feat(s3objectlambda): open s3 access point arn (#32661)

tomoki10 · web-flow · commit 0486b9c5e2b4 · 2025-01-06T22:57:29.000Z
### Issue # (if applicable) Closes #31950 . ### Reason for this change Previously, users needed to manually construct ARN strings when using S3AccessPoint. This update exposes the S3AccessPoint ARN directly to reduce implementation effort. ### Description of changes This change makes the S3AccessPoint accessible as a property for reuse across the codebase. ### Describe any new or updated permissions being added No ### Description of how you validated changes - Added test cases to verify the newly exposed S3AccessPoint property in the existing unit test suite. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/packages/@aws-cdk/aws-s3objectlambda-alpha/README.md b/packages/@aws-cdk/aws-s3objectlambda-alpha/README.md
@@ -92,3 +92,16 @@ new s3objectlambda.AccessPoint(stack, 'MyObjectLambda', {
 	},
 });
 ```
+
+## Accessing the S3 AccessPoint ARN
+
+If you need access to the s3 accesspoint, you can get its ARN like so:
+
+```ts
+import * as s3objectlambda from '@aws-cdk/aws-s3objectlambda-alpha';
+
+declare const accessPoint: s3objectlambda.AccessPoint;
+const s3AccessPointArn = accessPoint.s3AccessPointArn;
+```
+
+This is only supported for AccessPoints created in the stack - currently you're unable to get the S3 AccessPoint ARN for imported AccessPoints. To do that you'd have to know the S3 bucket name beforehand.
diff --git a/packages/@aws-cdk/aws-s3objectlambda-alpha/lib/access-point.ts b/packages/@aws-cdk/aws-s3objectlambda-alpha/lib/access-point.ts
@@ -201,6 +201,11 @@ export class AccessPoint extends AccessPointBase {
    */
   public readonly accessPointCreationDate: string;
 
+  /**
+   * The ARN of the S3 access point.
+   */
+  public readonly s3AccessPointArn: string;
+
   constructor(scope: Construct, id: string, props: AccessPointProps) {
     super(scope, id, {
       physicalName: props.accessPointName,
@@ -241,6 +246,7 @@ export class AccessPoint extends AccessPointBase {
         ],
       },
     });
+    this.s3AccessPointArn = supporting.attrArn;
     this.accessPointName = accessPoint.ref;
     this.accessPointArn = accessPoint.attrArn;
     this.accessPointCreationDate = accessPoint.attrCreationDate;
diff --git a/packages/@aws-cdk/aws-s3objectlambda-alpha/test/s3objectlambda.test.ts b/packages/@aws-cdk/aws-s3objectlambda-alpha/test/s3objectlambda.test.ts
@@ -46,6 +46,9 @@ test('Can create a valid access point', () => {
       regional: false,
     }),
   });
+  new cdk.CfnOutput(stack, 'S3AccessPointArn', {
+    value: accessPoint.s3AccessPointArn,
+  });
 
   expect(Template.fromStack(stack).findOutputs('*')).toEqual(
     {
@@ -98,6 +101,14 @@ test('Can create a valid access point', () => {
           ],
         },
       },
+      S3AccessPointArn: {
+        Value: {
+          'Fn::GetAtt': [
+            'MyObjectLambdaSupportingAccessPointA2D2026E',
+            'Arn',
+          ],
+        },
+      },
       VirtualHostedRegionalUrl: {
         Value: {
           'Fn::Join': [
