AWS CLI Command Reference

Note:

You are viewing the documentation for an older major version of the AWS CLI (version 1).

AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.

[ aws . fsx ]

create-and-attach-s3-access-point

Description

Creates an S3 access point and attaches it to an Amazon FSx volume. For FSx for OpenZFS file systems, the volume must be hosted on a high-availability file system, either Single-AZ or Multi-AZ. For more information, see Accessing your data using access points in the Amazon FSx for OpenZFS User Guide.

The requester requires the following permissions to perform these actions:

  • fsx:CreateAndAttachS3AccessPoint
  • s3:CreateAccessPoint
  • s3:GetAccessPoint
  • s3:PutAccessPointPolicy
  • s3:DeleteAccessPoint

The following actions are related to CreateAndAttachS3AccessPoint :

  • DescribeS3AccessPointAttachments
  • DetachAndDeleteS3AccessPoint

See also: AWS API Documentation

Synopsis

  create-and-attach-s3-access-point
[--client-request-token <value>]
--name <value>
--type <value>
[--open-zfs-configuration <value>]
[--s3-access-point <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]

Options

--client-request-token (string)

(Optional) An idempotency token for resource creation, in a string of up to 63 ASCII characters. This token is automatically filled on your behalf when you use the Command Line Interface (CLI) or an Amazon Web Services SDK.

--name (string)

The name you want to assign to this S3 access point.

--type (string)

The type of S3 access point you want to create. Only OpenZFS is supported.

Possible values:

  • OPENZFS

--open-zfs-configuration (structure)

Specifies the configuration to use when creating and attaching an S3 access point to an FSx for OpenZFS volume.

VolumeId -> (string)

The ID of the FSx for OpenZFS volume to which you want the S3 access point attached.

FileSystemIdentity -> (structure)

Specifies the file system user identity to use for authorizing file read and write requests that are made using this S3 access point.

Type -> (string)

Specifies the FSx for OpenZFS user identity type, accepts only POSIX .

PosixUser -> (structure)

Specifies the UID and GIDs of the file system POSIX user.

Uid -> (long)

The UID of the file system user.

Gid -> (long)

The GID of the file system user.

SecondaryGids -> (list)

The list of secondary GIDs for the file system user.

(long)

JSON Syntax:

{
  "VolumeId": "string",
  "FileSystemIdentity": {
    "Type": "POSIX",
    "PosixUser": {
      "Uid": long,
      "Gid": long,
      "SecondaryGids": [long, ...]
    }
  }
}

--s3-access-point (structure)

Specifies the virtual private cloud (VPC) configuration if you’re creating an access point that is restricted to a VPC. For more information, see Creating access points restricted to a virtual private cloud .

VpcConfiguration -> (structure)

If included, Amazon S3 restricts access to this S3 access point to requests made from the specified virtual private cloud (VPC).

VpcId -> (string)

Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists.

Policy -> (string)

Specifies an access policy to associate with the S3 access point configuration. For more information, see Configuring IAM policies for using access points in the Amazon Simple Storage Service User Guide.

Shorthand Syntax:

VpcConfiguration={VpcId=string},Policy=string

JSON Syntax:

{
  "VpcConfiguration": {
    "VpcId": "string"
  },
  "Policy": "string"
}

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

Global Options

--debug (boolean)

Turn on debug logging.

--endpoint-url (string)

Override command’s default URL with the given URL.

--no-verify-ssl (boolean)

By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.

--no-paginate (boolean)

Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.

--output (string)

The formatting style for command output.

  • json
  • text
  • table

--query (string)

A JMESPath query to use in filtering the response data.

--profile (string)

Use a specific profile from your credential file.

--region (string)

The region to use. Overrides config/env settings.

--version (string)

Display the version of this tool.

--color (string)

Turn on/off color output.

  • on
  • off
  • auto

--no-sign-request (boolean)

Do not sign requests. Credentials will not be loaded if this argument is provided.

--ca-bundle (string)

The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.

--cli-read-timeout (int)

The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.

--cli-connect-timeout (int)

The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.

Output

S3AccessPointAttachment -> (structure)

Describes the configuration of the S3 access point created.

Lifecycle -> (string)

The lifecycle status of the S3 access point attachment. The lifecycle can have the following values:

  • AVAILABLE - the S3 access point attachment is available for use
  • CREATING - Amazon FSx is creating the S3 access point and attachment
  • DELETING - Amazon FSx is deleting the S3 access point and attachment
  • FAILED - The S3 access point attachment is in a failed state. Delete and detach the S3 access point attachment, and create a new one.
  • UPDATING - Amazon FSx is updating the S3 access point attachment

LifecycleTransitionReason -> (structure)

Describes why a resource lifecycle state changed.

Message -> (string)

A detailed error message.

CreationTime -> (timestamp)

The time that the resource was created, in seconds (since 1970-01-01T00:00:00Z), also known as Unix time.

Name -> (string)

The name of the S3 access point attachment; also used for the name of the S3 access point.

Type -> (string)

The type of Amazon FSx volume that the S3 access point is attached to.

OpenZFSConfiguration -> (structure)

The OpenZFSConfiguration of the S3 access point attachment.

VolumeId -> (string)

The ID of the FSx for OpenZFS volume that the S3 access point is attached to.

FileSystemIdentity -> (structure)

The file system identity used to authorize file access requests made using the S3 access point.

Type -> (string)

Specifies the FSx for OpenZFS user identity type, accepts only POSIX .

PosixUser -> (structure)

Specifies the UID and GIDs of the file system POSIX user.

Uid -> (long)

The UID of the file system user.

Gid -> (long)

The GID of the file system user.

SecondaryGids -> (list)

The list of secondary GIDs for the file system user.

(long)

S3AccessPoint -> (structure)

The S3 access point configuration of the S3 access point attachment.

ResourceARN -> (string)

he S3 access point’s ARN.

Alias -> (string)

The S3 access point’s alias.

VpcConfiguration -> (structure)

The S3 access point’s virtual private cloud (VPC) configuration.

VpcId -> (string)

Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists.