AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::S3Outposts::BucketPolicy

CfnBucketPolicy

This resource applies a bucket policy to an Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the AWS account that owns the S3 on Outposts bucket, the calling identity must have the `s3-outposts:PutBucketPolicy` permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this resource. If you don't have `s3-outposts:PutBucketPolicy` permissions, S3 on Outposts returns a `403 Access Denied` error. > The root user of the AWS account that owns an Outposts bucket can *always* use this resource, even if the policy explicitly denies the root user the ability to perform actions on this resource. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .

Import

import { CfnBucketPolicy } from 'aws-cdk-lib/aws-s3outposts';

Or use the module namespace:

import * as s3outposts from 'aws-cdk-lib/aws-s3outposts';
// s3outposts.CfnBucketPolicy

Properties

Configuration passed to the constructor as CfnBucketPolicyProps.

bucketRequired
string

The name of the Amazon S3 Outposts bucket to which the policy applies.

policyDocumentRequired
any

A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::S3Outposts::BucketPolicyView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-s3outposts
CFN TypeAWS::S3Outposts::BucketPolicy
Properties2

Related Constructs

Explore This Service

External Links