Refer to the following guide to learn how to use IAM in the cloud\
<https://scribehow.com/shared/Creating_an_IAM_User_and_User_Group_in_AWS_Management_Console__hWNiiXlcRJKFqYZZEJD-cg>

Sign in to **AWS Management Console** as an **IAM User**

**Pre-requisite** - Ensure you have selected the AWS region closest to your location\
For this guide, we will be using us-east-2 (Ohio) as a preferred choice

Type **S3** in the search bar and click on **S3** to view the S3 Dashboard

**What is Amazon S3?**

Amazon Simple Storage Service (Amazon S3) is a scalable object storage service provided by Amazon Web Services (AWS). It is designed to store and retrieve any amount of data from anywhere on the web. S3 offers high availability, durability, and security for data storage needs.

On the S3 dashboard, Under the **General purpose buckets** section click on the Name **my-aws-bucket-in28minutes**

Refer to the following guide to learn how to create S3 Bucket<https://scribehow.com/shared/Creating_an_S3_Bucket_and_Exploring_the_UI__0TFMdpbkQvS6jOisdkQjeA>

**my-aws-bucket-in28minutes** wizard will open, click on the **Access Points** tab and click on the **Create access point** button 

**What is S3 Access Point?**

An S3 Access Point is a virtual endpoint for your S3 bucket that enforces specific access controls (like VPC restrictions) and permissions (through policies) for users and applications.

**Create access point** wizard will open, under the **Properties** section provide the **Access point name**

Scroll to the **Network origin** section and select the option **Virtual private cloud(VPC)** 

Choose the VPC from which you want to allow access. Select your VPC from the **VPC ID** dropdown 

To restrict public access to the VPC, tick the checkbox **Block all public access**

You can write your own **Access Point policy** JSON document or click on the **Policy examples** button to view the example policies

**What is Access Point policy?**

An Access Point policy in Amazon S3 is a set of permissions that defines how a specific S3 Access Point can be used to interact with the objects stored in an S3 bucket. Access Points are unique hostnames that customers create to enforce distinct permissions and network controls for any request made through them.

Scroll to the end of the page and click on **Create access point** button to create **S3 Access point**

Congratulations on completing the lab and mastering the basics of Amazon S3 Access Points! Well done!

Amazon Web Services

This guide provides an introduction to Amazon S3 Access Points.

Basics of Amazon S3 Access Points