AWS::EC2::VPCEndpoint:
Properties: PolicyDocument: | { "Statement" => [ { "Sid" => "Access-to-specific-bucket-only", "Effect" => "Allow", "Principal" => "*", "Action" => [ "s3:GetObject", "s3:PutObject" ], "Resource" => [ "arn:aws:s3:::my_secure_bucket", "arn:aws:s3:::my_secure_bucket/*" ] } ] } RouteTableIds: | [ "rt-xxxxx" ] ServiceName: | "The AWS service to which you want to establish a connection. Specify the service name in the form of com.amazonaws.region.service." VpcId: | "vpc-xxxx"