AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::S3Vectors::VectorBucketPolicy

CfnVectorBucketPolicy

The `AWS::S3Vectors::VectorBucketPolicy` resource defines an Amazon S3 vector bucket policy to control access to an Amazon S3 vector bucket. Vector bucket policies are written in JSON and allow you to grant or deny permissions across all (or a subset of) objects within a vector bucket. You must specify either `VectorBucketName` or `VectorBucketArn` to identify the target bucket. To control how AWS CloudFormation handles the vector bucket policy when the stack is deleted, you can set a deletion policy for your policy. You can choose to *retain* the policy or to *delete* the policy. For more information, see [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) . - **Permissions** - The required permissions for CloudFormation to use are based on the operations that are performed on the stack. - Create - s3vectors:GetVectorBucketPolicy - s3vectors:PutVectorBucketPolicy - Read - s3vectors:GetVectorBucketPolicy - Update - s3vectors:GetVectorBucketPolicy - s3vectors:PutVectorBucketPolicy - Delete - s3vectors:GetVectorBucketPolicy - s3vectors:DeleteVectorBucketPolicy - List - s3vectors:GetVectorBucketPolicy - s3vectors:ListVectorBuckets

Import

import { CfnVectorBucketPolicy } from 'aws-cdk-lib/aws-s3vectors';

Or use the module namespace:

import * as s3vectors from 'aws-cdk-lib/aws-s3vectors';
// s3vectors.CfnVectorBucketPolicy

Properties

Configuration passed to the constructor as CfnVectorBucketPolicyProps.

policyRequired
any

A policy document containing permissions to add to the specified vector bucket. In IAM , you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM .

vectorBucketArnOptional
string

The Amazon Resource Name (ARN) of the S3 vector bucket to which the policy applies.

vectorBucketNameOptional
string

The name of the S3 vector bucket to which the policy applies.

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::S3Vectors::VectorBucketPolicyView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-s3vectors
CFN TypeAWS::S3Vectors::VectorBucketPolicy
Properties3

Related Constructs

Explore This Service

External Links