Amazon IAM Access Analyzer · Schema

S3AccessPointConfiguration

The configuration for an Amazon S3 access point or multi-region access point for the bucket. You can propose up to 10 access points or multi-region access points per bucket. If the proposed Amazon S3 access point configuration is for an existing bucket, the access preview uses the proposed access point configuration in place of the existing access points. To propose an access point without a policy, you can provide an empty string as the access point policy. For more information, see Creating access points. For more information about access point policy limits, see Access points restrictions and limitations.

Access ControlComplianceIAMPolicy ManagementSecurity

Properties

Name Type Description
accessPointPolicy object
publicAccessBlock object
networkOrigin object
View JSON Schema on GitHub

JSON Schema

iam-access-analyzer-s3-access-point-configuration-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-iam-access-analyzer/refs/heads/main/json-schema/iam-access-analyzer-s3-access-point-configuration-schema.json",
  "title": "S3AccessPointConfiguration",
  "description": "The configuration for an Amazon S3 access point or multi-region access point for the bucket. You can propose up to 10 access points or multi-region access points per bucket. If the proposed Amazon S3 access point configuration is for an existing bucket, the access preview uses the proposed access point configuration in place of the existing access points. To propose an access point without a policy, you can provide an empty string as the access point policy. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html\">Creating access points</a>. For more information about access point policy limits, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points-restrictions-limitations.html\">Access points restrictions and limitations</a>.",
  "type": "object",
  "properties": {
    "accessPointPolicy": {
      "allOf": [
        {
          "$ref": "#/components/schemas/AccessPointPolicy"
        },
        {
          "description": "The access point or multi-region access point policy."
        }
      ]
    },
    "publicAccessBlock": {
      "allOf": [
        {
          "$ref": "#/components/schemas/S3PublicAccessBlockConfiguration"
        },
        {
          "description": "The proposed <code>S3PublicAccessBlock</code> configuration to apply to this Amazon S3 access point or multi-region access point."
        }
      ]
    },
    "networkOrigin": {
      "allOf": [
        {
          "$ref": "#/components/schemas/NetworkOriginConfiguration"
        },
        {
          "description": "The proposed <code>Internet</code> and <code>VpcConfiguration</code> to apply to this Amazon S3 access point. <code>VpcConfiguration</code> does not apply to multi-region access points. If the access preview is for a new resource and neither is specified, the access preview uses <code>Internet</code> for the network origin. If the access preview is for an existing resource and neither is specified, the access preview uses the exiting network origin."
        }
      ]
    }
  }
}