S3Control

Table of Contents

Client

class S3Control.Client

A low-level client representing AWS S3 Control

Amazon Web Services S3 Control provides access to Amazon S3 control plane actions.

import boto3

client = boto3.client('s3control')

These are the available methods:

can_paginate(operation_name)

Check if an operation can be paginated.

Parameters
operation_name (string) -- The operation name. This is the same name as the method name on the client. For example, if the method name is create_foo, and you'd normally invoke the operation as client.create_foo(**kwargs), if the create_foo operation can be paginated, you can use the call client.get_paginator("create_foo").
Returns
True if the operation can be paginated, False otherwise.
close()

Closes underlying endpoint connections.

create_access_point(**kwargs)

Creates an access point and associates it with the specified bucket. For more information, see Managing Data Access with Amazon S3 Access Points in the Amazon S3 User Guide .

Note

S3 on Outposts only supports VPC-style access points.

For more information, see Accessing Amazon S3 on Outposts using virtual private cloud (VPC) only access points in the Amazon S3 User Guide .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to CreateAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.create_access_point(
    AccountId='string',
    Name='string',
    Bucket='string',
    VpcConfiguration={
        'VpcId': 'string'
    },
    PublicAccessBlockConfiguration={
        'BlockPublicAcls': True|False,
        'IgnorePublicAcls': True|False,
        'BlockPublicPolicy': True|False,
        'RestrictPublicBuckets': True|False
    },
    BucketAccountId='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the account that owns the specified access point.

  • Name (string) --

    [REQUIRED]

    The name you want to assign to this access point.

  • Bucket (string) --

    [REQUIRED]

    The name of the bucket that you want to associate this access point with.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

  • VpcConfiguration (dict) --

    If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).

    Note

    This is required for creating an access point for Amazon S3 on Outposts buckets.

    • VpcId (string) -- [REQUIRED]

      If this field is specified, this access point will only allow connections from the specified VPC ID.

  • PublicAccessBlockConfiguration (dict) --

    The PublicAccessBlock configuration that you want to apply to the access point.

    • BlockPublicAcls (boolean) --

      Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

      • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
      • PUT Object calls fail if the request includes a public ACL.
      • PUT Bucket calls fail if the request includes a public ACL.

      Enabling this setting doesn't affect existing policies or ACLs.

      This property is not supported for Amazon S3 on Outposts.

    • IgnorePublicAcls (boolean) --

      Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

      Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

      This property is not supported for Amazon S3 on Outposts.

    • BlockPublicPolicy (boolean) --

      Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

      Enabling this setting doesn't affect existing bucket policies.

      This property is not supported for Amazon S3 on Outposts.

    • RestrictPublicBuckets (boolean) --

      Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

      Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

      This property is not supported for Amazon S3 on Outposts.

  • BucketAccountId (string) -- The Amazon Web Services account ID associated with the S3 bucket associated with this access point.
Return type

dict

Returns

Response Syntax

{
    'AccessPointArn': 'string',
    'Alias': 'string'
}

Response Structure

  • (dict) --

    • AccessPointArn (string) --

      The ARN of the access point.

      Note

      This is only supported by Amazon S3 on Outposts.

    • Alias (string) --

      The name or alias of the access point.

create_access_point_for_object_lambda(**kwargs)

Creates an Object Lambda Access Point. For more information, see Transforming objects with Object Lambda Access Points in the Amazon S3 User Guide .

The following actions are related to CreateAccessPointForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.create_access_point_for_object_lambda(
    AccountId='string',
    Name='string',
    Configuration={
        'SupportingAccessPoint': 'string',
        'CloudWatchMetricsEnabled': True|False,
        'AllowedFeatures': [
            'GetObject-Range'|'GetObject-PartNumber'|'HeadObject-Range'|'HeadObject-PartNumber',
        ],
        'TransformationConfigurations': [
            {
                'Actions': [
                    'GetObject'|'HeadObject'|'ListObjects'|'ListObjectsV2',
                ],
                'ContentTransformation': {
                    'AwsLambda': {
                        'FunctionArn': 'string',
                        'FunctionPayload': 'string'
                    }
                }
            },
        ]
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for owner of the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name you want to assign to this Object Lambda Access Point.

  • Configuration (dict) --

    [REQUIRED]

    Object Lambda Access Point configuration as a JSON document.

    • SupportingAccessPoint (string) -- [REQUIRED]

      Standard access point associated with the Object Lambda Access Point.

    • CloudWatchMetricsEnabled (boolean) --

      A container for whether the CloudWatch metrics configuration is enabled.

    • AllowedFeatures (list) --

      A container for allowed features. Valid inputs are GetObject-Range , GetObject-PartNumber , HeadObject-Range , and HeadObject-PartNumber .

      • (string) --
    • TransformationConfigurations (list) -- [REQUIRED]

      A container for transformation configurations for an Object Lambda Access Point.

      • (dict) --

        A configuration used when creating an Object Lambda Access Point transformation.

        • Actions (list) -- [REQUIRED]

          A container for the action of an Object Lambda Access Point configuration. Valid inputs are GetObject , ListObjects , HeadObject , and ListObjectsV2 .

          • (string) --
        • ContentTransformation (dict) -- [REQUIRED]

          A container for the content transformation of an Object Lambda Access Point configuration.

          Note

          This is a Tagged Union structure. Only one of the following top level keys can be set: AwsLambda.

          • AwsLambda (dict) --

            A container for an Lambda function.

            • FunctionArn (string) -- [REQUIRED]

              The Amazon Resource Name (ARN) of the Lambda function.

            • FunctionPayload (string) --

              Additional JSON that provides supplemental data to the Lambda function used to transform objects.

Return type

dict

Returns

Response Syntax

{
    'ObjectLambdaAccessPointArn': 'string'
}

Response Structure

  • (dict) --

    • ObjectLambdaAccessPointArn (string) --

      Specifies the ARN for the Object Lambda Access Point.

create_bucket(**kwargs)

Note

This action creates an Amazon S3 on Outposts bucket. To create an S3 bucket, see Create Bucket in the Amazon S3 API Reference .

Creates a new Outposts bucket. By creating the bucket, you become the bucket owner. To create an Outposts bucket, you must have S3 on Outposts. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide .

Not every string is an acceptable bucket name. For information on bucket naming restrictions, see Working with Amazon S3 Buckets.

S3 on Outposts buckets support:

  • Tags
  • LifecycleConfigurations for deleting expired objects

For a complete list of restrictions and Amazon S3 feature limitations on S3 on Outposts, see Amazon S3 on Outposts Restrictions and Limitations.

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and x-amz-outpost-id in your API request, see the Examples section.

The following actions are related to CreateBucket for Amazon S3 on Outposts:

See also: AWS API Documentation

Request Syntax

response = client.create_bucket(
    ACL='private'|'public-read'|'public-read-write'|'authenticated-read',
    Bucket='string',
    CreateBucketConfiguration={
        'LocationConstraint': 'EU'|'eu-west-1'|'us-west-1'|'us-west-2'|'ap-south-1'|'ap-southeast-1'|'ap-southeast-2'|'ap-northeast-1'|'sa-east-1'|'cn-north-1'|'eu-central-1'
    },
    GrantFullControl='string',
    GrantRead='string',
    GrantReadACP='string',
    GrantWrite='string',
    GrantWriteACP='string',
    ObjectLockEnabledForBucket=True|False,
    OutpostId='string'
)
Parameters
  • ACL (string) --

    The canned ACL to apply to the bucket.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • Bucket (string) --

    [REQUIRED]

    The name of the bucket.

  • CreateBucketConfiguration (dict) --

    The configuration information for the bucket.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

    • LocationConstraint (string) --

      Specifies the Region where the bucket will be created. If you are creating a bucket on the US East (N. Virginia) Region (us-east-1), you do not need to specify the location.

      Note

      This is not supported by Amazon S3 on Outposts buckets.

  • GrantFullControl (string) --

    Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • GrantRead (string) --

    Allows grantee to list the objects in the bucket.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • GrantReadACP (string) --

    Allows grantee to read the bucket ACL.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • GrantWrite (string) --

    Allows grantee to create, overwrite, and delete any object in the bucket.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • GrantWriteACP (string) --

    Allows grantee to write the ACL for the applicable bucket.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • ObjectLockEnabledForBucket (boolean) --

    Specifies whether you want S3 Object Lock to be enabled for the new bucket.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • OutpostId (string) --

    The ID of the Outposts where the bucket is being created.

    Note

    This ID is required by Amazon S3 on Outposts buckets.

Return type

dict

Returns

Response Syntax

{
    'Location': 'string',
    'BucketArn': 'string'
}

Response Structure

  • (dict) --

    • Location (string) --

      The location of the bucket.

    • BucketArn (string) --

      The Amazon Resource Name (ARN) of the bucket.

      For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

      For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Exceptions

  • S3Control.Client.exceptions.BucketAlreadyExists
  • S3Control.Client.exceptions.BucketAlreadyOwnedByYou
create_job(**kwargs)

You can use S3 Batch Operations to perform large-scale batch actions on Amazon S3 objects. Batch Operations can run a single action on lists of Amazon S3 objects that you specify. For more information, see S3 Batch Operations in the Amazon S3 User Guide .

This action creates a S3 Batch Operations job.

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.create_job(
    AccountId='string',
    ConfirmationRequired=True|False,
    Operation={
        'LambdaInvoke': {
            'FunctionArn': 'string'
        },
        'S3PutObjectCopy': {
            'TargetResource': 'string',
            'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control',
            'AccessControlGrants': [
                {
                    'Grantee': {
                        'TypeIdentifier': 'id'|'emailAddress'|'uri',
                        'Identifier': 'string',
                        'DisplayName': 'string'
                    },
                    'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
                },
            ],
            'MetadataDirective': 'COPY'|'REPLACE',
            'ModifiedSinceConstraint': datetime(2015, 1, 1),
            'NewObjectMetadata': {
                'CacheControl': 'string',
                'ContentDisposition': 'string',
                'ContentEncoding': 'string',
                'ContentLanguage': 'string',
                'UserMetadata': {
                    'string': 'string'
                },
                'ContentLength': 123,
                'ContentMD5': 'string',
                'ContentType': 'string',
                'HttpExpiresDate': datetime(2015, 1, 1),
                'RequesterCharged': True|False,
                'SSEAlgorithm': 'AES256'|'KMS'
            },
            'NewObjectTagging': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'RedirectLocation': 'string',
            'RequesterPays': True|False,
            'StorageClass': 'STANDARD'|'STANDARD_IA'|'ONEZONE_IA'|'GLACIER'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'|'GLACIER_IR',
            'UnModifiedSinceConstraint': datetime(2015, 1, 1),
            'SSEAwsKmsKeyId': 'string',
            'TargetKeyPrefix': 'string',
            'ObjectLockLegalHoldStatus': 'OFF'|'ON',
            'ObjectLockMode': 'COMPLIANCE'|'GOVERNANCE',
            'ObjectLockRetainUntilDate': datetime(2015, 1, 1),
            'BucketKeyEnabled': True|False,
            'ChecksumAlgorithm': 'CRC32'|'CRC32C'|'SHA1'|'SHA256'
        },
        'S3PutObjectAcl': {
            'AccessControlPolicy': {
                'AccessControlList': {
                    'Owner': {
                        'ID': 'string',
                        'DisplayName': 'string'
                    },
                    'Grants': [
                        {
                            'Grantee': {
                                'TypeIdentifier': 'id'|'emailAddress'|'uri',
                                'Identifier': 'string',
                                'DisplayName': 'string'
                            },
                            'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
                        },
                    ]
                },
                'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'
            }
        },
        'S3PutObjectTagging': {
            'TagSet': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
        'S3DeleteObjectTagging': {}
        ,
        'S3InitiateRestoreObject': {
            'ExpirationInDays': 123,
            'GlacierJobTier': 'BULK'|'STANDARD'
        },
        'S3PutObjectLegalHold': {
            'LegalHold': {
                'Status': 'OFF'|'ON'
            }
        },
        'S3PutObjectRetention': {
            'BypassGovernanceRetention': True|False,
            'Retention': {
                'RetainUntilDate': datetime(2015, 1, 1),
                'Mode': 'COMPLIANCE'|'GOVERNANCE'
            }
        },
        'S3ReplicateObject': {}

    },
    Report={
        'Bucket': 'string',
        'Format': 'Report_CSV_20180820',
        'Enabled': True|False,
        'Prefix': 'string',
        'ReportScope': 'AllTasks'|'FailedTasksOnly'
    },
    ClientRequestToken='string',
    Manifest={
        'Spec': {
            'Format': 'S3BatchOperations_CSV_20180820'|'S3InventoryReport_CSV_20161130',
            'Fields': [
                'Ignore'|'Bucket'|'Key'|'VersionId',
            ]
        },
        'Location': {
            'ObjectArn': 'string',
            'ObjectVersionId': 'string',
            'ETag': 'string'
        }
    },
    Description='string',
    Priority=123,
    RoleArn='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    ManifestGenerator={
        'S3JobManifestGenerator': {
            'ExpectedBucketOwner': 'string',
            'SourceBucket': 'string',
            'ManifestOutputLocation': {
                'ExpectedManifestBucketOwner': 'string',
                'Bucket': 'string',
                'ManifestPrefix': 'string',
                'ManifestEncryption': {
                    'SSES3': {}
                    ,
                    'SSEKMS': {
                        'KeyId': 'string'
                    }
                },
                'ManifestFormat': 'S3InventoryReport_CSV_20211130'
            },
            'Filter': {
                'EligibleForReplication': True|False,
                'CreatedAfter': datetime(2015, 1, 1),
                'CreatedBefore': datetime(2015, 1, 1),
                'ObjectReplicationStatuses': [
                    'COMPLETED'|'FAILED'|'REPLICA'|'NONE',
                ]
            },
            'EnableManifestOutput': True|False
        }
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID that creates the job.

  • ConfirmationRequired (boolean) -- Indicates whether confirmation is required before Amazon S3 runs the job. Confirmation is only required for jobs created through the Amazon S3 console.
  • Operation (dict) --

    [REQUIRED]

    The action that you want this job to perform on every object listed in the manifest. For more information about the available actions, see Operations in the Amazon S3 User Guide .

    • LambdaInvoke (dict) --

      Directs the specified job to invoke an Lambda function on every object in the manifest.

      • FunctionArn (string) --

        The Amazon Resource Name (ARN) for the Lambda function that the specified job will invoke on every object in the manifest.

    • S3PutObjectCopy (dict) --

      Directs the specified job to run a PUT Copy object call on every object in the manifest.

      • TargetResource (string) --

        Specifies the destination bucket ARN for the batch copy operation. For example, to copy objects to a bucket named destinationBucket , set the TargetResource property to arn:aws:s3:::destinationBucket .

      • CannedAccessControlList (string) --
      • AccessControlGrants (list) --
        • (dict) --
          • Grantee (dict) --
            • TypeIdentifier (string) --
            • Identifier (string) --
            • DisplayName (string) --
          • Permission (string) --
      • MetadataDirective (string) --
      • ModifiedSinceConstraint (datetime) --
      • NewObjectMetadata (dict) --

        If you don't provide this parameter, Amazon S3 copies all the metadata from the original objects. If you specify an empty set, the new objects will have no tags. Otherwise, Amazon S3 assigns the supplied tags to the new objects.

        • CacheControl (string) --
        • ContentDisposition (string) --
        • ContentEncoding (string) --
        • ContentLanguage (string) --
        • UserMetadata (dict) --
          • (string) --
            • (string) --
        • ContentLength (integer) --
        • ContentMD5 (string) --
        • ContentType (string) --
        • HttpExpiresDate (datetime) --
        • RequesterCharged (boolean) --
        • SSEAlgorithm (string) --
      • NewObjectTagging (list) --
        • (dict) --

          A container for a key-value name pair.

          • Key (string) -- [REQUIRED]

            Key of the tag

          • Value (string) -- [REQUIRED]

            Value of the tag

      • RedirectLocation (string) --

        Specifies an optional metadata property for website redirects, x-amz-website-redirect-location . Allows webpage redirects if the object is accessed through a website endpoint.

      • RequesterPays (boolean) --
      • StorageClass (string) --
      • UnModifiedSinceConstraint (datetime) --
      • SSEAwsKmsKeyId (string) --
      • TargetKeyPrefix (string) --

        Specifies the folder prefix into which you would like the objects to be copied. For example, to copy objects into a folder named Folder1 in the destination bucket, set the TargetKeyPrefix to Folder1 .

      • ObjectLockLegalHoldStatus (string) --

        The legal hold status to be applied to all objects in the Batch Operations job.

      • ObjectLockMode (string) --

        The retention mode to be applied to all objects in the Batch Operations job.

      • ObjectLockRetainUntilDate (datetime) --

        The date when the applied object retention configuration expires on all objects in the Batch Operations job.

      • BucketKeyEnabled (boolean) --

        Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Amazon Web Services KMS (SSE-KMS). Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.

        Specifying this header with an object action doesn’t affect bucket-level settings for S3 Bucket Key.

      • ChecksumAlgorithm (string) --

        Indicates the algorithm you want Amazon S3 to use to create the checksum. For more information see Checking object integrity in the Amazon S3 User Guide .

    • S3PutObjectAcl (dict) --

      Directs the specified job to run a PutObjectAcl call on every object in the manifest.

      • AccessControlPolicy (dict) --
        • AccessControlList (dict) --
          • Owner (dict) -- [REQUIRED]
            • ID (string) --
            • DisplayName (string) --
          • Grants (list) --
            • (dict) --
              • Grantee (dict) --
                • TypeIdentifier (string) --
                • Identifier (string) --
                • DisplayName (string) --
              • Permission (string) --
        • CannedAccessControlList (string) --
    • S3PutObjectTagging (dict) --

      Directs the specified job to run a PUT Object tagging call on every object in the manifest.

      • TagSet (list) --
        • (dict) --

          A container for a key-value name pair.

          • Key (string) -- [REQUIRED]

            Key of the tag

          • Value (string) -- [REQUIRED]

            Value of the tag

    • S3DeleteObjectTagging (dict) --

      Directs the specified job to execute a DELETE Object tagging call on every object in the manifest.

    • S3InitiateRestoreObject (dict) --

      Directs the specified job to initiate restore requests for every archived object in the manifest.

      • ExpirationInDays (integer) --

        This argument specifies how long the S3 Glacier or S3 Glacier Deep Archive object remains available in Amazon S3. S3 Initiate Restore Object jobs that target S3 Glacier and S3 Glacier Deep Archive objects require ExpirationInDays set to 1 or greater.

        Conversely, do not set ExpirationInDays when creating S3 Initiate Restore Object jobs that target S3 Intelligent-Tiering Archive Access and Deep Archive Access tier objects. Objects in S3 Intelligent-Tiering archive access tiers are not subject to restore expiry, so specifying ExpirationInDays results in restore request failure.

        S3 Batch Operations jobs can operate either on S3 Glacier and S3 Glacier Deep Archive storage class objects or on S3 Intelligent-Tiering Archive Access and Deep Archive Access storage tier objects, but not both types in the same job. If you need to restore objects of both types you must create separate Batch Operations jobs.

      • GlacierJobTier (string) --

        S3 Batch Operations supports STANDARD and BULK retrieval tiers, but not the EXPEDITED retrieval tier.

    • S3PutObjectLegalHold (dict) --

      Contains the configuration for an S3 Object Lock legal hold operation that an S3 Batch Operations job passes every object to the underlying PutObjectLegalHold API. For more information, see Using S3 Object Lock legal hold with S3 Batch Operations in the Amazon S3 User Guide .

      • LegalHold (dict) -- [REQUIRED]

        Contains the Object Lock legal hold status to be applied to all objects in the Batch Operations job.

        • Status (string) -- [REQUIRED]

          The Object Lock legal hold status to be applied to all objects in the Batch Operations job.

    • S3PutObjectRetention (dict) --

      Contains the configuration parameters for the Object Lock retention action for an S3 Batch Operations job. Batch Operations passes every object to the underlying PutObjectRetention API. For more information, see Using S3 Object Lock retention with S3 Batch Operations in the Amazon S3 User Guide .

      • BypassGovernanceRetention (boolean) --

        Indicates if the action should be applied to objects in the Batch Operations job even if they have Object Lock GOVERNANCE type in place.

      • Retention (dict) -- [REQUIRED]

        Contains the Object Lock retention mode to be applied to all objects in the Batch Operations job. For more information, see Using S3 Object Lock retention with S3 Batch Operations in the Amazon S3 User Guide .

        • RetainUntilDate (datetime) --

          The date when the applied Object Lock retention will expire on all objects set by the Batch Operations job.

        • Mode (string) --

          The Object Lock retention mode to be applied to all objects in the Batch Operations job.

    • S3ReplicateObject (dict) --

      Directs the specified job to invoke ReplicateObject on every object in the job's manifest.

  • Report (dict) --

    [REQUIRED]

    Configuration parameters for the optional job-completion report.

    • Bucket (string) --

      The Amazon Resource Name (ARN) for the bucket where specified job-completion report will be stored.

    • Format (string) --

      The format of the specified job-completion report.

    • Enabled (boolean) -- [REQUIRED]

      Indicates whether the specified job will generate a job-completion report.

    • Prefix (string) --

      An optional prefix to describe where in the specified bucket the job-completion report will be stored. Amazon S3 stores the job-completion report at <prefix>/job-<job-id>/report.json .

    • ReportScope (string) --

      Indicates whether the job-completion report will include details of all tasks or only failed tasks.

  • ClientRequestToken (string) --

    [REQUIRED]

    An idempotency token to ensure that you don't accidentally submit the same request twice. You can use any string up to the maximum length.

    This field is autopopulated if not provided.

  • Manifest (dict) --

    Configuration parameters for the manifest.

    • Spec (dict) -- [REQUIRED]

      Describes the format of the specified job's manifest. If the manifest is in CSV format, also describes the columns contained within the manifest.

      • Format (string) -- [REQUIRED]

        Indicates which of the available formats the specified manifest uses.

      • Fields (list) --

        If the specified manifest object is in the S3BatchOperations_CSV_20180820 format, this element describes which columns contain the required data.

        • (string) --
    • Location (dict) -- [REQUIRED]

      Contains the information required to locate the specified job's manifest.

      • ObjectArn (string) -- [REQUIRED]

        The Amazon Resource Name (ARN) for a manifest object.

        Warning

        Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.

      • ObjectVersionId (string) --

        The optional version ID to identify a specific version of the manifest object.

      • ETag (string) -- [REQUIRED]

        The ETag for the specified manifest object.

  • Description (string) -- A description for this job. You can use any string within the permitted length. Descriptions don't need to be unique and can be used for multiple jobs.
  • Priority (integer) --

    [REQUIRED]

    The numerical priority for this job. Higher numbers indicate higher priority.

  • RoleArn (string) --

    [REQUIRED]

    The Amazon Resource Name (ARN) for the Identity and Access Management (IAM) role that Batch Operations will use to run this job's action on every object in the manifest.

  • Tags (list) --

    A set of tags to associate with the S3 Batch Operations job. This is an optional parameter.

    • (dict) --

      A container for a key-value name pair.

      • Key (string) -- [REQUIRED]

        Key of the tag

      • Value (string) -- [REQUIRED]

        Value of the tag

  • ManifestGenerator (dict) --

    The attribute container for the ManifestGenerator details. Jobs must be created with either a manifest file or a ManifestGenerator, but not both.

    Note

    This is a Tagged Union structure. Only one of the following top level keys can be set: S3JobManifestGenerator.

    • S3JobManifestGenerator (dict) --

      The S3 job ManifestGenerator's configuration details.

      • ExpectedBucketOwner (string) --

        The Amazon Web Services account ID that owns the bucket the generated manifest is written to. If provided the generated manifest bucket's owner Amazon Web Services account ID must match this value, else the job fails.

      • SourceBucket (string) -- [REQUIRED]

        The source bucket used by the ManifestGenerator.

      • ManifestOutputLocation (dict) --

        Specifies the location the generated manifest will be written to.

        • ExpectedManifestBucketOwner (string) --

          The Account ID that owns the bucket the generated manifest is written to.

        • Bucket (string) -- [REQUIRED]

          The bucket ARN the generated manifest should be written to.

        • ManifestPrefix (string) --

          Prefix identifying one or more objects to which the manifest applies.

        • ManifestEncryption (dict) --

          Specifies what encryption should be used when the generated manifest objects are written.

          • SSES3 (dict) --

            Specifies the use of SSE-S3 to encrypt generated manifest objects.

          • SSEKMS (dict) --

            Configuration details on how SSE-KMS is used to encrypt generated manifest objects.

            • KeyId (string) -- [REQUIRED]

              Specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric encryption customer managed key to use for encrypting generated manifest objects.

        • ManifestFormat (string) -- [REQUIRED]

          The format of the generated manifest.

      • Filter (dict) --

        Specifies rules the S3JobManifestGenerator should use to use to decide whether an object in the source bucket should or should not be included in the generated job manifest.

        • EligibleForReplication (boolean) --

          Include objects in the generated manifest only if they are eligible for replication according to the Replication configuration on the source bucket.

        • CreatedAfter (datetime) --

          If provided, the generated manifest should include only source bucket objects that were created after this time.

        • CreatedBefore (datetime) --

          If provided, the generated manifest should include only source bucket objects that were created before this time.

        • ObjectReplicationStatuses (list) --

          If provided, the generated manifest should include only source bucket objects that have one of the specified Replication statuses.

          • (string) --
      • EnableManifestOutput (boolean) -- [REQUIRED]

        Determines whether or not to write the job's generated manifest to a bucket.

Return type

dict

Returns

Response Syntax

{
    'JobId': 'string'
}

Response Structure

  • (dict) --

    • JobId (string) --

      The ID for this job. Amazon S3 generates this ID automatically and returns it after a successful Create Job request.

Exceptions

  • S3Control.Client.exceptions.TooManyRequestsException
  • S3Control.Client.exceptions.BadRequestException
  • S3Control.Client.exceptions.IdempotencyException
  • S3Control.Client.exceptions.InternalServiceException
create_multi_region_access_point(**kwargs)

Creates a Multi-Region Access Point and associates it with the specified buckets. For more information about creating Multi-Region Access Points, see Creating Multi-Region Access Points in the Amazon S3 User Guide .

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around managing Multi-Region Access Points, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with DescribeMultiRegionAccessPointOperation .

The following actions are related to CreateMultiRegionAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.create_multi_region_access_point(
    AccountId='string',
    ClientToken='string',
    Details={
        'Name': 'string',
        'PublicAccessBlock': {
            'BlockPublicAcls': True|False,
            'IgnorePublicAcls': True|False,
            'BlockPublicPolicy': True|False,
            'RestrictPublicBuckets': True|False
        },
        'Regions': [
            {
                'Bucket': 'string'
            },
        ]
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point. The owner of the Multi-Region Access Point also must own the underlying buckets.

  • ClientToken (string) --

    [REQUIRED]

    An idempotency token used to identify the request and guarantee that requests are unique.

    This field is autopopulated if not provided.

  • Details (dict) --

    [REQUIRED]

    A container element containing details about the Multi-Region Access Point.

    • Name (string) -- [REQUIRED]

      The name of the Multi-Region Access Point associated with this request.

    • PublicAccessBlock (dict) --

      The PublicAccessBlock configuration that you want to apply to this Amazon S3 account. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" in the Amazon S3 User Guide .

      This data type is not supported for Amazon S3 on Outposts.

      • BlockPublicAcls (boolean) --

        Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

        • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
        • PUT Object calls fail if the request includes a public ACL.
        • PUT Bucket calls fail if the request includes a public ACL.

        Enabling this setting doesn't affect existing policies or ACLs.

        This property is not supported for Amazon S3 on Outposts.

      • IgnorePublicAcls (boolean) --

        Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

        Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

        This property is not supported for Amazon S3 on Outposts.

      • BlockPublicPolicy (boolean) --

        Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

        Enabling this setting doesn't affect existing bucket policies.

        This property is not supported for Amazon S3 on Outposts.

      • RestrictPublicBuckets (boolean) --

        Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

        Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

        This property is not supported for Amazon S3 on Outposts.

    • Regions (list) -- [REQUIRED]

      The buckets in different Regions that are associated with the Multi-Region Access Point.

      • (dict) --

        A Region that supports a Multi-Region Access Point as well as the associated bucket for the Region.

        • Bucket (string) -- [REQUIRED]

          The name of the associated bucket for the Region.

Return type

dict

Returns

Response Syntax

{
    'RequestTokenARN': 'string'
}

Response Structure

  • (dict) --

delete_access_point(**kwargs)

Deletes the specified access point.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to DeleteAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.delete_access_point(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the account that owns the specified access point.

  • Name (string) --

    [REQUIRED]

    The name of the access point you want to delete.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name> . For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap . The value must be URL encoded.

Returns

None

delete_access_point_for_object_lambda(**kwargs)

Deletes the specified Object Lambda Access Point.

The following actions are related to DeleteAccessPointForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.delete_access_point_for_object_lambda(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the access point you want to delete.

Returns

None

delete_access_point_policy(**kwargs)

Deletes the access point policy for the specified access point.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to DeleteAccessPointPolicy :

See also: AWS API Documentation

Request Syntax

response = client.delete_access_point_policy(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified access point.

  • Name (string) --

    [REQUIRED]

    The name of the access point whose policy you want to delete.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name> . For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap . The value must be URL encoded.

Returns

None

delete_access_point_policy_for_object_lambda(**kwargs)

Removes the resource policy for an Object Lambda Access Point.

The following actions are related to DeleteAccessPointPolicyForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.delete_access_point_policy_for_object_lambda(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Object Lambda Access Point you want to delete the policy for.

Returns

None

delete_bucket(**kwargs)

Note

This action deletes an Amazon S3 on Outposts bucket. To delete an S3 bucket, see DeleteBucket in the Amazon S3 API Reference .

Deletes the Amazon S3 on Outposts bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

Related Resources

See also: AWS API Documentation

Request Syntax

response = client.delete_bucket(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID that owns the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    Specifies the bucket being deleted.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Returns

None

delete_bucket_lifecycle_configuration(**kwargs)

Note

This action deletes an Amazon S3 on Outposts bucket's lifecycle configuration. To delete an S3 bucket's lifecycle configuration, see DeleteBucketLifecycle in the Amazon S3 API Reference .

Deletes the lifecycle configuration from the specified Outposts bucket. Amazon S3 on Outposts removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 on Outposts no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide .

To use this action, you must have permission to perform the s3-outposts:DeleteLifecycleConfiguration action. By default, the bucket owner has this permission and the Outposts bucket owner can grant this permission to others.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

For more information about object expiration, see Elements to Describe Lifecycle Actions.

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.delete_bucket_lifecycle_configuration(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID of the lifecycle configuration to delete.

  • Bucket (string) --

    [REQUIRED]

    Specifies the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Returns

None

delete_bucket_policy(**kwargs)

Note

This action deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see DeleteBucketPolicy in the Amazon S3 API Reference .

This implementation of the DELETE action uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the s3-outposts:DeleteBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account to use this action. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide .

If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.

Warning

As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see Using Bucket Policies and User Policies.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to DeleteBucketPolicy :

See also: AWS API Documentation

Request Syntax

response = client.delete_bucket_policy(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    Specifies the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Returns

None

delete_bucket_tagging(**kwargs)

Note

This action deletes an Amazon S3 on Outposts bucket's tags. To delete an S3 bucket tags, see DeleteBucketTagging in the Amazon S3 API Reference .

Deletes the tags from the Outposts bucket. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide .

To use this action, you must have permission to perform the PutBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to DeleteBucketTagging :

See also: AWS API Documentation

Request Syntax

response = client.delete_bucket_tagging(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket tag set to be removed.

  • Bucket (string) --

    [REQUIRED]

    The bucket ARN that has the tag set to be removed.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Returns

None

delete_job_tagging(**kwargs)

Removes the entire tag set from the specified S3 Batch Operations job. To use this operation, you must have permission to perform the s3:DeleteJobTagging action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide .

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.delete_job_tagging(
    AccountId='string',
    JobId='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID associated with the S3 Batch Operations job.

  • JobId (string) --

    [REQUIRED]

    The ID for the S3 Batch Operations job whose tags you want to delete.

Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

Exceptions

  • S3Control.Client.exceptions.InternalServiceException
  • S3Control.Client.exceptions.TooManyRequestsException
  • S3Control.Client.exceptions.NotFoundException
delete_multi_region_access_point(**kwargs)

Deletes a Multi-Region Access Point. This action does not delete the buckets associated with the Multi-Region Access Point, only the Multi-Region Access Point itself.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around managing Multi-Region Access Points, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with DescribeMultiRegionAccessPointOperation .

The following actions are related to DeleteMultiRegionAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.delete_multi_region_access_point(
    AccountId='string',
    ClientToken='string',
    Details={
        'Name': 'string'
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • ClientToken (string) --

    [REQUIRED]

    An idempotency token used to identify the request and guarantee that requests are unique.

    This field is autopopulated if not provided.

  • Details (dict) --

    [REQUIRED]

    A container element containing details about the Multi-Region Access Point.

    • Name (string) -- [REQUIRED]

      The name of the Multi-Region Access Point associated with this request.

Return type

dict

Returns

Response Syntax

{
    'RequestTokenARN': 'string'
}

Response Structure

  • (dict) --

delete_public_access_block(**kwargs)

Removes the PublicAccessBlock configuration for an Amazon Web Services account. For more information, see Using Amazon S3 block public access.

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.delete_public_access_block(
    AccountId='string'
)
Parameters
AccountId (string) --

[REQUIRED]

The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to remove.

Returns
None
delete_storage_lens_configuration(**kwargs)

Deletes the Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide .

Note

To use this action, you must have permission to perform the s3:DeleteStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.delete_storage_lens_configuration(
    ConfigId='string',
    AccountId='string'
)
Parameters
  • ConfigId (string) --

    [REQUIRED]

    The ID of the S3 Storage Lens configuration.

  • AccountId (string) --

    [REQUIRED]

    The account ID of the requester.

Returns

None

delete_storage_lens_configuration_tagging(**kwargs)

Deletes the Amazon S3 Storage Lens configuration tags. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide .

Note

To use this action, you must have permission to perform the s3:DeleteStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.delete_storage_lens_configuration_tagging(
    ConfigId='string',
    AccountId='string'
)
Parameters
  • ConfigId (string) --

    [REQUIRED]

    The ID of the S3 Storage Lens configuration.

  • AccountId (string) --

    [REQUIRED]

    The account ID of the requester.

Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

describe_job(**kwargs)

Retrieves the configuration parameters and status for a Batch Operations job. For more information, see S3 Batch Operations in the Amazon S3 User Guide .

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.describe_job(
    AccountId='string',
    JobId='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID associated with the S3 Batch Operations job.

  • JobId (string) --

    [REQUIRED]

    The ID for the job whose information you want to retrieve.

Return type

dict

Returns

Response Syntax

{
    'Job': {
        'JobId': 'string',
        'ConfirmationRequired': True|False,
        'Description': 'string',
        'JobArn': 'string',
        'Status': 'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
        'Manifest': {
            'Spec': {
                'Format': 'S3BatchOperations_CSV_20180820'|'S3InventoryReport_CSV_20161130',
                'Fields': [
                    'Ignore'|'Bucket'|'Key'|'VersionId',
                ]
            },
            'Location': {
                'ObjectArn': 'string',
                'ObjectVersionId': 'string',
                'ETag': 'string'
            }
        },
        'Operation': {
            'LambdaInvoke': {
                'FunctionArn': 'string'
            },
            'S3PutObjectCopy': {
                'TargetResource': 'string',
                'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control',
                'AccessControlGrants': [
                    {
                        'Grantee': {
                            'TypeIdentifier': 'id'|'emailAddress'|'uri',
                            'Identifier': 'string',
                            'DisplayName': 'string'
                        },
                        'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
                    },
                ],
                'MetadataDirective': 'COPY'|'REPLACE',
                'ModifiedSinceConstraint': datetime(2015, 1, 1),
                'NewObjectMetadata': {
                    'CacheControl': 'string',
                    'ContentDisposition': 'string',
                    'ContentEncoding': 'string',
                    'ContentLanguage': 'string',
                    'UserMetadata': {
                        'string': 'string'
                    },
                    'ContentLength': 123,
                    'ContentMD5': 'string',
                    'ContentType': 'string',
                    'HttpExpiresDate': datetime(2015, 1, 1),
                    'RequesterCharged': True|False,
                    'SSEAlgorithm': 'AES256'|'KMS'
                },
                'NewObjectTagging': [
                    {
                        'Key': 'string',
                        'Value': 'string'
                    },
                ],
                'RedirectLocation': 'string',
                'RequesterPays': True|False,
                'StorageClass': 'STANDARD'|'STANDARD_IA'|'ONEZONE_IA'|'GLACIER'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'|'GLACIER_IR',
                'UnModifiedSinceConstraint': datetime(2015, 1, 1),
                'SSEAwsKmsKeyId': 'string',
                'TargetKeyPrefix': 'string',
                'ObjectLockLegalHoldStatus': 'OFF'|'ON',
                'ObjectLockMode': 'COMPLIANCE'|'GOVERNANCE',
                'ObjectLockRetainUntilDate': datetime(2015, 1, 1),
                'BucketKeyEnabled': True|False,
                'ChecksumAlgorithm': 'CRC32'|'CRC32C'|'SHA1'|'SHA256'
            },
            'S3PutObjectAcl': {
                'AccessControlPolicy': {
                    'AccessControlList': {
                        'Owner': {
                            'ID': 'string',
                            'DisplayName': 'string'
                        },
                        'Grants': [
                            {
                                'Grantee': {
                                    'TypeIdentifier': 'id'|'emailAddress'|'uri',
                                    'Identifier': 'string',
                                    'DisplayName': 'string'
                                },
                                'Permission': 'FULL_CONTROL'|'READ'|'WRITE'|'READ_ACP'|'WRITE_ACP'
                            },
                        ]
                    },
                    'CannedAccessControlList': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'
                }
            },
            'S3PutObjectTagging': {
                'TagSet': [
                    {
                        'Key': 'string',
                        'Value': 'string'
                    },
                ]
            },
            'S3DeleteObjectTagging': {},
            'S3InitiateRestoreObject': {
                'ExpirationInDays': 123,
                'GlacierJobTier': 'BULK'|'STANDARD'
            },
            'S3PutObjectLegalHold': {
                'LegalHold': {
                    'Status': 'OFF'|'ON'
                }
            },
            'S3PutObjectRetention': {
                'BypassGovernanceRetention': True|False,
                'Retention': {
                    'RetainUntilDate': datetime(2015, 1, 1),
                    'Mode': 'COMPLIANCE'|'GOVERNANCE'
                }
            },
            'S3ReplicateObject': {}
        },
        'Priority': 123,
        'ProgressSummary': {
            'TotalNumberOfTasks': 123,
            'NumberOfTasksSucceeded': 123,
            'NumberOfTasksFailed': 123,
            'Timers': {
                'ElapsedTimeInActiveSeconds': 123
            }
        },
        'StatusUpdateReason': 'string',
        'FailureReasons': [
            {
                'FailureCode': 'string',
                'FailureReason': 'string'
            },
        ],
        'Report': {
            'Bucket': 'string',
            'Format': 'Report_CSV_20180820',
            'Enabled': True|False,
            'Prefix': 'string',
            'ReportScope': 'AllTasks'|'FailedTasksOnly'
        },
        'CreationTime': datetime(2015, 1, 1),
        'TerminationDate': datetime(2015, 1, 1),
        'RoleArn': 'string',
        'SuspendedDate': datetime(2015, 1, 1),
        'SuspendedCause': 'string',
        'ManifestGenerator': {
            'S3JobManifestGenerator': {
                'ExpectedBucketOwner': 'string',
                'SourceBucket': 'string',
                'ManifestOutputLocation': {
                    'ExpectedManifestBucketOwner': 'string',
                    'Bucket': 'string',
                    'ManifestPrefix': 'string',
                    'ManifestEncryption': {
                        'SSES3': {},
                        'SSEKMS': {
                            'KeyId': 'string'
                        }
                    },
                    'ManifestFormat': 'S3InventoryReport_CSV_20211130'
                },
                'Filter': {
                    'EligibleForReplication': True|False,
                    'CreatedAfter': datetime(2015, 1, 1),
                    'CreatedBefore': datetime(2015, 1, 1),
                    'ObjectReplicationStatuses': [
                        'COMPLETED'|'FAILED'|'REPLICA'|'NONE',
                    ]
                },
                'EnableManifestOutput': True|False
            }
        },
        'GeneratedManifestDescriptor': {
            'Format': 'S3InventoryReport_CSV_20211130',
            'Location': {
                'ObjectArn': 'string',
                'ObjectVersionId': 'string',
                'ETag': 'string'
            }
        }
    }
}

Response Structure

  • (dict) --

    • Job (dict) --

      Contains the configuration parameters and status for the job specified in the Describe Job request.

      • JobId (string) --

        The ID for the specified job.

      • ConfirmationRequired (boolean) --

        Indicates whether confirmation is required before Amazon S3 begins running the specified job. Confirmation is required only for jobs created through the Amazon S3 console.

      • Description (string) --

        The description for this job, if one was provided in this job's Create Job request.

      • JobArn (string) --

        The Amazon Resource Name (ARN) for this job.

      • Status (string) --

        The current status of the specified job.

      • Manifest (dict) --

        The configuration information for the specified job's manifest object.

        • Spec (dict) --

          Describes the format of the specified job's manifest. If the manifest is in CSV format, also describes the columns contained within the manifest.

          • Format (string) --

            Indicates which of the available formats the specified manifest uses.

          • Fields (list) --

            If the specified manifest object is in the S3BatchOperations_CSV_20180820 format, this element describes which columns contain the required data.

            • (string) --
        • Location (dict) --

          Contains the information required to locate the specified job's manifest.

          • ObjectArn (string) --

            The Amazon Resource Name (ARN) for a manifest object.

            Warning

            Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.

          • ObjectVersionId (string) --

            The optional version ID to identify a specific version of the manifest object.

          • ETag (string) --

            The ETag for the specified manifest object.

      • Operation (dict) --

        The operation that the specified job is configured to run on the objects listed in the manifest.

        • LambdaInvoke (dict) --

          Directs the specified job to invoke an Lambda function on every object in the manifest.

          • FunctionArn (string) --

            The Amazon Resource Name (ARN) for the Lambda function that the specified job will invoke on every object in the manifest.

        • S3PutObjectCopy (dict) --

          Directs the specified job to run a PUT Copy object call on every object in the manifest.

          • TargetResource (string) --

            Specifies the destination bucket ARN for the batch copy operation. For example, to copy objects to a bucket named destinationBucket , set the TargetResource property to arn:aws:s3:::destinationBucket .

          • CannedAccessControlList (string) --

          • AccessControlGrants (list) --

            • (dict) --
              • Grantee (dict) --
                • TypeIdentifier (string) --
                • Identifier (string) --
                • DisplayName (string) --
              • Permission (string) --
          • MetadataDirective (string) --

          • ModifiedSinceConstraint (datetime) --

          • NewObjectMetadata (dict) --

            If you don't provide this parameter, Amazon S3 copies all the metadata from the original objects. If you specify an empty set, the new objects will have no tags. Otherwise, Amazon S3 assigns the supplied tags to the new objects.

            • CacheControl (string) --
            • ContentDisposition (string) --
            • ContentEncoding (string) --
            • ContentLanguage (string) --
            • UserMetadata (dict) --
              • (string) --
                • (string) --
            • ContentLength (integer) --
            • ContentMD5 (string) --
            • ContentType (string) --
            • HttpExpiresDate (datetime) --
            • RequesterCharged (boolean) --
            • SSEAlgorithm (string) --
          • NewObjectTagging (list) --

            • (dict) --

              A container for a key-value name pair.

              • Key (string) --

                Key of the tag

              • Value (string) --

                Value of the tag

          • RedirectLocation (string) --

            Specifies an optional metadata property for website redirects, x-amz-website-redirect-location . Allows webpage redirects if the object is accessed through a website endpoint.

          • RequesterPays (boolean) --

          • StorageClass (string) --

          • UnModifiedSinceConstraint (datetime) --

          • SSEAwsKmsKeyId (string) --

          • TargetKeyPrefix (string) --

            Specifies the folder prefix into which you would like the objects to be copied. For example, to copy objects into a folder named Folder1 in the destination bucket, set the TargetKeyPrefix to Folder1 .

          • ObjectLockLegalHoldStatus (string) --

            The legal hold status to be applied to all objects in the Batch Operations job.

          • ObjectLockMode (string) --

            The retention mode to be applied to all objects in the Batch Operations job.

          • ObjectLockRetainUntilDate (datetime) --

            The date when the applied object retention configuration expires on all objects in the Batch Operations job.

          • BucketKeyEnabled (boolean) --

            Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Amazon Web Services KMS (SSE-KMS). Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.

            Specifying this header with an object action doesn’t affect bucket-level settings for S3 Bucket Key.

          • ChecksumAlgorithm (string) --

            Indicates the algorithm you want Amazon S3 to use to create the checksum. For more information see Checking object integrity in the Amazon S3 User Guide .

        • S3PutObjectAcl (dict) --

          Directs the specified job to run a PutObjectAcl call on every object in the manifest.

          • AccessControlPolicy (dict) --
            • AccessControlList (dict) --
              • Owner (dict) --
                • ID (string) --
                • DisplayName (string) --
              • Grants (list) --
                • (dict) --
                  • Grantee (dict) --
                    • TypeIdentifier (string) --
                    • Identifier (string) --
                    • DisplayName (string) --
                  • Permission (string) --
            • CannedAccessControlList (string) --
        • S3PutObjectTagging (dict) --

          Directs the specified job to run a PUT Object tagging call on every object in the manifest.

          • TagSet (list) --

            • (dict) --

              A container for a key-value name pair.

              • Key (string) --

                Key of the tag

              • Value (string) --

                Value of the tag

        • S3DeleteObjectTagging (dict) --

          Directs the specified job to execute a DELETE Object tagging call on every object in the manifest.

        • S3InitiateRestoreObject (dict) --

          Directs the specified job to initiate restore requests for every archived object in the manifest.

          • ExpirationInDays (integer) --

            This argument specifies how long the S3 Glacier or S3 Glacier Deep Archive object remains available in Amazon S3. S3 Initiate Restore Object jobs that target S3 Glacier and S3 Glacier Deep Archive objects require ExpirationInDays set to 1 or greater.

            Conversely, do not set ExpirationInDays when creating S3 Initiate Restore Object jobs that target S3 Intelligent-Tiering Archive Access and Deep Archive Access tier objects. Objects in S3 Intelligent-Tiering archive access tiers are not subject to restore expiry, so specifying ExpirationInDays results in restore request failure.

            S3 Batch Operations jobs can operate either on S3 Glacier and S3 Glacier Deep Archive storage class objects or on S3 Intelligent-Tiering Archive Access and Deep Archive Access storage tier objects, but not both types in the same job. If you need to restore objects of both types you must create separate Batch Operations jobs.

          • GlacierJobTier (string) --

            S3 Batch Operations supports STANDARD and BULK retrieval tiers, but not the EXPEDITED retrieval tier.

        • S3PutObjectLegalHold (dict) --

          Contains the configuration for an S3 Object Lock legal hold operation that an S3 Batch Operations job passes every object to the underlying PutObjectLegalHold API. For more information, see Using S3 Object Lock legal hold with S3 Batch Operations in the Amazon S3 User Guide .

          • LegalHold (dict) --

            Contains the Object Lock legal hold status to be applied to all objects in the Batch Operations job.

            • Status (string) --

              The Object Lock legal hold status to be applied to all objects in the Batch Operations job.

        • S3PutObjectRetention (dict) --

          Contains the configuration parameters for the Object Lock retention action for an S3 Batch Operations job. Batch Operations passes every object to the underlying PutObjectRetention API. For more information, see Using S3 Object Lock retention with S3 Batch Operations in the Amazon S3 User Guide .

          • BypassGovernanceRetention (boolean) --

            Indicates if the action should be applied to objects in the Batch Operations job even if they have Object Lock GOVERNANCE type in place.

          • Retention (dict) --

            Contains the Object Lock retention mode to be applied to all objects in the Batch Operations job. For more information, see Using S3 Object Lock retention with S3 Batch Operations in the Amazon S3 User Guide .

            • RetainUntilDate (datetime) --

              The date when the applied Object Lock retention will expire on all objects set by the Batch Operations job.

            • Mode (string) --

              The Object Lock retention mode to be applied to all objects in the Batch Operations job.

        • S3ReplicateObject (dict) --

          Directs the specified job to invoke ReplicateObject on every object in the job's manifest.

      • Priority (integer) --

        The priority of the specified job.

      • ProgressSummary (dict) --

        Describes the total number of tasks that the specified job has run, the number of tasks that succeeded, and the number of tasks that failed.

        • TotalNumberOfTasks (integer) --

        • NumberOfTasksSucceeded (integer) --

        • NumberOfTasksFailed (integer) --

        • Timers (dict) --

          The JobTimers attribute of a job's progress summary.

          • ElapsedTimeInActiveSeconds (integer) --

            Indicates the elapsed time in seconds the job has been in the Active job state.

      • StatusUpdateReason (string) --

        The reason for updating the job.

      • FailureReasons (list) --

        If the specified job failed, this field contains information describing the failure.

        • (dict) --

          If this job failed, this element indicates why the job failed.

          • FailureCode (string) --

            The failure code, if any, for the specified job.

          • FailureReason (string) --

            The failure reason, if any, for the specified job.

      • Report (dict) --

        Contains the configuration information for the job-completion report if you requested one in the Create Job request.

        • Bucket (string) --

          The Amazon Resource Name (ARN) for the bucket where specified job-completion report will be stored.

        • Format (string) --

          The format of the specified job-completion report.

        • Enabled (boolean) --

          Indicates whether the specified job will generate a job-completion report.

        • Prefix (string) --

          An optional prefix to describe where in the specified bucket the job-completion report will be stored. Amazon S3 stores the job-completion report at <prefix>/job-<job-id>/report.json .

        • ReportScope (string) --

          Indicates whether the job-completion report will include details of all tasks or only failed tasks.

      • CreationTime (datetime) --

        A timestamp indicating when this job was created.

      • TerminationDate (datetime) --

        A timestamp indicating when this job terminated. A job's termination date is the date and time when it succeeded, failed, or was canceled.

      • RoleArn (string) --

        The Amazon Resource Name (ARN) for the Identity and Access Management (IAM) role assigned to run the tasks for this job.

      • SuspendedDate (datetime) --

        The timestamp when this job was suspended, if it has been suspended.

      • SuspendedCause (string) --

        The reason why the specified job was suspended. A job is only suspended if you create it through the Amazon S3 console. When you create the job, it enters the Suspended state to await confirmation before running. After you confirm the job, it automatically exits the Suspended state.

      • ManifestGenerator (dict) --

        The manifest generator that was used to generate a job manifest for this job.

        Note

        This is a Tagged Union structure. Only one of the following top level keys will be set: S3JobManifestGenerator. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
        
        • S3JobManifestGenerator (dict) --

          The S3 job ManifestGenerator's configuration details.

          • ExpectedBucketOwner (string) --

            The Amazon Web Services account ID that owns the bucket the generated manifest is written to. If provided the generated manifest bucket's owner Amazon Web Services account ID must match this value, else the job fails.

          • SourceBucket (string) --

            The source bucket used by the ManifestGenerator.

          • ManifestOutputLocation (dict) --

            Specifies the location the generated manifest will be written to.

            • ExpectedManifestBucketOwner (string) --

              The Account ID that owns the bucket the generated manifest is written to.

            • Bucket (string) --

              The bucket ARN the generated manifest should be written to.

            • ManifestPrefix (string) --

              Prefix identifying one or more objects to which the manifest applies.

            • ManifestEncryption (dict) --

              Specifies what encryption should be used when the generated manifest objects are written.

              • SSES3 (dict) --

                Specifies the use of SSE-S3 to encrypt generated manifest objects.

              • SSEKMS (dict) --

                Configuration details on how SSE-KMS is used to encrypt generated manifest objects.

                • KeyId (string) --

                  Specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric encryption customer managed key to use for encrypting generated manifest objects.

            • ManifestFormat (string) --

              The format of the generated manifest.

          • Filter (dict) --

            Specifies rules the S3JobManifestGenerator should use to use to decide whether an object in the source bucket should or should not be included in the generated job manifest.

            • EligibleForReplication (boolean) --

              Include objects in the generated manifest only if they are eligible for replication according to the Replication configuration on the source bucket.

            • CreatedAfter (datetime) --

              If provided, the generated manifest should include only source bucket objects that were created after this time.

            • CreatedBefore (datetime) --

              If provided, the generated manifest should include only source bucket objects that were created before this time.

            • ObjectReplicationStatuses (list) --

              If provided, the generated manifest should include only source bucket objects that have one of the specified Replication statuses.

              • (string) --
          • EnableManifestOutput (boolean) --

            Determines whether or not to write the job's generated manifest to a bucket.

      • GeneratedManifestDescriptor (dict) --

        The attribute of the JobDescriptor containing details about the job's generated manifest.

        • Format (string) --

          The format of the generated manifest.

        • Location (dict) --

          Contains the information required to locate a manifest object.

          • ObjectArn (string) --

            The Amazon Resource Name (ARN) for a manifest object.

            Warning

            Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.

          • ObjectVersionId (string) --

            The optional version ID to identify a specific version of the manifest object.

          • ETag (string) --

            The ETag for the specified manifest object.

Exceptions

  • S3Control.Client.exceptions.BadRequestException
  • S3Control.Client.exceptions.TooManyRequestsException
  • S3Control.Client.exceptions.NotFoundException
  • S3Control.Client.exceptions.InternalServiceException
describe_multi_region_access_point_operation(**kwargs)

Retrieves the status of an asynchronous request to manage a Multi-Region Access Point. For more information about managing Multi-Region Access Points and how asynchronous requests work, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

The following actions are related to GetMultiRegionAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.describe_multi_region_access_point_operation(
    AccountId='string',
    RequestTokenARN='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • RequestTokenARN (string) --

    [REQUIRED]

    The request token associated with the request you want to know about. This request token is returned as part of the response when you make an asynchronous request. You provide this token to query about the status of the asynchronous action.

Return type

dict

Returns

Response Syntax

{
    'AsyncOperation': {
        'CreationTime': datetime(2015, 1, 1),
        'Operation': 'CreateMultiRegionAccessPoint'|'DeleteMultiRegionAccessPoint'|'PutMultiRegionAccessPointPolicy',
        'RequestTokenARN': 'string',
        'RequestParameters': {
            'CreateMultiRegionAccessPointRequest': {
                'Name': 'string',
                'PublicAccessBlock': {
                    'BlockPublicAcls': True|False,
                    'IgnorePublicAcls': True|False,
                    'BlockPublicPolicy': True|False,
                    'RestrictPublicBuckets': True|False
                },
                'Regions': [
                    {
                        'Bucket': 'string'
                    },
                ]
            },
            'DeleteMultiRegionAccessPointRequest': {
                'Name': 'string'
            },
            'PutMultiRegionAccessPointPolicyRequest': {
                'Name': 'string',
                'Policy': 'string'
            }
        },
        'RequestStatus': 'string',
        'ResponseDetails': {
            'MultiRegionAccessPointDetails': {
                'Regions': [
                    {
                        'Name': 'string',
                        'RequestStatus': 'string'
                    },
                ]
            },
            'ErrorDetails': {
                'Code': 'string',
                'Message': 'string',
                'Resource': 'string',
                'RequestId': 'string'
            }
        }
    }
}

Response Structure

  • (dict) --

    • AsyncOperation (dict) --

      A container element containing the details of the asynchronous operation.

      • CreationTime (datetime) --

        The time that the request was sent to the service.

      • Operation (string) --

        The specific operation for the asynchronous request.

      • RequestTokenARN (string) --

        The request token associated with the request.

      • RequestParameters (dict) --

        The parameters associated with the request.

        • CreateMultiRegionAccessPointRequest (dict) --

          A container of the parameters for a CreateMultiRegionAccessPoint request.

          • Name (string) --

            The name of the Multi-Region Access Point associated with this request.

          • PublicAccessBlock (dict) --

            The PublicAccessBlock configuration that you want to apply to this Amazon S3 account. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" in the Amazon S3 User Guide .

            This data type is not supported for Amazon S3 on Outposts.

            • BlockPublicAcls (boolean) --

              Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

              • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
              • PUT Object calls fail if the request includes a public ACL.
              • PUT Bucket calls fail if the request includes a public ACL.

              Enabling this setting doesn't affect existing policies or ACLs.

              This property is not supported for Amazon S3 on Outposts.

            • IgnorePublicAcls (boolean) --

              Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

              Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

              This property is not supported for Amazon S3 on Outposts.

            • BlockPublicPolicy (boolean) --

              Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

              Enabling this setting doesn't affect existing bucket policies.

              This property is not supported for Amazon S3 on Outposts.

            • RestrictPublicBuckets (boolean) --

              Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

              Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

              This property is not supported for Amazon S3 on Outposts.

          • Regions (list) --

            The buckets in different Regions that are associated with the Multi-Region Access Point.

            • (dict) --

              A Region that supports a Multi-Region Access Point as well as the associated bucket for the Region.

              • Bucket (string) --

                The name of the associated bucket for the Region.

        • DeleteMultiRegionAccessPointRequest (dict) --

          A container of the parameters for a DeleteMultiRegionAccessPoint request.

          • Name (string) --

            The name of the Multi-Region Access Point associated with this request.

        • PutMultiRegionAccessPointPolicyRequest (dict) --

          A container of the parameters for a PutMultiRegionAccessPoint request.

          • Name (string) --

            The name of the Multi-Region Access Point associated with the request.

          • Policy (string) --

            The policy details for the PutMultiRegionAccessPoint request.

      • RequestStatus (string) --

        The current status of the request.

      • ResponseDetails (dict) --

        The details of the response.

        • MultiRegionAccessPointDetails (dict) --

          The details for the Multi-Region Access Point.

          • Regions (list) --

            A collection of status information for the different Regions that a Multi-Region Access Point supports.

            • (dict) --

              Status information for a single Multi-Region Access Point Region.

              • Name (string) --

                The name of the Region in the Multi-Region Access Point.

              • RequestStatus (string) --

                The current status of the Multi-Region Access Point in this Region.

        • ErrorDetails (dict) --

          Error details for an asynchronous request.

          • Code (string) --

            A string that uniquely identifies the error condition.

          • Message (string) --

            A generic description of the error condition in English.

          • Resource (string) --

            The identifier of the resource associated with the error.

          • RequestId (string) --

            The ID of the request associated with the error.

get_access_point(**kwargs)

Returns configuration information about the specified access point.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to GetAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.get_access_point(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the account that owns the specified access point.

  • Name (string) --

    [REQUIRED]

    The name of the access point whose configuration information you want to retrieve.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name> . For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap . The value must be URL encoded.

Return type

dict

Returns

Response Syntax

{
    'Name': 'string',
    'Bucket': 'string',
    'NetworkOrigin': 'Internet'|'VPC',
    'VpcConfiguration': {
        'VpcId': 'string'
    },
    'PublicAccessBlockConfiguration': {
        'BlockPublicAcls': True|False,
        'IgnorePublicAcls': True|False,
        'BlockPublicPolicy': True|False,
        'RestrictPublicBuckets': True|False
    },
    'CreationDate': datetime(2015, 1, 1),
    'Alias': 'string',
    'AccessPointArn': 'string',
    'Endpoints': {
        'string': 'string'
    },
    'BucketAccountId': 'string'
}

Response Structure

  • (dict) --

    • Name (string) --

      The name of the specified access point.

    • Bucket (string) --

      The name of the bucket associated with the specified access point.

    • NetworkOrigin (string) --

      Indicates whether this access point allows access from the public internet. If VpcConfiguration is specified for this access point, then NetworkOrigin is VPC , and the access point doesn't allow access from the public internet. Otherwise, NetworkOrigin is Internet , and the access point allows access from the public internet, subject to the access point and bucket access policies.

      This will always be true for an Amazon S3 on Outposts access point

    • VpcConfiguration (dict) --

      Contains the virtual private cloud (VPC) configuration for the specified access point.

      Note

      This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other Amazon Web Services.

      • VpcId (string) --

        If this field is specified, this access point will only allow connections from the specified VPC ID.

    • PublicAccessBlockConfiguration (dict) --

      The PublicAccessBlock configuration that you want to apply to this Amazon S3 account. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" in the Amazon S3 User Guide .

      This data type is not supported for Amazon S3 on Outposts.

      • BlockPublicAcls (boolean) --

        Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

        • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
        • PUT Object calls fail if the request includes a public ACL.
        • PUT Bucket calls fail if the request includes a public ACL.

        Enabling this setting doesn't affect existing policies or ACLs.

        This property is not supported for Amazon S3 on Outposts.

      • IgnorePublicAcls (boolean) --

        Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

        Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

        This property is not supported for Amazon S3 on Outposts.

      • BlockPublicPolicy (boolean) --

        Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

        Enabling this setting doesn't affect existing bucket policies.

        This property is not supported for Amazon S3 on Outposts.

      • RestrictPublicBuckets (boolean) --

        Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

        Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

        This property is not supported for Amazon S3 on Outposts.

    • CreationDate (datetime) --

      The date and time when the specified access point was created.

    • Alias (string) --

      The name or alias of the access point.

    • AccessPointArn (string) --

      The ARN of the access point.

    • Endpoints (dict) --

      The VPC endpoint for the access point.

      • (string) --
        • (string) --
    • BucketAccountId (string) --

      The Amazon Web Services account ID associated with the S3 bucket associated with this access point.

get_access_point_configuration_for_object_lambda(**kwargs)

Returns configuration for an Object Lambda Access Point.

The following actions are related to GetAccessPointConfigurationForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.get_access_point_configuration_for_object_lambda(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Object Lambda Access Point you want to return the configuration for.

Return type

dict

Returns

Response Syntax

{
    'Configuration': {
        'SupportingAccessPoint': 'string',
        'CloudWatchMetricsEnabled': True|False,
        'AllowedFeatures': [
            'GetObject-Range'|'GetObject-PartNumber'|'HeadObject-Range'|'HeadObject-PartNumber',
        ],
        'TransformationConfigurations': [
            {
                'Actions': [
                    'GetObject'|'HeadObject'|'ListObjects'|'ListObjectsV2',
                ],
                'ContentTransformation': {
                    'AwsLambda': {
                        'FunctionArn': 'string',
                        'FunctionPayload': 'string'
                    }
                }
            },
        ]
    }
}

Response Structure

  • (dict) --

    • Configuration (dict) --

      Object Lambda Access Point configuration document.

      • SupportingAccessPoint (string) --

        Standard access point associated with the Object Lambda Access Point.

      • CloudWatchMetricsEnabled (boolean) --

        A container for whether the CloudWatch metrics configuration is enabled.

      • AllowedFeatures (list) --

        A container for allowed features. Valid inputs are GetObject-Range , GetObject-PartNumber , HeadObject-Range , and HeadObject-PartNumber .

        • (string) --
      • TransformationConfigurations (list) --

        A container for transformation configurations for an Object Lambda Access Point.

        • (dict) --

          A configuration used when creating an Object Lambda Access Point transformation.

          • Actions (list) --

            A container for the action of an Object Lambda Access Point configuration. Valid inputs are GetObject , ListObjects , HeadObject , and ListObjectsV2 .

            • (string) --
          • ContentTransformation (dict) --

            A container for the content transformation of an Object Lambda Access Point configuration.

            Note

            This is a Tagged Union structure. Only one of the following top level keys will be set: AwsLambda. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

            'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
            
            • AwsLambda (dict) --

              A container for an Lambda function.

              • FunctionArn (string) --

                The Amazon Resource Name (ARN) of the Lambda function.

              • FunctionPayload (string) --

                Additional JSON that provides supplemental data to the Lambda function used to transform objects.

get_access_point_for_object_lambda(**kwargs)

Returns configuration information about the specified Object Lambda Access Point

The following actions are related to GetAccessPointForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.get_access_point_for_object_lambda(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Object Lambda Access Point.

Return type

dict

Returns

Response Syntax

{
    'Name': 'string',
    'PublicAccessBlockConfiguration': {
        'BlockPublicAcls': True|False,
        'IgnorePublicAcls': True|False,
        'BlockPublicPolicy': True|False,
        'RestrictPublicBuckets': True|False
    },
    'CreationDate': datetime(2015, 1, 1)
}

Response Structure

  • (dict) --

    • Name (string) --

      The name of the Object Lambda Access Point.

    • PublicAccessBlockConfiguration (dict) --

      Configuration to block all public access. This setting is turned on and can not be edited.

      • BlockPublicAcls (boolean) --

        Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

        • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
        • PUT Object calls fail if the request includes a public ACL.
        • PUT Bucket calls fail if the request includes a public ACL.

        Enabling this setting doesn't affect existing policies or ACLs.

        This property is not supported for Amazon S3 on Outposts.

      • IgnorePublicAcls (boolean) --

        Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

        Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

        This property is not supported for Amazon S3 on Outposts.

      • BlockPublicPolicy (boolean) --

        Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

        Enabling this setting doesn't affect existing bucket policies.

        This property is not supported for Amazon S3 on Outposts.

      • RestrictPublicBuckets (boolean) --

        Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

        Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

        This property is not supported for Amazon S3 on Outposts.

    • CreationDate (datetime) --

      The date and time when the specified Object Lambda Access Point was created.

get_access_point_policy(**kwargs)

Returns the access point policy associated with the specified access point.

The following actions are related to GetAccessPointPolicy :

See also: AWS API Documentation

Request Syntax

response = client.get_access_point_policy(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified access point.

  • Name (string) --

    [REQUIRED]

    The name of the access point whose policy you want to retrieve.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name> . For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap . The value must be URL encoded.

Return type

dict

Returns

Response Syntax

{
    'Policy': 'string'
}

Response Structure

  • (dict) --

    • Policy (string) --

      The access point policy associated with the specified access point.

get_access_point_policy_for_object_lambda(**kwargs)

Returns the resource policy for an Object Lambda Access Point.

The following actions are related to GetAccessPointPolicyForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.get_access_point_policy_for_object_lambda(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Object Lambda Access Point.

Return type

dict

Returns

Response Syntax

{
    'Policy': 'string'
}

Response Structure

  • (dict) --

    • Policy (string) --

      Object Lambda Access Point resource policy document.

get_access_point_policy_status(**kwargs)

Indicates whether the specified access point currently has a policy that allows public access. For more information about public access through access points, see Managing Data Access with Amazon S3 access points in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.get_access_point_policy_status(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified access point.

  • Name (string) --

    [REQUIRED]

    The name of the access point whose policy status you want to retrieve.

Return type

dict

Returns

Response Syntax

{
    'PolicyStatus': {
        'IsPublic': True|False
    }
}

Response Structure

  • (dict) --

    • PolicyStatus (dict) --

      Indicates the current policy status of the specified access point.

      • IsPublic (boolean) --

get_access_point_policy_status_for_object_lambda(**kwargs)

Returns the status of the resource policy associated with an Object Lambda Access Point.

See also: AWS API Documentation

Request Syntax

response = client.get_access_point_policy_status_for_object_lambda(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Object Lambda Access Point.

Return type

dict

Returns

Response Syntax

{
    'PolicyStatus': {
        'IsPublic': True|False
    }
}

Response Structure

  • (dict) --

    • PolicyStatus (dict) --

      Indicates whether this access point policy is public. For more information about how Amazon S3 evaluates policies to determine whether they are public, see The Meaning of "Public" in the Amazon S3 User Guide .

      • IsPublic (boolean) --

get_bucket(**kwargs)

Gets an Amazon S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide .

If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the s3-outposts:GetBucket permissions on the specified Outposts bucket and belong to the Outposts bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket.

If you don't have s3-outposts:GetBucket permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied error.

The following actions are related to GetBucket for Amazon S3 on Outposts:

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

See also: AWS API Documentation

Request Syntax

response = client.get_bucket(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    Specifies the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Return type

dict

Returns

Response Syntax

{
    'Bucket': 'string',
    'PublicAccessBlockEnabled': True|False,
    'CreationDate': datetime(2015, 1, 1)
}

Response Structure

  • (dict) --

    • Bucket (string) --

      The Outposts bucket requested.

    • PublicAccessBlockEnabled (boolean) --

    • CreationDate (datetime) --

      The creation date of the Outposts bucket.

get_bucket_lifecycle_configuration(**kwargs)

Note

This action gets an Amazon S3 on Outposts bucket's lifecycle configuration. To get an S3 bucket's lifecycle configuration, see GetBucketLifecycleConfiguration in the Amazon S3 API Reference .

Returns the lifecycle configuration information set on the Outposts bucket. For more information, see Using Amazon S3 on Outposts and for information about lifecycle configuration, see Object Lifecycle Management in Amazon S3 User Guide .

To use this action, you must have permission to perform the s3-outposts:GetLifecycleConfiguration action. The Outposts bucket owner has this permission, by default. The bucket owner can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access Permissions to Your Amazon S3 Resources.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

GetBucketLifecycleConfiguration has the following special error:
  • Error code: NoSuchLifecycleConfiguration
    • Description: The lifecycle configuration does not exist.
    • HTTP Status Code: 404 Not Found
    • SOAP Fault Code Prefix: Client

The following actions are related to GetBucketLifecycleConfiguration :

See also: AWS API Documentation

Request Syntax

response = client.get_bucket_lifecycle_configuration(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    The Amazon Resource Name (ARN) of the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Return type

dict

Returns

Response Syntax

{
    'Rules': [
        {
            'Expiration': {
                'Date': datetime(2015, 1, 1),
                'Days': 123,
                'ExpiredObjectDeleteMarker': True|False
            },
            'ID': 'string',
            'Filter': {
                'Prefix': 'string',
                'Tag': {
                    'Key': 'string',
                    'Value': 'string'
                },
                'And': {
                    'Prefix': 'string',
                    'Tags': [
                        {
                            'Key': 'string',
                            'Value': 'string'
                        },
                    ],
                    'ObjectSizeGreaterThan': 123,
                    'ObjectSizeLessThan': 123
                },
                'ObjectSizeGreaterThan': 123,
                'ObjectSizeLessThan': 123
            },
            'Status': 'Enabled'|'Disabled',
            'Transitions': [
                {
                    'Date': datetime(2015, 1, 1),
                    'Days': 123,
                    'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                },
            ],
            'NoncurrentVersionTransitions': [
                {
                    'NoncurrentDays': 123,
                    'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                },
            ],
            'NoncurrentVersionExpiration': {
                'NoncurrentDays': 123,
                'NewerNoncurrentVersions': 123
            },
            'AbortIncompleteMultipartUpload': {
                'DaysAfterInitiation': 123
            }
        },
    ]
}

Response Structure

  • (dict) --

    • Rules (list) --

      Container for the lifecycle rule of the Outposts bucket.

      • (dict) --

        The container for the Outposts bucket lifecycle rule.

        • Expiration (dict) --

          Specifies the expiration for the lifecycle of the object in the form of date, days and, whether the object has a delete marker.

          • Date (datetime) --

            Indicates at what date the object is to be deleted. Should be in GMT ISO 8601 format.

          • Days (integer) --

            Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.

          • ExpiredObjectDeleteMarker (boolean) --

            Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired. If set to false, the policy takes no action. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

        • ID (string) --

          Unique identifier for the rule. The value cannot be longer than 255 characters.

        • Filter (dict) --

          The container for the filter of lifecycle rule.

          • Prefix (string) --

            Prefix identifying one or more objects to which the rule applies.

            Warning

            Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.

          • Tag (dict) --

            A container for a key-value name pair.

            • Key (string) --

              Key of the tag

            • Value (string) --

              Value of the tag

          • And (dict) --

            The container for the AND condition for the lifecycle rule.

            • Prefix (string) --

              Prefix identifying one or more objects to which the rule applies.

            • Tags (list) --

              All of these tags must exist in the object's tag set in order for the rule to apply.

              • (dict) --

                A container for a key-value name pair.

                • Key (string) --

                  Key of the tag

                • Value (string) --

                  Value of the tag

            • ObjectSizeGreaterThan (integer) --

              Minimum object size to which the rule applies.

            • ObjectSizeLessThan (integer) --

              Maximum object size to which the rule applies.

          • ObjectSizeGreaterThan (integer) --

            Minimum object size to which the rule applies.

          • ObjectSizeLessThan (integer) --

            Maximum object size to which the rule applies.

        • Status (string) --

          If 'Enabled', the rule is currently being applied. If 'Disabled', the rule is not currently being applied.

        • Transitions (list) --

          Specifies when an Amazon S3 object transitions to a specified storage class.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • (dict) --

            Specifies when an object transitions to a specified storage class. For more information about Amazon S3 Lifecycle configuration rules, see Transitioning objects using Amazon S3 Lifecycle in the Amazon S3 User Guide .

            • Date (datetime) --

              Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.

            • Days (integer) --

              Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.

            • StorageClass (string) --

              The storage class to which you want the object to transition.

        • NoncurrentVersionTransitions (list) --

          Specifies the transition rule for the lifecycle rule that describes when noncurrent objects transition to a specific storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to a specific storage class at a set period in the object's lifetime.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • (dict) --

            The container for the noncurrent version transition.

            • NoncurrentDays (integer) --

              Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide .

            • StorageClass (string) --

              The class of storage used to store the object.

        • NoncurrentVersionExpiration (dict) --

          The noncurrent version expiration of the lifecycle rule.

          • NoncurrentDays (integer) --

            Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide .

          • NewerNoncurrentVersions (integer) --

            Specifies how many noncurrent versions S3 on Outposts will retain. If there are this many more recent noncurrent versions, S3 on Outposts will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide .

        • AbortIncompleteMultipartUpload (dict) --

          Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 waits before permanently removing all parts of the upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Policy in the Amazon S3 User Guide .

          • DaysAfterInitiation (integer) --

            Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload to the Outposts bucket.

get_bucket_policy(**kwargs)

Note

This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see GetBucketPolicy in the Amazon S3 API Reference .

Returns the policy of a specified Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide .

If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the GetBucketPolicy permissions on the specified bucket and belong to the bucket owner's account in order to use this action.

Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. If you don't have s3-outposts:GetBucketPolicy permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied error.

Warning

As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see Using Bucket Policies and User Policies.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to GetBucketPolicy :

See also: AWS API Documentation

Request Syntax

response = client.get_bucket_policy(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    Specifies the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Return type

dict

Returns

Response Syntax

{
    'Policy': 'string'
}

Response Structure

  • (dict) --

    • Policy (string) --

      The policy of the Outposts bucket.

get_bucket_tagging(**kwargs)

Note

This action gets an Amazon S3 on Outposts bucket's tags. To get an S3 bucket tags, see GetBucketTagging in the Amazon S3 API Reference .

Returns the tag set associated with the Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide .

To use this action, you must have permission to perform the GetBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.

GetBucketTagging has the following special error:
  • Error code: NoSuchTagSetError
    • Description: There is no tag set associated with the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to GetBucketTagging :

See also: AWS API Documentation

Request Syntax

response = client.get_bucket_tagging(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    Specifies the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

Return type

dict

Returns

Response Syntax

{
    'TagSet': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • TagSet (list) --

      The tags set of the Outposts bucket.

      • (dict) --

        A container for a key-value name pair.

        • Key (string) --

          Key of the tag

        • Value (string) --

          Value of the tag

get_bucket_versioning(**kwargs)

Note

This operation returns the versioning state only for S3 on Outposts buckets. To return the versioning state for an S3 bucket, see GetBucketVersioning in the Amazon S3 API Reference .

Returns the versioning state for an S3 on Outposts bucket. With versioning, you can save multiple distinct copies of your data and recover from unintended user actions and application failures.

If you've never set versioning on your bucket, it has no versioning state. In that case, the GetBucketVersioning request does not return a versioning state value.

For more information about versioning, see Versioning in the Amazon S3 User Guide .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following operations are related to GetBucketVersioning for S3 on Outposts.

See also: AWS API Documentation

Request Syntax

response = client.get_bucket_versioning(
    AccountId='string',
    Bucket='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the S3 on Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    The S3 on Outposts bucket to return the versioning state for.

Return type

dict

Returns

Response Syntax

{
    'Status': 'Enabled'|'Suspended',
    'MFADelete': 'Enabled'|'Disabled'
}

Response Structure

  • (dict) --

    • Status (string) --

      The versioning state of the S3 on Outposts bucket.

    • MFADelete (string) --

      Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is returned only if the bucket has been configured with MFA delete. If MFA delete has never been configured for the bucket, this element is not returned.

get_job_tagging(**kwargs)

Returns the tags on an S3 Batch Operations job. To use this operation, you must have permission to perform the s3:GetJobTagging action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide .

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.get_job_tagging(
    AccountId='string',
    JobId='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID associated with the S3 Batch Operations job.

  • JobId (string) --

    [REQUIRED]

    The ID for the S3 Batch Operations job whose tags you want to retrieve.

Return type

dict

Returns

Response Syntax

{
    'Tags': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • Tags (list) --

      The set of tags associated with the S3 Batch Operations job.

      • (dict) --

        A container for a key-value name pair.

        • Key (string) --

          Key of the tag

        • Value (string) --

          Value of the tag

Exceptions

  • S3Control.Client.exceptions.InternalServiceException
  • S3Control.Client.exceptions.TooManyRequestsException
  • S3Control.Client.exceptions.NotFoundException
get_multi_region_access_point(**kwargs)

Returns configuration information about the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around managing Multi-Region Access Points, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

The following actions are related to GetMultiRegionAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.get_multi_region_access_point(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Multi-Region Access Point whose configuration information you want to receive. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

Return type

dict

Returns

Response Syntax

{
    'AccessPoint': {
        'Name': 'string',
        'Alias': 'string',
        'CreatedAt': datetime(2015, 1, 1),
        'PublicAccessBlock': {
            'BlockPublicAcls': True|False,
            'IgnorePublicAcls': True|False,
            'BlockPublicPolicy': True|False,
            'RestrictPublicBuckets': True|False
        },
        'Status': 'READY'|'INCONSISTENT_ACROSS_REGIONS'|'CREATING'|'PARTIALLY_CREATED'|'PARTIALLY_DELETED'|'DELETING',
        'Regions': [
            {
                'Bucket': 'string',
                'Region': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    • AccessPoint (dict) --

      A container element containing the details of the requested Multi-Region Access Point.

      • Name (string) --

        The name of the Multi-Region Access Point.

      • Alias (string) --

        The alias for the Multi-Region Access Point. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Managing Multi-Region Access Points.

      • CreatedAt (datetime) --

        When the Multi-Region Access Point create request was received.

      • PublicAccessBlock (dict) --

        The PublicAccessBlock configuration that you want to apply to this Amazon S3 account. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" in the Amazon S3 User Guide .

        This data type is not supported for Amazon S3 on Outposts.

        • BlockPublicAcls (boolean) --

          Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

          • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
          • PUT Object calls fail if the request includes a public ACL.
          • PUT Bucket calls fail if the request includes a public ACL.

          Enabling this setting doesn't affect existing policies or ACLs.

          This property is not supported for Amazon S3 on Outposts.

        • IgnorePublicAcls (boolean) --

          Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

          Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

          This property is not supported for Amazon S3 on Outposts.

        • BlockPublicPolicy (boolean) --

          Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

          Enabling this setting doesn't affect existing bucket policies.

          This property is not supported for Amazon S3 on Outposts.

        • RestrictPublicBuckets (boolean) --

          Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

          Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

          This property is not supported for Amazon S3 on Outposts.

      • Status (string) --

        The current status of the Multi-Region Access Point.

        CREATING and DELETING are temporary states that exist while the request is propagating and being completed. If a Multi-Region Access Point has a status of PARTIALLY_CREATED , you can retry creation or send a request to delete the Multi-Region Access Point. If a Multi-Region Access Point has a status of PARTIALLY_DELETED , you can retry a delete request to finish the deletion of the Multi-Region Access Point.

      • Regions (list) --

        A collection of the Regions and buckets associated with the Multi-Region Access Point.

        • (dict) --

          A combination of a bucket and Region that's part of a Multi-Region Access Point.

          • Bucket (string) --

            The name of the bucket.

          • Region (string) --

            The name of the Region.

get_multi_region_access_point_policy(**kwargs)

Returns the access control policy of the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around managing Multi-Region Access Points, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

The following actions are related to GetMultiRegionAccessPointPolicy :

See also: AWS API Documentation

Request Syntax

response = client.get_multi_region_access_point_policy(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • Name (string) --

    [REQUIRED]

    Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

Return type

dict

Returns

Response Syntax

{
    'Policy': {
        'Established': {
            'Policy': 'string'
        },
        'Proposed': {
            'Policy': 'string'
        }
    }
}

Response Structure

  • (dict) --

    • Policy (dict) --

      The policy associated with the specified Multi-Region Access Point.

      • Established (dict) --

        The last established policy for the Multi-Region Access Point.

        • Policy (string) --

          The details of the last established policy.

      • Proposed (dict) --

        The proposed policy for the Multi-Region Access Point.

        • Policy (string) --

          The details of the proposed policy.

get_multi_region_access_point_policy_status(**kwargs)

Indicates whether the specified Multi-Region Access Point has an access control policy that allows public access.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around managing Multi-Region Access Points, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

The following actions are related to GetMultiRegionAccessPointPolicyStatus :

See also: AWS API Documentation

Request Syntax

response = client.get_multi_region_access_point_policy_status(
    AccountId='string',
    Name='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • Name (string) --

    [REQUIRED]

    Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

Return type

dict

Returns

Response Syntax

{
    'Established': {
        'IsPublic': True|False
    }
}

Response Structure

  • (dict) --

    • Established (dict) --

      Indicates whether this access point policy is public. For more information about how Amazon S3 evaluates policies to determine whether they are public, see The Meaning of "Public" in the Amazon S3 User Guide .

      • IsPublic (boolean) --

get_multi_region_access_point_routes(**kwargs)

Returns the routing configuration for a Multi-Region Access Point, indicating which Regions are active or passive.

To obtain routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:

  • us-east-1
  • us-west-2
  • ap-southeast-2
  • ap-northeast-1
  • eu-west-1

Note

Your Amazon S3 bucket does not need to be in these five Regions.

See also: AWS API Documentation

Request Syntax

response = client.get_multi_region_access_point_routes(
    AccountId='string',
    Mrap='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • Mrap (string) --

    [REQUIRED]

    The Multi-Region Access Point ARN.

Return type

dict

Returns

Response Syntax

{
    'Mrap': 'string',
    'Routes': [
        {
            'Bucket': 'string',
            'Region': 'string',
            'TrafficDialPercentage': 123
        },
    ]
}

Response Structure

  • (dict) --

    • Mrap (string) --

      The Multi-Region Access Point ARN.

    • Routes (list) --

      The different routes that make up the route configuration. Active routes return a value of 100 , and passive routes return a value of 0 .

      • (dict) --

        A structure for a Multi-Region Access Point that indicates where Amazon S3 traffic can be routed. Routes can be either active or passive. Active routes can process Amazon S3 requests through the Multi-Region Access Point, but passive routes are not eligible to process Amazon S3 requests.

        Each route contains the Amazon S3 bucket name and the Amazon Web Services Region that the bucket is located in. The route also includes the TrafficDialPercentage value, which shows whether the bucket and Region are active (indicated by a value of 100 ) or passive (indicated by a value of 0 ).

        • Bucket (string) --

          The name of the Amazon S3 bucket for which you'll submit a routing configuration change. Either the Bucket or the Region value must be provided. If both are provided, the bucket must be in the specified Region.

        • Region (string) --

          The Amazon Web Services Region to which you'll be submitting a routing configuration change. Either the Bucket or the Region value must be provided. If both are provided, the bucket must be in the specified Region.

        • TrafficDialPercentage (integer) --

          The traffic state for the specified bucket or Amazon Web Services Region.

          A value of 0 indicates a passive state, which means that no new traffic will be routed to the Region.

          A value of 100 indicates an active state, which means that traffic will be routed to the specified Region.

          When the routing configuration for a Region is changed from active to passive, any in-progress operations (uploads, copies, deletes, and so on) to the formerly active Region will continue to run to until a final success or failure status is reached.

          If all Regions in the routing configuration are designated as passive, you'll receive an InvalidRequest error.

get_paginator(operation_name)

Create a paginator for an operation.

Parameters
operation_name (string) -- The operation name. This is the same name as the method name on the client. For example, if the method name is create_foo, and you'd normally invoke the operation as client.create_foo(**kwargs), if the create_foo operation can be paginated, you can use the call client.get_paginator("create_foo").
Raises OperationNotPageableError
Raised if the operation is not pageable. You can use the client.can_paginate method to check if an operation is pageable.
Return type
L{botocore.paginate.Paginator}
Returns
A paginator object.
get_public_access_block(**kwargs)

Retrieves the PublicAccessBlock configuration for an Amazon Web Services account. For more information, see Using Amazon S3 block public access.

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.get_public_access_block(
    AccountId='string'
)
Parameters
AccountId (string) --

[REQUIRED]

The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to retrieve.

Return type
dict
Returns
Response Syntax
{
    'PublicAccessBlockConfiguration': {
        'BlockPublicAcls': True|False,
        'IgnorePublicAcls': True|False,
        'BlockPublicPolicy': True|False,
        'RestrictPublicBuckets': True|False
    }
}

Response Structure

  • (dict) --
    • PublicAccessBlockConfiguration (dict) --

      The PublicAccessBlock configuration currently in effect for this Amazon Web Services account.

      • BlockPublicAcls (boolean) --

        Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

        • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
        • PUT Object calls fail if the request includes a public ACL.
        • PUT Bucket calls fail if the request includes a public ACL.

        Enabling this setting doesn't affect existing policies or ACLs.

        This property is not supported for Amazon S3 on Outposts.

      • IgnorePublicAcls (boolean) --

        Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

        Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

        This property is not supported for Amazon S3 on Outposts.

      • BlockPublicPolicy (boolean) --

        Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

        Enabling this setting doesn't affect existing bucket policies.

        This property is not supported for Amazon S3 on Outposts.

      • RestrictPublicBuckets (boolean) --

        Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

        Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

        This property is not supported for Amazon S3 on Outposts.

Exceptions

  • S3Control.Client.exceptions.NoSuchPublicAccessBlockConfiguration
get_storage_lens_configuration(**kwargs)

Gets the Amazon S3 Storage Lens configuration. For more information, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide . For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide .

Note

To use this action, you must have permission to perform the s3:GetStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.get_storage_lens_configuration(
    ConfigId='string',
    AccountId='string'
)
Parameters
  • ConfigId (string) --

    [REQUIRED]

    The ID of the Amazon S3 Storage Lens configuration.

  • AccountId (string) --

    [REQUIRED]

    The account ID of the requester.

Return type

dict

Returns

Response Syntax

{
    'StorageLensConfiguration': {
        'Id': 'string',
        'AccountLevel': {
            'ActivityMetrics': {
                'IsEnabled': True|False
            },
            'BucketLevel': {
                'ActivityMetrics': {
                    'IsEnabled': True|False
                },
                'PrefixLevel': {
                    'StorageMetrics': {
                        'IsEnabled': True|False,
                        'SelectionCriteria': {
                            'Delimiter': 'string',
                            'MaxDepth': 123,
                            'MinStorageBytesPercentage': 123.0
                        }
                    }
                },
                'AdvancedCostOptimizationMetrics': {
                    'IsEnabled': True|False
                },
                'AdvancedDataProtectionMetrics': {
                    'IsEnabled': True|False
                },
                'DetailedStatusCodesMetrics': {
                    'IsEnabled': True|False
                }
            },
            'AdvancedCostOptimizationMetrics': {
                'IsEnabled': True|False
            },
            'AdvancedDataProtectionMetrics': {
                'IsEnabled': True|False
            },
            'DetailedStatusCodesMetrics': {
                'IsEnabled': True|False
            }
        },
        'Include': {
            'Buckets': [
                'string',
            ],
            'Regions': [
                'string',
            ]
        },
        'Exclude': {
            'Buckets': [
                'string',
            ],
            'Regions': [
                'string',
            ]
        },
        'DataExport': {
            'S3BucketDestination': {
                'Format': 'CSV'|'Parquet',
                'OutputSchemaVersion': 'V_1',
                'AccountId': 'string',
                'Arn': 'string',
                'Prefix': 'string',
                'Encryption': {
                    'SSES3': {},
                    'SSEKMS': {
                        'KeyId': 'string'
                    }
                }
            },
            'CloudWatchMetrics': {
                'IsEnabled': True|False
            }
        },
        'IsEnabled': True|False,
        'AwsOrg': {
            'Arn': 'string'
        },
        'StorageLensArn': 'string'
    }
}

Response Structure

  • (dict) --

    • StorageLensConfiguration (dict) --

      The S3 Storage Lens configuration requested.

      • Id (string) --

        A container for the Amazon S3 Storage Lens configuration ID.

      • AccountLevel (dict) --

        A container for all the account-level configurations of your S3 Storage Lens configuration.

        • ActivityMetrics (dict) --

          A container for S3 Storage Lens activity metrics.

          • IsEnabled (boolean) --

            A container that indicates whether activity metrics are enabled.

        • BucketLevel (dict) --

          A container for the S3 Storage Lens bucket-level configuration.

          • ActivityMetrics (dict) --

            A container for the bucket-level activity metrics for S3 Storage Lens.

            • IsEnabled (boolean) --

              A container that indicates whether activity metrics are enabled.

          • PrefixLevel (dict) --

            A container for the prefix-level metrics for S3 Storage Lens.

            • StorageMetrics (dict) --

              A container for the prefix-level storage metrics for S3 Storage Lens.

              • IsEnabled (boolean) --

                A container for whether prefix-level storage metrics are enabled.

              • SelectionCriteria (dict) --

                • Delimiter (string) --

                  A container for the delimiter of the selection criteria being used.

                • MaxDepth (integer) --

                  The max depth of the selection criteria

                • MinStorageBytesPercentage (float) --

                  The minimum number of storage bytes percentage whose metrics will be selected.

                  Note

                  You must choose a value greater than or equal to 1.0 .

          • AdvancedCostOptimizationMetrics (dict) --

            A container for bucket-level advanced cost-optimization metrics for S3 Storage Lens.

            • IsEnabled (boolean) --

              A container that indicates whether advanced cost-optimization metrics are enabled.

          • AdvancedDataProtectionMetrics (dict) --

            A container for bucket-level advanced data-protection metrics for S3 Storage Lens.

            • IsEnabled (boolean) --

              A container that indicates whether advanced data-protection metrics are enabled.

          • DetailedStatusCodesMetrics (dict) --

            A container for bucket-level detailed status code metrics for S3 Storage Lens.

            • IsEnabled (boolean) --

              A container that indicates whether detailed status code metrics are enabled.

        • AdvancedCostOptimizationMetrics (dict) --

          A container for S3 Storage Lens advanced cost-optimization metrics.

          • IsEnabled (boolean) --

            A container that indicates whether advanced cost-optimization metrics are enabled.

        • AdvancedDataProtectionMetrics (dict) --

          A container for S3 Storage Lens advanced data-protection metrics.

          • IsEnabled (boolean) --

            A container that indicates whether advanced data-protection metrics are enabled.

        • DetailedStatusCodesMetrics (dict) --

          A container for detailed status code metrics.

          • IsEnabled (boolean) --

            A container that indicates whether detailed status code metrics are enabled.

      • Include (dict) --

        A container for what is included in this configuration. This container can only be valid if there is no Exclude container submitted, and it's not empty.

        • Buckets (list) --

          A container for the S3 Storage Lens bucket includes.

          • (string) --
        • Regions (list) --

          A container for the S3 Storage Lens Region includes.

          • (string) --
      • Exclude (dict) --

        A container for what is excluded in this configuration. This container can only be valid if there is no Include container submitted, and it's not empty.

        • Buckets (list) --

          A container for the S3 Storage Lens bucket excludes.

          • (string) --
        • Regions (list) --

          A container for the S3 Storage Lens Region excludes.

          • (string) --
      • DataExport (dict) --

        A container to specify the properties of your S3 Storage Lens metrics export including, the destination, schema and format.

        • S3BucketDestination (dict) --

          A container for the bucket where the S3 Storage Lens metrics export will be located.

          Note

          This bucket must be located in the same Region as the storage lens configuration.

          • Format (string) --

          • OutputSchemaVersion (string) --

            The schema version of the export file.

          • AccountId (string) --

            The account ID of the owner of the S3 Storage Lens metrics export bucket.

          • Arn (string) --

            The Amazon Resource Name (ARN) of the bucket. This property is read-only and follows the following format: arn:aws:s3:us-east-1:example-account-id:bucket/your-destination-bucket-name

          • Prefix (string) --

            The prefix of the destination bucket where the metrics export will be delivered.

          • Encryption (dict) --

            The container for the type encryption of the metrics exports in this bucket.

            • SSES3 (dict) --

            • SSEKMS (dict) --

              • KeyId (string) --

                A container for the ARN of the SSE-KMS encryption. This property is read-only and follows the following format: arn:aws:kms:us-east-1:example-account-id:key/example-9a73-4afc-8d29-8f5900cef44e

        • CloudWatchMetrics (dict) --

          A container for enabling Amazon CloudWatch publishing for S3 Storage Lens metrics.

          • IsEnabled (boolean) --

            A container that indicates whether CloudWatch publishing for S3 Storage Lens metrics is enabled. A value of true indicates that CloudWatch publishing for S3 Storage Lens metrics is enabled.

      • IsEnabled (boolean) --

        A container for whether the S3 Storage Lens configuration is enabled.

      • AwsOrg (dict) --

        A container for the Amazon Web Services organization for this S3 Storage Lens configuration.

        • Arn (string) --

          A container for the Amazon Resource Name (ARN) of the Amazon Web Services organization. This property is read-only and follows the following format: arn:aws:organizations:us-east-1:example-account-id:organization/o-ex2l495dck

      • StorageLensArn (string) --

        The Amazon Resource Name (ARN) of the S3 Storage Lens configuration. This property is read-only and follows the following format: arn:aws:s3:us-east-1:example-account-id:storage-lens/your-dashboard-name

get_storage_lens_configuration_tagging(**kwargs)

Gets the tags of Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide .

Note

To use this action, you must have permission to perform the s3:GetStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.get_storage_lens_configuration_tagging(
    ConfigId='string',
    AccountId='string'
)
Parameters
  • ConfigId (string) --

    [REQUIRED]

    The ID of the Amazon S3 Storage Lens configuration.

  • AccountId (string) --

    [REQUIRED]

    The account ID of the requester.

Return type

dict

Returns

Response Syntax

{
    'Tags': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • Tags (list) --

      The tags of S3 Storage Lens configuration requested.

      • (dict) --
        • Key (string) --
        • Value (string) --

get_waiter(waiter_name)

Returns an object that can wait for some condition.

Parameters
waiter_name (str) -- The name of the waiter to get. See the waiters section of the service docs for a list of available waiters.
Returns
The specified waiter object.
Return type
botocore.waiter.Waiter
list_access_points(**kwargs)

Returns a list of the access points owned by the current account associated with the specified bucket. You can retrieve up to 1000 access points per call. If the specified bucket has more than 1,000 access points (or the number specified in maxResults , whichever is less), the response will include a continuation token that you can use to list the additional access points.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to ListAccessPoints :

See also: AWS API Documentation

Request Syntax

response = client.list_access_points(
    AccountId='string',
    Bucket='string',
    NextToken='string',
    MaxResults=123
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the account that owns the specified access points.

  • Bucket (string) --

    The name of the bucket whose associated access points you want to list.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

  • NextToken (string) -- A continuation token. If a previous call to ListAccessPoints returned a continuation token in the NextToken field, then providing that value here causes Amazon S3 to retrieve the next page of results.
  • MaxResults (integer) -- The maximum number of access points that you want to include in the list. If the specified bucket has more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
Return type

dict

Returns

Response Syntax

{
    'AccessPointList': [
        {
            'Name': 'string',
            'NetworkOrigin': 'Internet'|'VPC',
            'VpcConfiguration': {
                'VpcId': 'string'
            },
            'Bucket': 'string',
            'AccessPointArn': 'string',
            'Alias': 'string',
            'BucketAccountId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • AccessPointList (list) --

      Contains identification and configuration information for one or more access points associated with the specified bucket.

      • (dict) --

        An access point used to access a bucket.

        • Name (string) --

          The name of this access point.

        • NetworkOrigin (string) --

          Indicates whether this access point allows access from the public internet. If VpcConfiguration is specified for this access point, then NetworkOrigin is VPC , and the access point doesn't allow access from the public internet. Otherwise, NetworkOrigin is Internet , and the access point allows access from the public internet, subject to the access point and bucket access policies.

        • VpcConfiguration (dict) --

          The virtual private cloud (VPC) configuration for this access point, if one exists.

          Note

          This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other Amazon Web Services.

          • VpcId (string) --

            If this field is specified, this access point will only allow connections from the specified VPC ID.

        • Bucket (string) --

          The name of the bucket associated with this access point.

        • AccessPointArn (string) --

          The ARN for the access point.

        • Alias (string) --

          The name or alias of the access point.

        • BucketAccountId (string) --

          The Amazon Web Services account ID associated with the S3 bucket associated with this access point.

    • NextToken (string) --

      If the specified bucket has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.

list_access_points_for_object_lambda(**kwargs)

Returns some or all (up to 1,000) access points associated with the Object Lambda Access Point per call. If there are more access points than what can be returned in one call, the response will include a continuation token that you can use to list the additional access points.

The following actions are related to ListAccessPointsForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.list_access_points_for_object_lambda(
    AccountId='string',
    NextToken='string',
    MaxResults=123
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • NextToken (string) -- If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
  • MaxResults (integer) -- The maximum number of access points that you want to include in the list. The response may contain fewer access points but will never contain more. If there are more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
Return type

dict

Returns

Response Syntax

{
    'ObjectLambdaAccessPointList': [
        {
            'Name': 'string',
            'ObjectLambdaAccessPointArn': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • ObjectLambdaAccessPointList (list) --

      Returns list of Object Lambda Access Points.

      • (dict) --

        An access point with an attached Lambda function used to access transformed data from an Amazon S3 bucket.

        • Name (string) --

          The name of the Object Lambda Access Point.

        • ObjectLambdaAccessPointArn (string) --

          Specifies the ARN for the Object Lambda Access Point.

    • NextToken (string) --

      If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.

list_jobs(**kwargs)

Lists current S3 Batch Operations jobs and jobs that have ended within the last 30 days for the Amazon Web Services account making the request. For more information, see S3 Batch Operations in the Amazon S3 User Guide .

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.list_jobs(
    AccountId='string',
    JobStatuses=[
        'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
    ],
    NextToken='string',
    MaxResults=123
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID associated with the S3 Batch Operations job.

  • JobStatuses (list) --

    The List Jobs request returns jobs that match the statuses listed in this element.

    • (string) --
  • NextToken (string) -- A pagination token to request the next page of results. Use the token that Amazon S3 returned in the NextToken element of the ListJobsResult from the previous List Jobs request.
  • MaxResults (integer) -- The maximum number of jobs that Amazon S3 will include in the List Jobs response. If there are more jobs than this number, the response will include a pagination token in the NextToken field to enable you to retrieve the next page of results.
Return type

dict

Returns

Response Syntax

{
    'NextToken': 'string',
    'Jobs': [
        {
            'JobId': 'string',
            'Description': 'string',
            'Operation': 'LambdaInvoke'|'S3PutObjectCopy'|'S3PutObjectAcl'|'S3PutObjectTagging'|'S3DeleteObjectTagging'|'S3InitiateRestoreObject'|'S3PutObjectLegalHold'|'S3PutObjectRetention'|'S3ReplicateObject',
            'Priority': 123,
            'Status': 'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
            'CreationTime': datetime(2015, 1, 1),
            'TerminationDate': datetime(2015, 1, 1),
            'ProgressSummary': {
                'TotalNumberOfTasks': 123,
                'NumberOfTasksSucceeded': 123,
                'NumberOfTasksFailed': 123,
                'Timers': {
                    'ElapsedTimeInActiveSeconds': 123
                }
            }
        },
    ]
}

Response Structure

  • (dict) --

    • NextToken (string) --

      If the List Jobs request produced more than the maximum number of results, you can pass this value into a subsequent List Jobs request in order to retrieve the next page of results.

    • Jobs (list) --

      The list of current jobs and jobs that have ended within the last 30 days.

      • (dict) --

        Contains the configuration and status information for a single job retrieved as part of a job list.

        • JobId (string) --

          The ID for the specified job.

        • Description (string) --

          The user-specified description that was included in the specified job's Create Job request.

        • Operation (string) --

          The operation that the specified job is configured to run on every object listed in the manifest.

        • Priority (integer) --

          The current priority for the specified job.

        • Status (string) --

          The specified job's current status.

        • CreationTime (datetime) --

          A timestamp indicating when the specified job was created.

        • TerminationDate (datetime) --

          A timestamp indicating when the specified job terminated. A job's termination date is the date and time when it succeeded, failed, or was canceled.

        • ProgressSummary (dict) --

          Describes the total number of tasks that the specified job has run, the number of tasks that succeeded, and the number of tasks that failed.

          • TotalNumberOfTasks (integer) --

          • NumberOfTasksSucceeded (integer) --

          • NumberOfTasksFailed (integer) --

          • Timers (dict) --

            The JobTimers attribute of a job's progress summary.

            • ElapsedTimeInActiveSeconds (integer) --

              Indicates the elapsed time in seconds the job has been in the Active job state.

Exceptions

  • S3Control.Client.exceptions.InvalidRequestException
  • S3Control.Client.exceptions.InternalServiceException
  • S3Control.Client.exceptions.InvalidNextTokenException
list_multi_region_access_points(**kwargs)

Returns a list of the Multi-Region Access Points currently associated with the specified Amazon Web Services account. Each call can return up to 100 Multi-Region Access Points, the maximum number of Multi-Region Access Points that can be associated with a single account.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around managing Multi-Region Access Points, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

The following actions are related to ListMultiRegionAccessPoint :

See also: AWS API Documentation

Request Syntax

response = client.list_multi_region_access_points(
    AccountId='string',
    NextToken='string',
    MaxResults=123
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • NextToken (string) -- Not currently used. Do not use this parameter.
  • MaxResults (integer) -- Not currently used. Do not use this parameter.
Return type

dict

Returns

Response Syntax

{
    'AccessPoints': [
        {
            'Name': 'string',
            'Alias': 'string',
            'CreatedAt': datetime(2015, 1, 1),
            'PublicAccessBlock': {
                'BlockPublicAcls': True|False,
                'IgnorePublicAcls': True|False,
                'BlockPublicPolicy': True|False,
                'RestrictPublicBuckets': True|False
            },
            'Status': 'READY'|'INCONSISTENT_ACROSS_REGIONS'|'CREATING'|'PARTIALLY_CREATED'|'PARTIALLY_DELETED'|'DELETING',
            'Regions': [
                {
                    'Bucket': 'string',
                    'Region': 'string'
                },
            ]
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • AccessPoints (list) --

      The list of Multi-Region Access Points associated with the user.

      • (dict) --

        A collection of statuses for a Multi-Region Access Point in the various Regions it supports.

        • Name (string) --

          The name of the Multi-Region Access Point.

        • Alias (string) --

          The alias for the Multi-Region Access Point. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Managing Multi-Region Access Points.

        • CreatedAt (datetime) --

          When the Multi-Region Access Point create request was received.

        • PublicAccessBlock (dict) --

          The PublicAccessBlock configuration that you want to apply to this Amazon S3 account. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of "Public" in the Amazon S3 User Guide .

          This data type is not supported for Amazon S3 on Outposts.

          • BlockPublicAcls (boolean) --

            Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

            • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
            • PUT Object calls fail if the request includes a public ACL.
            • PUT Bucket calls fail if the request includes a public ACL.

            Enabling this setting doesn't affect existing policies or ACLs.

            This property is not supported for Amazon S3 on Outposts.

          • IgnorePublicAcls (boolean) --

            Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

            Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

            This property is not supported for Amazon S3 on Outposts.

          • BlockPublicPolicy (boolean) --

            Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

            Enabling this setting doesn't affect existing bucket policies.

            This property is not supported for Amazon S3 on Outposts.

          • RestrictPublicBuckets (boolean) --

            Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

            Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

            This property is not supported for Amazon S3 on Outposts.

        • Status (string) --

          The current status of the Multi-Region Access Point.

          CREATING and DELETING are temporary states that exist while the request is propagating and being completed. If a Multi-Region Access Point has a status of PARTIALLY_CREATED , you can retry creation or send a request to delete the Multi-Region Access Point. If a Multi-Region Access Point has a status of PARTIALLY_DELETED , you can retry a delete request to finish the deletion of the Multi-Region Access Point.

        • Regions (list) --

          A collection of the Regions and buckets associated with the Multi-Region Access Point.

          • (dict) --

            A combination of a bucket and Region that's part of a Multi-Region Access Point.

            • Bucket (string) --

              The name of the bucket.

            • Region (string) --

              The name of the Region.

    • NextToken (string) --

      If the specified bucket has more Multi-Region Access Points than can be returned in one call to this action, this field contains a continuation token. You can use this token tin subsequent calls to this action to retrieve additional Multi-Region Access Points.

list_regional_buckets(**kwargs)

Returns a list of all Outposts buckets in an Outpost that are owned by the authenticated sender of the request. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide .

For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and x-amz-outpost-id in your request, see the Examples section.

See also: AWS API Documentation

Request Syntax

response = client.list_regional_buckets(
    AccountId='string',
    NextToken='string',
    MaxResults=123,
    OutpostId='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • NextToken (string) --
  • MaxResults (integer) --
  • OutpostId (string) --

    The ID of the Outposts resource.

    Note

    This ID is required by Amazon S3 on Outposts buckets.

Return type

dict

Returns

Response Syntax

{
    'RegionalBucketList': [
        {
            'Bucket': 'string',
            'BucketArn': 'string',
            'PublicAccessBlockEnabled': True|False,
            'CreationDate': datetime(2015, 1, 1),
            'OutpostId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • RegionalBucketList (list) --

      • (dict) --

        The container for the regional bucket.

        • Bucket (string) --

        • BucketArn (string) --

          The Amazon Resource Name (ARN) for the regional bucket.

        • PublicAccessBlockEnabled (boolean) --

        • CreationDate (datetime) --

          The creation date of the regional bucket

        • OutpostId (string) --

          The Outposts ID of the regional bucket.

    • NextToken (string) --

      NextToken is sent when isTruncated is true, which means there are more buckets that can be listed. The next list requests to Amazon S3 can be continued with this NextToken . NextToken is obfuscated and is not a real key.

list_storage_lens_configurations(**kwargs)

Gets a list of Amazon S3 Storage Lens configurations. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide .

Note

To use this action, you must have permission to perform the s3:ListStorageLensConfigurations action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.list_storage_lens_configurations(
    AccountId='string',
    NextToken='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID of the requester.

  • NextToken (string) -- A pagination token to request the next page of results.
Return type

dict

Returns

Response Syntax

{
    'NextToken': 'string',
    'StorageLensConfigurationList': [
        {
            'Id': 'string',
            'StorageLensArn': 'string',
            'HomeRegion': 'string',
            'IsEnabled': True|False
        },
    ]
}

Response Structure

  • (dict) --

    • NextToken (string) --

      If the request produced more than the maximum number of S3 Storage Lens configuration results, you can pass this value into a subsequent request to retrieve the next page of results.

    • StorageLensConfigurationList (list) --

      A list of S3 Storage Lens configurations.

      • (dict) --

        Part of ListStorageLensConfigurationResult . Each entry includes the description of the S3 Storage Lens configuration, its home Region, whether it is enabled, its Amazon Resource Name (ARN), and config ID.

        • Id (string) --

          A container for the S3 Storage Lens configuration ID.

        • StorageLensArn (string) --

          The ARN of the S3 Storage Lens configuration. This property is read-only.

        • HomeRegion (string) --

          A container for the S3 Storage Lens home Region. Your metrics data is stored and retained in your designated S3 Storage Lens home Region.

        • IsEnabled (boolean) --

          A container for whether the S3 Storage Lens configuration is enabled. This property is required.

put_access_point_configuration_for_object_lambda(**kwargs)

Replaces configuration for an Object Lambda Access Point.

The following actions are related to PutAccessPointConfigurationForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.put_access_point_configuration_for_object_lambda(
    AccountId='string',
    Name='string',
    Configuration={
        'SupportingAccessPoint': 'string',
        'CloudWatchMetricsEnabled': True|False,
        'AllowedFeatures': [
            'GetObject-Range'|'GetObject-PartNumber'|'HeadObject-Range'|'HeadObject-PartNumber',
        ],
        'TransformationConfigurations': [
            {
                'Actions': [
                    'GetObject'|'HeadObject'|'ListObjects'|'ListObjectsV2',
                ],
                'ContentTransformation': {
                    'AwsLambda': {
                        'FunctionArn': 'string',
                        'FunctionPayload': 'string'
                    }
                }
            },
        ]
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Object Lambda Access Point.

  • Configuration (dict) --

    [REQUIRED]

    Object Lambda Access Point configuration document.

    • SupportingAccessPoint (string) -- [REQUIRED]

      Standard access point associated with the Object Lambda Access Point.

    • CloudWatchMetricsEnabled (boolean) --

      A container for whether the CloudWatch metrics configuration is enabled.

    • AllowedFeatures (list) --

      A container for allowed features. Valid inputs are GetObject-Range , GetObject-PartNumber , HeadObject-Range , and HeadObject-PartNumber .

      • (string) --
    • TransformationConfigurations (list) -- [REQUIRED]

      A container for transformation configurations for an Object Lambda Access Point.

      • (dict) --

        A configuration used when creating an Object Lambda Access Point transformation.

        • Actions (list) -- [REQUIRED]

          A container for the action of an Object Lambda Access Point configuration. Valid inputs are GetObject , ListObjects , HeadObject , and ListObjectsV2 .

          • (string) --
        • ContentTransformation (dict) -- [REQUIRED]

          A container for the content transformation of an Object Lambda Access Point configuration.

          Note

          This is a Tagged Union structure. Only one of the following top level keys can be set: AwsLambda.

          • AwsLambda (dict) --

            A container for an Lambda function.

            • FunctionArn (string) -- [REQUIRED]

              The Amazon Resource Name (ARN) of the Lambda function.

            • FunctionPayload (string) --

              Additional JSON that provides supplemental data to the Lambda function used to transform objects.

Returns

None

put_access_point_policy(**kwargs)

Associates an access policy with the specified access point. Each access point can have only one policy, so a request made to this API replaces any existing policy associated with the specified access point.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to PutAccessPointPolicy :

See also: AWS API Documentation

Request Syntax

response = client.put_access_point_policy(
    AccountId='string',
    Name='string',
    Policy='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for owner of the bucket associated with the specified access point.

  • Name (string) --

    [REQUIRED]

    The name of the access point that you want to associate with the specified policy.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name> . For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap . The value must be URL encoded.

  • Policy (string) --

    [REQUIRED]

    The policy that you want to apply to the specified access point. For more information about access point policies, see Managing data access with Amazon S3 access points in the Amazon S3 User Guide .

Returns

None

put_access_point_policy_for_object_lambda(**kwargs)

Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see Creating Object Lambda Access Points in the Amazon S3 User Guide .

The following actions are related to PutAccessPointPolicyForObjectLambda :

See also: AWS API Documentation

Request Syntax

response = client.put_access_point_policy_for_object_lambda(
    AccountId='string',
    Name='string',
    Policy='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • Name (string) --

    [REQUIRED]

    The name of the Object Lambda Access Point.

  • Policy (string) --

    [REQUIRED]

    Object Lambda Access Point resource policy document.

Returns

None

put_bucket_lifecycle_configuration(**kwargs)

Note

This action puts a lifecycle configuration to an Amazon S3 on Outposts bucket. To put a lifecycle configuration to an S3 bucket, see PutBucketLifecycleConfiguration in the Amazon S3 API Reference .

Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to PutBucketLifecycleConfiguration :

See also: AWS API Documentation

Request Syntax

response = client.put_bucket_lifecycle_configuration(
    AccountId='string',
    Bucket='string',
    LifecycleConfiguration={
        'Rules': [
            {
                'Expiration': {
                    'Date': datetime(2015, 1, 1),
                    'Days': 123,
                    'ExpiredObjectDeleteMarker': True|False
                },
                'ID': 'string',
                'Filter': {
                    'Prefix': 'string',
                    'Tag': {
                        'Key': 'string',
                        'Value': 'string'
                    },
                    'And': {
                        'Prefix': 'string',
                        'Tags': [
                            {
                                'Key': 'string',
                                'Value': 'string'
                            },
                        ],
                        'ObjectSizeGreaterThan': 123,
                        'ObjectSizeLessThan': 123
                    },
                    'ObjectSizeGreaterThan': 123,
                    'ObjectSizeLessThan': 123
                },
                'Status': 'Enabled'|'Disabled',
                'Transitions': [
                    {
                        'Date': datetime(2015, 1, 1),
                        'Days': 123,
                        'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                    },
                ],
                'NoncurrentVersionTransitions': [
                    {
                        'NoncurrentDays': 123,
                        'StorageClass': 'GLACIER'|'STANDARD_IA'|'ONEZONE_IA'|'INTELLIGENT_TIERING'|'DEEP_ARCHIVE'
                    },
                ],
                'NoncurrentVersionExpiration': {
                    'NoncurrentDays': 123,
                    'NewerNoncurrentVersions': 123
                },
                'AbortIncompleteMultipartUpload': {
                    'DaysAfterInitiation': 123
                }
            },
        ]
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    The name of the bucket for which to set the configuration.

  • LifecycleConfiguration (dict) --

    Container for lifecycle rules. You can add as many as 1,000 rules.

    • Rules (list) --

      A lifecycle rule for individual objects in an Outposts bucket.

      • (dict) --

        The container for the Outposts bucket lifecycle rule.

        • Expiration (dict) --

          Specifies the expiration for the lifecycle of the object in the form of date, days and, whether the object has a delete marker.

          • Date (datetime) --

            Indicates at what date the object is to be deleted. Should be in GMT ISO 8601 format.

          • Days (integer) --

            Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.

          • ExpiredObjectDeleteMarker (boolean) --

            Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired. If set to false, the policy takes no action. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.

        • ID (string) --

          Unique identifier for the rule. The value cannot be longer than 255 characters.

        • Filter (dict) --

          The container for the filter of lifecycle rule.

          • Prefix (string) --

            Prefix identifying one or more objects to which the rule applies.

            Warning

            Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.

          • Tag (dict) --

            A container for a key-value name pair.

            • Key (string) -- [REQUIRED]

              Key of the tag

            • Value (string) -- [REQUIRED]

              Value of the tag

          • And (dict) --

            The container for the AND condition for the lifecycle rule.

            • Prefix (string) --

              Prefix identifying one or more objects to which the rule applies.

            • Tags (list) --

              All of these tags must exist in the object's tag set in order for the rule to apply.

              • (dict) --

                A container for a key-value name pair.

                • Key (string) -- [REQUIRED]

                  Key of the tag

                • Value (string) -- [REQUIRED]

                  Value of the tag

            • ObjectSizeGreaterThan (integer) --

              Minimum object size to which the rule applies.

            • ObjectSizeLessThan (integer) --

              Maximum object size to which the rule applies.

          • ObjectSizeGreaterThan (integer) --

            Minimum object size to which the rule applies.

          • ObjectSizeLessThan (integer) --

            Maximum object size to which the rule applies.

        • Status (string) -- [REQUIRED]

          If 'Enabled', the rule is currently being applied. If 'Disabled', the rule is not currently being applied.

        • Transitions (list) --

          Specifies when an Amazon S3 object transitions to a specified storage class.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • (dict) --

            Specifies when an object transitions to a specified storage class. For more information about Amazon S3 Lifecycle configuration rules, see Transitioning objects using Amazon S3 Lifecycle in the Amazon S3 User Guide .

            • Date (datetime) --

              Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.

            • Days (integer) --

              Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.

            • StorageClass (string) --

              The storage class to which you want the object to transition.

        • NoncurrentVersionTransitions (list) --

          Specifies the transition rule for the lifecycle rule that describes when noncurrent objects transition to a specific storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to a specific storage class at a set period in the object's lifetime.

          Note

          This is not supported by Amazon S3 on Outposts buckets.

          • (dict) --

            The container for the noncurrent version transition.

            • NoncurrentDays (integer) --

              Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide .

            • StorageClass (string) --

              The class of storage used to store the object.

        • NoncurrentVersionExpiration (dict) --

          The noncurrent version expiration of the lifecycle rule.

          • NoncurrentDays (integer) --

            Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide .

          • NewerNoncurrentVersions (integer) --

            Specifies how many noncurrent versions S3 on Outposts will retain. If there are this many more recent noncurrent versions, S3 on Outposts will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide .

        • AbortIncompleteMultipartUpload (dict) --

          Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 waits before permanently removing all parts of the upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Policy in the Amazon S3 User Guide .

          • DaysAfterInitiation (integer) --

            Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload to the Outposts bucket.

Returns

None

put_bucket_policy(**kwargs)

Note

This action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see PutBucketPolicy in the Amazon S3 API Reference .

Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide .

If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the PutBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this action.

If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.

Warning

As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.

For more information about bucket policies, see Using Bucket Policies and User Policies.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to PutBucketPolicy :

See also: AWS API Documentation

Request Syntax

response = client.put_bucket_policy(
    AccountId='string',
    Bucket='string',
    ConfirmRemoveSelfBucketAccess=True|False,
    Policy='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    Specifies the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

  • ConfirmRemoveSelfBucketAccess (boolean) --

    Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future.

    Note

    This is not supported by Amazon S3 on Outposts buckets.

  • Policy (string) --

    [REQUIRED]

    The bucket policy as a JSON document.

Returns

None

put_bucket_tagging(**kwargs)

Note

This action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see PutBucketTagging in the Amazon S3 API Reference .

Sets the tags for an S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide .

Use tags to organize your Amazon Web Services bill to reflect your own cost structure. To do this, sign up to get your Amazon Web Services account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see Cost allocation and tagging.

Note

Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see Using cost allocation in Amazon S3 bucket tags.

To use this action, you must have permissions to perform the s3-outposts:PutBucketTagging action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing access permissions to your Amazon S3 resources.

PutBucketTagging has the following special errors:
  • Error code: InvalidTagError
  • Error code: MalformedXMLError
    • Description: The XML provided does not match the schema.
  • Error code: OperationAbortedError
    • Description: A conflicting conditional action is currently in progress against this resource. Try again.
  • Error code: InternalError
    • Description: The service was unable to apply the provided tag to the bucket.

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following actions are related to PutBucketTagging :

See also: AWS API Documentation

Request Syntax

response = client.put_bucket_tagging(
    AccountId='string',
    Bucket='string',
    Tagging={
        'TagSet': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    The Amazon Resource Name (ARN) of the bucket.

    For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.

    For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name> . For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2 , use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports . The value must be URL encoded.

  • Tagging (dict) --

    [REQUIRED]

    • TagSet (list) -- [REQUIRED]

      A collection for a set of tags.

      • (dict) --

        A container for a key-value name pair.

        • Key (string) -- [REQUIRED]

          Key of the tag

        • Value (string) -- [REQUIRED]

          Value of the tag

Returns

None

put_bucket_versioning(**kwargs)

Note

This operation sets the versioning state only for S3 on Outposts buckets. To set the versioning state for an S3 bucket, see PutBucketVersioning in the Amazon S3 API Reference .

Sets the versioning state for an S3 on Outposts bucket. With versioning, you can save multiple distinct copies of your data and recover from unintended user actions and application failures.

You can set the versioning state to one of the following:

  • Enabled - Enables versioning for the objects in the bucket. All objects added to the bucket receive a unique version ID.
  • Suspended - Suspends versioning for the objects in the bucket. All objects added to the bucket receive the version ID null .

If you've never set versioning on your bucket, it has no versioning state. In that case, a GetBucketVersioning request does not return a versioning state value.

When you enable S3 Versioning, for each object in your bucket, you have a current version and zero or more noncurrent versions. You can configure your bucket S3 Lifecycle rules to expire noncurrent versions after a specified time period. For more information, see Creating and managing a lifecycle configuration for your S3 on Outposts bucket in the Amazon S3 User Guide .

If you have an object expiration lifecycle policy in your non-versioned bucket and you want to maintain the same permanent delete behavior when you enable versioning, you must add a noncurrent expiration policy. The noncurrent expiration lifecycle policy will manage the deletes of the noncurrent object versions in the version-enabled bucket. For more information, see Versioning in the Amazon S3 User Guide .

All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control . For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.

The following operations are related to PutBucketVersioning for S3 on Outposts.

See also: AWS API Documentation

Request Syntax

response = client.put_bucket_versioning(
    AccountId='string',
    Bucket='string',
    MFA='string',
    VersioningConfiguration={
        'MFADelete': 'Enabled'|'Disabled',
        'Status': 'Enabled'|'Suspended'
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID of the S3 on Outposts bucket.

  • Bucket (string) --

    [REQUIRED]

    The S3 on Outposts bucket to set the versioning state for.

  • MFA (string) -- The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.
  • VersioningConfiguration (dict) --

    [REQUIRED]

    The root-level tag for the VersioningConfiguration parameters.

    • MFADelete (string) --

      Specifies whether MFA delete is enabled or disabled in the bucket versioning configuration for the S3 on Outposts bucket.

    • Status (string) --

      Sets the versioning state of the S3 on Outposts bucket.

Returns

None

put_job_tagging(**kwargs)

Sets the supplied tag-set on an S3 Batch Operations job.

A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using GetJobTagging, modify that tag set, and use this action to replace the tag set with the one you modified. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide .

Note

  • If you send this request with an empty tag set, Amazon S3 deletes the existing tag set on the Batch Operations job. If you use this method, you are charged for a Tier 1 Request (PUT). For more information, see Amazon S3 pricing.
  • For deleting existing tags for your Batch Operations job, a DeleteJobTagging request is preferred because it achieves the same result without incurring charges.
  • A few things to consider about using tags:
    • Amazon S3 limits the maximum number of tags to 50 tags per job.
    • You can associate up to 50 tags with a job as long as they have unique tag keys.
    • A tag key can be up to 128 Unicode characters in length, and tag values can be up to 256 Unicode characters in length.
    • The key and values are case sensitive.
    • For tagging-related restrictions related to characters and encodings, see User-Defined Tag Restrictions in the Billing and Cost Management User Guide .

To use this action, you must have permission to perform the s3:PutJobTagging action.

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.put_job_tagging(
    AccountId='string',
    JobId='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID associated with the S3 Batch Operations job.

  • JobId (string) --

    [REQUIRED]

    The ID for the S3 Batch Operations job whose tags you want to replace.

  • Tags (list) --

    [REQUIRED]

    The set of tags to associate with the S3 Batch Operations job.

    • (dict) --

      A container for a key-value name pair.

      • Key (string) -- [REQUIRED]

        Key of the tag

      • Value (string) -- [REQUIRED]

        Value of the tag

Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

Exceptions

  • S3Control.Client.exceptions.InternalServiceException
  • S3Control.Client.exceptions.TooManyRequestsException
  • S3Control.Client.exceptions.NotFoundException
  • S3Control.Client.exceptions.TooManyTagsException
put_multi_region_access_point_policy(**kwargs)

Associates an access control policy with the specified Multi-Region Access Point. Each Multi-Region Access Point can have only one policy, so a request made to this action replaces any existing policy that is associated with the specified Multi-Region Access Point.

This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around managing Multi-Region Access Points, see Managing Multi-Region Access Points in the Amazon S3 User Guide .

The following actions are related to PutMultiRegionAccessPointPolicy :

See also: AWS API Documentation

Request Syntax

response = client.put_multi_region_access_point_policy(
    AccountId='string',
    ClientToken='string',
    Details={
        'Name': 'string',
        'Policy': 'string'
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • ClientToken (string) --

    [REQUIRED]

    An idempotency token used to identify the request and guarantee that requests are unique.

    This field is autopopulated if not provided.

  • Details (dict) --

    [REQUIRED]

    A container element containing the details of the policy for the Multi-Region Access Point.

    • Name (string) -- [REQUIRED]

      The name of the Multi-Region Access Point associated with the request.

    • Policy (string) -- [REQUIRED]

      The policy details for the PutMultiRegionAccessPoint request.

Return type

dict

Returns

Response Syntax

{
    'RequestTokenARN': 'string'
}

Response Structure

  • (dict) --

put_public_access_block(**kwargs)

Creates or modifies the PublicAccessBlock configuration for an Amazon Web Services account. For this operation, users must have the s3:PutAccountPublicAccessBlock permission. For more information, see Using Amazon S3 block public access.

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.put_public_access_block(
    PublicAccessBlockConfiguration={
        'BlockPublicAcls': True|False,
        'IgnorePublicAcls': True|False,
        'BlockPublicPolicy': True|False,
        'RestrictPublicBuckets': True|False
    },
    AccountId='string'
)
Parameters
  • PublicAccessBlockConfiguration (dict) --

    [REQUIRED]

    The PublicAccessBlock configuration that you want to apply to the specified Amazon Web Services account.

    • BlockPublicAcls (boolean) --

      Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:

      • PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.
      • PUT Object calls fail if the request includes a public ACL.
      • PUT Bucket calls fail if the request includes a public ACL.

      Enabling this setting doesn't affect existing policies or ACLs.

      This property is not supported for Amazon S3 on Outposts.

    • IgnorePublicAcls (boolean) --

      Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.

      Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.

      This property is not supported for Amazon S3 on Outposts.

    • BlockPublicPolicy (boolean) --

      Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.

      Enabling this setting doesn't affect existing bucket policies.

      This property is not supported for Amazon S3 on Outposts.

    • RestrictPublicBuckets (boolean) --

      Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.

      Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.

      This property is not supported for Amazon S3 on Outposts.

  • AccountId (string) --

    [REQUIRED]

    The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to set.

Returns

None

put_storage_lens_configuration(**kwargs)

Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Working with Amazon S3 Storage Lens in the Amazon S3 User Guide . For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide .

Note

To use this action, you must have permission to perform the s3:PutStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.put_storage_lens_configuration(
    ConfigId='string',
    AccountId='string',
    StorageLensConfiguration={
        'Id': 'string',
        'AccountLevel': {
            'ActivityMetrics': {
                'IsEnabled': True|False
            },
            'BucketLevel': {
                'ActivityMetrics': {
                    'IsEnabled': True|False
                },
                'PrefixLevel': {
                    'StorageMetrics': {
                        'IsEnabled': True|False,
                        'SelectionCriteria': {
                            'Delimiter': 'string',
                            'MaxDepth': 123,
                            'MinStorageBytesPercentage': 123.0
                        }
                    }
                },
                'AdvancedCostOptimizationMetrics': {
                    'IsEnabled': True|False
                },
                'AdvancedDataProtectionMetrics': {
                    'IsEnabled': True|False
                },
                'DetailedStatusCodesMetrics': {
                    'IsEnabled': True|False
                }
            },
            'AdvancedCostOptimizationMetrics': {
                'IsEnabled': True|False
            },
            'AdvancedDataProtectionMetrics': {
                'IsEnabled': True|False
            },
            'DetailedStatusCodesMetrics': {
                'IsEnabled': True|False
            }
        },
        'Include': {
            'Buckets': [
                'string',
            ],
            'Regions': [
                'string',
            ]
        },
        'Exclude': {
            'Buckets': [
                'string',
            ],
            'Regions': [
                'string',
            ]
        },
        'DataExport': {
            'S3BucketDestination': {
                'Format': 'CSV'|'Parquet',
                'OutputSchemaVersion': 'V_1',
                'AccountId': 'string',
                'Arn': 'string',
                'Prefix': 'string',
                'Encryption': {
                    'SSES3': {}
                    ,
                    'SSEKMS': {
                        'KeyId': 'string'
                    }
                }
            },
            'CloudWatchMetrics': {
                'IsEnabled': True|False
            }
        },
        'IsEnabled': True|False,
        'AwsOrg': {
            'Arn': 'string'
        },
        'StorageLensArn': 'string'
    },
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)
Parameters
  • ConfigId (string) --

    [REQUIRED]

    The ID of the S3 Storage Lens configuration.

  • AccountId (string) --

    [REQUIRED]

    The account ID of the requester.

  • StorageLensConfiguration (dict) --

    [REQUIRED]

    The S3 Storage Lens configuration.

    • Id (string) -- [REQUIRED]

      A container for the Amazon S3 Storage Lens configuration ID.

    • AccountLevel (dict) -- [REQUIRED]

      A container for all the account-level configurations of your S3 Storage Lens configuration.

      • ActivityMetrics (dict) --

        A container for S3 Storage Lens activity metrics.

        • IsEnabled (boolean) --

          A container that indicates whether activity metrics are enabled.

      • BucketLevel (dict) -- [REQUIRED]

        A container for the S3 Storage Lens bucket-level configuration.

        • ActivityMetrics (dict) --

          A container for the bucket-level activity metrics for S3 Storage Lens.

          • IsEnabled (boolean) --

            A container that indicates whether activity metrics are enabled.

        • PrefixLevel (dict) --

          A container for the prefix-level metrics for S3 Storage Lens.

          • StorageMetrics (dict) -- [REQUIRED]

            A container for the prefix-level storage metrics for S3 Storage Lens.

            • IsEnabled (boolean) --

              A container for whether prefix-level storage metrics are enabled.

            • SelectionCriteria (dict) --
              • Delimiter (string) --

                A container for the delimiter of the selection criteria being used.

              • MaxDepth (integer) --

                The max depth of the selection criteria

              • MinStorageBytesPercentage (float) --

                The minimum number of storage bytes percentage whose metrics will be selected.

                Note

                You must choose a value greater than or equal to 1.0 .

        • AdvancedCostOptimizationMetrics (dict) --

          A container for bucket-level advanced cost-optimization metrics for S3 Storage Lens.

          • IsEnabled (boolean) --

            A container that indicates whether advanced cost-optimization metrics are enabled.

        • AdvancedDataProtectionMetrics (dict) --

          A container for bucket-level advanced data-protection metrics for S3 Storage Lens.

          • IsEnabled (boolean) --

            A container that indicates whether advanced data-protection metrics are enabled.

        • DetailedStatusCodesMetrics (dict) --

          A container for bucket-level detailed status code metrics for S3 Storage Lens.

          • IsEnabled (boolean) --

            A container that indicates whether detailed status code metrics are enabled.

      • AdvancedCostOptimizationMetrics (dict) --

        A container for S3 Storage Lens advanced cost-optimization metrics.

        • IsEnabled (boolean) --

          A container that indicates whether advanced cost-optimization metrics are enabled.

      • AdvancedDataProtectionMetrics (dict) --

        A container for S3 Storage Lens advanced data-protection metrics.

        • IsEnabled (boolean) --

          A container that indicates whether advanced data-protection metrics are enabled.

      • DetailedStatusCodesMetrics (dict) --

        A container for detailed status code metrics.

        • IsEnabled (boolean) --

          A container that indicates whether detailed status code metrics are enabled.

    • Include (dict) --

      A container for what is included in this configuration. This container can only be valid if there is no Exclude container submitted, and it's not empty.

      • Buckets (list) --

        A container for the S3 Storage Lens bucket includes.

        • (string) --
      • Regions (list) --

        A container for the S3 Storage Lens Region includes.

        • (string) --
    • Exclude (dict) --

      A container for what is excluded in this configuration. This container can only be valid if there is no Include container submitted, and it's not empty.

      • Buckets (list) --

        A container for the S3 Storage Lens bucket excludes.

        • (string) --
      • Regions (list) --

        A container for the S3 Storage Lens Region excludes.

        • (string) --
    • DataExport (dict) --

      A container to specify the properties of your S3 Storage Lens metrics export including, the destination, schema and format.

      • S3BucketDestination (dict) --

        A container for the bucket where the S3 Storage Lens metrics export will be located.

        Note

        This bucket must be located in the same Region as the storage lens configuration.

        • Format (string) -- [REQUIRED]
        • OutputSchemaVersion (string) -- [REQUIRED]

          The schema version of the export file.

        • AccountId (string) -- [REQUIRED]

          The account ID of the owner of the S3 Storage Lens metrics export bucket.

        • Arn (string) -- [REQUIRED]

          The Amazon Resource Name (ARN) of the bucket. This property is read-only and follows the following format: arn:aws:s3:us-east-1:example-account-id:bucket/your-destination-bucket-name

        • Prefix (string) --

          The prefix of the destination bucket where the metrics export will be delivered.

        • Encryption (dict) --

          The container for the type encryption of the metrics exports in this bucket.

          • SSES3 (dict) --
          • SSEKMS (dict) --
            • KeyId (string) -- [REQUIRED]

              A container for the ARN of the SSE-KMS encryption. This property is read-only and follows the following format: arn:aws:kms:us-east-1:example-account-id:key/example-9a73-4afc-8d29-8f5900cef44e

      • CloudWatchMetrics (dict) --

        A container for enabling Amazon CloudWatch publishing for S3 Storage Lens metrics.

        • IsEnabled (boolean) -- [REQUIRED]

          A container that indicates whether CloudWatch publishing for S3 Storage Lens metrics is enabled. A value of true indicates that CloudWatch publishing for S3 Storage Lens metrics is enabled.

    • IsEnabled (boolean) -- [REQUIRED]

      A container for whether the S3 Storage Lens configuration is enabled.

    • AwsOrg (dict) --

      A container for the Amazon Web Services organization for this S3 Storage Lens configuration.

      • Arn (string) -- [REQUIRED]

        A container for the Amazon Resource Name (ARN) of the Amazon Web Services organization. This property is read-only and follows the following format: arn:aws:organizations:us-east-1:example-account-id:organization/o-ex2l495dck

    • StorageLensArn (string) --

      The Amazon Resource Name (ARN) of the S3 Storage Lens configuration. This property is read-only and follows the following format: arn:aws:s3:us-east-1:example-account-id:storage-lens/your-dashboard-name

  • Tags (list) --

    The tag set of the S3 Storage Lens configuration.

    Note

    You can set up to a maximum of 50 tags.

    • (dict) --
      • Key (string) -- [REQUIRED]
      • Value (string) -- [REQUIRED]
Returns

None

put_storage_lens_configuration_tagging(**kwargs)

Put or replace tags on an existing Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide .

Note

To use this action, you must have permission to perform the s3:PutStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide .

See also: AWS API Documentation

Request Syntax

response = client.put_storage_lens_configuration_tagging(
    ConfigId='string',
    AccountId='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)
Parameters
  • ConfigId (string) --

    [REQUIRED]

    The ID of the S3 Storage Lens configuration.

  • AccountId (string) --

    [REQUIRED]

    The account ID of the requester.

  • Tags (list) --

    [REQUIRED]

    The tag set of the S3 Storage Lens configuration.

    Note

    You can set up to a maximum of 50 tags.

    • (dict) --
      • Key (string) -- [REQUIRED]
      • Value (string) -- [REQUIRED]
Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

submit_multi_region_access_point_routes(**kwargs)

Submits an updated route configuration for a Multi-Region Access Point. This API operation updates the routing status for the specified Regions from active to passive, or from passive to active. A value of 0 indicates a passive status, which means that traffic won't be routed to the specified Region. A value of 100 indicates an active status, which means that traffic will be routed to the specified Region. At least one Region must be active at all times.

When the routing configuration is changed, any in-progress operations (uploads, copies, deletes, and so on) to formerly active Regions will continue to run to their final completion state (success or failure). The routing configurations of any Regions that aren’t specified remain unchanged.

Note

Updated routing configurations might not be immediately applied. It can take up to 2 minutes for your changes to take effect.

To submit routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:

  • us-east-1
  • us-west-2
  • ap-southeast-2
  • ap-northeast-1
  • eu-west-1

Note

Your Amazon S3 bucket does not need to be in these five Regions.

See also: AWS API Documentation

Request Syntax

response = client.submit_multi_region_access_point_routes(
    AccountId='string',
    Mrap='string',
    RouteUpdates=[
        {
            'Bucket': 'string',
            'Region': 'string',
            'TrafficDialPercentage': 123
        },
    ]
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID for the owner of the Multi-Region Access Point.

  • Mrap (string) --

    [REQUIRED]

    The Multi-Region Access Point ARN.

  • RouteUpdates (list) --

    [REQUIRED]

    The different routes that make up the new route configuration. Active routes return a value of 100 , and passive routes return a value of 0 .

    • (dict) --

      A structure for a Multi-Region Access Point that indicates where Amazon S3 traffic can be routed. Routes can be either active or passive. Active routes can process Amazon S3 requests through the Multi-Region Access Point, but passive routes are not eligible to process Amazon S3 requests.

      Each route contains the Amazon S3 bucket name and the Amazon Web Services Region that the bucket is located in. The route also includes the TrafficDialPercentage value, which shows whether the bucket and Region are active (indicated by a value of 100 ) or passive (indicated by a value of 0 ).

      • Bucket (string) --

        The name of the Amazon S3 bucket for which you'll submit a routing configuration change. Either the Bucket or the Region value must be provided. If both are provided, the bucket must be in the specified Region.

      • Region (string) --

        The Amazon Web Services Region to which you'll be submitting a routing configuration change. Either the Bucket or the Region value must be provided. If both are provided, the bucket must be in the specified Region.

      • TrafficDialPercentage (integer) -- [REQUIRED]

        The traffic state for the specified bucket or Amazon Web Services Region.

        A value of 0 indicates a passive state, which means that no new traffic will be routed to the Region.

        A value of 100 indicates an active state, which means that traffic will be routed to the specified Region.

        When the routing configuration for a Region is changed from active to passive, any in-progress operations (uploads, copies, deletes, and so on) to the formerly active Region will continue to run to until a final success or failure status is reached.

        If all Regions in the routing configuration are designated as passive, you'll receive an InvalidRequest error.

Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

update_job_priority(**kwargs)

Updates an existing S3 Batch Operations job's priority. For more information, see S3 Batch Operations in the Amazon S3 User Guide .

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.update_job_priority(
    AccountId='string',
    JobId='string',
    Priority=123
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID associated with the S3 Batch Operations job.

  • JobId (string) --

    [REQUIRED]

    The ID for the job whose priority you want to update.

  • Priority (integer) --

    [REQUIRED]

    The priority you want to assign to this job.

Return type

dict

Returns

Response Syntax

{
    'JobId': 'string',
    'Priority': 123
}

Response Structure

  • (dict) --

    • JobId (string) --

      The ID for the job whose priority Amazon S3 updated.

    • Priority (integer) --

      The new priority assigned to the specified job.

Exceptions

  • S3Control.Client.exceptions.BadRequestException
  • S3Control.Client.exceptions.TooManyRequestsException
  • S3Control.Client.exceptions.NotFoundException
  • S3Control.Client.exceptions.InternalServiceException
update_job_status(**kwargs)

Updates the status for the specified job. Use this action to confirm that you want to run a job or to cancel an existing job. For more information, see S3 Batch Operations in the Amazon S3 User Guide .

Related actions include:

See also: AWS API Documentation

Request Syntax

response = client.update_job_status(
    AccountId='string',
    JobId='string',
    RequestedJobStatus='Cancelled'|'Ready',
    StatusUpdateReason='string'
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The Amazon Web Services account ID associated with the S3 Batch Operations job.

  • JobId (string) --

    [REQUIRED]

    The ID of the job whose status you want to update.

  • RequestedJobStatus (string) --

    [REQUIRED]

    The status that you want to move the specified job to.

  • StatusUpdateReason (string) -- A description of the reason why you want to change the specified job's status. This field can be any string up to the maximum length.
Return type

dict

Returns

Response Syntax

{
    'JobId': 'string',
    'Status': 'Active'|'Cancelled'|'Cancelling'|'Complete'|'Completing'|'Failed'|'Failing'|'New'|'Paused'|'Pausing'|'Preparing'|'Ready'|'Suspended',
    'StatusUpdateReason': 'string'
}

Response Structure

  • (dict) --

    • JobId (string) --

      The ID for the job whose status was updated.

    • Status (string) --

      The current status for the specified job.

    • StatusUpdateReason (string) --

      The reason that the specified job's status was updated.

Exceptions

  • S3Control.Client.exceptions.BadRequestException
  • S3Control.Client.exceptions.TooManyRequestsException
  • S3Control.Client.exceptions.NotFoundException
  • S3Control.Client.exceptions.JobStatusException
  • S3Control.Client.exceptions.InternalServiceException

Paginators

The available paginators are:

class S3Control.Paginator.ListAccessPointsForObjectLambda
paginator = client.get_paginator('list_access_points_for_object_lambda')
paginate(**kwargs)

Creates an iterator that will paginate through responses from S3Control.Client.list_access_points_for_object_lambda().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    AccountId='string',
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters
  • AccountId (string) --

    [REQUIRED]

    The account ID for the account that owns the specified Object Lambda Access Point.

  • PaginationConfig (dict) --

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) --

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) --

      The size of each page.

    • StartingToken (string) --

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type

dict

Returns

Response Syntax

{
    'ObjectLambdaAccessPointList': [
        {
            'Name': 'string',
            'ObjectLambdaAccessPointArn': 'string'
        },
    ],

}

Response Structure

  • (dict) --

    • ObjectLambdaAccessPointList (list) --

      Returns list of Object Lambda Access Points.

      • (dict) --

        An access point with an attached Lambda function used to access transformed data from an Amazon S3 bucket.

        • Name (string) --

          The name of the Object Lambda Access Point.

        • ObjectLambdaAccessPointArn (string) --

          Specifies the ARN for the Object Lambda Access Point.