Posted On: Dec 3, 2019
Amazon S3 Access Points is a new S3 feature that simplifies managing data access at scale for shared data sets on Amazon S3. With S3 Access Points, you can easily create hundreds of access points per bucket, each with a name and permissions customized for the application. This represents a new way of provisioning access to shared data sets. Whether creating an access point for data ingestion, transformation, restricted read access, or unrestricted access, using S3 Access Points simplifies the work of creating and maintaining access to shared S3 buckets.
You can easily add access points as your application set and storage scales, and you no longer have to worry about managing access through a single bucket policy that spans dozens or hundreds of use cases. S3 Access Points are unique hostnames that you can create to enforce distinct permissions and network controls for any request made through the access point. S3 Access Points policies allow enforcing permissions by prefixes and object tags, allowing limits on the object data that can be accessed. Any S3 Access Points can be restricted to a Virtual Private Cloud (VPC) to firewall S3 data access within your private networks, and AWS Service Control Policies can be used to ensure all access points in an organization are VPC restricted.