S3 / Client / put_bucket_abac

put_bucket_abac¶

S3.Client.put_bucket_abac(**kwargs)¶

Sets the attribute-based access control (ABAC) property of the general purpose bucket. When you enable ABAC, you can use tags for bucket access control. Additionally, when ABAC is enabled, you must use the TagResource, UntagResource, and ListTagsForResource actions to manage bucket tags, and you can nolonger use the PutBucketTagging and DeleteBucketTagging actions to tag the bucket. You must also have the correct permissions for these actions. For more information, see Enabling ABAC in general purpose buckets.

Request Syntax

response = client.put_bucket_abac(
    Bucket='string',
    ContentMD5='string',
    ChecksumAlgorithm='CRC32'|'CRC32C'|'SHA1'|'SHA256'|'CRC64NVME',
    ExpectedBucketOwner='string',
    AbacStatus={
        'Status': 'Enabled'|'Disabled'
    }
)

Parameters:

Bucket (string) –
[REQUIRED]

The name of the general purpose bucket.
ContentMD5 (string) –
The MD5 hash of the PutBucketAbac request body.

For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.
ChecksumAlgorithm (string) – Indicates the algorithm that you want Amazon S3 to use to create the checksum. For more information, see Checking object integrity in the Amazon S3 User Guide.
ExpectedBucketOwner (string) – The Amazon Web Services account ID of the general purpose bucket’s owner.
AbacStatus (dict) –
[REQUIRED]

The ABAC status of the general purpose bucket. When ABAC is enabled for the general purpose bucket, you can use tags to manage access to the general purpose buckets as well as for cost tracking purposes. When ABAC is disabled for the general purpose buckets, you can only use tags for cost tracking purposes. For more information, see Using tags with S3 general purpose buckets.
- Status (string) –
  
  The ABAC status of the general purpose bucket.

Returns:

None