Creates an S3 Access Grants instance, which serves as a logical grouping for access grants. You can create one S3 Access Grants instance per Region per account.
You must have the s3:CreateAccessGrantsInstance permission to use this operation.
To associate an IAM Identity Center instance with your S3 Access Grants instance, you must also have the sso:DescribeInstance, sso:CreateApplication, sso:PutApplicationGrant, and sso:PutApplicationAuthenticationMethod permissions.
You must URL encode any signed header values that contain spaces. For example, if your header value is my file.txt, containing two spaces after my, you must URL encode this value to my%20%20file.txt.
POST /v20180820/accessgrantsinstance HTTP/1.1
Host: s3-control.amazonaws.com
x-amz-account-id: AccountId
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantsInstanceRequest xmlns="http://awss3control.amazonaws.com/doc/2018-08-20/">
<IdentityCenterArn>string</IdentityCenterArn>
<Tags>
<Tag>
<Key>string</Key>
<Value>string</Value>
</Tag>
</Tags>
</CreateAccessGrantsInstanceRequest>The request uses the following URI parameters.
The AWS account ID of the S3 Access Grants instance.
Length Constraints: Maximum length of 64.
Pattern: ^\d{12}$
Required: Yes
The request accepts the following data in XML format.
Root level tag for the CreateAccessGrantsInstanceRequest parameters.
Required: Yes
If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
Type: String
Length Constraints: Minimum length of 10. Maximum length of 1224.
Pattern: arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$
Required: No
The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
Type: Array of Tag data types
Array Members: Minimum number of 0 items. Maximum number of 50 items.
Required: No
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CreateAccessGrantsInstanceResult>
<CreatedAt>timestamp</CreatedAt>
<AccessGrantsInstanceId>string</AccessGrantsInstanceId>
<AccessGrantsInstanceArn>string</AccessGrantsInstanceArn>
<IdentityCenterArn>string</IdentityCenterArn>
<IdentityCenterInstanceArn>string</IdentityCenterInstanceArn>
<IdentityCenterApplicationArn>string</IdentityCenterApplicationArn>
</CreateAccessGrantsInstanceResult>If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
Root level tag for the CreateAccessGrantsInstanceResult parameters.
Required: Yes
The Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 2048.
Pattern: arn:[a-z\-]+:s3:[a-z0-9\-]+:\d{12}:access\-grants\/[a-zA-Z0-9\-]+
The ID of the S3 Access Grants instance. The ID is default. You can have one S3 Access Grants instance per Region per account.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern: [a-zA-Z0-9\-]+
The date and time when you created the S3 Access Grants instance.
Type: Timestamp
If you associated your S3 Access Grants instance with an AWS IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
Type: String
Length Constraints: Minimum length of 10. Maximum length of 1224.
Pattern: arn:[^:]+:sso::\d{12}:application/.*$
This parameter has been deprecated.
If you associated your S3 Access Grants instance with an AWS IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
Type: String
Length Constraints: Minimum length of 10. Maximum length of 1224.
Pattern: arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$
The Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
Type: String
Length Constraints: Minimum length of 10. Maximum length of 1224.
Pattern: arn:[^:]+:sso::(\d{12}){0,1}:instance/.*$
For more information about using this API in one of the language-specific AWS SDKs, see the following:
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4