pulumi-aws-kotlin/com.pulumi.aws.s3control.kotlin/AccessPointPolicyArgs

AccessPointPolicyArgs

data class AccessPointPolicyArgs(val accessPointArn: Output<String>? = null, val policy: Output<String>? = null) : ConvertibleToJava<AccessPointPolicyArgs>

Provides a resource to manage an S3 Access Point resource policy.

NOTE on Access Points and Access Point Policies: The provider provides both a standalone Access Point Policy resource and an Access Point resource with a resource policy defined in-line. You cannot use an Access Point with in-line resource policy in conjunction with an Access Point Policy resource. Doing so will cause a conflict of policies and will overwrite the access point's resource policy.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.AccessPoint;
import com.pulumi.aws.s3.AccessPointArgs;
import com.pulumi.aws.s3.inputs.AccessPointPublicAccessBlockConfigurationArgs;
import com.pulumi.aws.s3control.AccessPointPolicy;
import com.pulumi.aws.s3control.AccessPointPolicyArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleBucketV2 = new BucketV2("exampleBucketV2");
        var exampleAccessPoint = new AccessPoint("exampleAccessPoint", AccessPointArgs.builder()
            .bucket(exampleBucketV2.id())
            .publicAccessBlockConfiguration(AccessPointPublicAccessBlockConfigurationArgs.builder()
                .blockPublicAcls(true)
                .blockPublicPolicy(false)
                .ignorePublicAcls(true)
                .restrictPublicBuckets(false)
                .build())
            .build());
        var exampleAccessPointPolicy = new AccessPointPolicy("exampleAccessPointPolicy", AccessPointPolicyArgs.builder()
            .accessPointArn(exampleAccessPoint.arn())
            .policy(exampleAccessPoint.arn().applyValue(arn -> serializeJson(
                jsonObject(
                    jsonProperty("Version", "2008-10-17"),
                    jsonProperty("Statement", jsonArray(jsonObject(
                        jsonProperty("Effect", "Allow"),
                        jsonProperty("Action", "s3:GetObjectTagging"),
                        jsonProperty("Principal", jsonObject(
                            jsonProperty("AWS", "*")
                        )),
                        jsonProperty("Resource", String.format("%s/object/*", arn))
                    )))
                ))))
            .build());
    }
}
Content copied to clipboard

Import

Access Point policies can be imported using the access_point_arn, e.g.

$ pulumi import aws:s3control/accessPointPolicy:AccessPointPolicy example arn:aws:s3:us-west-2:123456789012:accesspoint/example
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(accessPointArn: Output<String>? = null, policy: Output<String>? = null)

Properties

Link copied to clipboard
val accessPointArn: Output<String>? = null

The ARN of the access point that you want to associate with the specified policy.

Link copied to clipboard
val policy: Output<String>? = null

The policy that you want to apply to the specified access point. */

Functions

Link copied to clipboard
open override fun toJava(): AccessPointPolicyArgs