Managing access to shared datasets in general purpose buckets with access points (original) (raw)

Managing access to shared datasets in general purpose buckets with access points - Amazon Simple Storage Service

Amazon S3 access points for general purpose buckets simplify data access for any AWS service or customer application that stores data in S3. Access points are named network endpoints that are attached to general purpose buckets that you can use to perform S3 object operations, such as GetObject andPutObject. Each access point has distinct permissions and network controls that S3 applies for any request that is made through that access point. Each access point enforces a customized access point policy that works in conjunction with the bucket policy that is attached to the underlying bucket. You can configure any access point to accept requests only from a virtual private cloud (VPC) to restrict Amazon S3 data access to a private network. You can also configure custom block public access settings for each access point.

Note

• You can only use access points to perform operations on objects. You can't use access points to perform other Amazon S3 operations, such as modifying or deleting buckets. For a complete list of S3 operations that support access points, see Access point for general purpose buckets compatibility.
• Access points work with some, but not all, AWS services and features. For example, you can't configure Cross-Region Replication to operate through an access point. For a complete list of AWS services that are compatible with S3 access points, see Access point for general purpose buckets compatibility.

The topics in this section explain how to work with Amazon S3 access points for general purpose buckets. For information about working with general purpose buckets, see General purpose buckets overview. For information about working with objects, see Amazon S3 objects overview.

Topics

• Access points for general purpose buckets naming rules, restrictions, and limitations
• Referencing access points for general purpose buckets with ARNs, access point aliases, or virtual-hosted–style URIs
• Access point for general purpose buckets compatibility
• Configuring IAM policies for using access points for general purpose buckets
• Monitoring and logging access points for general purpose buckets
• Creating access points for general purpose buckets
• Managing your Amazon S3 access points for general purpose buckets
• Using Amazon S3 access points for general purpose buckets

AWS managed policies

Naming rules, restrictions, and limitations

Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of it.

Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.