This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::S3Outposts::AccessPoint
The AWS::S3Outposts::AccessPoint resource specifies an access point and associates it with the specified Amazon S3 on Outposts bucket. For more information, see Managing data access with Amazon S3 access points.
Note
S3 on Outposts supports only VPC-style access points.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::S3Outposts::AccessPoint", "Properties" : { "Bucket" :String, "Name" :String, "Policy" :Json, "VpcConfiguration" :VpcConfiguration} }
YAML
Type: AWS::S3Outposts::AccessPoint Properties: Bucket:StringName:StringPolicy:JsonVpcConfiguration:VpcConfiguration
Properties
- Bucket
- 
                    The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point. Required: Yes Type: String Pattern: ^arn:[^:]+:s3-outposts:[a-zA-Z0-9\-]+:\d{12}:outpost\/[^:]+\/bucket\/[^:]+$Minimum: 20Maximum: 2048Update requires: Replacement 
- Name
- 
                    The name of this access point. Required: Yes Type: String Pattern: ^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$Minimum: 3Maximum: 50Update requires: Replacement 
- Policy
- 
                    The access point policy associated with this access point. Required: No Type: Json Update requires: No interruption 
- VpcConfiguration
- 
                    The virtual private cloud (VPC) configuration for this access point, if one exists. Required: Yes Type: VpcConfiguration Update requires: Replacement 
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the access point ARN.
For more information about using the Ref function, see Ref.
Fn::GetAtt
- Arn
- 
                            This resource contains the details of the S3 on Outposts bucket access point ARN. This resource is read-only. 
Examples
Creating an access point with an access point policy for your Amazon S3 on Outposts using CloudFormation
The following example shows how you can create an S3 on Outposts bucket and S3 on Outposts access point in the same CFN stack.
Note
To create an access point, you must already have an S3 on Outposts bucket ARN. This means that you must create your Outposts bucket before or at the same time as you create the access point.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "Bucket, no tags, no lifecycle configuration with access point", "Resources": { "ExampleS3OutpostsBucket": { "Type": "AWS::S3Outposts::Bucket", "Properties": { "BucketName": "DOC-EXAMPLE-BUCKET", "OutpostId": "op-01ac5d28a6a232904" } }, "ExampleS3OutpostsAccessPoint": { "Type": "AWS::S3Outposts::AccessPoint", "Properties": { "Bucket": { "Ref": "ExampleS3OutpostsBucket" }, "Name": "ExampleAccessPoint", "VpcConfiguration": { "VpcID": "vpc-12345" }, "Policy": { "Version":"2012-10-17", "ID":"AccessPointPolicy", "Statement":[{ "Sid":"st1", "Effect":"Allow", "Principal":{"AWS":"arn:aws:iam::123456789012:root"}, "Action":"s3-outposts:*", "Resource": "arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-01ac5d28a6a232904/accesspoint/ExampleAccessPoint" }] } } } }, "Outputs": { "ExampleS3OutpostsBucketARN": { "Description": "The ARN of ExampleS3OutpostsBucket", "Value": { "Ref": "ExampleS3OutpostsBucket" } }, "ExampleS3OutpostsAccessPointARN": { "Description": "The ARN of ExampleS3OutpostsAccessPoint", "Value": {"Ref": "ExampleS3OutpostsAccessPoint" } }, "ExampleS3OutpostsStackID": { "Description": "The stack ID", "Value": { "Ref": "AWS::StackID" }, "Export": { "Name": {"Fn::Sub": "${AWS::StackName}-StackID"}} } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Description: Bucket, no tags, no lifecycle configuration with access point Resources: ExampleS3OutpostsBucket: Type: AWS::S3Outposts::Bucket Properties: BucketName: DOC-EXAMPLE-BUCKET OutpostId: op-01ac5d28a6a232904 ExampleS3OutpostsAccessPoint: Type: AWS::S3Outposts::AccessPoint Properties: Bucket: Ref: ExampleS3OutpostsBucket Name: ExampleAccessPoint VpcConfiguration: VpcID: vpc-12345 Policy: Version: '2012-10-17 ' ID: AccessPointPolicy Statement: - Sid: st1 Effect: Allow Principal: AWS: arn:aws:iam::123456789012:root Action: s3-outposts:* Resource: arn:aws:s3-outposts:us-east-1:1234567890:outpost/op-01ac5d28a6a232904/accesspoint/ExampleAccessPoint Outputs: ExampleS3OutpostsBucketARN: Description: The ARN of ExampleS3OutpostsBucket Value: Ref: ExampleS3OutpostsBucket ExampleS3OutpostsAccessPointARN: Description: The ARN of ExampleS3OutpostsAccessPoint Value: Ref: ExampleS3OutpostsAccessPoint ExampleS3OutpostsStackID: Description: The stack ID Value: Ref: AWS::StackID Export: Name: Fn::Sub: "${AWS::StackName}-StackID"