Managing vector bucket policies - Amazon Simple Storage Service
Policy management operationsAdding a vector bucket policyViewing a vector bucket policyDeleting a vector bucket policy
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Managing vector bucket policies

Vector bucket policies are resource-based policies that you attach directly to vector buckets to control access to the bucket and its contents. You can add, view, edit, delete vector bucket policies by using the Amazon S3 REST API, Amazon SDKs, S3 Console, or the Amazon Command Line Interface (Amazon CLI). Bucket policies for vector buckets can grant permissions to principals from other Amazon accounts, making them useful for cross-account access scenarios.

Policy management operations

Adding a vector bucket policy

  1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. In the left navigation pane, choose Amazon S3.

  3. Choose Vector buckets and select the vector bucket name that you want to add a policy to.

  4. Choose the Permissions tab.

  5. Under Vector bucket policy, choose Edit.

  6. In the policy editor, enter your policy JSON.

  7. (Optional) Choose Policy examples to see sample policies that you can adapt to your needs.

  8. After entering your policy, choose Save changes.

To add or update a bucket policy, use the following example command and replace the user input placeholders with your own information.

aws s3vectors put-vector-bucket-policy \
  --vector-bucket-name "amzn-s3-demo-vector-bucket" \
  --policy '{"Version": "2012-10-17",		 	 	 "Statement":[{"Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111122223333:root"},"Action":"s3vectors:*","Resource":"arn:aws:s3vectors:aws-region:111122223333:bucket/amzn-s3-demo-vector-bucket"}]}'

Viewing a vector bucket policy

  1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. In the left navigation pane, choose Amazon S3.

  3. Choose Vector buckets and select the vector bucket name that you want to view the policy for.

  4. Choose the Permissions tab.

To retrieve a bucket policy, use the following example command and replace the user input placeholders with your own information.

aws s3vectors get-vector-bucket-policy \
  --vector-bucket-name "amzn-s3-demo-vector-bucket"

Deleting a vector bucket policy

  1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. In the left navigation pane, choose Amazon S3.

  3. Choose Vector buckets and select the vector bucket name that you want to delete the policy for.

  4. Choose the Permissions tab.

  5. Under the Vector bucket policy, choose Delete.

To delete a bucket policy, use the following example command and replace the user input placeholders with your own information.

aws s3vectors delete-vector-bucket-policy \
  --vector-bucket-name "amzn-s3-demo-vector-bucket"

For detailed information about creating and managing bucket policies, including policy examples and best practices, see S3 Vectors resource-based policy examples.