Skip to content

List Caller Access Grants

s3control_list_caller_access_grants R Documentation

Use this API to list the access grants that grant the caller access to Amazon S3 data through S3 Access Grants

Description

Use this API to list the access grants that grant the caller access to Amazon S3 data through S3 Access Grants. The caller (grantee) can be an Identity and Access Management (IAM) identity or Amazon Web Services Identity Center corporate directory identity. You must pass the Amazon Web Services account of the S3 data owner (grantor) in the request. You can, optionally, narrow the results by GrantScope, using a fragment of the data's S3 path, and S3 Access Grants will return only the grants with a path that contains the path fragment. You can also pass the AllowedByApplication filter in the request, which returns only the grants authorized for applications, whether the application is the caller's Identity Center application or any other application (ALL). For more information, see List the caller's access grants in the Amazon S3 User Guide.

Permissions

You must have the s3:ListCallerAccessGrants permission to use this operation.

Usage

s3control_list_caller_access_grants(AccountId, GrantScope, NextToken,
  MaxResults, AllowedByApplication)

Arguments

AccountId

[required] The Amazon Web Services account ID of the S3 Access Grants instance.
GrantScope

The S3 path of the data that you would like to access. Must start with ⁠s3://⁠. You can optionally pass only the beginning characters of a path, and S3 Access Grants will search for all applicable grants for the path fragment.
NextToken

A pagination token to request the next page of results. Pass this value into a subsequent ⁠List Caller Access Grants⁠ request in order to retrieve the next page of results.
MaxResults

The maximum number of access grants that you would like returned in the ⁠List Caller Access Grants⁠ response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
AllowedByApplication

If this optional parameter is passed in the request, a filter is applied to the results. The results will include only the access grants for the caller's Identity Center application or for any other applications (ALL).

Value

A list with the following syntax:

list(
  NextToken = "string",
  CallerAccessGrantsList = list(
    list(
      Permission = "READ"|"WRITE"|"READWRITE",
      GrantScope = "string",
      ApplicationArn = "string"
    )
  )
)

Request syntax

svc$list_caller_access_grants(
  AccountId = "string",
  GrantScope = "string",
  NextToken = "string",
  MaxResults = 123,
  AllowedByApplication = TRUE|FALSE
)