Package software.amazon.awscdk.services.s3express

Class CfnAccessPoint

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.s3express.CfnAccessPoint
All Implemented Interfaces:
IInspectable, ITaggableV2, IAccessPointRef, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.116.0 (build 0eddcff)", date="2025-10-29T11:15:47.835Z") @Stability(Stable) public class CfnAccessPoint extends CfnResource implements IInspectable, IAccessPointRef, ITaggableV2
Access points simplify managing data access at scale for shared datasets in Amazon S3 .

Access points are unique hostnames you create to enforce distinct permissions and network controls for all requests made through an access point. You can create hundreds of access points per bucket, each with a distinct name and permissions customized for each application. Each access point works in conjunction with the bucket policy that is attached to the underlying bucket. For more information, see Managing access to shared datasets in directory buckets with access points .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.s3express.*;
 Object policy;
 CfnAccessPoint cfnAccessPoint = CfnAccessPoint.Builder.create(this, "MyCfnAccessPoint")
         .bucket("bucket")
         // the properties below are optional
         .bucketAccountId("bucketAccountId")
         .name("name")
         .policy(policy)
         .publicAccessBlockConfiguration(PublicAccessBlockConfigurationProperty.builder()
                 .blockPublicAcls(false)
                 .blockPublicPolicy(false)
                 .ignorePublicAcls(false)
                 .restrictPublicBuckets(false)
                 .build())
         .scope(ScopeProperty.builder()
                 .permissions(List.of("permissions"))
                 .prefixes(List.of("prefixes"))
                 .build())
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .vpcConfiguration(VpcConfigurationProperty.builder()
                 .vpcId("vpcId")
                 .build())
         .build();

See Also:

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnAccessPoint

      protected CfnAccessPoint(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnAccessPoint

      protected CfnAccessPoint(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnAccessPoint

      @Stability(Stable) public CfnAccessPoint(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnAccessPointProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.

  • Method Details

    • fromAccessPointArn

      @Stability(Stable) @NotNull public static IAccessPointRef fromAccessPointArn(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String arn)
      Creates a new IAccessPointRef from an ARN.

      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      arn - This parameter is required.

    • fromAccessPointName

      @Stability(Stable) @NotNull public static IAccessPointRef fromAccessPointName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String accessPointName)
      Creates a new IAccessPointRef from a accessPointName.

      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      accessPointName - This parameter is required.

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAccessPointRef

      @Stability(Stable) @NotNull public AccessPointReference getAccessPointRef()
      A reference to a AccessPoint resource.
      Specified by:
      getAccessPointRef in interface IAccessPointRef

    • getAttrArn

      @Stability(Stable) @NotNull public String getAttrArn()
      The ARN of the access point.

    • getAttrNetworkOrigin

      @Stability(Stable) @NotNull public String getAttrNetworkOrigin()
      The network configuration of the access point.

    • getCdkTagManager

      @Stability(Stable) @NotNull public TagManager getCdkTagManager()
      Tag Manager which manages the tags for this resource.
      Specified by:
      getCdkTagManager in interface ITaggableV2

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getBucket

      @Stability(Stable) @NotNull public String getBucket()
      The name of the bucket that you want to associate the access point with.

    • setBucket

      @Stability(Stable) public void setBucket(@NotNull String value)
      The name of the bucket that you want to associate the access point with.

    • getBucketAccountId

      @Stability(Stable) @Nullable public String getBucketAccountId()
      The AWS account ID that owns the bucket associated with this access point.

    • setBucketAccountId

      @Stability(Stable) public void setBucketAccountId(@Nullable String value)
      The AWS account ID that owns the bucket associated with this access point.

    • getName

      @Stability(Stable) @Nullable public String getName()
      An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix --xa-s3 .

    • setName

      @Stability(Stable) public void setName(@Nullable String value)
      An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix --xa-s3 .

    • getPolicy

      @Stability(Stable) @Nullable public Object getPolicy()
      The access point policy associated with the specified access point.

    • setPolicy

      @Stability(Stable) public void setPolicy(@Nullable Object value)
      The access point policy associated with the specified access point.

    • getPublicAccessBlockConfiguration

      @Stability(Stable) @Nullable public Object getPublicAccessBlockConfiguration()
      Public access is blocked by default to access points for directory buckets.

      Returns union: either IResolvable or CfnAccessPoint.PublicAccessBlockConfigurationProperty

    • setPublicAccessBlockConfiguration

      @Stability(Stable) public void setPublicAccessBlockConfiguration(@Nullable IResolvable value)
      Public access is blocked by default to access points for directory buckets.

    • setPublicAccessBlockConfiguration

      @Stability(Stable) public void setPublicAccessBlockConfiguration(@Nullable CfnAccessPoint.PublicAccessBlockConfigurationProperty value)
      Public access is blocked by default to access points for directory buckets.

    • getScope

      @Stability(Stable) @Nullable public Object getScope()
      You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.

      Returns union: either IResolvable or CfnAccessPoint.ScopeProperty

    • setScope

      @Stability(Stable) public void setScope(@Nullable IResolvable value)
      You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.

    • setScope

      @Stability(Stable) public void setScope(@Nullable CfnAccessPoint.ScopeProperty value)
      You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.

    • getTags

      @Stability(Stable) @Nullable public List<CfnTag> getTags()
      An array of tags that you can apply to access points.

    • setTags

      @Stability(Stable) public void setTags(@Nullable List<CfnTag> value)
      An array of tags that you can apply to access points.

    • getVpcConfiguration

      @Stability(Stable) @Nullable public Object getVpcConfiguration()
      If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).

      Returns union: either IResolvable or CfnAccessPoint.VpcConfigurationProperty

    • setVpcConfiguration

      @Stability(Stable) public void setVpcConfiguration(@Nullable IResolvable value)
      If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).

    • setVpcConfiguration

      @Stability(Stable) public void setVpcConfiguration(@Nullable CfnAccessPoint.VpcConfigurationProperty value)
      If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).