Amazon S3 Tables (s3tables)

2025-04-17

5 new actions, 2 new conditions | 2 updated actions

Additions

Actions

DeleteTableBucketEncryption
- Description: Grants permission to delete encryption configuration on a table bucket
- Access: Write
- Resources:
  Name: TableBucket
  
  Required: Yes
GetTableBucketEncryption
- Description: Grants permission to retrieve encryption configuration on a table bucket
- Access: Read
- Resources:
  Name: TableBucket
  
  Required: Yes
GetTableEncryption
- Description: Grants permission to retrieve encryption configuration on a table
- Access: Read
- Resources:
  Name: Table
  
  Required: Yes
- Conditions:
  s3tables:namespace
  
  s3tables:tableName
PutTableBucketEncryption
- Description: Grants permission to put or overwrite encryption configuration on a table bucket
- Access: Write
- Resources:
  Name: TableBucket
  
  Required: Yes
- Conditions:
  s3tables:KMSKeyArn
  
  s3tables:SSEAlgorithm
PutTableEncryption
- Description: Grants permission to put encryption configuration on a table
- Access: Write
- Resources:
  Name: Table
  
  Required: Yes
- Conditions:
  s3tables:namespace
  
  s3tables:SSEAlgorithm
  
  s3tables:KMSKeyArn

Conditions

s3tables:KMSKeyArn
- Description: Filters access by the AWS KMS key ARN for the key used to encrypt a table
- Type: ARN
s3tables:SSEAlgorithm
- Description: Filters access by the server-side encryption algorithm used to encrypt a table
- Type: String

Updates

Actions

CreateTable
- ＋ s3tables:SSEAlgorithm
- ＋ s3tables:KMSKeyArn
CreateTableBucket
- ＋ s3tables:SSEAlgorithm
- ＋ s3tables:KMSKeyArn