Access points restrictions and limitations - Amazon Simple Storage Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Access points restrictions and limitations

Amazon S3 access points have the following restrictions and limitations:

  • You can only create access points for buckets that you own.

  • Each access point is associated with exactly one bucket, which you must specify when you create the access point. After you create an access point, you can't associate it with a different bucket. However, you can delete an access point and then create another one with the same name associated with a different bucket.

  • Access point names must meet certain conditions. For more information about naming access points, see Rules for naming Amazon S3 access points.

  • After you create an access point, you can't change its virtual private cloud (VPC) configuration.

  • Access point policies are limited to 20 KB in size.

  • You can create a maximum of 10,000 access points per Amazon Web Services account per Region. If you need more than 10,000 access points for a single account in a single Region, you can request a service quota increase. For more information about service quotas and requesting an increase, see Amazon Service Quotas in the Amazon General Reference.

  • Searching for an access point by name is disabled in the S3 Amazon Web Services Management Console in Amazon Web Services Regions where you own more than 1,000 access points.

  • You can't use an access point as a destination for S3 Replication. For more information about replication, see Replicating objects.

  • You can only address access points using virtual-host-style URLs. For more information about virtual-host-style addressing, see Methods for accessing a bucket.

  • APIs that control access point functionality (for example, PutAccessPoint and GetAccessPointPolicy) don't support cross-account calls.

  • You must use Amazon Signature Version 4 when making requests to an access point using the REST APIs. For more information about authenticating requests, see Authenticating Requests (Amazon Signature Version 4) in the Amazon Simple Storage Service API Reference.

  • Access points only support access over HTTPS.

  • Access points don't support anonymous access.