AWS v7.11.0 published on Wednesday, Nov 5, 2025 by Pulumi
aws.s3.getBucketPolicy
Start a Neo task
Explain and create an aws.s3.getBucketPolicy resource
The bucket policy data source returns IAM policy of an S3 bucket.
Example Usage
The following example retrieves IAM policy of a specified S3 bucket.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.s3.getBucketPolicy({
bucket: "example-bucket-name",
});
export const foo = example.then(example => example.policy);
import pulumi
import pulumi_aws as aws
example = aws.s3.get_bucket_policy(bucket="example-bucket-name")
pulumi.export("foo", example.policy)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := s3.LookupBucketPolicy(ctx, &s3.LookupBucketPolicyArgs{
Bucket: "example-bucket-name",
}, nil)
if err != nil {
return err
}
ctx.Export("foo", example.Policy)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.S3.GetBucketPolicy.Invoke(new()
{
Bucket = "example-bucket-name",
});
return new Dictionary<string, object?>
{
["foo"] = example.Apply(getBucketPolicyResult => getBucketPolicyResult.Policy),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.S3Functions;
import com.pulumi.aws.s3.inputs.GetBucketPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = S3Functions.getBucketPolicy(GetBucketPolicyArgs.builder()
.bucket("example-bucket-name")
.build());
ctx.export("foo", example.policy());
}
}
variables:
example:
fn::invoke:
function: aws:s3:getBucketPolicy
arguments:
bucket: example-bucket-name
outputs:
foo: ${example.policy}
Using getBucketPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getBucketPolicy(args: GetBucketPolicyArgs, opts?: InvokeOptions): Promise<GetBucketPolicyResult>
function getBucketPolicyOutput(args: GetBucketPolicyOutputArgs, opts?: InvokeOptions): Output<GetBucketPolicyResult>def get_bucket_policy(bucket: Optional[str] = None,
region: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetBucketPolicyResult
def get_bucket_policy_output(bucket: Optional[pulumi.Input[str]] = None,
region: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetBucketPolicyResult]func LookupBucketPolicy(ctx *Context, args *LookupBucketPolicyArgs, opts ...InvokeOption) (*LookupBucketPolicyResult, error)
func LookupBucketPolicyOutput(ctx *Context, args *LookupBucketPolicyOutputArgs, opts ...InvokeOption) LookupBucketPolicyResultOutput> Note: This function is named LookupBucketPolicy in the Go SDK.
public static class GetBucketPolicy
{
public static Task<GetBucketPolicyResult> InvokeAsync(GetBucketPolicyArgs args, InvokeOptions? opts = null)
public static Output<GetBucketPolicyResult> Invoke(GetBucketPolicyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetBucketPolicyResult> getBucketPolicy(GetBucketPolicyArgs args, InvokeOptions options)
public static Output<GetBucketPolicyResult> getBucketPolicy(GetBucketPolicyArgs args, InvokeOptions options)
fn::invoke:
function: aws:s3/getBucketPolicy:getBucketPolicy
arguments:
# arguments dictionaryThe following arguments are supported:
getBucketPolicy Result
The following output properties are available:
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
