Docs Home
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
aws-native.s3.AccessGrant
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
The AWS::S3::AccessGrant resource is an Amazon S3 resource type representing permissions to a specific S3 bucket or prefix hosted in an S3 Access Grants instance.
Create AccessGrant Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AccessGrant(name: string, args: AccessGrantArgs, opts?: CustomResourceOptions);@overload
def AccessGrant(resource_name: str,
args: AccessGrantArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AccessGrant(resource_name: str,
opts: Optional[ResourceOptions] = None,
access_grants_location_id: Optional[str] = None,
grantee: Optional[AccessGrantGranteeArgs] = None,
permission: Optional[AccessGrantPermission] = None,
access_grants_location_configuration: Optional[AccessGrantsLocationConfigurationArgs] = None,
application_arn: Optional[str] = None,
s3_prefix_type: Optional[AccessGrantS3PrefixType] = None,
tags: Optional[Sequence[_root_inputs.CreateOnlyTagArgs]] = None)func NewAccessGrant(ctx *Context, name string, args AccessGrantArgs, opts ...ResourceOption) (*AccessGrant, error)public AccessGrant(string name, AccessGrantArgs args, CustomResourceOptions? opts = null)public AccessGrant(String name, AccessGrantArgs args)
public AccessGrant(String name, AccessGrantArgs args, CustomResourceOptions options)
type: aws-native:s3:AccessGrant
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. AccessGrantArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. AccessGrantArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. AccessGrantArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. AccessGrantArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. AccessGrantArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AccessGrant Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AccessGrant resource accepts the following input properties:
- Access
Grants Location Id This property is required. string - The custom S3 location to be accessed by the grantee
- Grantee
This property is required. Pulumi.Aws Native. S3. Inputs. Access Grant Grantee - The principal who will be granted permission to access S3.
- Permission
This property is required. Pulumi.Aws Native. S3. Access Grant Permission - The level of access to be afforded to the grantee
- Access
Grants Pulumi.Location Configuration Aws Native. S3. Inputs. Access Grants Location Configuration - The configuration options of the grant location, which is the S3 path to the data to which you are granting access.
- Application
Arn string - The ARN of the application grantees will use to access the location
- S3Prefix
Type Pulumi.Aws Native. S3. Access Grant S3Prefix Type - The type of S3SubPrefix.
-
List<Pulumi.
Aws Native. Inputs. Create Only Tag> - The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
- Access
Grants Location Id This property is required. string - The custom S3 location to be accessed by the grantee
- Grantee
This property is required. AccessGrant Grantee Args - The principal who will be granted permission to access S3.
- Permission
This property is required. AccessGrant Permission - The level of access to be afforded to the grantee
- Access
Grants AccessLocation Configuration Grants Location Configuration Args - The configuration options of the grant location, which is the S3 path to the data to which you are granting access.
- Application
Arn string - The ARN of the application grantees will use to access the location
- S3Prefix
Type AccessGrant S3Prefix Type - The type of S3SubPrefix.
-
Create
Only Tag Args - The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
- access
Grants Location Id This property is required. String - The custom S3 location to be accessed by the grantee
- grantee
This property is required. AccessGrant Grantee - The principal who will be granted permission to access S3.
- permission
This property is required. AccessGrant Permission - The level of access to be afforded to the grantee
- access
Grants AccessLocation Configuration Grants Location Configuration - The configuration options of the grant location, which is the S3 path to the data to which you are granting access.
- application
Arn String - The ARN of the application grantees will use to access the location
- s3Prefix
Type AccessGrant S3Prefix Type - The type of S3SubPrefix.
-
List<Create
Only Tag> - The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
- access
Grants Location Id This property is required. string - The custom S3 location to be accessed by the grantee
- grantee
This property is required. AccessGrant Grantee - The principal who will be granted permission to access S3.
- permission
This property is required. AccessGrant Permission - The level of access to be afforded to the grantee
- access
Grants AccessLocation Configuration Grants Location Configuration - The configuration options of the grant location, which is the S3 path to the data to which you are granting access.
- application
Arn string - The ARN of the application grantees will use to access the location
- s3Prefix
Type AccessGrant S3Prefix Type - The type of S3SubPrefix.
-
Create
Only Tag[] - The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
- access_
grants_ location_ id This property is required. str - The custom S3 location to be accessed by the grantee
- grantee
This property is required. AccessGrant Grantee Args - The principal who will be granted permission to access S3.
- permission
This property is required. AccessGrant Permission - The level of access to be afforded to the grantee
- access_
grants_ Accesslocation_ configuration Grants Location Configuration Args - The configuration options of the grant location, which is the S3 path to the data to which you are granting access.
- application_
arn str - The ARN of the application grantees will use to access the location
- s3_
prefix_ Accesstype Grant S3Prefix Type - The type of S3SubPrefix.
-
Sequence[Create
Only Tag Args] - The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
- access
Grants Location Id This property is required. String - The custom S3 location to be accessed by the grantee
- grantee
This property is required. Property Map - The principal who will be granted permission to access S3.
- permission
This property is required. "READ" | "WRITE" | "READWRITE" - The level of access to be afforded to the grantee
- access
Grants Property MapLocation Configuration - The configuration options of the grant location, which is the S3 path to the data to which you are granting access.
- application
Arn String - The ARN of the application grantees will use to access the location
- s3Prefix
Type "Object" - The type of S3SubPrefix.
- List<Property Map>
- The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
Outputs
All input properties are implicitly available as output properties. Additionally, the AccessGrant resource produces the following output properties:
- Access
Grant stringArn - The Amazon Resource Name (ARN) of the specified access grant.
- Access
Grant stringId - The ID assigned to this access grant.
- Grant
Scope string - The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix.
- Id string
- The provider-assigned unique ID for this managed resource.
- Access
Grant stringArn - The Amazon Resource Name (ARN) of the specified access grant.
- Access
Grant stringId - The ID assigned to this access grant.
- Grant
Scope string - The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix.
- Id string
- The provider-assigned unique ID for this managed resource.
- access
Grant StringArn - The Amazon Resource Name (ARN) of the specified access grant.
- access
Grant StringId - The ID assigned to this access grant.
- grant
Scope String - The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix.
- id String
- The provider-assigned unique ID for this managed resource.
- access
Grant stringArn - The Amazon Resource Name (ARN) of the specified access grant.
- access
Grant stringId - The ID assigned to this access grant.
- grant
Scope string - The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix.
- id string
- The provider-assigned unique ID for this managed resource.
- access_
grant_ strarn - The Amazon Resource Name (ARN) of the specified access grant.
- access_
grant_ strid - The ID assigned to this access grant.
- grant_
scope str - The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix.
- id str
- The provider-assigned unique ID for this managed resource.
- access
Grant StringArn - The Amazon Resource Name (ARN) of the specified access grant.
- access
Grant StringId - The ID assigned to this access grant.
- grant
Scope String - The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix.
- id String
- The provider-assigned unique ID for this managed resource.
Supporting Types
AccessGrantGrantee, AccessGrantGranteeArgs
, AccessGrantGranteeArgs
- Grantee
Identifier This property is required. string - The unique identifier of the Grantee
- Grantee
Type This property is required. Pulumi.Aws Native. S3. Access Grant Grantee Grantee Type - Configures the transfer acceleration state for an Amazon S3 bucket.
- Grantee
Identifier This property is required. string - The unique identifier of the Grantee
- Grantee
Type This property is required. AccessGrant Grantee Grantee Type - Configures the transfer acceleration state for an Amazon S3 bucket.
- grantee
Identifier This property is required. String - The unique identifier of the Grantee
- grantee
Type This property is required. AccessGrant Grantee Grantee Type - Configures the transfer acceleration state for an Amazon S3 bucket.
- grantee
Identifier This property is required. string - The unique identifier of the Grantee
- grantee
Type This property is required. AccessGrant Grantee Grantee Type - Configures the transfer acceleration state for an Amazon S3 bucket.
- grantee_
identifier This property is required. str - The unique identifier of the Grantee
- grantee_
type This property is required. AccessGrant Grantee Grantee Type - Configures the transfer acceleration state for an Amazon S3 bucket.
- grantee
Identifier This property is required. String - The unique identifier of the Grantee
- grantee
Type This property is required. "IAM" | "DIRECTORY_USER" | "DIRECTORY_GROUP" - Configures the transfer acceleration state for an Amazon S3 bucket.
AccessGrantGranteeGranteeType, AccessGrantGranteeGranteeTypeArgs
, AccessGrantGranteeGranteeTypeArgs
- Iam
- IAM
- Directory
User - DIRECTORY_USER
- Directory
Group - DIRECTORY_GROUP
- Access
Grant Grantee Grantee Type Iam - IAM
- Access
Grant Grantee Grantee Type Directory User - DIRECTORY_USER
- Access
Grant Grantee Grantee Type Directory Group - DIRECTORY_GROUP
- Iam
- IAM
- Directory
User - DIRECTORY_USER
- Directory
Group - DIRECTORY_GROUP
- Iam
- IAM
- Directory
User - DIRECTORY_USER
- Directory
Group - DIRECTORY_GROUP
- IAM
- IAM
- DIRECTORY_USER
- DIRECTORY_USER
- DIRECTORY_GROUP
- DIRECTORY_GROUP
- "IAM"
- IAM
- "DIRECTORY_USER"
- DIRECTORY_USER
- "DIRECTORY_GROUP"
- DIRECTORY_GROUP
AccessGrantPermission, AccessGrantPermissionArgs
, AccessGrantPermissionArgs
- Read
- READ
- Write
- WRITE
- Readwrite
- READWRITE
- Access
Grant Permission Read - READ
- Access
Grant Permission Write - WRITE
- Access
Grant Permission Readwrite - READWRITE
- Read
- READ
- Write
- WRITE
- Readwrite
- READWRITE
- Read
- READ
- Write
- WRITE
- Readwrite
- READWRITE
- READ
- READ
- WRITE
- WRITE
- READWRITE
- READWRITE
- "READ"
- READ
- "WRITE"
- WRITE
- "READWRITE"
- READWRITE
AccessGrantS3PrefixType, AccessGrantS3PrefixTypeArgs
, AccessGrantS3PrefixTypeArgs
- Object
- Object
- Access
Grant S3Prefix Type Object - Object
- Object
- Object
- Object
- Object
- OBJECT
- Object
- "Object"
- Object
AccessGrantsLocationConfiguration, AccessGrantsLocationConfigurationArgs
, AccessGrantsLocationConfigurationArgs
- S3Sub
Prefix This property is required. string - The S3 sub prefix of a registered location in your S3 Access Grants instance
- S3Sub
Prefix This property is required. string - The S3 sub prefix of a registered location in your S3 Access Grants instance
- s3Sub
Prefix This property is required. String - The S3 sub prefix of a registered location in your S3 Access Grants instance
- s3Sub
Prefix This property is required. string - The S3 sub prefix of a registered location in your S3 Access Grants instance
- s3_
sub_ prefix This property is required. str - The S3 sub prefix of a registered location in your S3 Access Grants instance
- s3Sub
Prefix This property is required. String - The S3 sub prefix of a registered location in your S3 Access Grants instance
CreateOnlyTag, CreateOnlyTagArgs
, CreateOnlyTagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi