Serverless Stack

Hello, is there any way to attach a statement to the s3 bucket policy that created by the `StaticSite`? I wish to add a statement allowing a CloudFront Origin Access Identity to perform the s3:GetObject
  `{`
            `"Effect": "Allow",`
            `"Principal": {`
                `"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ABC123"`
            `},`
            `"Action": "s3:GetObject",`
            `"Resource": "arn:aws:s3:::NEW_STATIC_SITE_S3_BUCKET_NAME/*"`
        `}`

Solved:
`const app = new sst.StaticSite(this, AppStack.STACK_NAME, this.buildStaticSiteFunction());`

    `const cfResourcePolicy = app.s3Bucket.addToResourcePolicy(new iam.PolicyStatement({`
      `actions: ['s3:GetObject'],`
      `resources:  [`${app.s3Bucket.bucketArn}/*`],`
      `principals: [new iam.ArnPrincipal("arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ABC123")],`
    `}));`

We try to follow this pattern that most of the internal CDK constructs within an SST construct (ie. `s3Bucket` ) are exposed as properties.