Amazon Macie · Schema
S3Bucket
Provides information about the S3 bucket that a finding applies to.
Data SecuritySensitive DataPrivacyComplianceMachine LearningS3
Properties
| Name | Type | Description |
|---|---|---|
| allowsUnencryptedObjectUploads | object | |
| arn | object | |
| createdAt | object | |
| defaultServerSideEncryption | object | |
| name | object | |
| owner | object | |
| publicAccess | object | |
| tags | object |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-macie/refs/heads/main/json-schema/amazon-macie-s3-bucket-schema.json",
"title": "S3Bucket",
"description": "Provides information about the S3 bucket that a finding applies to.",
"type": "object",
"properties": {
"allowsUnencryptedObjectUploads": {
"allOf": [
{
"$ref": "#/components/schemas/AllowsUnencryptedObjectUploads"
},
{
"description": "<p>Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are added to the bucket. Possible values are:</p> <ul><li><p>FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include a valid server-side encryption header.</p></li> <li><p>TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include a valid server-side encryption header.</p></li> <li><p>UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of new objects.</p></li></ul> <p>Valid server-side encryption headers are: x-amz-server-side-encryption with a value of AES256 or aws:kms, and x-amz-server-side-encryption-customer-algorithm with a value of AES256.</p>"
}
]
},
"arn": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"description": "The Amazon Resource Name (ARN) of the bucket."
}
]
},
"createdAt": {
"allOf": [
{
"$ref": "#/components/schemas/__timestampIso8601"
},
{
"description": "The date and time, in UTC and extended ISO 8601 format, when the bucket was created. This value can also indicate when changes such as edits to the bucket's policy were most recently made to the bucket, relative to when the finding was created or last updated."
}
]
},
"defaultServerSideEncryption": {
"allOf": [
{
"$ref": "#/components/schemas/ServerSideEncryption"
},
{
"description": "The default server-side encryption settings for the bucket."
}
]
},
"name": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"description": "The name of the bucket."
}
]
},
"owner": {
"allOf": [
{
"$ref": "#/components/schemas/S3BucketOwner"
},
{
"description": "The display name and canonical user ID for the Amazon Web Services account that owns the bucket."
}
]
},
"publicAccess": {
"allOf": [
{
"$ref": "#/components/schemas/BucketPublicAccess"
},
{
"description": "The permissions settings that determine whether the bucket is publicly accessible."
}
]
},
"tags": {
"allOf": [
{
"$ref": "#/components/schemas/KeyValuePairList"
},
{
"description": "The tags that are associated with the bucket."
}
]
}
}
}