Amazon S3 Access Points makes it simple to manage access at scale for applications using shared data sets on S3

Posted on: Dec 3, 2019

Amazon S3 Access Points is a new S3 feature that simplifies managing data access at scale for shared data sets on Amazon S3. With S3 Access Points, you can easily create hundreds of access points per bucket, each with a name and permissions customized for the application. This represents a new way of provisioning access to shared data sets. Whether creating an access point for data ingestion, transformation, restricted read access, or unrestricted access, using S3 Access Points simplifies the work of creating and maintaining access to shared S3 buckets.

You can easily add access points as your application set and storage scales, and you no longer have to worry about managing access through a single bucket policy that spans dozens or hundreds of use cases. S3 Access Points are unique hostnames that you can create to enforce distinct permissions and network controls for any request made through the access point. S3 Access Points policies allow enforcing permissions by prefixes and object tags, allowing limits on the object data that can be accessed. Any S3 Access Points can be restricted to a Virtual Private Cloud (VPC) to firewall S3 data access within your private networks, and AWS Service Control Policies can be used to ensure all access points in an organization are VPC restricted.

Amazon S3 Access Points is available in all AWS Regions, including AWS GovCloud (US) Regions, at no additional cost and can be created through the S3 Management Console, CLI, API, or SDK.  

To learn more about S3 Access Points read the blog, visit the feature page, and read our FAQs