Account
Manages S3 account-level Public Access Block configuration. For more information about these settings, see the AWS S3 Block Public Access documentation.
NOTE: Each AWS account may only have one S3 Public Access Block configuration. Multiple configurations of the resource against the same AWS account will cause a perpetual difference. Advanced usage: To use a custom API endpoint for this resource, use the
s3controlendpoint provider configuration, not thes3endpoint provider configuration.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.s3.AccountPublicAccessBlock("example", {
blockPublicAcls: true,
blockPublicPolicy: true,
});import pulumi
import pulumi_aws as aws
example = aws.s3.AccountPublicAccessBlock("example",
block_public_acls=True,
block_public_policy=True)using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.S3.AccountPublicAccessBlock("example", new()
{
BlockPublicAcls = true,
BlockPublicPolicy = true,
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := s3.NewAccountPublicAccessBlock(ctx, "example", &s3.AccountPublicAccessBlockArgs{
BlockPublicAcls: pulumi.Bool(true),
BlockPublicPolicy: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.AccountPublicAccessBlock;
import com.pulumi.aws.s3.AccountPublicAccessBlockArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AccountPublicAccessBlock("example", AccountPublicAccessBlockArgs.builder()
.blockPublicAcls(true)
.blockPublicPolicy(true)
.build());
}
}resources:
example:
type: aws:s3:AccountPublicAccessBlock
properties:
blockPublicAcls: true
blockPublicPolicy: trueImport
Using pulumi import, import aws_s3_account_public_access_block using the AWS account ID. For example:
$ pulumi import aws:s3/accountPublicAccessBlock:AccountPublicAccessBlock example 123456789012Constructors
Properties
Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to false. Enabling this setting does not affect existing policies or ACLs. When set to true causes the following behavior:
Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to false. Enabling this setting does not affect existing bucket policies. When set to true causes Amazon S3 to:
Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to false. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to true causes Amazon S3 to:
Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to false. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to true: