awslabs
diff --git a/‎source/patterns/@aws-solutions-constructs/aws-fargate-s3/README.md
Lines changed: 1 addition & 13 deletions b/‎source/patterns/@aws-solutions-constructs/aws-fargate-s3/README.md
Lines changed: 1 addition & 13 deletions
diff --git a/‎source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts
Lines changed: 2 additions & 8 deletions b/‎source/patterns/@aws-solutions-constructs/aws-fargate-s3/lib/index.ts
Lines changed: 2 additions & 8 deletions
@@ -37,18 +37,6 @@ const props: FargateToS3Props = {
 new FargateToS3(stack, 'test-construct', props);
 ```
 
-## Initializer
-
-``` text
-new FargateToS3(scope: Construct, id: string, props: FargateToS3Props);
-```
-
-_Parameters_
-
-* scope [`Construct`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_core.Construct.html)
-* id `string`
-* props [`FargateToS3Props`](#pattern-construct-props)
-
 ## Pattern Construct Props
 
 | **Name**     | **Type**        | **Description** |
@@ -68,7 +56,7 @@ _Parameters_
 |bucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.BucketProps.html)|Optional user provided props to override the default props for the S3 Bucket.|
 |loggingBucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.BucketProps.html)|Optional user provided props to override the default props for the S3 Logging Bucket.|
 |logS3AccessLogs?| boolean|Whether to turn on Access Logging for the S3 bucket. Creates an S3 bucket with associated storage costs for the logs. Enabling Access Logging is a best practice. default - true|
-|bucketPermissions?|`string[]`|Optional bucket permissions to grant to the Lambda function. One or more of the following may be specified: `Delete`, `Put`, `Read`, `ReadWrite`, `Write`.|
+|bucketPermissions?|`string[]`|Optional bucket permissions to grant to the Fargate service. One or more of the following may be specified: `Delete`, `Read`, and `Write`. Default is `ReadWrite` which includes `[s3:GetObject*, s3:GetBucket*, s3:List*, s3:DeleteObject*, s3:PutObject*, s3:Abort*]`.|
 |bucketArnEnvironmentVariableName?|string|Optional Name for the S3 bucket arn environment variable set for the container.|
 |bucketEnvironmentVariableName?|string|Optional Name for the S3 bucket name environment variable set for the container.|
 
 
@@ -120,10 +120,10 @@ export interface FargateToS3Props {
    */
   readonly logS3AccessLogs?: boolean;
   /**
-   * Optional bucket permissions to grant to the Lambda function.
+   * Optional bucket permissions to grant to the Fargate service.
    * One or more of the following may be specified: "Delete", "Put", "Read", "ReadWrite", "Write".
    *
-   * @default - Read/write access is given to the Lambda function if no value is specified.
+   * @default - Read/write access is given to the Fargate service if no value is specified.
    */
   readonly bucketPermissions?: string[];
   /**
@@ -208,15 +208,9 @@ export class FargateToS3 extends Construct {
       if (props.bucketPermissions.includes('Delete')) {
         bucket.grantDelete(this.service.taskDefinition.taskRole);
       }
-      if (props.bucketPermissions.includes('Put')) {
-        bucket.grantPut(this.service.taskDefinition.taskRole);
-      }
       if (props.bucketPermissions.includes('Read')) {
         bucket.grantRead(this.service.taskDefinition.taskRole);
       }
-      if (props.bucketPermissions.includes('ReadWrite')) {
-        bucket.grantReadWrite(this.service.taskDefinition.taskRole);
-      }
       if (props.bucketPermissions.includes('Write')) {
         bucket.grantWrite(this.service.taskDefinition.taskRole);
       }