PutAccessPointPolicyForObjectLambda - Amazon Simple Storage Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

PutAccessPointPolicyForObjectLambda

Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see Creating Object Lambda Access Points in the Amazon S3 User Guide.

The following actions are related to PutAccessPointPolicyForObjectLambda:

Request Syntax

PUT /v20180820/accesspointforobjectlambda/name/policy HTTP/1.1 x-amz-account-id: AccountId <?xml version="1.0" encoding="UTF-8"?> <PutAccessPointPolicyForObjectLambdaRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/"> <Policy>string</Policy> </PutAccessPointPolicyForObjectLambdaRequest>

URI Request Parameters

The request uses the following URI parameters.

name

The name of the Object Lambda Access Point.

Length Constraints: Minimum length of 3. Maximum length of 45.

Pattern: ^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$

Required: Yes

x-amz-account-id

The account ID for the account that owns the specified Object Lambda Access Point.

Length Constraints: Maximum length of 64.

Pattern: ^\d{12}$

Required: Yes

Request Body

The request accepts the following data in XML format.

PutAccessPointPolicyForObjectLambdaRequest

Root level tag for the PutAccessPointPolicyForObjectLambdaRequest parameters.

Required: Yes

Policy

Object Lambda Access Point resource policy document.

Type: String

Required: Yes

Response Syntax

HTTP/1.1 200

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Examples

Sample resource policy

The following illustrates a sample resource policy.

{ "Version" : "2008-10-17", "Statement":[{ "Sid": "Grant account 123456789012 GetObject access", "Effect":"Allow", "Principal" : { "AWS": "arn:aws:iam::123456789012:root" }, "Action":["s3-object-lambda:GetObject"], "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"] }, { "Sid": "Grant account 444455556666 GetObject access", "Effect":"Allow", "Principal" : { "AWS": "arn:aws:iam::444455556666:root" }, "Action":["s3-object-lambda:GetObject"], "Resource":["arn:aws:s3-object-lambda:us-east-1:123456789012:accesspoint/my-object-lambda-ap"] } ] }