Managing public access to access points
Amazon S3 access points support independent block public access settings for each access point. When you create an access point, you can specify block public access settings that apply to that access point. For any request made through an access point, Amazon S3 evaluates the block public access settings for that access point, the underlying bucket, and the bucket owner's account. If any of these settings indicate that the request should be blocked, Amazon S3 rejects the request.
For more information about the S3 Block Public Access feature, see Blocking public access to your Amazon S3 storage.
Important
-
All block public access settings are enabled by default for access points. You must explicitly disable any settings that you don't want to apply to an access point.
-
Amazon S3 currently doesn't support changing an access point's block public access settings after the access point has been created.
Example: Create an access point with Custom Block Public Access Settings
This example creates an access point named example-ap
for bucket
in account amzn-s3-demo-bucket
123456789012
with
non-default Block Public Access settings. The example then retrieves the new access point's
configuration to verify its Block Public Access settings.