AWS Native

Pulumi Official
Package maintained by Pulumi
v0.17.0 published on Monday, May 23, 2022 by Pulumi

AccessPoint

The AWS::S3::AccessPoint resource is an Amazon S3 resource type that you can use to access buckets.

Create a AccessPoint Resource

new AccessPoint(name: string, args: AccessPointArgs, opts?: CustomResourceOptions);
@overload
def AccessPoint(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                bucket: Optional[str] = None,
                name: Optional[str] = None,
                policy: Optional[Any] = None,
                policy_status: Optional[PolicyStatusPropertiesArgs] = None,
                public_access_block_configuration: Optional[AccessPointPublicAccessBlockConfigurationArgs] = None,
                vpc_configuration: Optional[AccessPointVpcConfigurationArgs] = None)
@overload
def AccessPoint(resource_name: str,
                args: AccessPointArgs,
                opts: Optional[ResourceOptions] = None)
func NewAccessPoint(ctx *Context, name string, args AccessPointArgs, opts ...ResourceOption) (*AccessPoint, error)
public AccessPoint(string name, AccessPointArgs args, CustomResourceOptions? opts = null)
public AccessPoint(String name, AccessPointArgs args)
public AccessPoint(String name, AccessPointArgs args, CustomResourceOptions options)
type: aws-native:s3:AccessPoint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AccessPointArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AccessPointArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AccessPointArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AccessPointArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AccessPointArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AccessPoint Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AccessPoint resource accepts the following input properties:

Bucket string

The name of the bucket that you want to associate this Access Point with.

Name string

The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.

Policy object

The Access Point Policy you want to apply to this access point.

PolicyStatus Pulumi.AwsNative.S3.Inputs.PolicyStatusPropertiesArgs
PublicAccessBlockConfiguration Pulumi.AwsNative.S3.Inputs.AccessPointPublicAccessBlockConfigurationArgs

The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.

VpcConfiguration Pulumi.AwsNative.S3.Inputs.AccessPointVpcConfigurationArgs

If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).

Bucket string

The name of the bucket that you want to associate this Access Point with.

Name string

The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.

Policy interface{}

The Access Point Policy you want to apply to this access point.

PolicyStatus PolicyStatusPropertiesArgs
PublicAccessBlockConfiguration AccessPointPublicAccessBlockConfigurationArgs

The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.

VpcConfiguration AccessPointVpcConfigurationArgs

If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).

bucket String

The name of the bucket that you want to associate this Access Point with.

name String

The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.

policy Object

The Access Point Policy you want to apply to this access point.

policyStatus PolicyStatusPropertiesArgs
publicAccessBlockConfiguration AccessPointPublicAccessBlockConfigurationArgs

The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.

vpcConfiguration AccessPointVpcConfigurationArgs

If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).

bucket string

The name of the bucket that you want to associate this Access Point with.

name string

The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.

policy any

The Access Point Policy you want to apply to this access point.

policyStatus PolicyStatusPropertiesArgs
publicAccessBlockConfiguration AccessPointPublicAccessBlockConfigurationArgs

The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.

vpcConfiguration AccessPointVpcConfigurationArgs

If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).

bucket str

The name of the bucket that you want to associate this Access Point with.

name str

The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.

policy Any

The Access Point Policy you want to apply to this access point.

policy_status PolicyStatusPropertiesArgs
public_access_block_configuration AccessPointPublicAccessBlockConfigurationArgs

The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.

vpc_configuration AccessPointVpcConfigurationArgs

If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).

bucket String

The name of the bucket that you want to associate this Access Point with.

name String

The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.

policy Any

The Access Point Policy you want to apply to this access point.

policyStatus Property Map
publicAccessBlockConfiguration Property Map

The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.

vpcConfiguration Property Map

If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).

Outputs

All input properties are implicitly available as output properties. Additionally, the AccessPoint resource produces the following output properties:

Alias string

The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications.

Arn string

The Amazon Resource Name (ARN) of the specified accesspoint.

Id string

The provider-assigned unique ID for this managed resource.

NetworkOrigin Pulumi.AwsNative.S3.AccessPointNetworkOrigin

Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies.

Alias string

The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications.

Arn string

The Amazon Resource Name (ARN) of the specified accesspoint.

Id string

The provider-assigned unique ID for this managed resource.

NetworkOrigin AccessPointNetworkOrigin

Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies.

alias String

The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications.

arn String

The Amazon Resource Name (ARN) of the specified accesspoint.

id String

The provider-assigned unique ID for this managed resource.

networkOrigin AccessPointNetworkOrigin

Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies.

alias string

The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications.

arn string

The Amazon Resource Name (ARN) of the specified accesspoint.

id string

The provider-assigned unique ID for this managed resource.

networkOrigin AccessPointNetworkOrigin

Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies.

alias str

The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications.

arn str

The Amazon Resource Name (ARN) of the specified accesspoint.

id str

The provider-assigned unique ID for this managed resource.

network_origin AccessPointNetworkOrigin

Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies.

alias String

The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications.

arn String

The Amazon Resource Name (ARN) of the specified accesspoint.

id String

The provider-assigned unique ID for this managed resource.

networkOrigin "Internet" | "VPC"

Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies.

Supporting Types

AccessPointNetworkOrigin

Internet
Internet
Vpc
VPC
AccessPointNetworkOriginInternet
Internet
AccessPointNetworkOriginVpc
VPC
Internet
Internet
Vpc
VPC
Internet
Internet
Vpc
VPC
INTERNET
Internet
VPC
VPC
"Internet"
Internet
"VPC"
VPC

AccessPointPublicAccessBlockConfiguration

BlockPublicAcls bool

Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

  • PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
  • PUT Object calls fail if the request includes a public ACL. . - PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs.
BlockPublicPolicy bool

Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.

IgnorePublicAcls bool

Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

RestrictPublicBuckets bool

Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

BlockPublicAcls bool

Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

  • PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
  • PUT Object calls fail if the request includes a public ACL. . - PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs.
BlockPublicPolicy bool

Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.

IgnorePublicAcls bool

Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

RestrictPublicBuckets bool

Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

blockPublicAcls Boolean

Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

  • PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
  • PUT Object calls fail if the request includes a public ACL. . - PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs.
blockPublicPolicy Boolean

Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.

ignorePublicAcls Boolean

Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

restrictPublicBuckets Boolean

Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

blockPublicAcls boolean

Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

  • PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
  • PUT Object calls fail if the request includes a public ACL. . - PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs.
blockPublicPolicy boolean

Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.

ignorePublicAcls boolean

Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

restrictPublicBuckets boolean

Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

block_public_acls bool

Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

  • PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
  • PUT Object calls fail if the request includes a public ACL. . - PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs.
block_public_policy bool

Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.

ignore_public_acls bool

Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

restrict_public_buckets bool

Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

blockPublicAcls Boolean

Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

  • PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
  • PUT Object calls fail if the request includes a public ACL. . - PUT Bucket calls fail if the request includes a public ACL. Enabling this setting doesn't affect existing policies or ACLs.
blockPublicPolicy Boolean

Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.

ignorePublicAcls Boolean

Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

restrictPublicBuckets Boolean

Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

AccessPointVpcConfiguration

VpcId string

If this field is specified, this access point will only allow connections from the specified VPC ID.

VpcId string

If this field is specified, this access point will only allow connections from the specified VPC ID.

vpcId String

If this field is specified, this access point will only allow connections from the specified VPC ID.

vpcId string

If this field is specified, this access point will only allow connections from the specified VPC ID.

vpc_id str

If this field is specified, this access point will only allow connections from the specified VPC ID.

vpcId String

If this field is specified, this access point will only allow connections from the specified VPC ID.

MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublic

True
true
False
false
MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublicTrue
true
MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublicFalse
false
True
true
False
false
True
true
False
false
TRUE
true
FALSE
false
"true"
true
"false"
false

PolicyStatusProperties

IsPublic MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublic

Specifies whether the policy is public or not.

isPublic MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublic

Specifies whether the policy is public or not.

isPublic MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublic

Specifies whether the policy is public or not.

is_public MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublic

Specifies whether the policy is public or not.

isPublic "true" | "false"

Specifies whether the policy is public or not.

Package Details

Repository
https://github.com/pulumi/pulumi-aws-native
License
Apache-2.0