that identifies the Amazon S3 Storage Lens Group.
FilterobjectSets the Storage Lens Group filter.
Tags?arrayA set of tags (key-value pairs) for this Amazon S3 Storage Lens Group.
createCreate a S3 StorageLensGroup
getGet a S3 StorageLensGroup
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 StorageLensGroup
updateUpdate a S3 StorageLensGroup
deleteDelete a S3 StorageLensGroup
ArgumentTypeDescription
identifierstringThe primary identifier of the S3 StorageLensGroup
syncSync S3 StorageLensGroup state from AWS

Resources

state(infinite)— S3 StorageLensGroup resource state