Using access points with compatible Amazon S3 operations - Amazon Simple Storage Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Using access points with compatible Amazon S3 operations

The following examples demonstrate how to use access points with compatible operations in Amazon S3.

Access point compatibility with Amazon services

Amazon S3 access points aliases allow any application that requires an S3 bucket name to easily use an access point. You can use S3 access point aliases anywhere you use S3 bucket names to access data in S3.

Access point compatibility with S3 operations

You can use access points to access a bucket using the following subset of Amazon S3 APIs. All the operations listed below can accept either access point ARNs or access point aliases:

S3 operations

Request an object through an access point

The following example requests the object my-image.jpg through the access point prod owned by account ID 123456789012 in Region us-west-2, and saves the downloaded file as download.jpg.

Amazon CLI
aws s3api get-object --key my-image.jpg --bucket arn:aws:s3:us-west-2:123456789012:accesspoint/prod download.jpg

Upload an object through an access point alias

The following example uploads the object my-image.jpg through the access point alias my-access-point-hrzrlukc5m36ft7okagglf3gmwluquse1b-s3alias owned by account ID 123456789012 in Region us-west-2.

Amazon CLI
aws s3api put-object --bucket my-access-point-hrzrlukc5m36ft7okagglf3gmwluquse1b-s3alias --key my-image.jpg --body my-image.jpg

Delete an object through an access point

The following example deletes the object my-image.jpg through the access point prod owned by account ID 123456789012 in Region us-west-2.

Amazon CLI
aws s3api delete-object --bucket arn:aws:s3:us-west-2:123456789012:accesspoint/prod --key my-image.jpg

List objects through an access point alias

The following example lists objects through the access point alias my-access-point-hrzrlukc5m36ft7okagglf3gmwluquse1b-s3alias owned by account ID 123456789012 in Region us-west-2.

Amazon CLI
aws s3api list-objects-v2 --bucket my-access-point-hrzrlukc5m36ft7okagglf3gmwluquse1b-s3alias

Add a tag set to an object through an access point

The following example adds a tag set to the existing object my-image.jpg through the access point prod owned by account ID 123456789012 in Region us-west-2.

Amazon CLI
aws s3api put-object-tagging --bucket arn:aws:s3:us-west-2:123456789012:accesspoint/prod --key my-image.jpg --tagging TagSet=[{Key="finance",Value="true"}]

Grant access permissions through an access point using an ACL

The following example applies an ACL to an existing object my-image.jpg through the access point prod owned by account ID 123456789012 in Region us-west-2.

Amazon CLI
aws s3api put-object-acl --bucket arn:aws:s3:us-west-2:123456789012:accesspoint/prod --key my-image.jpg --acl private