pulumi-aws-kotlin/com.pulumi.aws.s3.kotlin/AccessPoint

AccessPoint

class AccessPoint : KotlinCustomResource

Provides a resource to manage an S3 Access Point.

NOTE on Access Points and Access Point Policies: This provider provides both a standalone Access Point Policy resource and an Access Point resource with a resource policy defined in-line. You cannot use an Access Point with in-line resource policy in conjunction with an Access Point Policy resource. Doing so will cause a conflict of policies and will overwrite the access point's resource policy. Advanced usage: To use a custom API endpoint for this resource, use the s3control endpoint provider configuration), not the s3 endpoint provider configuration.

Example Usage

AWS Partition Bucket

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.AccessPoint;
import com.pulumi.aws.s3.AccessPointArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleBucketV2 = new BucketV2("exampleBucketV2");
        var exampleAccessPoint = new AccessPoint("exampleAccessPoint", AccessPointArgs.builder()
            .bucket(exampleBucketV2.id())
            .build());
    }
}

S3 on Outposts Bucket

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3control.Bucket;
import com.pulumi.aws.s3control.BucketArgs;
import com.pulumi.aws.ec2.Vpc;
import com.pulumi.aws.ec2.VpcArgs;
import com.pulumi.aws.s3.AccessPoint;
import com.pulumi.aws.s3.AccessPointArgs;
import com.pulumi.aws.s3.inputs.AccessPointVpcConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleBucket = new Bucket("exampleBucket", BucketArgs.builder()
            .bucket("example")
            .build());
        var exampleVpc = new Vpc("exampleVpc", VpcArgs.builder()
            .cidrBlock("10.0.0.0/16")
            .build());
        var exampleAccessPoint = new AccessPoint("exampleAccessPoint", AccessPointArgs.builder()
            .bucket(exampleBucket.arn())
            .vpcConfiguration(AccessPointVpcConfigurationArgs.builder()
                .vpcId(exampleVpc.id())
                .build())
            .build());
    }
}

Import

For Access Points associated with an AWS Partition S3 Bucket, this resource can be imported using the account_id and name separated by a colon (:), e.g.,

$ pulumi import aws:s3/accessPoint:AccessPoint example 123456789012:example

For Access Points associated with an S3 on Outposts Bucket, this resource can be imported using the ARN, e.g.,

$ pulumi import aws:s3/accessPoint:AccessPoint example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-1234567890123456/accesspoint/example

Properties

accountId

val accountId: Output<String>

AWS account ID for the owner of the bucket for which you want to create an access point. Defaults to automatically determined account ID of the AWS provider.

alias

val alias: Output<String>

Alias of the S3 Access Point.

arn

val arn: Output<String>

ARN of the S3 Access Point.

bucket

val bucket: Output<String>

Name of an AWS Partition S3 Bucket or the ARN of S3 on Outposts Bucket that you want to associate this access point with.

bucketAccountId

val bucketAccountId: Output<String>

AWS account ID associated with the S3 bucket associated with this access point.

domainName

val domainName: Output<String>

DNS domain name of the S3 Access Point in the format name-account_id.s3-accesspoint.region.amazonaws.com. Note: S3 access points only support secure access by HTTPS. HTTP isn't supported.

endpoints

val endpoints: Output<Map<String, String>>

VPC endpoints for the S3 Access Point.

hasPublicAccessPolicy

val hasPublicAccessPolicy: Output<Boolean>

Indicates whether this access point currently has a policy that allows public access.

val id: Output<String>

name

val name: Output<String>

Name you want to assign to this access point. The following arguments are optional:

networkOrigin

val networkOrigin: Output<String>

Indicates whether this access point allows access from the public Internet. Values are VPC (the access point doesn't allow access from the public Internet) and Internet (the access point allows access from the public Internet, subject to the access point and bucket access policies).

policy

val policy: Output<String>

Valid JSON document that specifies the policy that you want to apply to this access point. Removing policy from your configuration or setting policy to null or an empty string (i.e., policy = "") will not delete the policy since it could have been set by aws.s3control.AccessPointPolicy. To remove the policy, set it to "{}" (an empty JSON document).

publicAccessBlockConfiguration

val publicAccessBlockConfiguration: Output<AccessPointPublicAccessBlockConfiguration>?

Configuration block to manage the PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Detailed below.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

urn

val urn: Output<String>

vpcConfiguration

val vpcConfiguration: Output<AccessPointVpcConfiguration>?

Configuration block to restrict access to this access point to requests from the specified Virtual Private Cloud (VPC). Required for S3 on Outposts. Detailed below.