AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::S3Express::AccessPoint

CfnAccessPoint

Access points simplify managing data access at scale for shared datasets in Amazon S3 . Access points are unique hostnames you create to enforce distinct permissions and network controls for all requests made through an access point. You can create hundreds of access points per bucket, each with a distinct name and permissions customized for each application. Each access point works in conjunction with the bucket policy that is attached to the underlying bucket. For more information, see [Managing access to shared datasets in directory buckets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html) .

Import

import { CfnAccessPoint } from 'aws-cdk-lib/aws-s3express';

Or use the module namespace:

import * as s3express from 'aws-cdk-lib/aws-s3express';
// s3express.CfnAccessPoint

Properties

Configuration passed to the constructor as CfnAccessPointProps.

bucketRequired
string

The name of the bucket that you want to associate the access point with.

bucketAccountIdOptional
string

The AWS account ID that owns the bucket associated with this access point.

nameOptional
string

An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix `--xa-s3` . For example, accesspointname--zoneID--xa-s3.

policyOptional
any

The access point policy associated with the specified access point.

publicAccessBlockConfigurationOptional
IResolvable | PublicAccessBlockConfigurationProperty

Public access is blocked by default to access points for directory buckets.

scopeOptional
IResolvable | ScopeProperty

You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both. For more information, see [Manage the scope of your access points for directory buckets.](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html)

tagsOptional
CfnTag[]

An array of tags that you can apply to access points. Tags are key-value pairs of metadata used to categorize your access points and control access. For more information, see [Using tags for attribute-based access control (ABAC)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging.html#using-tags-for-abac) .

vpcConfigurationOptional
IResolvable | VpcConfigurationProperty

If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::S3Express::AccessPointView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-s3express
CFN TypeAWS::S3Express::AccessPoint
Properties8

Related Constructs

Explore This Service

External Links