AWS::S3::AccessGrant AccessGrantsLocationConfiguration
The configuration options of the S3 Access Grants location. It contains the S3SubPrefix
field. The grant scope, the data to which you are granting access, is the result of appending the Subprefix
field to the scope of the registered location.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "S3SubPrefix" :
String
}
YAML
S3SubPrefix:
String
Properties
S3SubPrefix
-
The
S3SubPrefix
is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default locations3://
because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default locations3://
, theS3SubPrefx
can be a<bucket-name>/*
, so the full grant scope path would bes3://<bucket-name>/*
. Or theS3SubPrefx
can be<bucket-name>/<prefix-name>*
, so the full grant scope path would bes3://<bucket-name>/<prefix-name>*
.If the
S3SubPrefix
includes a prefix, append the wildcard character*
after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.Required: Yes
Type: String
Update requires: No interruption