AWS S3 Control

2020/09/30 - AWS S3 Control - 13 new 1 updated api methods

Changes  Amazon S3 on Outposts expands object storage to on-premises AWS Outposts environments, enabling you to store and retrieve objects using S3 APIs and features. Support S3 on Outposts Access Point and Bucket ARNs

DeleteBucket (new) Link ¶

Note

This API operation deletes an Amazon S3 on Outposts bucket. To delete an S3 bucket, see DeleteBucket in the Amazon Simple Storage Service API .

Deletes the Amazon S3 on Outposts bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. For more information, see Using Amazon S3 on Outposts in Amazon Simple Storage Service Developer Guide .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

Related Resources

See also: AWS API Documentation

Request Syntax

client.delete_bucket(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The account ID that owns the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

Specifies the bucket being deleted.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

returns

None

DeleteBucketPolicy (new) Link ¶

Note

This API operation deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see DeleteBucketPolicy in the Amazon Simple Storage Service API .

This implementation of the DELETE operation uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the s3outposts:DeleteBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account to use this operation. For more information, see Using Amazon S3 on Outposts in Amazon Simple Storage Service Developer Guide .

If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.

Warning

As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see `Using Bucket Policies and User Policies < https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html>`__ .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to DeleteBucketPolicy :

See also: AWS API Documentation

Request Syntax

client.delete_bucket_policy(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The ARN of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

returns

None

DeleteBucketTagging (new) Link ¶

Note

This API operation deletes an Amazon S3 on Outposts bucket's tags. To delete an S3 bucket tags, see DeleteBucketTagging in the Amazon Simple Storage Service API .

Deletes the tags from the Outposts bucket. For more information, see Using Amazon S3 on Outposts in Amazon Simple Storage Service Developer Guide .

To use this operation, you must have permission to perform the PutBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to DeleteBucketTagging :

See also: AWS API Documentation

Request Syntax

client.delete_bucket_tagging(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket tag set to be removed.

type Bucket

string

param Bucket

[REQUIRED]

The bucket ARN that has the tag set to be removed.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

returns

None

ListRegionalBuckets (new) Link ¶

Returns a list of all Outposts buckets in an Outposts that are owned by the authenticated sender of the request. For more information, see Using Amazon S3 on Outposts in the Amazon Simple Storage Service Developer Guide .

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and outpost-id in your API request, see the Example section below.

See also: AWS API Documentation

Request Syntax

client.list_regional_buckets(
    AccountId='string',
    NextToken='string',
    MaxResults=123,
    OutpostId='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type NextToken

string

param NextToken

type MaxResults

integer

param MaxResults

type OutpostId

string

param OutpostId

The ID of the AWS Outposts.

Note

This is required by Amazon S3 on Outposts buckets.

rtype

dict

returns

Response Syntax

{
    'RegionalBucketList': [
        {
            'Bucket': 'string',
            'BucketArn': 'string',
            'PublicAccessBlockEnabled': True|False,
            'CreationDate': datetime(2015, 1, 1),
            'OutpostId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • RegionalBucketList (list) --

      • (dict) --

        The container for the regional bucket.

        • Bucket (string) --

        • BucketArn (string) --

          The Amazon Resource Name (ARN) for the regional bucket.

        • PublicAccessBlockEnabled (boolean) --

        • CreationDate (datetime) --

          The creation date of the regional bucket

        • OutpostId (string) --

          The AWS Outposts ID of the regional bucket.

    • NextToken (string) --

      NextToken is sent when isTruncated is true, which means there are more buckets that can be listed. The next list requests to Amazon S3 can be continued with this NextToken . NextToken is obfuscated and is not a real key.

GetBucket (new) Link ¶

Gets an Amazon S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon Simple Storage Service Developer Guide .

The following actions are related to GetBucket for Amazon S3 on Outposts:

See also: AWS API Documentation

Request Syntax

client.get_bucket(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The ARN of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

rtype

dict

returns

Response Syntax

{
    'Bucket': 'string',
    'PublicAccessBlockEnabled': True|False,
    'CreationDate': datetime(2015, 1, 1)
}

Response Structure

  • (dict) --

    • Bucket (string) --

      The Outposts bucket requested.

    • PublicAccessBlockEnabled (boolean) --

    • CreationDate (datetime) --

      The creation date of the Outposts bucket.

GetBucketTagging (new) Link ¶

Note

This API operation gets an Amazon S3 on Outposts bucket's tags. To get an S3 bucket tags, see GetBucketTagging in the Amazon Simple Storage Service API .

Returns the tag set associated with the Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon Simple Storage Service Developer Guide .

To use this operation, you must have permission to perform the GetBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.

GetBucketTagging has the following special error:

  • Error code: NoSuchTagSetError

    • Description: There is no tag set associated with the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to GetBucketTagging :

See also: AWS API Documentation

Request Syntax

client.get_bucket_tagging(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The ARN of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

rtype

dict

returns

Response Syntax

{
    'TagSet': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • TagSet (list) --

      The tags set of the Outposts bucket.

      • (dict) --

        • Key (string) --

        • Value (string) --

PutBucketTagging (new) Link ¶

Note

This API action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see PutBucketTagging in the Amazon Simple Storage Service API .

Sets the tags for an Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon Simple Storage Service Developer Guide .

Use tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see Cost Allocation and Tagging .

Note

Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see Using Cost Allocation in Amazon S3 Bucket Tags .

To use this operation, you must have permissions to perform the s3outposts:PutBucketTagging action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access Permissions to Your Amazon S3 Resources .

PutBucketTagging has the following special errors:

  • Error code: InvalidTagError

  • Error code: MalformedXMLError

    • Description: The XML provided does not match the schema.

  • Error code: OperationAbortedError

    • Description: A conflicting conditional operation is currently in progress against this resource. Try again.

  • Error code: InternalError

    • Description: The service was unable to apply the provided tag to the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to PutBucketTagging :

See also: AWS API Documentation

Request Syntax

client.put_bucket_tagging(
    AccountId='string',
    Bucket='string',
    Tagging={
        'TagSet': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The Amazon Resource Name (ARN) of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

type Tagging

dict

param Tagging

[REQUIRED]

  • TagSet (list) -- [REQUIRED]

    A collection for a set of tags.

    • (dict) --

      • Key (string) -- [REQUIRED]

      • Value (string) -- [REQUIRED]

returns

None

PutBucketPolicy (new) Link ¶

Note

This API action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see PutBucketPolicy in the Amazon Simple Storage Service API .

Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon Simple Storage Service Developer Guide .

If you are using an identity other than the root user of the AWS account that owns the Outposts bucket, the calling identity must have the PutBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this operation.

If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.

Warning

As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see Using Bucket Policies and User Policies .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to PutBucketPolicy :

See also: AWS API Documentation

Request Syntax

client.put_bucket_policy(
    AccountId='string',
    Bucket='string',
    ConfirmRemoveSelfBucketAccess=True|False,
    Policy='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The ARN of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

type ConfirmRemoveSelfBucketAccess

boolean

param ConfirmRemoveSelfBucketAccess

Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future.

Note

This is not supported by Amazon S3 on Outposts buckets.

type Policy

string

param Policy

[REQUIRED]

The bucket policy as a JSON document.

returns

None

PutBucketLifecycleConfiguration (new) Link ¶

Note

This API action puts a lifecycle configuration to an Amazon S3 on Outposts bucket. To put a lifecycle configuration to an S3 bucket, see PutBucketLifecycleConfiguration in the Amazon Simple Storage Service API .

Creates a new lifecycle configuration for the Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets can only support a lifecycle that deletes objects after a certain period of time. For more information, see Managing Lifecycle Permissions for Amazon S3 on Outposts .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to PutBucketLifecycleConfiguration :

See also: AWS API Documentation

Request Syntax

client.put_bucket_lifecycle_configuration(
    AccountId='string',
    Bucket='string',
    LifecycleConfiguration={
        'Rules': [
            {
                'Expiration': {
                    'Date': datetime(2015, 1, 1),
                    'Days': 123,
                    'ExpiredObjectDeleteMarker': True|False
                },
                'ID': 'string',
                'Filter': {
                    'Prefix': 'string',
                    'Tag': {
                        'Key': 'string',
                        'Value': 'string'
                    },
                    'And': {
                        'Prefix': 'string',
                        'Tags': [
                            {
                                'Key': 'string',
                                'Value': 'string'
                            },
                        ]
                    }
                },
                'Status': 'Enabled'|'Disabled',
                'Transitions': [
                    {
                        'Date': datetime(2015, 1, 1),
                        'Days': 123,
                        'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                    },
                ],
                'NoncurrentVersionTransitions': [
                    {
                        'NoncurrentDays': 123,
                        'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                    },
                ],
                'NoncurrentVersionExpiration': {
                    'NoncurrentDays': 123
                },
                'AbortIncompleteMultipartUpload': {
                    'DaysAfterInitiation': 123
                }
            },
        ]
    }
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The name of the bucket for which to set the configuration.

type LifecycleConfiguration

dict

param LifecycleConfiguration

Container for lifecycle rules. You can add as many as 1,000 rules.

  • Rules (list) --

    A lifecycle rule for individual objects in an Outposts bucket.

    • (dict) --

      The container for the Outposts bucket lifecycle rule.

      • Expiration (dict) --

        Specifies the expiration for the lifecycle of the object in the form of date, days and, whether the object has a delete marker.

        • Date (datetime) --

          Indicates at what date the object is to be deleted. Should be in GMT ISO 8601 format.

        • Days (integer) --

          Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.

        • ExpiredObjectDeleteMarker (boolean) --

          Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired. If set to false, the policy takes no action. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

      • ID (string) --

        Unique identifier for the rule. The value cannot be longer than 255 characters.

      • Filter (dict) --

        The container for the filter of lifecycle rule.

        • Prefix (string) --

          Prefix identifying one or more objects to which the rule applies.

        • Tag (dict) --

          • Key (string) -- [REQUIRED]

          • Value (string) -- [REQUIRED]

        • And (dict) --

          The container for the AND condition for the lifecycle rule.

          • Prefix (string) --

            Prefix identifying one or more objects to which the rule applies.

          • Tags (list) --

            All of these tags must exist in the object's tag set in order for the rule to apply.

            • (dict) --

              • Key (string) -- [REQUIRED]

              • Value (string) -- [REQUIRED]

      • Status (string) -- [REQUIRED]

        If 'Enabled', the rule is currently being applied. If 'Disabled', the rule is not currently being applied.

      • Transitions (list) --

        Specifies when an Amazon S3 object transitions to a specified storage class.

        Note

        This is not supported by Amazon S3 on Outposts buckets.

        • (dict) --

          Specifies when an object transitions to a specified storage class. For more information about Amazon S3 Lifecycle configuration rules, see Transitioning Objects Using Amazon S3 Lifecycle in the Amazon Simple Storage Service Developer Guide .

          • Date (datetime) --

            Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.

          • Days (integer) --

            Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.

          • StorageClass (string) --

            The storage class to which you want the object to transition.

      • NoncurrentVersionTransitions (list) --

        Specifies the transition rule for the lifecycle rule that describes when noncurrent objects transition to a specific storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to a specific storage class at a set period in the object's lifetime.

        Note

        This is not supported by Amazon S3 on Outposts buckets.

        • (dict) --

          The container for the noncurrent version transition.

          • NoncurrentDays (integer) --

            Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon Simple Storage Service Developer Guide .

          • StorageClass (string) --

            The class of storage used to store the object.

      • NoncurrentVersionExpiration (dict) --

        The noncurrent version expiration of the lifecycle rule.

        Note

        This is not supported by Amazon S3 on Outposts buckets.

        • NoncurrentDays (integer) --

          Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon Simple Storage Service Developer Guide .

      • AbortIncompleteMultipartUpload (dict) --

        Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 waits before permanently removing all parts of the upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Policy in the Amazon Simple Storage Service Developer Guide .

        • DaysAfterInitiation (integer) --

          Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload to the Outposts bucket.

returns

None

CreateBucket (new) Link ¶

Note

This API operation creates an Amazon S3 on Outposts bucket. To create an S3 bucket, see Create Bucket in the Amazon Simple Storage Service API .

Creates a new Outposts bucket. By creating the bucket, you become the bucket owner. To create an Outposts bucket, you must have S3 on Outposts. For more information, see Using Amazon S3 on Outposts in Amazon Simple Storage Service Developer Guide .

Not every string is an acceptable bucket name. For information on bucket naming restrictions, see Working with Amazon S3 Buckets .

S3 on Outposts buckets do not support

  • ACLs. Instead, configure access point policies to manage access to buckets.

  • Public access.

  • Object Lock

  • Bucket Location constraint

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and outpost-id in your API request, see the Example section below.

The following actions are related to CreateBucket for Amazon S3 on Outposts:

See also: AWS API Documentation

Request Syntax

client.create_bucket(
    ACL='private'|'public-read'|'public-read-write'|'authenticated-read',
    Bucket='string',
    CreateBucketConfiguration={
        'LocationConstraint': 'EU'|'eu-west-1'|'us-west-1'|'us-west-2'|'ap-south-1'|'ap-southeast-1'|'ap-southeast-2'|'ap-northeast-1'|'sa-east-1'|'cn-north-1'|'eu-central-1'
    },
    GrantFullControl='string',
    GrantRead='string',
    GrantReadACP='string',
    GrantWrite='string',
    GrantWriteACP='string',
    ObjectLockEnabledForBucket=True|False,
    OutpostId='string'
)
type ACL

string

param ACL

The canned ACL to apply to the bucket.

Note

This is not supported by Amazon S3 on Outposts buckets.

type Bucket

string

param Bucket

[REQUIRED]

The name of the bucket.

type CreateBucketConfiguration

dict

param CreateBucketConfiguration

The configuration information for the bucket.

Note

This is not supported by Amazon S3 on Outposts buckets.

  • LocationConstraint (string) --

    Specifies the Region where the bucket will be created. If you are creating a bucket on the US East (N. Virginia) Region (us-east-1), you do not need to specify the location.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

type GrantFullControl

string

param GrantFullControl

Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.

Note

This is not supported by Amazon S3 on Outposts buckets.

type GrantRead

string

param GrantRead

Allows grantee to list the objects in the bucket.

Note

This is not supported by Amazon S3 on Outposts buckets.

type GrantReadACP

string

param GrantReadACP

Allows grantee to read the bucket ACL.

Note

This is not supported by Amazon S3 on Outposts buckets.

type GrantWrite

string

param GrantWrite

Allows grantee to create, overwrite, and delete any object in the bucket.

Note

This is not supported by Amazon S3 on Outposts buckets.

type GrantWriteACP

string

param GrantWriteACP

Allows grantee to write the ACL for the applicable bucket.

Note

This is not supported by Amazon S3 on Outposts buckets.

type ObjectLockEnabledForBucket

boolean

param ObjectLockEnabledForBucket

Specifies whether you want S3 Object Lock to be enabled for the new bucket.

Note

This is not supported by Amazon S3 on Outposts buckets.

type OutpostId

string

param OutpostId

The ID of the Outposts where the bucket is being created.

Note

This is required by Amazon S3 on Outposts buckets.

rtype

dict

returns

Response Syntax

{
    'Location': 'string',
    'BucketArn': 'string'
}

Response Structure

  • (dict) --

    • Location (string) --

      The location of the bucket.

    • BucketArn (string) --

      The Amazon Resource Name (ARN) of the bucket.

      For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

GetBucketPolicy (new) Link ¶

Note

This API action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see GetBucketPolicy in the Amazon Simple Storage Service API .

Returns the policy of a specified Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon Simple Storage Service Developer Guide .

If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the GetBucketPolicy permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.

If you don't have s3outposts:GetBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.

Warning

As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see Using Bucket Policies and User Policies .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to GetBucketPolicy :

See also: AWS API Documentation

Request Syntax

client.get_bucket_policy(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The ARN of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

rtype

dict

returns

Response Syntax

{
    'Policy': 'string'
}

Response Structure

  • (dict) --

    • Policy (string) --

      The policy of the Outposts bucket.

DeleteBucketLifecycleConfiguration (new) Link ¶

Note

This API action deletes an Amazon S3 on Outposts bucket's lifecycle configuration. To delete an S3 bucket's lifecycle configuration, see DeleteBucketLifecycle in the Amazon Simple Storage Service API .

Deletes the lifecycle configuration from the specified Outposts bucket. Amazon S3 on Outposts removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 on Outposts no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. For more information, see Using Amazon S3 on Outposts in Amazon Simple Storage Service Developer Guide .

To use this operation, you must have permission to perform the s3outposts:DeleteLifecycleConfiguration action. By default, the bucket owner has this permission and the Outposts bucket owner can grant this permission to others.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

For more information about object expiration, see Elements to Describe Lifecycle Actions .

Related actions include:

See also: AWS API Documentation

Request Syntax

client.delete_bucket_lifecycle_configuration(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The account ID of the lifecycle configuration to delete.

type Bucket

string

param Bucket

[REQUIRED]

The bucket ARN of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

returns

None

GetBucketLifecycleConfiguration (new) Link ¶

Note

This API operation gets an Amazon S3 on Outposts bucket's lifecycle configuration. To get an S3 bucket's lifecycle configuration, see GetBucketLifecycleConfiguration in the Amazon Simple Storage Service API .

Returns the lifecycle configuration information set on the Outposts bucket. For more information, see Using Amazon S3 on Outposts and for information about lifecycle configuration, see Object Lifecycle Management in Amazon Simple Storage Service Developer Guide .

To use this operation, you must have permission to perform the s3outposts:GetLifecycleConfiguration action. The Outposts bucket owner has this permission, by default. The bucket owner can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access Permissions to Your Amazon S3 Resources .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

GetBucketLifecycleConfiguration has the following special error:

  • Error code: NoSuchLifecycleConfiguration

    • Description: The lifecycle configuration does not exist.

    • HTTP Status Code: 404 Not Found

    • SOAP Fault Code Prefix: Client

The following actions are related to GetBucketLifecycleConfiguration :

See also: AWS API Documentation

Request Syntax

client.get_bucket_lifecycle_configuration(
    AccountId='string',
    Bucket='string'
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID of the Outposts bucket.

type Bucket

string

param Bucket

[REQUIRED]

The Amazon Resource Name (ARN) of the bucket.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

rtype

dict

returns

Response Syntax

{
    'Rules': [
        {
            'Expiration': {
                'Date': datetime(2015, 1, 1),
                'Days': 123,
                'ExpiredObjectDeleteMarker': True|False
            },
            'ID': 'string',
            'Filter': {
                'Prefix': 'string',
                'Tag': {
                    'Key': 'string',
                    'Value': 'string'
                },
                'And': {
                    'Prefix': 'string',
                    'Tags': [
                        {
                            'Key': 'string',
                            'Value': 'string'
                        },
                    ]
                }
            },
            'Status': 'Enabled'|'Disabled',
            'Transitions': [
                {
                    'Date': datetime(2015, 1, 1),
                    'Days': 123,
                    'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                },
            ],
            'NoncurrentVersionTransitions': [
                {
                    'NoncurrentDays': 123,
                    'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                },
            ],
            'NoncurrentVersionExpiration': {
                'NoncurrentDays': 123
            },
            'AbortIncompleteMultipartUpload': {
                'DaysAfterInitiation': 123
            }
        },
    ]
}

Response Structure

  • (dict) --

    • Rules (list) --

      Container for the lifecycle rule of the Outposts bucket.

      • (dict) --

        The container for the Outposts bucket lifecycle rule.

        • Expiration (dict) --

          Specifies the expiration for the lifecycle of the object in the form of date, days and, whether the object has a delete marker.

          • Date (datetime) --

            Indicates at what date the object is to be deleted. Should be in GMT ISO 8601 format.

          • Days (integer) --

            Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.

          • ExpiredObjectDeleteMarker (boolean) --

            Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired. If set to false, the policy takes no action. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

        • ID (string) --

          Unique identifier for the rule. The value cannot be longer than 255 characters.

        • Filter (dict) --

          The container for the filter of lifecycle rule.

          • Prefix (string) --

            Prefix identifying one or more objects to which the rule applies.

          • Tag (dict) --

            • Key (string) --

            • Value (string) --

          • And (dict) --

            The container for the AND condition for the lifecycle rule.

            • Prefix (string) --

              Prefix identifying one or more objects to which the rule applies.

            • Tags (list) --

              All of these tags must exist in the object's tag set in order for the rule to apply.

              • (dict) --

                • Key (string) --

                • Value (string) --

        • Status (string) --

          If 'Enabled', the rule is currently being applied. If 'Disabled', the rule is not currently being applied.

        • Transitions (list) --

          Specifies when an Amazon S3 object transitions to a specified storage class.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • (dict) --

            Specifies when an object transitions to a specified storage class. For more information about Amazon S3 Lifecycle configuration rules, see Transitioning Objects Using Amazon S3 Lifecycle in the Amazon Simple Storage Service Developer Guide .

            • Date (datetime) --

              Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.

            • Days (integer) --

              Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.

            • StorageClass (string) --

              The storage class to which you want the object to transition.

        • NoncurrentVersionTransitions (list) --

          Specifies the transition rule for the lifecycle rule that describes when noncurrent objects transition to a specific storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to a specific storage class at a set period in the object's lifetime.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • (dict) --

            The container for the noncurrent version transition.

            • NoncurrentDays (integer) --

              Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon Simple Storage Service Developer Guide .

            • StorageClass (string) --

              The class of storage used to store the object.

        • NoncurrentVersionExpiration (dict) --

          The noncurrent version expiration of the lifecycle rule.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • NoncurrentDays (integer) --

            Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon Simple Storage Service Developer Guide .

        • AbortIncompleteMultipartUpload (dict) --

          Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 waits before permanently removing all parts of the upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Policy in the Amazon Simple Storage Service Developer Guide .

          • DaysAfterInitiation (integer) --

            Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload to the Outposts bucket.

ListAccessPoints (updated) Link ¶
Changes (response)
{'AccessPointList': {'AccessPointArn': 'string'}}

Returns a list of the access points currently associated with the specified bucket. You can retrieve up to 1000 access points per call. If the specified bucket has more than 1,000 access points (or the number specified in maxResults , whichever is less), the response will include a continuation token that you can use to list the additional access points.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of outpost-id to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the outpost-id derived using the access point ARN, see the Example section below.

The following actions are related to ListAccessPoints :

See also: AWS API Documentation

Request Syntax

client.list_access_points(
    AccountId='string',
    Bucket='string',
    NextToken='string',
    MaxResults=123
)
type AccountId

string

param AccountId

[REQUIRED]

The AWS account ID for owner of the bucket whose access points you want to list.

type Bucket

string

param Bucket

The name of the bucket whose associated access points you want to list.

For Amazon S3 on Outposts specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

type NextToken

string

param NextToken

A continuation token. If a previous call to ListAccessPoints returned a continuation token in the NextToken field, then providing that value here causes Amazon S3 to retrieve the next page of results.

type MaxResults

integer

param MaxResults

The maximum number of access points that you want to include in the list. If the specified bucket has more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.

rtype

dict

returns

Response Syntax

{
    'AccessPointList': [
        {
            'Name': 'string',
            'NetworkOrigin': 'Internet'|'VPC',
            'VpcConfiguration': {
                'VpcId': 'string'
            },
            'Bucket': 'string',
            'AccessPointArn': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • AccessPointList (list) --

      Contains identification and configuration information for one or more access points associated with the specified bucket.

      • (dict) --

        An access point used to access a bucket.

        • Name (string) --

          The name of this access point.

        • NetworkOrigin (string) --

          Indicates whether this access point allows access from the public internet. If VpcConfiguration is specified for this access point, then NetworkOrigin is VPC , and the access point doesn't allow access from the public internet. Otherwise, NetworkOrigin is Internet , and the access point allows access from the public internet, subject to the access point and bucket access policies.

        • VpcConfiguration (dict) --

          The virtual private cloud (VPC) configuration for this access point, if one exists.

          • VpcId (string) --

            If this field is specified, this access point will only allow connections from the specified VPC ID.

        • Bucket (string) --

          The name of the bucket associated with this access point.

        • AccessPointArn (string) --

          The ARN for the access point.

    • NextToken (string) --

      If the specified bucket has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.