Using Amazon S3 VPC Endpoints for Home Folders and Application Settings Persistence - Amazon AppStream 2.0

Using Amazon S3 VPC Endpoints for Home Folders and Application Settings Persistence

To support home folders and application settings persistence on a private network, AppStream 2.0 needs access permissions to the Amazon S3 VPC endpoint. To enable AppStream 2.0 access to your private S3 endpoint, attach the following custom policy to your VPC endpoint for Amazon S3. For more information about private Amazon S3 endpoints, see VPC Endpoints and Endpoints for Amazon S3 in the Amazon VPC User Guide.

{ "Version": "2012-10-17", "Statement": [ { "Sid": "Allow-AppStream-to-access-home-folder-and-application-settings", "Effect": "Allow", "Principal": { "AWS": "arn:aws:sts::account-id-without-hyphens:assumed-role/AmazonAppStreamServiceAccess/AppStream2.0" }, "Action": [ "s3:ListBucket", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetObjectVersion", "s3:DeleteObjectVersion" ], "Resource": [ "arn:aws:s3:::appstream2-36fb080bb8-*", "arn:aws:s3:::appstream-app-settings-*" ] } ] }