S3Control: New-S3CAccessPoint Cmdlet | AWS Tools for PowerShell

Synopsis

Calls the Amazon S3 Control CreateAccessPoint API operation.

Syntax

New-S3CAccessPoint
-Bucket <String>
-AccountId <String>
-PublicAccessBlockConfiguration_BlockPublicAcl <Boolean>
-PublicAccessBlockConfiguration_BlockPublicPolicy <Boolean>
-BucketAccountId <String>
-PublicAccessBlockConfiguration_IgnorePublicAcl <Boolean>
-Name <String>
-Scope_Permission <String[]>
-Scope_Prefix <String[]>
-PublicAccessBlockConfiguration_RestrictPublicBucket <Boolean>
-VpcConfiguration_VpcId <String>
-Select <String>
-PassThru <SwitchParameter>
-Force <SwitchParameter>
-ClientConfig <AmazonS3ControlConfig>

Description

Creates an access point and associates it to a specified bucket. For more information, see Managing access to shared datasets in general purpose buckets with access points or Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide. S3 on Outposts only supports VPC-style access points. For more information, see Accessing Amazon S3 on Outposts using virtual private cloud (VPC) only access points in the Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to CreateAccessPoint:

Parameters

-AccountId <String>

The Amazon Web Services account ID for the account that owns the specified access point.

Required?	True
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-Bucket <String>

The name of the bucket that you want to associate this access point with.For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.

Required?	True
Position?	1
Accept pipeline input?	True (ByValue, ByPropertyName)

-BucketAccountId <String>

The Amazon Web Services account ID associated with the S3 bucket associated with this access point.For same account access point when your bucket and access point belong to the same account owner, the BucketAccountId is not required. For cross-account access point when your bucket and access point are not in the same account, the BucketAccountId is required.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-ClientConfig <AmazonS3ControlConfig>

Amazon.PowerShell.Cmdlets.S3C.AmazonS3ControlClientCmdlet.ClientConfig

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-Force <SwitchParameter>

This parameter overrides confirmation prompts to force the cmdlet to continue its operation. This parameter should always be used with caution.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-Name <String>

The name you want to assign to this access point.For directory buckets, the access point name must consist of a base name that you provide and suffix that includes the ZoneID (Amazon Web Services Availability Zone or Local Zone) of your bucket location, followed by --xa-s3. For more information, see Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide.

Required?	True
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-PassThru <SwitchParameter>

Changes the cmdlet behavior to return the value passed to the Bucket parameter. The -PassThru parameter is deprecated, use -Select '^Bucket' instead. This parameter will be removed in a future version.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-PublicAccessBlockConfiguration_BlockPublicAcl <Boolean>

Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
PUT Object calls fail if the request includes a public ACL.
PUT Bucket calls fail if the request includes a public ACL.

Enabling this setting doesn't affect existing policies or ACLs.This property is not supported for Amazon S3 on Outposts.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	PublicAccessBlockConfiguration_BlockPublicAcls

-PublicAccessBlockConfiguration_BlockPublicPolicy <Boolean>

Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.This property is not supported for Amazon S3 on Outposts.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-PublicAccessBlockConfiguration_IgnorePublicAcl <Boolean>

Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.This property is not supported for Amazon S3 on Outposts.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	PublicAccessBlockConfiguration_IgnorePublicAcls

-PublicAccessBlockConfiguration_RestrictPublicBucket <Boolean>

Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Services service principals and authorized users within this account.Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.This property is not supported for Amazon S3 on Outposts.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	PublicAccessBlockConfiguration_RestrictPublicBuckets

-Scope_Permission <String[]>

You can include one or more API operations as permissions.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	Scope_Permissions

-Scope_Prefix <String[]>

You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	Scope_Prefixes

-Select <String>

Use the -Select parameter to control the cmdlet output. The default value is 'AccessPointArn'. Specifying -Select '*' will result in the cmdlet returning the whole service response (Amazon.S3Control.Model.CreateAccessPointResponse). Specifying the name of a property of type Amazon.S3Control.Model.CreateAccessPointResponse will result in that property being returned. Specifying -Select '^ParameterName' will result in the cmdlet returning the selected cmdlet parameter value.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-VpcConfiguration_VpcId <String>

If this field is specified, this access point will only allow connections from the specified VPC ID.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

Common Credential and Region Parameters

-AccessKey <String>

The AWS access key for the user account. This can be a temporary access key if the corresponding session token is supplied to the -SessionToken parameter.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	AK

-Credential <AWSCredentials>

An AWSCredentials object instance containing access and secret key information, and optionally a token for session-based credentials.

Required?	False
Position?	Named
Accept pipeline input?	True (ByValue, ByPropertyName)

-EndpointUrl <String>

The endpoint to make the call against.Note: This parameter is primarily for internal AWS use and is not required/should not be specified for normal usage. The cmdlets normally determine which endpoint to call based on the region specified to the -Region parameter or set as default in the shell (via Set-DefaultAWSRegion). Only specify this parameter if you must direct the call to a specific custom endpoint.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)

-NetworkCredential <PSCredential>

Used with SAML-based authentication when ProfileName references a SAML role profile. Contains the network credentials to be supplied during authentication with the configured identity provider's endpoint. This parameter is not required if the user's default network identity can or should be used during authentication.

Required?	False
Position?	Named
Accept pipeline input?	True (ByValue, ByPropertyName)

-ProfileLocation <String>

Used to specify the name and location of the ini-format credential file (shared with the AWS CLI and other AWS SDKs)If this optional parameter is omitted this cmdlet will search the encrypted credential file used by the AWS SDK for .NET and AWS Toolkit for Visual Studio first. If the profile is not found then the cmdlet will search in the ini-format credential file at the default location: (user's home directory)\.aws\credentials.If this parameter is specified then this cmdlet will only search the ini-format credential file at the location given.As the current folder can vary in a shell or during script execution it is advised that you use specify a fully qualified path instead of a relative path.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	AWSProfilesLocation, ProfilesLocation

-ProfileName <String>

The user-defined name of an AWS credentials or SAML-based role profile containing credential information. The profile is expected to be found in the secure credential file shared with the AWS SDK for .NET and AWS Toolkit for Visual Studio. You can also specify the name of a profile stored in the .ini-format credential file used with the AWS CLI and other AWS SDKs.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	StoredCredentials, AWSProfileName

-Region <Object>

The system name of an AWS region or an AWSRegion instance. This governs the endpoint that will be used when calling service operations. Note that the AWS resources referenced in a call are usually region-specific.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	RegionToCall

-SecretKey <String>

The AWS secret key for the user account. This can be a temporary secret key if the corresponding session token is supplied to the -SessionToken parameter.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	SK, SecretAccessKey

-SessionToken <String>

The session token if the access and secret keys are temporary session-based credentials.

Required?	False
Position?	Named
Accept pipeline input?	True (ByPropertyName)
Aliases	ST

Outputs

System.String or Amazon.S3Control.Model.CreateAccessPointResponse

This cmdlet returns a System.String object. The service call response (type Amazon.S3Control.Model.CreateAccessPointResponse) can be returned by specifying '-Select *'.

Select your cookie preferences

Customize cookie preferences

Essential

Performance

Functional

Advertising

Unable to save cookie preferences

New-S3CAccessPoint Cmdlet

Amazon S3 Control
Available in AWS.Tools.S3Control, AWSPowerShell.NetCore and AWSPowerShell

Synopsis

Syntax

Description

Parameters

Common Credential and Region Parameters

Outputs

Supported Version

Select your cookie preferences

New-S3CAccessPoint Cmdlet

Amazon S3 ControlAvailable in AWS.Tools.S3Control, AWSPowerShell.NetCore and AWSPowerShell

Synopsis

Syntax

Description

Parameters

Common Credential and Region Parameters

Outputs

Related Links

Supported Version

Amazon S3 Control
Available in AWS.Tools.S3Control, AWSPowerShell.NetCore and AWSPowerShell