1apiVersion: s3control.aws.crossplane.io/v1alpha1
2kind: AccessPoint
AccessPointSpec defines the desired state of AccessPoint
AccessPointParameters defines the desired state of AccessPoint
BucketNameRef is a reference to a Bucket used to set the BucketName
Policies for referencing.
BucketNameSelector selects a references to used to set the BucketName
Policies for selection.
The policy that you want to apply to the specified access point. For more information about access point policies, see Managing data access with Amazon S3 access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html) in the Amazon S3 User Guide.
Statements is the list of statement this policy applies either jsonStatements or statements must be specified in the policy
Each element of the PolicyAction array describes the specific action or actions that will be allowed or denied with this PolicyStatement.
Condition specifies where conditions for policy are in effect. https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html
Conditions represents each of the key/value pairs for the operator key
ConditionListValue is the list value of the key from the parent condition
Each element of the NotPolicyAction array will allow the property to match all but the listed actions.
Used with the S3 policy to specify the users which are not included in this policy
This list contains the all of the AWS IAM users which are affected by the policy statement.
IAMRoleARNRef contains the reference to an IAMRole
Policies for referencing.
IAMRoleARNSelector queries for an IAM role to retrieve its userName
Policies for selection.
UserARNRef contains the reference to an User
Policies for referencing.
UserARNSelector queries for an User to retrieve its userName
Policies for selection.
Service define the services which can have access to this bucket
This will explicitly match all resource paths except the ones specified in this array
Used with the S3 policy to specify the principal that is allowed or denied access to a resource.
This list contains the all of the AWS IAM users which are affected by the policy statement.
IAMRoleARNRef contains the reference to an IAMRole
Policies for referencing.
IAMRoleARNSelector queries for an IAM role to retrieve its userName
Policies for selection.
UserARNRef contains the reference to an User
Policies for referencing.
UserARNSelector queries for an User to retrieve its userName
Policies for selection.
Service define the services which can have access to this bucket
The paths on which this resource will apply
The PublicAccessBlock configuration that you want to apply to the access point.
If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).
This is required for creating an access point for Amazon S3 on Outposts buckets.
THIS IS A BETA FIELD. It is on by default but can be opted out through a Crossplane feature flag. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
AccessPointStatus defines the observed state of AccessPoint.
AccessPointObservation defines the observed state of AccessPoint
Conditions of the resource.