Table of Contents
A low-level client representing AWS S3 Control:
import boto3
client = boto3.client('s3control')
These are the available methods:
Check if an operation can be paginated.
Creates an access point and associates it with the specified bucket.
See also: AWS API Documentation
Request Syntax
response = client.create_access_point(
AccountId='string',
Name='string',
Bucket='string',
VpcConfiguration={
'VpcId': 'string'
},
PublicAccessBlockConfiguration={
'BlockPublicAcls': True|False,
'IgnorePublicAcls': True|False,
'BlockPublicPolicy': True|False,
'RestrictPublicBuckets': True|False
}
)
[REQUIRED]
The AWS account ID for the owner of the bucket for which you want to create an access point.
[REQUIRED]
The name you want to assign to this access point.
[REQUIRED]
The name of the bucket that you want to associate this access point with.
If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).
If this field is specified, this access point will only allow connections from the specified VPC ID.
The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" in the Amazon Simple Storage Service Developer Guide.
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:
Enabling this setting doesn't affect existing policies or ACLs.
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
Enabling this setting doesn't affect existing bucket policies.
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only AWS services and authorized users within this account.
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
None
You can use Amazon S3 Batch Operations to perform large-scale Batch Operations on Amazon S3 objects. Amazon S3 Batch Operations can execute a single operation or action on lists of Amazon S3 objects that you specify. For more information, see Amazon S3 Batch Operations in the Amazon Simple Storage Service Developer Guide.
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.create_job(
AccountId='string',
ConfirmationRequired=True|False,
Operation={
'LambdaInvoke': {
'FunctionArn': 'string'
},
'S3PutObjectCopy': {
'TargetResource': 'string',
'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control',
'AccessControlGrants': [
{
'Grantee': {
'TypeIdentifier': 'id'|'emailAddress'|'uri',
'Identifier': 'string',
'DisplayName': 'string'
},
'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
},
],
'MetadataDirective': 'COPY'|'REPLACE',
'ModifiedSinceConstraint': datetime(2015, 1, 1),
'NewObjectMetadata': {
'CacheControl': 'string',
'ContentDisposition': 'string',
'ContentEncoding': 'string',
'ContentLanguage': 'string',
'UserMetadata': {
'string': 'string'
},
'ContentLength': 123,
'ContentMD5': 'string',
'ContentType': 'string',
'HttpExpiresDate': datetime(2015, 1, 1),
'RequesterCharged': True|False,
'SSEAlgorithm': 'AES256'|'KMS'
},
'NewObjectTagging': [
{
'Key': 'string',
'Value': 'string'
},
],
'RedirectLocation': 'string',
'RequesterPays': True|False,
'StorageClass': 'STANDARD'|'STANDARD_IA'|'ONEZONE_IA'|'GLACIER'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE',
'UnModifiedSinceConstraint': datetime(2015, 1, 1),
'SSEAwsKmsKeyId': 'string',
'TargetKeyPrefix': 'string',
'ObjectLockLegalHoldStatus': 'OFF'|'ON',
'ObjectLockMode': 'COMPLIANCE'|'GOVERNANCE',
'ObjectLockRetainUntilDate': datetime(2015, 1, 1)
},
'S3PutObjectAcl': {
'AccessControlPolicy': {
'AccessControlList': {
'Owner': {
'ID': 'string',
'DisplayName': 'string'
},
'Grants': [
{
'Grantee': {
'TypeIdentifier': 'id'|'emailAddress'|'uri',
'Identifier': 'string',
'DisplayName': 'string'
},
'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
},
]
},
'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'
}
},
'S3PutObjectTagging': {
'TagSet': [
{
'Key': 'string',
'Value': 'string'
},
]
},
'S3InitiateRestoreObject': {
'ExpirationInDays': 123,
'GlacierJobTier': 'BULK'|'STANDARD'
},
'S3PutObjectLegalHold': {
'LegalHold': {
'Status': 'OFF'|'ON'
}
},
'S3PutObjectRetention': {
'BypassGovernanceRetention': True|False,
'Retention': {
'RetainUntilDate': datetime(2015, 1, 1),
'Mode': 'COMPLIANCE'|'GOVERNANCE'
}
}
},
Report={
'Bucket': 'string',
'Format': 'Report_CSV_20180820',
'Enabled': True|False,
'Prefix': 'string',
'ReportScope': 'AllTasks'|'FailedTasksOnly'
},
ClientRequestToken='string',
Manifest={
'Spec': {
'Format': 'S3BatchOperations_CSV_20180820'|'S3InventoryReport_CSV_20161130',
'Fields': [
'Ignore'|'Bucket'|'Key'|'VersionId',
]
},
'Location': {
'ObjectArn': 'string',
'ObjectVersionId': 'string',
'ETag': 'string'
}
},
Description='string',
Priority=123,
RoleArn='string',
Tags=[
{
'Key': 'string',
'Value': 'string'
},
]
)
[REQUIRED]
The operation that you want this job to perform on each object listed in the manifest. For more information about the available operations, see Available Operations in the Amazon Simple Storage Service Developer Guide .
Directs the specified job to invoke an AWS Lambda function on each object in the manifest.
The Amazon Resource Name (ARN) for the AWS Lambda function that the specified job will invoke for each object in the manifest.
Directs the specified job to execute a PUT Copy object call on each object in the manifest.
The Legal Hold status to be applied to all objects in the Batch Operations job.
The Retention mode to be applied to all objects in the Batch Operations job.
The date when the applied Object Retention configuration will expire on all objects in the Batch Operations job.
Directs the specified job to execute a PUT Object acl call on each object in the manifest.
Directs the specified job to execute a PUT Object tagging call on each object in the manifest.
Directs the specified job to execute an Initiate Glacier Restore call on each object in the manifest.
Contains the configuration parameters for a Set Object Legal Hold operation. Amazon S3 Batch Operations passes each value through to the underlying PUT Object Legal Hold API. For more information about the parameters for this operation, see PUT Object Legal Hold .
The Legal Hold contains the status to be applied to all objects in the Batch Operations job.
The Legal Hold status to be applied to all objects in the Batch Operations job.
Contains the configuration parameters for a Set Object Retention operation. Amazon S3 Batch Operations passes each value through to the underlying PUT Object Retention API. For more information about the parameters for this operation, see PUT Object Retention .
Indicates if the operation should be applied to objects in the Batch Operations job even if they have Governance-type Object Lock in place.
Amazon S3 object lock Retention contains the retention mode to be applied to all objects in the Batch Operations job.
The date when the applied Object Retention will expire on all objects in the Batch Operations job.
The Retention mode to be applied to all objects in the Batch Operations job.
[REQUIRED]
Configuration parameters for the optional job-completion report.
The Amazon Resource Name (ARN) for the bucket where specified job-completion report will be stored.
The format of the specified job-completion report.
Indicates whether the specified job will generate a job-completion report.
An optional prefix to describe where in the specified bucket the job-completion report will be stored. Amazon S3 will store the job-completion report at <prefix>/job-<job-id>/report.json.
Indicates whether the job-completion report will include details of all tasks or only failed tasks.
[REQUIRED]
An idempotency token to ensure that you don't accidentally submit the same request twice. You can use any string up to the maximum length.
This field is autopopulated if not provided.
[REQUIRED]
Configuration parameters for the manifest.
Describes the format of the specified job's manifest. If the manifest is in CSV format, also describes the columns contained within the manifest.
Indicates which of the available formats the specified manifest uses.
If the specified manifest object is in the S3BatchOperations_CSV_20180820 format, this element describes which columns contain the required data.
Contains the information required to locate the specified job's manifest.
The Amazon Resource Name (ARN) for a manifest object.
The optional version ID to identify a specific version of the manifest object.
The ETag for the specified manifest object.
[REQUIRED]
The numerical priority for this job. Higher numbers indicate higher priority.
[REQUIRED]
The Amazon Resource Name (ARN) for the AWS Identity and Access Management (IAM) role that Batch Operations will use to execute this job's operation on each object in the manifest.
A set of tags to associate with the Amazon S3 Batch Operations job. This is an optional parameter.
dict
Response Syntax
{
'JobId': 'string'
}
Response Structure
(dict) --
JobId (string) --
The ID for this job. Amazon S3 generates this ID automatically and returns it after a successful Create Job request.
Exceptions
Deletes the specified access point.
See also: AWS API Documentation
Request Syntax
response = client.delete_access_point(
AccountId='string',
Name='string'
)
[REQUIRED]
The account ID for the account that owns the specified access point.
[REQUIRED]
The name of the access point you want to delete.
None
Deletes the access point policy for the specified access point.
See also: AWS API Documentation
Request Syntax
response = client.delete_access_point_policy(
AccountId='string',
Name='string'
)
[REQUIRED]
The account ID for the account that owns the specified access point.
[REQUIRED]
The name of the access point whose policy you want to delete.
None
Removes the entire tag set from the specified Amazon S3 Batch Operations job. To use this operation, you must have permission to perform the s3:DeleteJobTagging action. For more information, see Using Job Tags in the Amazon Simple Storage Service Developer Guide.
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.delete_job_tagging(
AccountId='string',
JobId='string'
)
[REQUIRED]
The AWS account ID associated with the Amazon S3 Batch Operations job.
[REQUIRED]
The ID for the Amazon S3 Batch Operations job whose tags you want to delete.
dict
Response Syntax
{}
Response Structure
Exceptions
Removes the PublicAccessBlock configuration for an Amazon Web Services account.
See also: AWS API Documentation
Request Syntax
response = client.delete_public_access_block(
AccountId='string'
)
[REQUIRED]
The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to remove.
Retrieves the configuration parameters and status for a Batch Operations job. For more information, see Amazon S3 Batch Operations in the Amazon Simple Storage Service Developer Guide.
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.describe_job(
AccountId='string',
JobId='string'
)
[REQUIRED]
The ID for the job whose information you want to retrieve.
dict
Response Syntax
{
'Job': {
'JobId': 'string',
'ConfirmationRequired': True|False,
'Description': 'string',
'JobArn': 'string',
'Status': 'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
'Manifest': {
'Spec': {
'Format': 'S3BatchOperations_CSV_20180820'|'S3InventoryReport_CSV_20161130',
'Fields': [
'Ignore'|'Bucket'|'Key'|'VersionId',
]
},
'Location': {
'ObjectArn': 'string',
'ObjectVersionId': 'string',
'ETag': 'string'
}
},
'Operation': {
'LambdaInvoke': {
'FunctionArn': 'string'
},
'S3PutObjectCopy': {
'TargetResource': 'string',
'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control',
'AccessControlGrants': [
{
'Grantee': {
'TypeIdentifier': 'id'|'emailAddress'|'uri',
'Identifier': 'string',
'DisplayName': 'string'
},
'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
},
],
'MetadataDirective': 'COPY'|'REPLACE',
'ModifiedSinceConstraint': datetime(2015, 1, 1),
'NewObjectMetadata': {
'CacheControl': 'string',
'ContentDisposition': 'string',
'ContentEncoding': 'string',
'ContentLanguage': 'string',
'UserMetadata': {
'string': 'string'
},
'ContentLength': 123,
'ContentMD5': 'string',
'ContentType': 'string',
'HttpExpiresDate': datetime(2015, 1, 1),
'RequesterCharged': True|False,
'SSEAlgorithm': 'AES256'|'KMS'
},
'NewObjectTagging': [
{
'Key': 'string',
'Value': 'string'
},
],
'RedirectLocation': 'string',
'RequesterPays': True|False,
'StorageClass': 'STANDARD'|'STANDARD_IA'|'ONEZONE_IA'|'GLACIER'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE',
'UnModifiedSinceConstraint': datetime(2015, 1, 1),
'SSEAwsKmsKeyId': 'string',
'TargetKeyPrefix': 'string',
'ObjectLockLegalHoldStatus': 'OFF'|'ON',
'ObjectLockMode': 'COMPLIANCE'|'GOVERNANCE',
'ObjectLockRetainUntilDate': datetime(2015, 1, 1)
},
'S3PutObjectAcl': {
'AccessControlPolicy': {
'AccessControlList': {
'Owner': {
'ID': 'string',
'DisplayName': 'string'
},
'Grants': [
{
'Grantee': {
'TypeIdentifier': 'id'|'emailAddress'|'uri',
'Identifier': 'string',
'DisplayName': 'string'
},
'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
},
]
},
'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'
}
},
'S3PutObjectTagging': {
'TagSet': [
{
'Key': 'string',
'Value': 'string'
},
]
},
'S3InitiateRestoreObject': {
'ExpirationInDays': 123,
'GlacierJobTier': 'BULK'|'STANDARD'
},
'S3PutObjectLegalHold': {
'LegalHold': {
'Status': 'OFF'|'ON'
}
},
'S3PutObjectRetention': {
'BypassGovernanceRetention': True|False,
'Retention': {
'RetainUntilDate': datetime(2015, 1, 1),
'Mode': 'COMPLIANCE'|'GOVERNANCE'
}
}
},
'Priority': 123,
'ProgressSummary': {
'TotalNumberOfTasks': 123,
'NumberOfTasksSucceeded': 123,
'NumberOfTasksFailed': 123
},
'StatusUpdateReason': 'string',
'FailureReasons': [
{
'FailureCode': 'string',
'FailureReason': 'string'
},
],
'Report': {
'Bucket': 'string',
'Format': 'Report_CSV_20180820',
'Enabled': True|False,
'Prefix': 'string',
'ReportScope': 'AllTasks'|'FailedTasksOnly'
},
'CreationTime': datetime(2015, 1, 1),
'TerminationDate': datetime(2015, 1, 1),
'RoleArn': 'string',
'SuspendedDate': datetime(2015, 1, 1),
'SuspendedCause': 'string'
}
}
Response Structure
(dict) --
Job (dict) --
Contains the configuration parameters and status for the job specified in the Describe Job request.
JobId (string) --
The ID for the specified job.
ConfirmationRequired (boolean) --
Indicates whether confirmation is required before Amazon S3 begins running the specified job. Confirmation is required only for jobs created through the Amazon S3 console.
Description (string) --
The description for this job, if one was provided in this job's Create Job request.
JobArn (string) --
The Amazon Resource Name (ARN) for this job.
Status (string) --
The current status of the specified job.
Manifest (dict) --
The configuration information for the specified job's manifest object.
Spec (dict) --
Describes the format of the specified job's manifest. If the manifest is in CSV format, also describes the columns contained within the manifest.
Format (string) --
Indicates which of the available formats the specified manifest uses.
Fields (list) --
If the specified manifest object is in the S3BatchOperations_CSV_20180820 format, this element describes which columns contain the required data.
Location (dict) --
Contains the information required to locate the specified job's manifest.
ObjectArn (string) --
The Amazon Resource Name (ARN) for a manifest object.
ObjectVersionId (string) --
The optional version ID to identify a specific version of the manifest object.
ETag (string) --
The ETag for the specified manifest object.
Operation (dict) --
The operation that the specified job is configured to execute on the objects listed in the manifest.
LambdaInvoke (dict) --
Directs the specified job to invoke an AWS Lambda function on each object in the manifest.
FunctionArn (string) --
The Amazon Resource Name (ARN) for the AWS Lambda function that the specified job will invoke for each object in the manifest.
S3PutObjectCopy (dict) --
Directs the specified job to execute a PUT Copy object call on each object in the manifest.
TargetResource (string) --
CannedAccessControlList (string) --
AccessControlGrants (list) --
MetadataDirective (string) --
ModifiedSinceConstraint (datetime) --
NewObjectMetadata (dict) --
NewObjectTagging (list) --
RedirectLocation (string) --
RequesterPays (boolean) --
StorageClass (string) --
UnModifiedSinceConstraint (datetime) --
SSEAwsKmsKeyId (string) --
TargetKeyPrefix (string) --
ObjectLockLegalHoldStatus (string) --
The Legal Hold status to be applied to all objects in the Batch Operations job.
ObjectLockMode (string) --
The Retention mode to be applied to all objects in the Batch Operations job.
ObjectLockRetainUntilDate (datetime) --
The date when the applied Object Retention configuration will expire on all objects in the Batch Operations job.
S3PutObjectAcl (dict) --
Directs the specified job to execute a PUT Object acl call on each object in the manifest.
S3PutObjectTagging (dict) --
Directs the specified job to execute a PUT Object tagging call on each object in the manifest.
S3InitiateRestoreObject (dict) --
Directs the specified job to execute an Initiate Glacier Restore call on each object in the manifest.
S3PutObjectLegalHold (dict) --
Contains the configuration parameters for a Set Object Legal Hold operation. Amazon S3 Batch Operations passes each value through to the underlying PUT Object Legal Hold API. For more information about the parameters for this operation, see PUT Object Legal Hold .
LegalHold (dict) --
The Legal Hold contains the status to be applied to all objects in the Batch Operations job.
Status (string) --
The Legal Hold status to be applied to all objects in the Batch Operations job.
S3PutObjectRetention (dict) --
Contains the configuration parameters for a Set Object Retention operation. Amazon S3 Batch Operations passes each value through to the underlying PUT Object Retention API. For more information about the parameters for this operation, see PUT Object Retention .
BypassGovernanceRetention (boolean) --
Indicates if the operation should be applied to objects in the Batch Operations job even if they have Governance-type Object Lock in place.
Retention (dict) --
Amazon S3 object lock Retention contains the retention mode to be applied to all objects in the Batch Operations job.
RetainUntilDate (datetime) --
The date when the applied Object Retention will expire on all objects in the Batch Operations job.
Mode (string) --
The Retention mode to be applied to all objects in the Batch Operations job.
Priority (integer) --
The priority of the specified job.
ProgressSummary (dict) --
Describes the total number of tasks that the specified job has executed, the number of tasks that succeeded, and the number of tasks that failed.
StatusUpdateReason (string) --
FailureReasons (list) --
If the specified job failed, this field contains information describing the failure.
(dict) --
If this job failed, this element indicates why the job failed.
FailureCode (string) --
The failure code, if any, for the specified job.
FailureReason (string) --
The failure reason, if any, for the specified job.
Report (dict) --
Contains the configuration information for the job-completion report if you requested one in the Create Job request.
Bucket (string) --
The Amazon Resource Name (ARN) for the bucket where specified job-completion report will be stored.
Format (string) --
The format of the specified job-completion report.
Enabled (boolean) --
Indicates whether the specified job will generate a job-completion report.
Prefix (string) --
An optional prefix to describe where in the specified bucket the job-completion report will be stored. Amazon S3 will store the job-completion report at <prefix>/job-<job-id>/report.json.
ReportScope (string) --
Indicates whether the job-completion report will include details of all tasks or only failed tasks.
CreationTime (datetime) --
A timestamp indicating when this job was created.
TerminationDate (datetime) --
A timestamp indicating when this job terminated. A job's termination date is the date and time when it succeeded, failed, or was canceled.
RoleArn (string) --
The Amazon Resource Name (ARN) for the AWS Identity and Access Management (IAM) role assigned to execute the tasks for this job.
SuspendedDate (datetime) --
The timestamp when this job was suspended, if it has been suspended.
SuspendedCause (string) --
The reason why the specified job was suspended. A job is only suspended if you create it through the Amazon S3 console. When you create the job, it enters the Suspended state to await confirmation before running. After you confirm the job, it automatically exits the Suspended state.
Exceptions
Generate a presigned url given a client, its method, and arguments
The presigned url
Returns configuration information about the specified access point.
See also: AWS API Documentation
Request Syntax
response = client.get_access_point(
AccountId='string',
Name='string'
)
[REQUIRED]
The account ID for the account that owns the specified access point.
[REQUIRED]
The name of the access point whose configuration information you want to retrieve.
dict
Response Syntax
{
'Name': 'string',
'Bucket': 'string',
'NetworkOrigin': 'Internet'|'VPC',
'VpcConfiguration': {
'VpcId': 'string'
},
'PublicAccessBlockConfiguration': {
'BlockPublicAcls': True|False,
'IgnorePublicAcls': True|False,
'BlockPublicPolicy': True|False,
'RestrictPublicBuckets': True|False
},
'CreationDate': datetime(2015, 1, 1)
}
Response Structure
(dict) --
Name (string) --
The name of the specified access point.
Bucket (string) --
The name of the bucket associated with the specified access point.
NetworkOrigin (string) --
Indicates whether this access point allows access from the public internet. If VpcConfiguration is specified for this access point, then NetworkOrigin is VPC , and the access point doesn't allow access from the public internet. Otherwise, NetworkOrigin is Internet , and the access point allows access from the public internet, subject to the access point and bucket access policies.
VpcConfiguration (dict) --
Contains the virtual private cloud (VPC) configuration for the specified access point.
VpcId (string) --
If this field is specified, this access point will only allow connections from the specified VPC ID.
PublicAccessBlockConfiguration (dict) --
The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" in the Amazon Simple Storage Service Developer Guide.
BlockPublicAcls (boolean) --
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:
Enabling this setting doesn't affect existing policies or ACLs.
IgnorePublicAcls (boolean) --
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
BlockPublicPolicy (boolean) --
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
Enabling this setting doesn't affect existing bucket policies.
RestrictPublicBuckets (boolean) --
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only AWS services and authorized users within this account.
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
CreationDate (datetime) --
The date and time when the specified access point was created.
Returns the access point policy associated with the specified access point.
See also: AWS API Documentation
Request Syntax
response = client.get_access_point_policy(
AccountId='string',
Name='string'
)
[REQUIRED]
The account ID for the account that owns the specified access point.
[REQUIRED]
The name of the access point whose policy you want to retrieve.
dict
Response Syntax
{
'Policy': 'string'
}
Response Structure
(dict) --
Policy (string) --
The access point policy associated with the specified access point.
Indicates whether the specified access point currently has a policy that allows public access. For more information about public access through access points, see Managing Data Access with Amazon S3 Access Points in the Amazon Simple Storage Service Developer Guide .
See also: AWS API Documentation
Request Syntax
response = client.get_access_point_policy_status(
AccountId='string',
Name='string'
)
[REQUIRED]
The account ID for the account that owns the specified access point.
[REQUIRED]
The name of the access point whose policy status you want to retrieve.
dict
Response Syntax
{
'PolicyStatus': {
'IsPublic': True|False
}
}
Response Structure
(dict) --
PolicyStatus (dict) --
Indicates the current policy status of the specified access point.
Returns the tags on an Amazon S3 Batch Operations job. To use this operation, you must have permission to perform the s3:GetJobTagging action. For more information, see Using Job Tags in the Amazon Simple Storage Service Developer Guide .
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.get_job_tagging(
AccountId='string',
JobId='string'
)
[REQUIRED]
The AWS account ID associated with the Amazon S3 Batch Operations job.
[REQUIRED]
The ID for the Amazon S3 Batch Operations job whose tags you want to retrieve.
dict
Response Syntax
{
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
Response Structure
(dict) --
Tags (list) --
The set of tags associated with the Amazon S3 Batch Operations job.
Exceptions
Create a paginator for an operation.
Retrieves the PublicAccessBlock configuration for an Amazon Web Services account.
See also: AWS API Documentation
Request Syntax
response = client.get_public_access_block(
AccountId='string'
)
[REQUIRED]
The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to retrieve.
{
'PublicAccessBlockConfiguration': {
'BlockPublicAcls': True|False,
'IgnorePublicAcls': True|False,
'BlockPublicPolicy': True|False,
'RestrictPublicBuckets': True|False
}
}
Response Structure
The PublicAccessBlock configuration currently in effect for this Amazon Web Services account.
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:
Enabling this setting doesn't affect existing policies or ACLs.
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
Enabling this setting doesn't affect existing bucket policies.
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only AWS services and authorized users within this account.
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
Exceptions
Returns an object that can wait for some condition.
Returns a list of the access points currently associated with the specified bucket. You can retrieve up to 1000 access points per call. If the specified bucket has more than 1,000 access points (or the number specified in maxResults , whichever is less), the response will include a continuation token that you can use to list the additional access points.
See also: AWS API Documentation
Request Syntax
response = client.list_access_points(
AccountId='string',
Bucket='string',
NextToken='string',
MaxResults=123
)
[REQUIRED]
The AWS account ID for owner of the bucket whose access points you want to list.
dict
Response Syntax
{
'AccessPointList': [
{
'Name': 'string',
'NetworkOrigin': 'Internet'|'VPC',
'VpcConfiguration': {
'VpcId': 'string'
},
'Bucket': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
AccessPointList (list) --
Contains identification and configuration information for one or more access points associated with the specified bucket.
(dict) --
An access point used to access a bucket.
Name (string) --
The name of this access point.
NetworkOrigin (string) --
Indicates whether this access point allows access from the public internet. If VpcConfiguration is specified for this access point, then NetworkOrigin is VPC , and the access point doesn't allow access from the public internet. Otherwise, NetworkOrigin is Internet , and the access point allows access from the public internet, subject to the access point and bucket access policies.
VpcConfiguration (dict) --
The virtual private cloud (VPC) configuration for this access point, if one exists.
VpcId (string) --
If this field is specified, this access point will only allow connections from the specified VPC ID.
Bucket (string) --
The name of the bucket associated with this access point.
NextToken (string) --
If the specified bucket has more access points than can be returned in one call to this API, then this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
Lists current Amazon S3 Batch Operations jobs and jobs that have ended within the last 30 days for the AWS account making the request. For more information, see Amazon S3 Batch Operations in the Amazon Simple Storage Service Developer Guide .
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.list_jobs(
AccountId='string',
JobStatuses=[
'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
],
NextToken='string',
MaxResults=123
)
The List Jobs request returns jobs that match the statuses listed in this element.
dict
Response Syntax
{
'NextToken': 'string',
'Jobs': [
{
'JobId': 'string',
'Description': 'string',
'Operation': 'LambdaInvoke'|'S3PutObjectCopy'|'S3PutObjectAcl'|'S3PutObjectTagging'|'S3InitiateRestoreObject'|'S3PutObjectLegalHold'|'S3PutObjectRetention',
'Priority': 123,
'Status': 'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
'CreationTime': datetime(2015, 1, 1),
'TerminationDate': datetime(2015, 1, 1),
'ProgressSummary': {
'TotalNumberOfTasks': 123,
'NumberOfTasksSucceeded': 123,
'NumberOfTasksFailed': 123
}
},
]
}
Response Structure
(dict) --
NextToken (string) --
If the List Jobs request produced more than the maximum number of results, you can pass this value into a subsequent List Jobs request in order to retrieve the next page of results.
Jobs (list) --
The list of current jobs and jobs that have ended within the last 30 days.
(dict) --
Contains the configuration and status information for a single job retrieved as part of a job list.
JobId (string) --
The ID for the specified job.
Description (string) --
The user-specified description that was included in the specified job's Create Job request.
Operation (string) --
The operation that the specified job is configured to run on each object listed in the manifest.
Priority (integer) --
The current priority for the specified job.
Status (string) --
The specified job's current status.
CreationTime (datetime) --
A timestamp indicating when the specified job was created.
TerminationDate (datetime) --
A timestamp indicating when the specified job terminated. A job's termination date is the date and time when it succeeded, failed, or was canceled.
ProgressSummary (dict) --
Describes the total number of tasks that the specified job has executed, the number of tasks that succeeded, and the number of tasks that failed.
Exceptions
Associates an access policy with the specified access point. Each access point can have only one policy, so a request made to this API replaces any existing policy associated with the specified access point.
See also: AWS API Documentation
Request Syntax
response = client.put_access_point_policy(
AccountId='string',
Name='string',
Policy='string'
)
[REQUIRED]
The AWS account ID for owner of the bucket associated with the specified access point.
[REQUIRED]
The name of the access point that you want to associate with the specified policy.
[REQUIRED]
The policy that you want to apply to the specified access point. For more information about access point policies, see Managing Data Access with Amazon S3 Access Points in the Amazon Simple Storage Service Developer Guide .
None
Set the supplied tag-set on an Amazon S3 Batch Operations job.
A tag is a key-value pair. You can associate Amazon S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using GetJobTagging , modify that tag set, and use this API action to replace the tag set with the one you have modified.. For more information, see Using Job Tags in the Amazon Simple Storage Service Developer Guide.
Note
To use this operation, you must have permission to perform the s3:PutJobTagging action.
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.put_job_tagging(
AccountId='string',
JobId='string',
Tags=[
{
'Key': 'string',
'Value': 'string'
},
]
)
[REQUIRED]
The AWS account ID associated with the Amazon S3 Batch Operations job.
[REQUIRED]
The ID for the Amazon S3 Batch Operations job whose tags you want to replace.
[REQUIRED]
The set of tags to associate with the Amazon S3 Batch Operations job.
dict
Response Syntax
{}
Response Structure
Exceptions
Creates or modifies the PublicAccessBlock configuration for an Amazon Web Services account.
See also: AWS API Documentation
Request Syntax
response = client.put_public_access_block(
PublicAccessBlockConfiguration={
'BlockPublicAcls': True|False,
'IgnorePublicAcls': True|False,
'BlockPublicPolicy': True|False,
'RestrictPublicBuckets': True|False
},
AccountId='string'
)
[REQUIRED]
The PublicAccessBlock configuration that you want to apply to the specified Amazon Web Services account.
Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:
Enabling this setting doesn't affect existing policies or ACLs.
Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
Enabling this setting doesn't affect existing bucket policies.
Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only AWS services and authorized users within this account.
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
[REQUIRED]
The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to set.
None
Updates an existing Amazon S3 Batch Operations job's priority. For more information, see Amazon S3 Batch Operations in the Amazon Simple Storage Service Developer Guide.
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.update_job_priority(
AccountId='string',
JobId='string',
Priority=123
)
[REQUIRED]
The ID for the job whose priority you want to update.
[REQUIRED]
The priority you want to assign to this job.
dict
Response Syntax
{
'JobId': 'string',
'Priority': 123
}
Response Structure
(dict) --
JobId (string) --
The ID for the job whose priority Amazon S3 updated.
Priority (integer) --
The new priority assigned to the specified job.
Exceptions
Updates the status for the specified job. Use this operation to confirm that you want to run a job or to cancel an existing job. For more information, see Amazon S3 Batch Operations in the Amazon Simple Storage Service Developer Guide.
Related actions include:
See also: AWS API Documentation
Request Syntax
response = client.update_job_status(
AccountId='string',
JobId='string',
RequestedJobStatus='Cancelled'|'Ready',
StatusUpdateReason='string'
)
[REQUIRED]
The ID of the job whose status you want to update.
[REQUIRED]
The status that you want to move the specified job to.
dict
Response Syntax
{
'JobId': 'string',
'Status': 'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
'StatusUpdateReason': 'string'
}
Response Structure
(dict) --
JobId (string) --
The ID for the job whose status was updated.
Status (string) --
The current status for the specified job.
StatusUpdateReason (string) --
The reason that the specified job's status was updated.
Exceptions
The available paginators are: